Book Image

Practical Network Scanning

By : Ajay Singh Chauhan
Book Image

Practical Network Scanning

By: Ajay Singh Chauhan

Overview of this book

Network scanning is the process of assessing a network to identify an active host network; same methods can be used by an attacker or network administrator for security assessment. This procedure plays a vital role in risk assessment programs or while preparing a security plan for your organization. Practical Network Scanning starts with the concept of network scanning and how organizations can benefit from it. Then, going forward, we delve into the different scanning steps, such as service detection, firewall detection, TCP/IP port detection, and OS detection. We also implement these concepts using a few of the most prominent tools on the market, such as Nessus and Nmap. In the concluding chapters, we prepare a complete vulnerability assessment plan for your organization. By the end of this book, you will have hands-on experience in performing network scanning using different tools and in choosing the best tools for your system.

Related Content you might be interested in

Current Title:

Small book image
Practical Network Scanning
Ajay Singh Chauhan
May, 2018 | 326 pages
Small book image
CCNA Security 210-260 Certification Guide
Glen D Singh | Vijay Anandh | Michael Vinod
Jun, 2018 | 518 pages
Small book image
CompTIA Network+ Certification Guide
Glen D Singh | Rishi Latchmepersad
Dec, 2018 | 422 pages
Small book image
Network Protocols for Security Professionals
Deepanshu Khanna | Yoram Orzach
Oct, 2022 | 580 pages
Table of Contents (19 chapters)
Title Page
Title Page
Packt Upsell
Packt Upsell
Contributors
Contributors
Preface
Preface
Free Chapter
1
Fundamental Security Concepts
Fundamental Security Concepts
Why security?
Building blocks of information security
Computer security
Network security
Internet security
Security issues, threats, and attacks
Summary
Questions
Further reading
2
Secure Network Design
Secure Network Design
Access control 
Network management and security design
Hardening your TCP/IP stack
DoS and DDoS attacks 
IP spoofing
Ping sweeps and Port scans
DNS vulnerabilities 
Two factor authentication
Summary 
Questions
Further reading
3
Server-Level Security
Server-Level Security
Classification of data
Physical security 
Disk encryption
Hardening server security
Authentication NTLM versus Kerberos
Password policies
Server-level permissions
Server antivirus and malware protection
Local security policies
Summary
Questions
Further reading
4
Cloud Security Design
Cloud Security Design
Cloud offerings
Public versus private
Shared technology and shared danger
Security approach for cloud computing
DDoS attack protection
Data loss prevention
Exploited system vulnerabilities
Summary 
Questions
Further reading
5
Application Security Design
Application Security Design
GDPR
SQL Injection
WAFs
Blacklisting and whitelisting
Using HTTPS for everything
Summary
Questions
Further reading
6
Threat Detection and Response
Threat Detection and Response
Network threat detection
Endpoint threat detection
Security information and event management
Summary
Questions
Further reading
7
Vulnerability Assessment
Vulnerability Assessment
Infrastructure concerns
Nessus installation, configuration, and vulnerability assessment methodology
Sample report
Summary
Questions
Further reading
8
Remote OS Detection
Remote OS Detection
Reasons for OS detection 
Determining vulnerability of target hosts
Tailoring exploits
OS detection technique with Nmap
TCP/IP fingerprinting methods supported by Nmap
Understanding an Nmap fingerprint
OS matching algorithms
Summary
Questions
Further reading
9
Public Key Infrastructure-SSL
Public Key Infrastructure-SSL
Foundation of SSL
TLS versus SSL
Public Key Infrastructure
Attacks against PKI
Microsoft Windows and IIS
OpenSSL
SSL Management tools
Summary 
Questions
Further reading
10
Firewall Placement and Detection Techniques
Firewall Placement and Detection Techniques
Technical requirements
Firewall and design considerations
Demilitarized Zone
OSI model versus TCP/IP model
Firewall performance, capabilities, and function
Summary
Questions
Further Reading
11
VPN and WAN Encryption
VPN and WAN Encryption
Overview
Classes of VPN
Type of VPN protocol
VPN Design
IKE V1 versus IKE V2
WAN Encryption technique
Summary 
Questions
Further Reading
12
Summary and Scope of Security Technologies
Summary and Scope of Security Technologies
DDoS protection
BGP FlowSpec
AI in cyber security 
Next Gen SIEM
Software Defined Networking Firewall
Bring-Your-Own-Identity (BYOI)
Summary
Further reading 
Assessment
Assessment
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Chapter 10
Chapter 11
Other Books you may enjoy
Other Books you may enjoy
Leave a review - let other readers know what you think
Index
Index

Understanding an Nmap fingerprint

OS fingerprinting is a technique used to determine the type and version of the operating system running on a remote host. The nmap-os-db data file contains thousands of signatures. However, different remote operating systems respond to Nmap's specialized OS detection probes. A fingerprint contains an operating system's name, its general classification, and response data pattern.

A typical fingerprint format appears as shown in the following figure. During detection probe, attributes and results are compared against the Nmap os-db OS database. A simple command can be used for OS detection with the flag -O:

#sudo nmap --O <ip or ip subnet>

The following screenshot is specific to the Cisco 2820 device and shows that a number of tests will be performed before Nmap declares that device as Cisco 2820. This Nmap database will have similar fingerprints for most known devices, and this keeps growing:

We can see the following terms in the above snapshot:

  • SEQ test...
Previous Section
End of Section 7
Next Section