Digitization rules the tech world, and so it’s important for organizations to design security mechanisms for their network infrastructures. Analyzing vulnerabilities is one of the best ways to secure your network infrastructure. This learning path begins by introducing you to the various concepts of network security assessment, workflows, and architectures. You will use open source tools to perform both active and passive network scanning and use these results to analyze and design a threat model for network security. With a firm understanding of the basics, you will learn to scan your network for vulnerabilities and open ports and use them as back doors into a network with the top tools of network scanning: Nessus and Nmap. As you progress through the chapters, you will learn how to carry out various key scanning tasks, such as firewall detection, OS detection, and access management to detect vulnerabilities in your network. By the end of this learning path, you will be familiar with the tools for network scanning and the techniques for vulnerability scanning and network protection.
This learning path includes content from the following Packt products:
- Network Scanning Cookbook by Sairam Jetty
- Network Vulnerability Assessment by Sagar Rahalkar
If you are a software developer with a basic understanding of computer vision and image processing and want to develop interesting computer vision applications with OpenCV, then this course is for you. Prior knowledge of C++ will help you understand the concepts covered in this learning path.
Chapter 1, Introduction to Network Vulnerability Scanning, introduces basic network components and their architecture. It also explains the methods and methodologies of network vulnerability scanning and the complexities involved in it and looks at mitigation planning for identified vulnerabilities.
Chapter 2, Understanding Network Scanning Tools, consists of recipes that will give you a basic understanding of the Nessus and Nmap tools, including the technical requirements to install these tools and the details of their workings. The chapter then dives into the installation and removal instructions for Nessus and Nmap.
Chapter 3, Port Scanning, consists of recipes on techniques for performing port scanning. It begins with instructions and details regarding host discovery, moving to open ports, scripts, and version scanning. It also gives insights into evading network protection systems while performing port scans.
Chapter 4, Vulnerability Scanning, consists of recipes on managing the features of Nessus, such as policies, settings, and user accounts. You will also get to grips with the steps for performing a network vulnerability scan using Nessus before then managing the scan results.
Chapter 5, Configuration Audits, consists of recipes for performing configuration audits and gap analyses on multiple platforms using Nessus. It takes you through a step-by-step process for creating, selecting, and configuring policies to perform configuration audits on operating systems, databases, and web applications.
Chapter 6, Report Analysis and Confirmation, will teach you how to create effective reports by analyzing the results from Nmap and Nessus scans. The recipes in this chapter will give a detailed insight into the supported report types and the level of customization these tools allow. It also gives details on some techniques for confirming vulnerabilities reported by Nessus and Nmap using various tools.
Chapter 7, Understanding the Customization and Optimization of Nessus and Nmap, teaches you about the creation of custom scripts and audit files for Nmap and Nessus. These recipes provide step-by-step procedures for replicating the method for the customization of audit files.
Chapter 8, Network Scanning for IoT, SCADA/ICS, consists of recipes for understanding the network scanning procedure for SCADA and ICS systems. The recipes outline methods for using Nmap and Nessus to perform port scanning and network vulnerability scanning by ensuring the high availability of these critical systems.
Chapter 9, Vulnerability Management Governance, is about understanding the essentials of vulnerability management program from a governance perspective and introducing the reader to some absolute basic security terminology and the essential prerequisites for initiating a security assessment.
Chapter 10, Setting Up the Assessment Environment, will introduce various methods and techniques for setting up a comprehensive vulnerability assessment and penetration testing environment.
Chapter 11, Security Assessment Prerequisites, is about knowing the prerequisites of security assessment. We will learn what all planning and scoping are required along with documentation to perform a successful security assessment.
Chapter 12, Information Gathering, is about learning various tools and techniques for gathering information about the target system. We will learn to apply various techniques and use multiple tools to effectively gather as much information as possible about the targets in scope. The information gathered from this stage would be used as input to the next stage.
Chapter 13, Enumeration and Vulnerability Assessment, is about exploring various tools and techniques for enumerating the targets in scope and performing a vulnerability assessment on them.
Chapter 14, Gaining Network Access, is about getting insights on how to gain access to a compromised system using various techniques and covert channels.
Chapter 15, Assessing Web Application Security, is about learning various aspects of web application security.
Chapter 16, Privilege Escalation, is about knowing various concepts related to privilege escalation. The reader would get familiar with various privilege escalation concepts along with practical techniques of escalating privileges on compromised Windows and Linux systems.
Chapter 17, Maintaining Access and Clearing Tracks, is about maintaining access on the compromised system and cleaning up tracks using anti-forensic techniques. We will learn to make persistent backdoors on the compromised system and use Metasploit's antiforensic abilities to clear the penetration trails
Chapter 18, Vulnerability Scoring, is about understanding the importance of correct vulnerability scoring. We will understand the need of standard vulnerability scoring and gain hands-on knowledge on scoring vulnerabilities using CVSS.
Chapter 19, Threat Modeling, is about understanding and preparing threat models. We will understand the essential concepts of threat modeling and gain practical knowledge on using various tools for threat modeling.
Chapter 20, Patching and Security Hardening, is about understanding various aspects of patching and security hardening. We will understand the importance of patching along with practical techniques of enumerating patch levels on target systems and developing secure configuration guidelines for hardening the security of the infrastructure.
Chapter 21, Vulnerability Reporting and Metrics, is about exploring various metrics which could be built around the vulnerability management program. The reader would be able to understand the importance, design and implement metrics to measure the success of the organizational vulnerability management program.
It is recommended to have a PC with 8 GB RAM and a virtual system setup with Kali Linux installed on it. Kali Linux image file for VMware/VirtualBox/Hyper-V can be downloaded from https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/
In order to follow the recipes, you will need to be running Windows or Kali Linux, and will require Metasploitable 2 by Rapid7 with the latest versions of Nmap and Nessus. For some of the recipes, such as those to do with configuration audits, you will need to have a Nessus professional license.
We also provide a PDF file that has color images of the screenshots/diagrams used in this learning path. You can download it here: https://www.packtpub.com/sites/default/ files/downloads/NetworkVulnerabilityAssessment_ColorImages.pdf.https://www.packtpub.com/sites/default/files/downloads/ 9781789346480_ColorImages.pdf.
There are a number of text conventions used throughout this course.
CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "The input() method is used to get input from the user."
Any command-line input or output is written as follows:
root@kali:~# theharvester -d demo.testfire.net -l 20 -b google -h output.html
Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "If you need something different, click on the DOWNLOADS link in the header for all possible downloads: "
In the first eight lessons of the learning path, you will find several headings that appear frequently (Getting ready, How to do it..., How it works..., There's more..., and See also). To give clear instructions on how to complete a recipe, use these sections as follows:
This section tells you what to expect in the recipe and describes how to set up any software or any preliminary settings required for the recipe.
This section usually consists of a detailed explanation of what happened in the previous section.
This section consists of additional information about the recipe in order to make you more knowledgeable about the recipe.
Feedback from our readers is always welcome.
General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packt.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the Internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!
For more information about Packt, please visit packt.com.