Details
| Title | Practical network scanning: capture network vulnerabilities using standard tools such as Nmap and Nessus |
|---|---|
| Creators | Chauhan Ajay Singh |
| Collection | Электронные книги зарубежных издательств ; Общая коллекция |
| Subjects | Computer networks — Security measures. ; Computers — Access control. ; Computer security. ; Penetration testing (Computer security) ; COMPUTERS / Security / Networking. ; EBSCO eBooks |
| Document type | Other |
| File type | |
| Language | English |
| Rights | Доступ по паролю из сети Интернет (чтение, печать, копирование) |
| Record key | on1040599376 |
| Record create date | 6/15/2018 |
Allowed Actions
| pdf/1817504.pdf | – |
Action 'Read' will be available if you login or access site from another network
Action 'Download' will be available if you login or access site from another network
|
|---|---|---|
| epub/1817504.epub | – |
Action 'Download' will be available if you login or access site from another network
|
| Group | Anonymous |
|---|---|
| Network | Internet |
| Network | User group | Action |
|---|---|---|
| ILC SPbPU Local Network | All |
|
| Internet | Authorized users SPbPU |
|
| Internet | Anonymous |
|
- Cover
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributors
- Table of Contents
- Preface
- Chapter 1: Fundamental Security Concepts
- Why security?
- Building blocks of information security
- Computer security
- Network security
- Firewalls
- Intrusion detection systems / intrusion prevention systems
- Multitier topology
- Internet security
- Password
- System upgrade and updates
- Phishing
- Beware of phishing phone calls
- Phishing protection
- Security issues, threats, and attacks
- IoT security risk
- Computer security risk
- Security Risk-Border Gateway Protocol
- Security and threats
- Natural disasters
- Human threats
- Security vulnerabilities
- Technology weaknesses
- Configuration weaknesses
- Security policy weaknesses
- Using unencrypted or weak encryption for a website
- Summary
- Questions
- Further reading
- Chapter 2: Secure Network Design
- Access control
- Asset classification and physical security
- Authentication, authorization, and accounting
- Network management and security design
- Network segmentation
- Segmentation strategy steps
- Network protection consideration and design
- Hardening your TCP/IP stack
- DoS and DDoS attacks
- Volume-based attacks
- Application layer attacks
- Low-rate attacks
- IP spoofing
- Anti-spoofing using access lists
- Encryption
- Anti-spoofing using RPF checks
- Ping sweeps and Port scans
- Mitigation
- DNS vulnerabilities
- How does DNS work?
- DNS protocol attacks
- Mitigation
- Two factor authentication
- Summary
- Questions
- Further reading
- Access control
- Chapter 3: Server-Level Security
- Classification of data
- Physical security
- Disk encryption
- Full-disk encryption
- Bitlocker
- Virtual Trusted Platform Module – vTPM
- Encrypt your Hyper-V Guest VMs
- Cloud VM disk encryption
- What is encryption at rest?
- Full-disk encryption
- Hardening server security
- Check for open ports or services
- System firewall configuration
- System update
- Disable USB
- Hard disk encryption
- BIOS protection
- Check the installed packages
- Password policies
- Secure and encrypt remote access
- Implement activity logging
- Document the host information
- Authentication NTLM versus Kerberos
- Password policies
- Server-level permissions
- Server antivirus and malware protection
- Local security policies
- Summary
- Questions
- Further reading
- Chapter 4: Cloud Security Design
- Cloud offerings
- IaaS
- PaaS
- SaaS
- Public versus private
- Public IaaS versus private IaaS
- Public PaaS versus private PaaS
- Public SaaS versus private SaaS
- Shared technology and shared danger
- Security approach for cloud computing
- Traditional enterprise network model
- Hybrid data center and cloud network
- Network security devices for IaaS
- Firewall Virtual Appliance
- Virtual TAP vTAP
- Virtual Router
- Virtual web application firewalls
- DDoS attack protection
- Data loss prevention
- Exploited system vulnerabilities
- Summary
- Questions
- Further reading
- Cloud offerings
- Chapter 5: Application Security Design
- GDPR
- Getting consent
- Access to data
- Encryption
- SQL Injection
- Prevention of SQL Injection attack on web applications
- Employing comprehensive data sanitization
- Deploying a Web Application Firewall
- Limit database privileges
- Finding vulnerabilities
- Prevention of SQL Injection attack on web applications
- WAFs
- WAF protection against common web attacks
- Blacklisting and whitelisting
- What is blacklisting?
- Benefit and disadvantage of blacklisting
- What is whitelisting?
- Benefit and disadvantage of whitelisting
- Which is better?
- What is blacklisting?
