Book Image

Securing Network Infrastructure

By : Sairam Jetty, Sagar Rahalkar
Book Image

Securing Network Infrastructure

By: Sairam Jetty, Sagar Rahalkar

Overview of this book

Digitization drives technology today, which is why it’s so important for organizations to design security mechanisms for their network infrastructures. Analyzing vulnerabilities is one of the best ways to secure your network infrastructure. This Learning Path begins by introducing you to the various concepts of network security assessment, workflows, and architectures. You will learn to employ open source tools to perform both active and passive network scanning and use these results to analyze and design a threat model for network security. With a firm understanding of the basics, you will then explore how to use Nessus and Nmap to scan your network for vulnerabilities and open ports and gain back door entry into a network. As you progress through the chapters, you will gain insights into how to carry out various key scanning tasks, including firewall detection, OS detection, and access management to detect vulnerabilities in your network. By the end of this Learning Path, you will be familiar with the tools you need for network scanning and techniques for vulnerability scanning and network protection. This Learning Path includes content from the following Packt books: •Network Scanning Cookbook by Sairam Jetty •Network Vulnerability Assessment by Sagar Rahalkar
Table of Contents (28 chapters)
Title Page
Copyright and Credits
About Packt


As mentioned in the earlier sections of the chapter, the major advantage of performing a Network Vulnerability Scan is to understand the security posture of the network. The result of a Network Vulnerability Scan provides a bundle of information useful to both administrators and penetration testers, such as the following:

  • Unwanted ports are open and services running
  • Default user account and password information
  • Missing patches, updates, and upgrades
  • Vulnerable version of software installed
  • Vulnerable protocols in use
  • Vulnerable algorithms in use
  • Exploit information for all the preceding vulnerabilities

The Network Vulnerability Scan allows the identification of unnecessary ports that are open and the services running on these ports. For example, an application/web server in a demilitarized zone does not require TCP port 22 to be open and exposed to the internet. These unwanted ports make the host/device susceptible to attacks. Most of the scanners, when identifying a login interface to any of the hosted services, try to log in using a preexisting database of usernames and passwords, and provide a report of all the default usernames and passwords, the use of which can compromise the service.

A credentialed patch scan can reveal details about missing patches and updates for a variety of supported platforms. This information is critical as most of these missing patches have exploits available over the internet, which can be made use of to reproduce similar attacks on the network. This might also reveal various missing patches in the third-party tools installed on the machines of the network. This information helps an attacker to target these tools to exploit and obtain access to the nodes or, sometimes, even the entire network.

A Network Vulnerability Scan also highlights various vulnerable protocols used within the network or on the nodes. For example, if a server is running an SMB share supporting the SMBv1 protocol, it will be highlighted as vulnerability with an above moderate risk rating as SMBv1 is vulnerable to various known malware attacks. Also, a scan highlights the vulnerable ciphers and authentication methods used by the services running which are susceptible to known Man-in-the-Middle attacks. For example, if a web server is using basic authentication over HTTP protocol, it is vulnerable to expose user credentials when a Man-in-the-Middle attack is performed on the network.

Most of the vulnerability scanners, both open source and paid software, provide attack-related exploit information as a part of the description of the vulnerability. This will make the life of the attacker and the penetration tester easy by providing direct links either to the method of exploitation or the exploit code itself.

The following screenshot provides links to documents providing information about the vulnerability reported by the scanner:

Along with the previous technical use cases, a network vulnerability also has various uses from an organization's perspective, such as the following:

  • Giving importance and bringing focus to information security
  • Helping to find potential risks proactively
  • Resulting in network update
  • Advancing development in the administrative knowledge
  • Preventing financial loss in critical infrastructures
  • Prioritizing the vulnerabilities that require escalated patching versus delayed patching