Book Image

Network Scanning Cookbook

By : Sairam Jetty

Book Image

Network Scanning Cookbook

By: Sairam Jetty

Overview of this book

Network scanning is a discipline of network security that identifies active hosts on networks and determining whether there are any vulnerabilities that could be exploited. Nessus and Nmap are among the top tools that enable you to scan your network for vulnerabilities and open ports, which can be used as back doors into a network. Network Scanning Cookbook contains recipes for configuring these tools in your infrastructure that get you started with scanning ports, services, and devices in your network. As you progress through the chapters, you will learn how to carry out various key scanning tasks, such as firewall detection, OS detection, and access management, and will look at problems related to vulnerability scanning and exploitation in the network. The book also contains recipes for assessing remote services and the security risks that they bring to a network infrastructure. By the end of the book, you will be familiar with industry-grade tools for network scanning, and techniques for vulnerability scanning and network protection.

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Introduction to Network Vulnerability Scanning

Introduction to Network Vulnerability Scanning

Basic networks and their components

Network Vulnerability Scanning

Understanding Network Scanning Tools

Understanding Network Scanning Tools

Introducing Nessus and Nmap

Installing and activating Nessus

Downloading and installing Nmap

Updating Nessus

Removing Nessus

Port Scanning

How to specify a target

How to perform host discovery

How to identify open ports

How to manage specification and scan order

How to perform a script and version scan

How to detect operating system

How to detect and bypass network protection systems

How to use Zenmap

Vulnerability Scanning

Vulnerability Scanning

How to manage Nessus policies

How to manage Nessus settings

How to manage Nessus user accounts

How to choose a Nessus scan template and policy

How to perform a vulnerability scan using Nessus

How to manage Nessus scans

Configuration Audits

Configuration Audits

Introducing compliance scans

Selecting a compliance scan policy

Introducing configuration audits

Performing an operating system audit

Performing a database audit

Performing a web application scan

Report Analysis and Confirmation

Report Analysis and Confirmation

Understanding Nmap outputs

Understanding Nessus outputs

How to confirm Nessus vulnerabilities using Nmap and other tools

Understanding the Customization and Optimization of Nessus and Nmap

Understanding the Customization and Optimization of Nessus and Nmap

Understanding Nmap Script Engine and its customization

Understanding the Nessus Audit policy and its customization

Network Scanning for IoT, SCADA/ICS

Network Scanning for IoT, SCADA/ICS

Introduction to SCADA/ICS

Using Nmap to scan SCADA/ICS

Using Nessus to scan SCADA/ICS systems

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Downloading and installing Nmap

Nmap is a free and open source network scanning and audit tool available at https://Nmap.org/. This tool is one of the most important components of a network-level security audit, as it allows the user to monitor or observe the network-level posture of a host by providing data about open ports and services running on these ports. The Nmap tool also allows interaction with these services and the running of various scripts using Nmap Script Engine (NSE). The following command is the syntax to perform TCP syn full port scanning on the host 127.0.0.1:

Nmap -sS -p1-65535 127.0.0.1

We will be looking into recipes for the usage of the Nmap tool in further chapters.

Getting ready

Nmap is available in...