- Using HTTPS for everything
- HTTP versus HTTPS
- Web application security
- SSL/TLS deployment
- SSL/TLS key size
- Signing algorithm
- Secure protocol
- Preventing an authentication hacking attack
- Use cookies securely
- Vulnerabilities scan
- Server security
- Introduce a bug bounty program
- SSL/TLS deployment
- Summary
- Questions
- Further reading
- GDPR
- Chapter 6: Threat Detection and Response
- Network threat detection
- Detection methods
- Intrusion detection system
- Types of IDSs
- Network capture solution
- Threat detection with Netflow/IPFIX
- NetFlow vs. IPFIX
- Intrusion detection system
- Detection methods
- Endpoint threat detection
- What’s an endpoint
- Endpoint Detection and Response (EDR) system
- Case Study – Why EDR system is required?
- Security policy
- How to choose an EDR solution ?
- What’s an endpoint
- Security information and event management
- SIEM—Event versus incident and data breach
- What is an event?
- What is a security incident?
- What is a data breach?
- How do SIEM systems work?
- Event generator sensors
- Event and log collection or data aggregation
- Correlation
- Reporting and Alerting
- Dashboards
- Automation
- Log management
- SIEM commercial products
- SIEM—Event versus incident and data breach
- Summary
- Questions
- Further reading
- Network threat detection
- Chapter 7: Vulnerability Assessment
- Infrastructure concerns
- What is vulnerability assessment?
- Plan
- Network discovery
- Vulnerability scan
- Report
- Remediation
- Why do we need vulnerability assessment?
- Types of vulnerability assessment
- Network-based assessment
- Host-based assessment
- Types of vulnerability assessment
- What is vulnerability assessment?
- Nessus installation, configuration, and vulnerability assessment methodology
- Installation
- Policies
- Installation
- Sample report
- Summary
- Questions
- Further reading
- Infrastructure concerns
- Chapter 8: Remote OS Detection
- Reasons for OS detection
- Network operating system inventory – trace your infrastructure
- Determining vulnerability of target hosts
- Tailoring exploits
- OS detection technique with Nmap
- Nmap tool
- Operating system detection
- TCP/IP fingerprinting methods supported by Nmap
- TCP/UDP/IP basic
- The FIN probe
- TCP ISN sampling
- TCP initial window
- Type of service
- Time-to-live (TTL)
- Don't Fragment (DF) bit
- Understanding an Nmap fingerprint
- OS matching algorithms
- Defense against port scans
- Summary
- Questions
- Further reading
- Reasons for OS detection
- Chapter 9: Public Key Infrastructure – SSL
- Foundation of SSL
- How do I know that SSL is working?
- Why no PadLock?
- SSL certificate
- The evolution of SSL and TLS
- Current Supported Standard
- Why hasn't TLS 1.3 been implemented yet?
- Time to say goodbye to SSL and early TLS
- SSL certificate component
- Root certificate
- Intermediate certificate
- SSL certificates classes
- The evolution of SSL and TLS
- TLS versus SSL
- Public Key Infrastructure
- Symmetric encryption
- Asymmetric encryption
- Hash function
- Attacks against PKI
- Microsoft Windows and IIS
- OpenSSL
- SSL Management tools
- Summary
- Questions
- Further reading
- Foundation of SSL
- Chapter 10: Firewall Placement and Detection Techniques
- Technical requirements
- Firewall and design considerations
- Firewall terminology
- Firewall generations
- Firewall performance
- Firewall placement and design network topology
- Single firewall architecture
- Single firewall architecture with a single IP subnet
- Single firewall architecture with multiple IP subnets
- Multilayer firewall architecture
- Firewall sandwich design
- Single firewall architecture
- Demilitarized Zone
- DMZ to Internal Access Policy
- OSI model versus TCP/IP model
- Firewall performance, capabilities, and function
- Firewall management
- Application proxies
- Detecting firewalls
- Debugging tools
- Summary
- Questions
- Further Reading
- Chapter 11: VPN and WAN Encryption
- Overview
- Classes of VPN
- Type of VPN protocol
- Point-to-Point tunneling protocol
- Layer 2 Tunneling Protocol
- Secure Socket Tunneling protocol
- Internet Protocol Security
- SSL VPN
- MPLS VPN
- VPN Design
- IKE V1 versus IKE V2
- WAN Encryption technique
- IPsec Layer-3 encryption
- MACsec—Layer-2 Encryption
- Optical Network—Layer-1 Encryption
- Summary
- Questions
- Further Reading
- Chapter 12: Summary and Scope of Security Technologies
- DDoS protection
- Remotely triggered black hole routing (RTBH)
- Black hole traffic from the source of the attack
- Black hole traffic to the destination of the attack
- Remotely triggered black hole routing (RTBH)
- BGP FlowSpec
- DDoS scrubbing
- Blockchain Technology for Fighting DDoS Attacks
- AI in cyber security
- Next Gen SIEM
- Software Defined Networking Firewall
- Bring-Your-Own-Identity (BYOI)
- Summary
- Further reading
- DDoS protection
- Assessment
- Other Books you may enjoy
- Index
