Books & Videos

Table of Contents

  1. Chapter 1 Network Security Assessment

    1. The Business Benefits

    2. IP: The Foundation of the Internet

    3. Classifying Internet-Based Attackers

    4. Assessment Service Definitions

    5. Network Security Assessment Methodology

    6. The Cyclic Assessment Approach

  2. Chapter 2 The Tools Required

    1. The Operating Systems

    2. Free Network Scanning Tools

    3. Commercial Network Scanning Tools

    4. Protocol-Dependent Assessment Tools

  3. Chapter 3 Internet Host and Network Enumeration

    1. Web Search Engines

    2. NIC Querying

    3. DNS Querying

    4. Enumeration Technique Recap

    5. Enumeration Countermeasures

  4. Chapter 4 IP Network Scanning

    1. ICMP Probing

    2. TCP Port Scanning

    3. UDP Port Scanning

    4. IDS Evasion and Filter Circumvention

    5. Low-Level IP Assessment

    6. Network Scanning Recap

    7. Network Scanning Countermeasures

  5. Chapter 5 Assessing Remote Information Services

    1. Remote Information Services

    2. systat and netstat

    3. DNS

    4. finger

    5. auth

    6. SNMP

    7. LDAP

    8. rwho

    9. RPC rusers

    10. Remote Information Services Countermeasures

  6. Chapter 6 Assessing Web Services

    1. Web Services

    2. Identifying the Web Service

    3. Identifying Subsystems and Components

    4. Investigating Web Service Vulnerabilities

    5. Accessing Poorly Protected Information

    6. Assessing CGI Scripts and Custom ASP Pages

    7. Web Services Countermeasures

  7. Chapter 7 Assessing Remote Maintenance Services

    1. Remote Maintenance Services

    2. SSH

    3. Telnet

    4. R-Services

    5. X Windows

    6. Microsoft Remote Desktop Protocol

    7. VNC

    8. Citrix

    9. Remote Maintenance Services Countermeasures

  8. Chapter 8 Assessing FTP and Database Services

    1. FTP

    2. FTP Banner Grabbing and Enumeration

    3. FTP Brute-Force Password Guessing

    4. FTP Bounce Attacks

    5. Circumventing Stateful Filters Using FTP

    6. FTP Process Manipulation Attacks

    7. FTP Services Countermeasures

    8. Database Services

    9. Microsoft SQL Server

    10. Oracle

    11. MySQL

    12. Database Services Countermeasures

  9. Chapter 9 Assessing Windows Networking Services

    1. Microsoft Windows Networking Services

    2. Microsoft RPC Services

    3. The NetBIOS Name Service

    4. The NetBIOS Datagram Service

    5. The NetBIOS Session Service

    6. The CIFS Service

    7. Unix Samba Vulnerabilities

    8. Windows Networking Services Countermeasures

  10. Chapter 10 Assessing Email Services

    1. Email Service Protocols

    2. SMTP

    3. POP-2 and POP-3

    4. IMAP

    5. Email Services Countermeasures

  11. Chapter 11 Assessing IP VPN Services

    1. IPsec VPNs

    2. Attacking IPsec VPNs

    3. Check Point VPN Security Issues

    4. Microsoft PPTP

    5. VPN Services Countermeasures

  12. Chapter 12 Assessing Unix RPC Services

    1. Enumerating Unix RPC Services

    2. RPC Service Vulnerabilities

    3. Unix RPC Services Countermeasures

  13. Chapter 13 Application-Level Risks

    1. The Fundamental Hacking Concept

    2. The Reasons Why Software Is Vulnerable

    3. Network Service Vulnerabilities and Attacks

    4. Classic Buffer-Overflow Vulnerabilities

    5. Heap Overflows

    6. Integer Overflows

    7. Format String Bugs

    8. Memory Manipulation Attacks Recap

    9. Mitigating Process Manipulation Risks

    10. Recommended Secure Development Reading

  14. Chapter 14 Example Assessment Methodology

    1. Network Scanning

    2. Accessible Network Service Identification

    3. Investigation of Known Vulnerabilities

    4. Network Service Testing

    5. Methodology Flow Diagram

    6. Recommendations

    7. Closing Comments

  1. Appendix A TCP, UDP Ports, and ICMP Message Types

    1. TCP Ports

    2. UDP Ports

    3. ICMP Message Types

  2. Appendix B Sources of Vulnerability Information

    1. Security Mailing Lists

    2. Vulnerability Databases and Lists

    3. Underground Web Sites

    4. Security Events and Conferences

  3. Colophon