Network Vulnerability Assessment
eBook - ePub

Network Vulnerability Assessment

Identify security loopholes in your network's infrastructure

  1. 254 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Network Vulnerability Assessment

Identify security loopholes in your network's infrastructure

About this book

Build a network security threat model with this comprehensive learning guide

Key Features

  • Develop a network security threat model for your organization
  • Gain hands-on experience in working with network scanning and analyzing tools
  • Learn to secure your network infrastructure

Book Description

The tech world has been taken over by digitization to a very large extent, and so it's become extremely important for an organization to actively design security mechanisms for their network infrastructures. Analyzing vulnerabilities can be one of the best ways to secure your network infrastructure.

Network Vulnerability Assessment starts with network security assessment concepts, workflows, and architectures. Then, you will use open source tools to perform both active and passive network scanning. As you make your way through the chapters, you will use these scanning results to analyze and design a threat model for network security. In the concluding chapters, you will dig deeper into concepts such as IP network analysis, Microsoft Services, and mail services. You will also get to grips with various security best practices, which will help you build your network security mechanism.

By the end of this book, you will be in a position to build a security framework fit for an organization.

What you will learn

  • Develop a cost-effective end-to-end vulnerability management program
  • Implement a vulnerability management program from a governance perspective
  • Learn about various standards and frameworks for vulnerability assessments and penetration testing
  • Understand penetration testing with practical learning on various supporting tools and techniques
  • Gain insight into vulnerability scoring and reporting
  • Explore the importance of patching and security hardening
  • Develop metrics to measure the success of the vulnerability management program

Who this book is for

Network Vulnerability Assessment is for security analysts, threat analysts, and any security professionals responsible for developing a network threat model for an organization. This book is also for any individual who is or wants to be part of a vulnerability management team and implement an end-to-end robust vulnerability management program.

Trusted by 375,005 students

Access to over 1.5 million titles for a fair monthly price.

Study more efficiently using our study tools.

Information

Publisher
Packt Publishing
Year
2018
Print ISBN
9781788627252
Edition
1
eBook ISBN
9781788624725
Topic
Computer Science
Subtopic
Computer Networking
Index
Computer Science

Vulnerability Management Governance

Today's technology landscape is changing at an extremely fast pace. Almost every day, some new technology is introduced and gains popularity within no time. Although most organizations do adapt to rapidly changing technology, they often don't realize the change in the organization's threat landscape with the use of new technology. While the existing technology landscape of an organization might already be vulnerable, the induction of new technology could add more IT security risks in the technology landscape.
In order to effectively mitigate all the risks, it is important to implement a robust vulnerability management program across the organization. This chapter will introduce some of the essential governance concepts that will help lay a solid foundation for implementing the vulnerability management program. Key learning points in this chapter will be as follows:
  • Security basics
  • Understanding the need for security assessments
  • Listing down the business drivers for vulnerability management
  • Calculating ROIs
  • Setting up the context
  • Developing and rolling out a vulnerability management policy and procedure
  • Penetration testing standards
  • Industry standards

Security basics

Security is a subjective matter and designing security controls can often be challenging. A particular asset may demand more protection for keeping data confidential while another asset may demand to ensure utmost integrity. While designing the security controls, it is also equally important to create a balance between the effectiveness of the control and the ease of use for an end user. This section introduces some of the essential security basics before moving on to more complex concepts further in the book.

The CIA triad

Confidentiality, integrity, and availability (often referred as CIA), are the three critical tenets of information security. While there are many factors that help determine the security posture of a system, confidentiality, integrity, and availability are most prominent among them. From an information security perspective, any given asset can be classified based on the confidentiality, integrity, and availability values it carries. This section conceptually highlights the importance of CIA along with practical examples and common attacks against each of the factors.

Confidentiality

The dictionary meaning of the word confidentiality states: the state of keeping or being kept secret or private. Confidentiality, in the context of information security, implies keeping the information secret or private from any unauthorized access, which is one of the primary needs of information security. The following are some examples of information that we often wish to keep confidential:
  • Passwords
  • PIN numbers
  • Credit card number, expiry date, and CVV
  • Business plans and blueprints
  • Financial information
  • Social security numbers
  • Health records
Common attacks on confidentiality include:
  • Packet sniffing: This involves interception of network packets in order to gain unauthorized access to information flowing in the network
  • Password attacks: This includes password guessing, cracking using brute force or dictionary attack, and so on
  • Port scanning and ping sweeps: Port scans and ping sweeps are used to identify live hosts in a given network and then perform some basic fingerprinting on the live hosts
  • Dumpster driving: This involves searching and mining the dustbins of the target organization in an attempt to possibly get sensitive information
  • Shoulder surfing: This is a simple act wherein any person standing behind you may peek in to see what password you are typing
  • Social engineering: Social engineering is an act of manipulating human behavior in order to extract sensitive information
  • Phishing and pharming: This involves sending false and deceptive emails to a victim, spoofing the identity, and tricking the victim to give out sensitive information
  • Wiretapping: This is similar to packet sniffing though more related to monitoring of telephonic conversations
  • Keylogging: This involves installing a secret program onto the victim's system which would record and send back all the keys the victim types in

