The Network Security Test Lab
eBook - ePub

The Network Security Test Lab

A Step-by-Step Guide

  1. English
  2. ePUB (mobile friendly)
  3. Available on iOS & Android
eBook - ePub

The Network Security Test Lab

A Step-by-Step Guide

About this book

The ultimate hands-on guide to IT security and proactive defense

The Network Security Test Lab is a hands-on, step-by-step guide to ultimate IT security implementation. Covering the full complement of malware, viruses, and other attack technologies, this essential guide walks you through the security assessment and penetration testing process, and provides the set-up guidance you need to build your own security-testing lab. You'll look inside the actual attacks to decode their methods, and learn how to run attacks in an isolated sandbox to better understand how attackers target systems, and how to build the defenses that stop them. You'll be introduced to tools like Wireshark, Networkminer, Nmap, Metasploit, and more as you discover techniques for defending against network attacks, social networking bugs, malware, and the most prevalent malicious traffic. You also get access to open source tools, demo software, and a bootable version of Linux to facilitate hands-on learning and help you implement your new skills.

Security technology continues to evolve, and yet not a week goes by without news of a new security breach or a new exploit being released. The Network Security Test Lab is the ultimate guide when you are on the front lines of defense, providing the most up-to-date methods of thwarting would-be attackers.

  • Get acquainted with your hardware, gear, and test platform
  • Learn how attackers penetrate existing security systems
  • Detect malicious activity and build effective defenses
  • Investigate and analyze attacks to inform defense strategy

The Network Security Test Lab is your complete, essential guide.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access The Network Security Test Lab by Michael Gregg in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher
Wiley
Year
2015
Print ISBN
9781118987056
eBook ISBN
9781118987131
Edition
1
Topic
Computer Science
Subtopic
Cyber Security
Index
Computer Science

CHAPTER 1
Building a Hardware and Software Test Platform

This book is designed for those who need to better understand the importance of IT security. This chapter walks you through what you need to set up a hardware/software test platform. As a child, you may have loved to take things apart, TVs, radios, computers, and so on, in a quest to better understand how they worked. Your tools probably included soldering irons, screwdrivers—maybe even a hammer! That is similar to what you will be doing throughout this book. While you won’t be using a hammer, you will be looking at protocols and applications to understand how they work. You will also examine some common tools that will make your analysis easier. The objective is to help you become a better network analyst, and improve and sharpen your IT security skills.
Because no two networks are the same, and because they change over time, it is impossible to come up with a one-size-fits-all list of hardware and software that will do the job for you. Networks serve the enterprises that own them, and enterprises must change over time. In addition, the scale of operation impacts security considerations. If you pursue a career as a security consultant, your goals (and inevitably your needs) will differ, depending on whether you work for a large multinational corporation (and even here, your goals and needs will depend on the type of industry) or a small office/home office (SOHO) operation or a small business. Clearly, a whole spectrum of possibilities exists here.
This chapter provides the first step in building your own network security lab. You will start to examine the types of hardware and gear that you can use to build such a test environment, and then look at the operating systems and software you should consider loading on your new equipment.

Why Build a Lab?

A laboratory is as vital to a computer-security specialist as it is to a chemist or biologist. It is the studio in which you can control a large number of variables that come to bear upon the outcome of your experiments. And network security, especially, is a field in which the researcher must understand how a diverse range of technologies behave at many levels. For a moment, just consider the importance of the production network to most organizations. They must rely on an always-on functioning, which means that many tests and evaluations must be developed in a lab on a network that has been specifically designed for such experiments.
NOTE A laboratory is a controlled environment in which unexpected events are nonexistent or at least minimized. Having a lab provides a consequence-free setting in which damage that might result from experimentation is localized (and can, it is hoped, be easily corrected).
Consider something as basic as patch management. Very few organizations move directly from downloading a patch to installing it in the production environment. The first step is to test the patch. The most agreed-upon way to accomplish this is to install it on a test network or system. This allows problems to be researched and compatibility ensured. You might also want to consider a typical penetration test. It may be that the penetration-testing team has developed a new exploit or written a specific piece of code for this unique assignment. Will the team begin by deploying this code on the client’s network? Hopefully not. The typical approach would be to deploy the code on a test network to verify that it will function as designed. The last thing the penetration test team needs is to be responsible for a major outage on the client’s network. These types of events are not good for future business.
Building a lab requires you to become familiar with the basics of wiring, signal distribution, switching, and routing. You also need to understand how you might tap into a data stream to analyze or, potentially, attack the network. The mix of common network protocols must be understood; only by knowing what is normal on the network can you recognize and isolate strange behavior. Consider some of the other items that might motivate you to construct such a lab:
  • Certification
  • Job advancement
  • Knowledge
  • Experimentation
  • Evaluation of new tools
To varying degrees, networking- and security-related certifications require knowledge of the hardware and software of modern networks. There is no better vehicle for learning about networking and security issues firsthand than to design and build your own network lab. This provides a place where you can add and remove devices at will and reconfigure hardware and software to your liking. You can observe the interaction between the systems and networking devices in detail.
Advancing in your field is almost never an accident. The IT industry is an area of constant change, and the best way to build a career path in the world of IT is to build your skill set. By mastering these technologies, you will be able to identify the knowledgeable people on the job or at a customer’s site, and align yourself with them. You might even uncover some gifts that you did not previously realize you possessed, such as a love for hexadecimal—well, maybe.
Building a lab demonstrates your desire and ability to study and control networks. One key item that potential employers always consider is whether a candidate has the drive to get the job done. Building your own security lab can help demonstrate to employers that you are looking for more than just a job: You want a career. As you use the network resources in your lab, you will invariably add to your knowledge and understanding of the technologies that you employ. Learning is a natural consequence.
Experimentation is a practical necessity if you are to fully understand many of the t...

Table of contents

  1. Cover
  2. Titlepage
  3. About the Author
  4. Credits
  5. Acknowledgments
  6. Introduction
  7. Chapter 1: Building a Hardware and Software Test Platform
  8. Chapter 2: Passive Information Gathering
  9. Chapter 3: Analyzing Network Traffic
  10. Chapter 4: Detecting Live Systems and Analyzing Results
  11. Chapter 5: Enumerating Systems
  12. Chapter 6: Automating Encryption and Tunneling Techniques
  13. Chapter 7: Automated Attack and Penetration Tools
  14. Chapter 8: Securing Wireless Systems
  15. Chapter 9: An Introduction to Malware
  16. Chapter 10: Detecting Intrusions and Analyzing Malware
  17. Chapter 11: Forensic Detection
  18. EULA