Sagar Rahalkar - Network Vulnerability Assessment: Identify security loopholes in your networks infrastructure

Copyright 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Gebin George
Acquisition Editor: Rohit Rajkumar
Content Development Editor: Ronn Kurien
Technical Editor: Mohd Riyan Khan
Copy Editor: Safis Editing
Project Coordinator: Jagdish Prabhu
Proofreader: Safis Editing
Indexer: Rekha Nair
Graphics: Tom Scaria
Production Coordinator: Shantanu Zagade

First published: August 2018

Production reference: 1300818

Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.

ISBN 978-1-78862-725-2

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

• Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

• Improve your learning with Skill Plans built especially for you

• Get a free eBook or video every month

• Mapt is fully searchable

• Copy and paste, print, and bookmark content

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at service@packtpub.com for more details.

At www.PacktPub.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Sagar Rahalkar is a seasoned information security professional having 12 years experience in various verticals of IS. His domain expertise is in Cybercrime investigations, Forensics, AppSec, VA/PT, Compliance, IT GRC etc. He has a master's degree in computer science and several certifications such as Cyber Crime Investigator, CEH, ECSA, ISO 27001 LA, IBM AppScan Certified, CISM, and PRINCE2. He has been associated with Indian law enforcement agencies for around 4 years dealing with cybercrime investigations and related training. He has received several awards and appreciations from senior officials of the police and defense organizations in India. He has also been a reviewer and author for various books and online publications.

Dattatray Bhat has 18+ years of rich experience in Information Security, Cyber Security, Data Privacy, Governance, Compliance, ITIL Framework and Infrastructure Management. A keen strategist with expertise in developing Information Security, Cyber Security strategy in alignment with Business Strategy translating security into business terms and ensuring security is a business enabler for the organization. Developed Information Security, Cyber Security Frameworks, Security Operations Centers for large complex organization. Expertise in building different platforms secure configuration documents based on industry best practices.

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

The tech world has been taken over by digitization to a very large extent, and so it's become extremely important for an organization to actively design security mechanisms for their network infrastructures. Analyzing the vulnerabilities can be one of the best ways to secure your network infrastructure.

Network Vulnerability Assessment will initially start with network security assessment concepts, workflows, and architectures. Then, you will use open source tools to perform both active and passive network scanning. As you make your way through the chapters, you will use these scanning results to analyze and design a threat model for network security. In the concluding chapters, you will dig deeper into concepts such as IP network analysis, Microsoft services, and mail services. You will also get to grips with various security best practices, which help you build your network security mechanism.

By the end of this book, you will be in a position to build a security framework fit for an organization.

This book is for security analysts, threat analysts, and any security professionals responsible for developing a network threat model for an organization. This book is also for any individual who is or wants to be part of a vulnerability management team and implement an end-to-end robust vulnerability management program.

, Vulnerability Management Governance, is about understanding the essentials of vulnerability management program from a governance perspective and introducing the reader to some absolute basic security terminology and the essential prerequisites for initiating a security assessment.

, Setting Up the Assessment Environment, will introduce various methods and techniques for setting up a comprehensive vulnerability assessment and penetration testing environment.

, Security Assessment Prerequisites, is about knowing the prerequisites of security assessment. We will learn what all planning and scoping are required along with documentation to perform a successful security assessment.