Integrity

Integrity in the context of information security refers to the quality of the information, meaning the information, once generated, should not be tampered with by any unauthorized entities. For example, if a person sends X amount of money to his friend using online banking, and his friend receives exactly X amount in his account, then the integrity of the transaction is said to be intact. If the transaction gets tampered at all in between, and the friend either receives X + (n) or X - (n) amount, then the integrity is assumed to have been tampered with during the transaction.
Common attacks on integrity include:
  • Salami attacks: When a single attack is divided or broken into multiple small attacks in order to avoid detection, it is known as a salami attack
  • Data diddling attacks: This involves unauthorized modification of data before or during its input into the system
  • Trust relationship attacks: The attacker takes benefit of the trust relationship between the entities to gain unauthorized access
  • Man-in-the-middle attacks: The attacker hooks himself to the communication channel, intercepts the traffic, and tampers with the data
  • Session hijacking: Using the man-in-the-middle attack, the attacker can hijack a legitimate active session which is already established between the entities

Availability

The availability principle states that if an authorized individual makes a request for a resource or information, it should be available without any disruption. For example, a person wants to download his bank account statement using an online banking facility. For some reason, the bank's website is down and the person is unable to access it. In this case, the availability is affected as the person is unable to make a transaction on the bank's website. From an information security perspective, availability is as important as confidentiality and integrity. For any reason, if the requested data isn't available within time, it could cause severe tangible or intangible impact.
Common attacks on availability include the following:
  • Denial of service attacks: In a denial of service attack, the attacker sends a large number of requests to the target system. The requests are so large in number that the target system does not have the capacity to respond to them. This causes the failure of the target system and requests coming from all other legitimate users get denied.
  • SYN flood attacks: This is a type of denial of service attack wherein the attacker sends a large number of SYN requests to the target with the intention of making it unresponsive.
  • Distributed denial of service attacks: This is quite similar to the denial of service attack, the difference being the number of systems used to attack. In this type of attack, hundreds and thousands of systems are used by the attacker in order to flood the target system.
  • Electrical power attacks: This type of attack involves deliberate modification in the electrical power unit with an intention to cause a power outage and thereby bring down the target systems.
  • Server room environment attacks: Server rooms are temperature controlled. Any intentional act to disturb the server room environment can bring down the critical server systems.
  • Natural calamities and accidents: These involve earthquakes, volcano eruptions, floods, and so on, or any unintentional human errors.

Identification

Authentication is often considered the first step of interaction with a system. However, authentication is preceded by identification. A subject can claim an identity by process of identification, thereby initiating accountability. For initiating the process of authentication, authorization, and accountability (AAA), a subject must provide an identity to a system. Typing in a password, swiping an RFID access card, or giving a finger impression, are some of the most common and simple ways of providing individual identity. In the absence of an identity, a system has no way to correlate an authentication factor with the subject. Upon establishing the identity of a subject, thereafter all actions performed would be accounted against the subject, including information-system tracks activity based on identity, and not by the individuals. A computer isn't capable of differentiating between humans. However, a computer can well distinguish between user accounts. It clearly understands that one user account is different from all other user ...

Table of contents

  1. Title Page
  2. Copyright and Credits
  3. Packt Upsell
  4. Contributors
  5. Preface
  6. Vulnerability Management Governance
  7. Setting Up the Assessment Environment
  8. Security Assessment Prerequisites
  9. Information Gathering
  10. Enumeration and Vulnerability Assessment
  11. Gaining Network Access
  12. Assessing Web Application Security
  13. Privilege Escalation
  14. Maintaining Access and Clearing Tracks
  15. Vulnerability Scoring
  16. Threat Modeling
  17. Patching and Security Hardening
  18. Vulnerability Reporting and Metrics
  19. Other Books You May Enjoy

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.5M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1.5 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Network Vulnerability Assessment by Sagar Rahalkar in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Networking. We have over 1.5 million books available in our catalogue for you to explore.