Book Image

Applied Network Security

By : Arthur Salmon, Michael McLafferty, Warun Levesque
Book Image

Applied Network Security

By: Arthur Salmon, Michael McLafferty, Warun Levesque

Overview of this book

Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network. The book begins by showing you how to identify malicious network behaviour and improve your wireless security. We will teach you what network sniffing is, the various tools associated with it, and how to scan for vulnerable wireless networks. Then we’ll show you how attackers hide the payloads and bypass the victim’s antivirus. Furthermore, we’ll teach you how to spoof IP / MAC address and perform an SQL injection attack and prevent it on your website. We will create an evil twin and demonstrate how to intercept network traffic. Later, you will get familiar with Shodan and Intrusion Detection and will explore the features and tools associated with it. Toward the end, we cover tools such as Yardstick, Ubertooth, Wifi Pineapple, and Alfa used for wireless penetration testing and auditing. This book will show the tools and platform to ethically hack your own network whether it is for your business or for your personal home Wi-Fi.

Related Content you might be interested in

Current Title:

Small book image
Applied Network Security
Arthur Salmon | Michael McLafferty | Warun Levesque
Apr, 2017 | 350 pages
Small book image
Hands-On Penetration Testing with Kali NetHunter
Glen D Singh | SeanPhilip Oriyano
Feb, 2019 | 302 pages
Small book image
Kali Linux 2018: Assuring Security by Penetration Testing
Lee Allen | Alex Samm | Shakeel Ali | Damian Boodoo | Tedi Heriyanto | Gerard Johansen | Shiva V N Parasram
Oct, 2018 | 528 pages
Small book image
Learn Kali Linux 2019
Glen D Singh
Nov, 2019 | 550 pages
Table of Contents (18 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Free Chapter
1
Introduction to Network Security
Introduction to Network Security
Murphy's law
Hackers (and their types) defined
The hacking process
Ethical hacking issues
Current technologies
Recent events and statistics of network attacks
Security for individuals versus companies
Mitigation against threats
Building an assessment
Summary
References
2
Sniffing the Network
Sniffing the Network
What is network sniffing?
Lab 1-a scan to search for DDoS reflection UDP services
Using Wireshark filters
Wireshark filter cheat sheet
Lab 2
Sparta
Lab 3-scanning
Scanning a subnet
Evading firewalls
Gathering version info
Starting the listener
Summary
3
How to Crack Wi-Fi Passwords
How to Crack Wi-Fi Passwords
Why should we crack our own Wi-Fi?
What is packet injection?
Wi-Fi cracking tools
The Transmission Control Protocol (TCP) handshake
The short version (a cheat-sheet for the aircrack-ng suite)
Summary
4
Creating a RAT Using Msfvenom
Creating a RAT Using Msfvenom
Remote Access Trojans
Ways to disguise your RAT though Metasploit
Your defence
Summary
References
5
Veil Framework
Veil Framework
Veil-Evasion
Veil-Pillage
How do hackers hide their attack?
Intrusion with a PDF
Veil-PowerTools
What is antivirus protection?
Summary
References
6
Social Engineering Toolkit and Browser Exploitation
Social Engineering Toolkit and Browser Exploitation
Social engineering
What are web injections?
Cross site scripting (XSS) attacks
Browser exploitation with BeEF
Summary
7
Advanced Network Attacks
Advanced Network Attacks
What is an MITM attack?
Summary
8
Passing and Cracking the Hash
Passing and Cracking the Hash
What is a hash?
Cryptographic hash functions
How are hashes cracked?
How do pass the hash attacks impact businesses?
What defences are there against hash password attacks?
Summary
References
Links to download tools
9
SQL Injection
SQL Injection
What is SQL and how does it work?
SQL injection
Ways to defend against SQL injection attacks
Bypassing authentication
Finding vulnerabilities from a targeted sites
Hunting for web app vulnerabilities with Open Web Application Security Project (OWASP) ZAP
Summary
10
Scapy
Scapy
Scapy
Creating our first packet
The TCP three way handshake
Malformed packets
ACK scan
TCP port scanning
Summary
11
Web Application Exploits
Web Application Exploits
Web application exploits
What tools are used for web application penetration testing?
What is Autopwn?
What is BeEF and how to use it?
Summary
12
Evil Twins and Spoofing
Evil Twins and Spoofing
What is an evil twin?
What is address spoofing?
What is DNS spoofing?
How to detect an evil twin?
Summary
13
Injectable Devices
Injectable Devices
A deeper look into USB
How does the Rubber Ducky work?
Disabling ports
A KeyGrabber?
What the glitch?
Summary
14
The Internet of Things
The Internet of Things
What is the Internet of Things?
IOT and botnets
Summary
Sources
15
Detection Systems
Detection Systems
IDS
IPS
Host based
Network-based
Physical
Summary of differences
Security Information and Event Management (SIEM)
Splunk
Alert status
IDS versus IPS
Snort as an IPS
Lab 1-installing Snort and creating ICMP rules lab
Lab 2-create the following snort.conf and icmp.rules files
Lab 3-execute Snort
Lab 4-execute Snort as Daemon
Summary
16
Advance Wireless Security Lab Using the Wi-Fi Pineapple Nano/Tetra
Advance Wireless Security Lab Using the Wi-Fi Pineapple Nano/Tetra
The history of Wi-Fi - the WLAN standard
Wireless vulnerability
The Wi-Fi Pineapple
For penetration testing
Summary
17
Offensive Security and Threat Hunting
Offensive Security and Threat Hunting
What is offensive security?
SET browser exploit lab
Threat hunting platforms
Using the Pineapple for offensive security
Summary

Building an assessment

Creating a network assessment is an important aspect of network security. A network assessment will allow for a better understanding of where vulnerabilities may be found within the network. It is important to know precisely what you are doing during a network assessment. If the assessment is done incorrectly, you could cause great harm to the network you are trying to protect.

Before you start the network assessment, you should determine the objectives of the assessment itself. Are you trying to identify if the network has any open ports that shouldn't be? Is your objective to quantify how much traffic flows through the network at any given time or a specific time?

Once you decide on the objectives of the network assessment, you will then be able to choose the types of tool you will use. Network assessment tools are often known as penetration testing tools. A person who employs these tools is known as a penetration tester or pen tester.

These tools are designed to find and exploit network vulnerabilities, so that they can be fixed before a real attack occurs. That is why it is important to know what you are doing when using penetration testing tools during an assessment. Later in this book, we will discuss and provide applied labs for some of the most powerful penetration testing tools available. We will also explain how to use them properly.

Sometimes network assessments require a team. It is important to have an accurate idea of the scale of the network before you pick your team. In a large enterprise network, it can be easy to become overwhelmed by tasks to complete without enough support. Once the scale of the network assessment is complete, the next step is to ensure you have written permission and scope from management. All parties involved in the network assessment must be clear on what can and cannot be done to the network during the assessment.

After the assessment is completed, the last step is creating a report to educate concerned parties about the findings. Providing detailed information and solutions to vulnerabilities will help keep the network up-to-date in terms of defense. The report will also be able to determine if there are any viruses lying dormant, waiting for an opportune time to attack the network. Network assessments should be conducted routinely and frequently to help ensure strong network security.

Previous Section
End of Section 10
Next Section