Book Image

Securing Network Infrastructure

By : Sairam Jetty, Sagar Rahalkar
Book Image

Securing Network Infrastructure

By: Sairam Jetty, Sagar Rahalkar

Overview of this book

Digitization drives technology today, which is why it’s so important for organizations to design security mechanisms for their network infrastructures. Analyzing vulnerabilities is one of the best ways to secure your network infrastructure. This Learning Path begins by introducing you to the various concepts of network security assessment, workflows, and architectures. You will learn to employ open source tools to perform both active and passive network scanning and use these results to analyze and design a threat model for network security. With a firm understanding of the basics, you will then explore how to use Nessus and Nmap to scan your network for vulnerabilities and open ports and gain back door entry into a network. As you progress through the chapters, you will gain insights into how to carry out various key scanning tasks, including firewall detection, OS detection, and access management to detect vulnerabilities in your network. By the end of this Learning Path, you will be familiar with the tools you need for network scanning and techniques for vulnerability scanning and network protection. This Learning Path includes content from the following Packt books: •Network Scanning Cookbook by Sairam Jetty •Network Vulnerability Assessment by Sagar Rahalkar
Table of Contents (28 chapters)
Title Page
Copyright and Credits
About Packt

How to detect and bypass network protection systems

The basic function of Nmap is to generate custom packets and analyze their response once they are sent to the remote hosts. This sometimes is not allowed by network protection systems such as firewalls and intrusion prevention and detection systems. In this recipe, we will discuss some of the methods that can be used to bypass these protections:

  • -f (Fragment packets): Most firewalls perform stateful and stateless packet inspection for which they examine the content of the packets and decide whether to allow the packet or drop it based on its contents. In order to bypass this, Nmap provides an option to fragment the packets so that the network device will not be able to construct the packet to read the correct contents, thereby bypassing the protection.
  • --mtu (Maximum transmission unit specification): This works similar to the preceding method of creating packets of different sizes. With MTU you can specify the packet size in multiples of...