Network Security Assessment

Chris McNab

  • 出版商: O'Reilly
  • 出版日期: 2004-03-01
  • 售價: $1,440
  • 貴賓價: 9.5$1,368
  • 語言: 英文
  • 頁數: 400
  • 裝訂: Paperback
  • ISBN: 059600611X
  • ISBN-13: 9780596006112
  • 相關分類: 資訊安全
  • 已過版



There are hundreds--if not thousands--of techniques used to compromise both Windows and Unix-based systems. Malicious code and new exploit scripts are released on a daily basis, and each evolution becomes more and more sophisticated. Keeping up with the myriad of systems used by hackers in the wild is a formidable task, and scrambling to patch each potential vulnerability or address each new attack one-by-one is a bit like emptying the Atlantic with paper cup.

If you're a network administrator, the pressure is on you to defend your systems from attack. But short of devoting your life to becoming a security expert, what can you do to ensure the safety of your mission critical systems? Where do you start?

Using the steps laid out by professional security analysts and consultants to identify and assess risks, Network Security Assessment offers an efficient testing model that an administrator can adopt, refine, and reuse to create proactive defensive strategies to protect their systems from the threats that are out there, as well as those still being developed.

This thorough and insightful guide covers offensive technologies by grouping and analyzing them at a higher level--from both an offensive and defensive standpoint--helping administrators design and deploy networks that are immune to offensive exploits, tools, and scripts. Network administrators who need to develop and implement a security assessment program will find everything they're looking for--a proven, expert-tested methodology on which to base their own comprehensive program--in this time-saving new book.

Table of Contents:



1. Network Security Assessment
     The Business Benefits
     IP: The Foundation of the Internet
     Classifying Internet-Based Attackers
     Assessment Service Definitions
     Network Security Assessment Methodology
     The Cyclic Assessment Approach

2. The Tools Required
     The Operating Systems
     Free Network Scanning Tools
     Commercial Network Scanning Tools
     Protocol-Dependent Assessment Tools

3. Internet Host and Network Enumeration
     Web Search Engines
     NIC Querying
     DNS Querying
     Enumeration Technique Recap
     Enumeration Countermeasures

4. IP Network Scanning
     ICMP Probing
     TCP Port Scanning
     UDP Port Scanning
     IDS Evasion and Filter Circumvention
     Low-Level IP Assessment
     Network Scanning Recap
     Network Scanning Countermeasures

5. Assessing Remote Information Services
     Remote Information Services
     systat and netstat
     RPC rusers
     Remote Information Services Countermeasures

6. Assessing Web Services
     Web Services
     Identifying the Web Service
     Identifying Subsystems and Components
     Investigating Web Service Vulnerabilities
     Accessing Poorly Protected Information
     Assessing CGI Scripts and Custom ASP Pages
     Web Services Countermeasures

7. Assessing Remote Maintenance Services
     Remote Maintenance Services
     X Windows
     Microsoft Remote Desktop Protocol
     Remote Maintenance Services Countermeasures

8. Assessing FTP and Database Services
     FTP Banner Grabbing and Enumeration
     FTP Brute-Force Password Guessing
     FTP Bounce Attacks
     Circumventing Stateful Filters Using FTP
     FTP Process Manipulation Attacks
     FTP Services Countermeasures
     Database Services
     Microsoft SQL Server
     Database Services Countermeasures

9. Assessing Windows Networking Services
     Microsoft Windows Networking Services
     Microsoft RPC Services
     The NetBIOS Name Service
     The NetBIOS Datagram Service
     The NetBIOS Session Service
     The CIFS Service
     Unix Samba Vulnerabilities
     Windows Networking Services Countermeasures

10. Assessing Email Services
     Email Service Protocols
     POP-2 and POP-3
     Email Services Countermeasures

11. Assessing IP VPN Services
     IPsec VPNs
     Attacking IPsec VPNs
     Check Point VPN Security Issues
     Microsoft PPTP
     VPN Services Countermeasures

12. Assessing Unix RPC Services
     Enumerating Unix RPC Services
     RPC Service Vulnerabilities
     Unix RPC Services Countermeasures

13. Application-Level Risks
     The Fundamental Hacking Concept
     The Reasons Why Software Is Vulnerable
     Network Service Vulnerabilities and Attacks
     Classic Buffer-Overflow Vulnerabilities
     Heap Overflows
     Integer Overflows
     Format String Bugs
     Memory Manipulation Attacks Recap
     Mitigating Process Manipulation Risks
     Recommended Secure Development Reading

14. Example Assessment Methodology
     Network Scanning
     Accessible Network Service Identification
     Investigation of Known Vulnerabilities
     Network Service Testing
     Methodology Flow Diagram
     Closing Comments

A. TCP, UDP Ports, and ICMP Message Types
     TCP Ports
     UDP Ports
     ICMP Message Types

B. Sources of Vulnerability Information
     Security Mailing Lists
     Vulnerability Databases and Lists
     Underground Web Sites
     Security Events and Conferences