Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Network Scanning Cookbook
  • Toc
  • feedback
Network Scanning Cookbook

Network Scanning Cookbook

By : Jetty
close
Network Scanning Cookbook

Network Scanning Cookbook

By: Jetty

Overview of this book

Network scanning is a discipline of network security that identifies active hosts on networks and determining whether there are any vulnerabilities that could be exploited. Nessus and Nmap are among the top tools that enable you to scan your network for vulnerabilities and open ports, which can be used as back doors into a network. Network Scanning Cookbook contains recipes for configuring these tools in your infrastructure that get you started with scanning ports, services, and devices in your network. As you progress through the chapters, you will learn how to carry out various key scanning tasks, such as firewall detection, OS detection, and access management, and will look at problems related to vulnerability scanning and exploitation in the network. The book also contains recipes for assessing remote services and the security risks that they bring to a network infrastructure. By the end of the book, you will be familiar with industry-grade tools for network scanning, and techniques for vulnerability scanning and network protection.
Table of Contents (10 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Sections
Get in touch
Free Chapter
1
Introduction to Network Vulnerability Scanning
chevron up
Introduction to Network Vulnerability Scanning
Basic networks and their components
Network Vulnerability Scanning
Uses
Complexity
Response
Summary
2
Understanding Network Scanning Tools
Understanding Network Scanning Tools
Introducing Nessus and Nmap
Installing and activating Nessus
Downloading and installing Nmap
Updating Nessus
Updating Nmap
Removing Nessus
Removing Nmap
3
Port Scanning
Port Scanning
Introduction
How to specify a target
How to perform host discovery
How to identify open ports
How to manage specification and scan order
How to perform a script and version scan
How to detect operating system
How to detect and bypass network protection systems
How to use Zenmap
4
Vulnerability Scanning
Vulnerability Scanning
Introduction
How to manage Nessus policies
How to manage Nessus settings
How to manage Nessus user accounts
How to choose a Nessus scan template and policy
How to perform a vulnerability scan using Nessus
How to manage Nessus scans
5
Configuration Audits
Configuration Audits
Introducing compliance scans
Selecting a compliance scan policy
Introducing configuration audits
Performing an operating system audit
Performing a database audit
Performing a web application scan
6
Report Analysis and Confirmation
Report Analysis and Confirmation
Introduction
Understanding Nmap outputs
Understanding Nessus outputs
How to confirm Nessus vulnerabilities using Nmap and other tools
7
Understanding the Customization and Optimization of Nessus and Nmap
Understanding the Customization and Optimization of Nessus and Nmap
Introduction
Understanding Nmap Script Engine and its customization
Understanding the Nessus Audit policy and its customization
8
Network Scanning for IoT, SCADA/ICS
Network Scanning for IoT, SCADA/ICS
Introduction to SCADA/ICS
Using Nmap to scan SCADA/ICS
Using Nessus to scan SCADA/ICS systems
9
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Response

Once a Network Vulnerability Scan report is obtained, it is important to devise a mitigation plan to mitigate all the vulnerabilities highlighted as part of the report. The following are a few solutions that can be part of the Network Security Scan report:

  • Close unwanted ports and disable unwanted services
  • Use strong and uncommon passwords
  • Always apply latest patches and updates
  • Uninstall or update older versions of software
  • Disable legacy and old protocols in use
  • Use strong algorithms and authentication mechanism

The report needs to be compiled based on the findings, and tasks are to be assigned to the respective departments. For example, all the Windows-related vulnerabilities are to be mitigated by the respective team that is responsible for maintaining Windows machines. Once the responsibilities have been sorted across the teams, the teams are expected to perform an impact and feasibility analysis on the solution provided in the report. The teams have to check the solutions against the security objectives, confidentiality, integrity, and availability. These mitigations can be used as a baseline to create hardening documents, including any other available baselines in public or private domains.

Once the solutions have been implemented on the affected hosts, it is important for the team to include these recommended remediations into the existing policies in order to avoid misconfiguration in the future. These policies are to be updated from time to time in order to be in line with the current security standards.

Any organization or individual needs to comply and create a cycle of the following activities to achieve its information security objective:

  1. Vulnerability assessment
  2. Mitigation analysis
  3. Patch, update, and mitigate

A vulnerability assessment as mentioned previously will result in all the open gaps present in the network, after which mitigation analysis is required to understand the remediations that must be implemented and also to perform a feasibility check on whether it would have any impact on the continuity of the network components. Once all the remediations have been identified, implement the remediations and jump to step 1. This cycle, if performed quarterly, could ensure maximum protection to your network.

Always make sure that the solutions have been implemented on a test environment for any effects on the continuity of the applications hosted on the networks; also look for any dependencies to ensure that the network functionality is not affected.
End of Section 6
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete