Book Image

Practical Network Scanning

By : Ajay Singh Chauhan
Book Image

Practical Network Scanning

By: Ajay Singh Chauhan

Overview of this book

Network scanning is the process of assessing a network to identify an active host network; same methods can be used by an attacker or network administrator for security assessment. This procedure plays a vital role in risk assessment programs or while preparing a security plan for your organization. Practical Network Scanning starts with the concept of network scanning and how organizations can benefit from it. Then, going forward, we delve into the different scanning steps, such as service detection, firewall detection, TCP/IP port detection, and OS detection. We also implement these concepts using a few of the most prominent tools on the market, such as Nessus and Nmap. In the concluding chapters, we prepare a complete vulnerability assessment plan for your organization. By the end of this book, you will have hands-on experience in performing network scanning using different tools and in choosing the best tools for your system.
Table of Contents (19 chapters)
Title Page
Packt Upsell
Contributors
Preface
Index

Security information and event management


Understanding what's going on inside your network is the key element to securing it and ensuring continued surveillance. Managing the data feed coming from servers as well as security devices on activity and the use of these available services is key to providing this security. SIEM is a tool which aggregates incoming information from network sensors such as IPS, IDS, Honeypot, firewalls, or anything which can detect security events and feed information to the SIEM tool. SIEM provides you with the current state of your network and offers a 360-degree view of the IT environment. The correlation with log events makes it possible to view what is going on in your network, and including this feature means that an incident response team can react.

SIEM—Event versus incident and data breach

If you have been a network or security professional, you may be familiar with terms such as logs, alerts, notifications, incidents, and events. All of these terms depend...