Book Image

KALI LINUX NETWORK SCANNING COOKBOOK

Book Image

KALI LINUX NETWORK SCANNING COOKBOOK

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
KALI LINUX NETWORK SCANNING COOKBOOK
Aug, 2014 | 452 pages
No titles found
Table of Contents (16 chapters)
Kali Linux Network Scanning Cookbook
Kali Linux Network Scanning Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Disclaimer
Disclaimer
Preface
Preface
Free Chapter
1
Getting Started
Getting Started
Configuring a security lab with VMware Player (Windows)
Configuring a security lab with VMware Fusion (Mac OS X)
Installing Ubuntu Server
Installing Metasploitable2
Installing Windows Server
Increasing the Windows attack surface
Installing Kali Linux
Configuring and using SSH
Installing Nessus on Kali Linux
Configuring Burp Suite on Kali Linux
Using text editors (VIM and Nano)
2
Discovery Scanning
Discovery Scanning
Using Scapy to perform layer 2 discovery
Using ARPing to perform layer 2 discovery
Using Nmap to perform layer 2 discovery
Using NetDiscover to perform layer 2 discovery
Using Metasploit to perform layer 2 discovery
Using ICMP ping to perform layer 3 discovery
Using Scapy to perform layer 3 discovery
Using Nmap to perform layer 3 discovery
Using fping to perform layer 3 discovery
Using hping3 to perform layer 3 discovery
Using Scapy to perform layer 4 discovery
Using Nmap to perform layer 4 discovery
Using hping3 to perform layer 4 discovery
3
Port Scanning
Port Scanning
UDP port scanning
TCP port scanning
UDP scanning with Scapy
UDP scanning with Nmap
UDP scanning with Metasploit
Stealth scanning with Scapy
Stealth scanning with Nmap
Stealth scanning with Metasploit
Stealth scanning with hping3
Connect scanning with Scapy
Connect scanning with Nmap
Connect scanning with Metasploit
Connect scanning with Dmitry
TCP port scanning with Netcat
Zombie scanning with Scapy
Zombie scanning with Nmap
4
Fingerprinting
Fingerprinting
Banner grabbing with Netcat
Banner grabbing with Python sockets
Banner grabbing with Dmitry
Banner grabbing with Nmap NSE
Banner grabbing with Amap
Service identification with Nmap
Service identification with Amap
Operating system identification with Scapy
Operating system identification with Nmap
Operating system identification with xProbe2
Passive operating system identification with p0f
SNMP analysis with Onesixtyone
SNMP analysis with SNMPwalk
Firewall identification with Scapy
Firewall identification with Nmap
Firewall identification with Metasploit
5
Vulnerability Scanning
Vulnerability Scanning
Vulnerability scanning with Nmap Scripting Engine
Vulnerability scanning with MSF auxiliary modules
Creating scan policies with Nessus
Vulnerability scanning with Nessus
Command-line scanning with Nessuscmd
Validating vulnerabilities with HTTP interaction
Validating vulnerabilities with ICMP interaction
6
Denial of Service
Denial of Service
Fuzz testing to identify buffer overflows
Remote FTP service buffer overflow DoS
Smurf DoS attack
DNS amplification DoS attack
SNMP amplification DoS attack
NTP amplification DoS attack
SYN flood DoS attack
Sock stress DoS attack
DoS attacks with Nmap NSE
DoS attacks with Metasploit
DoS attacks with the exploit database
7
Web Application Scanning
Web Application Scanning
Web application scanning with Nikto
SSL/TLS scanning with SSLScan
SSL/TLS scanning with SSLyze
Defining a web application target with Burp Suite
Using Burp Suite Spider
Using Burp Suite engagement tools
Using Burp Suite Proxy
Using the Burp Suite web application scanner
Using Burp Suite Intruder
Using Burp Suite Comparer
Using Burp Suite Repeater
Using Burp Suite Decoder
Using Burp Suite Sequencer
GET method SQL injection with sqlmap
POST method SQL injection with sqlmap
Requesting a capture SQL injection with sqlmap
Automating CSRF testing
Validating command injection vulnerabilities with HTTP traffic
Validating command injection vulnerabilities with ICMP traffic
8
Automating Kali Tools
Automating Kali Tools
Nmap greppable output analysis
Nmap port scanning with targeted NSE script execution
Nmap NSE vulnerability scanning with MSF exploitation
Nessuscmd vulnerability scanning with MSF exploitation
Multithreaded MSF exploitation with reverse shell payload
Multithreaded MSF exploitation with backdoor executable
Multithreaded MSF exploitation with ICMP verification
Multithreaded MSF exploitation with admin account creation
Index
Index

Chapter 6. Denial of Service

Any time you make resources publically accessible over the Internet or even to a small community over an internal network, it is important to consider the risk of denial of service (DoS) attacks. DoS attacks can be frustrating and can be very costly at times. Worst of all, these threats can often be some of the most difficult ones to mitigate. To be able to properly assess the threat to your network and information resources, one must understand the types of DoS threats that exist and the trends associated with them. This chapter will include the following recipes to evaluate DoS threats:

  • Fuzz testing to identify buffer overflows

  • Remote FTP service buffer overflow DoS

  • Smurf DoS attack

  • DNS amplification DoS attack

  • SNMP amplification DoS attack

  • NTP amplification DoS attack

  • SYN flood DoS attack

  • Sock stress DoS attack

  • DoS attacks with Nmap NSE

  • DoS attacks with Metasploit

  • DoS attacks with the exploit database

Prior to addressing each of these listed recipes individually, we should...

Previous Section
End of Section 1
Next Section