Book Image

Network Protocols for Security Professionals

By : Yoram Orzach, Deepanshu Khanna
5 (1)
Book Image

Network Protocols for Security Professionals

5 (1)
By: Yoram Orzach, Deepanshu Khanna

Overview of this book

With the increased demand for computer systems and the ever-evolving internet, network security now plays an even bigger role in securing IT infrastructures against attacks. Equipped with the knowledge of how to find vulnerabilities and infiltrate organizations through their networks, you’ll be able to think like a hacker and safeguard your organization’s network and networking devices. Network Protocols for Security Professionals will show you how. This comprehensive guide gradually increases in complexity, taking you from the basics to advanced concepts. Starting with the structure of data network protocols, devices, and breaches, you’ll become familiar with attacking tools and scripts that take advantage of these breaches. Once you’ve covered the basics, you’ll learn about attacks that target networks and network devices. Your learning journey will get more exciting as you perform eavesdropping, learn data analysis, and use behavior analysis for network forensics. As you progress, you’ll develop a thorough understanding of network protocols and how to use methods and tools you learned in the previous parts to attack and protect these protocols. By the end of this network security book, you’ll be well versed in network protocol security and security countermeasures to protect network protocols.
Table of Contents (23 chapters)
1
Part 1: Protecting the Network – Technologies, Protocols, Vulnerabilities, and Tools
7
Part 2: Network, Network Devices, and Traffic Analysis-Based Attacks
12
Part 3: Network Protocols – How to Attack and How to Protect

Network security components – RADIUS/TACACS+, FWs, IDS/IPSs, NAC, and WAFs

In this section, we will provide short descriptions of various network security devices and their functionality.

Firewalls

Firewalls provide the following features:

  • Packet filtering forwards or drops sessions based on Layer 3 and Layer 4 information. This mechanism is the easiest one to break.
  • Network Address Translation (NAT) is used to translate outgoing packets from internal to external internet addresses. This mechanism provides security as a side effect but is not considered to be a security mechanism.
  • Stateful inspection watches the directions of TCP connections or UDP sessions that are opened through it, not only the Layer 3 and Layer 4 information. This method provides more security for the firewall.

In addition to this, most modern firewalls can provide additional mechanisms, depending on licensing:

  • Intrusion detection and prevention (IDPS): This can discover...