LitArk » Books » Computer

Mike OLeary - Cyber Operations: Building, Defending, and Attacking Modern Computer Networks

Here you can read online Mike OLeary - Cyber Operations: Building, Defending, and Attacking Modern Computer Networks full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2015, publisher: Apress, genre: Computer. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Book:
Cyber Operations: Building, Defending, and Attacking Modern Computer Networks
Author:
Mike OLeary
Publisher:
Apress
Genre:
Books / Computer
Year:
2015
Rating:
5 / 5
Favourites:
Add to favourites
Your mark:
- 100
- 1
- 2
- 3
- 4
- 5

Description
Author's other books
Similar books

Cyber Operations: Building, Defending, and Attacking Modern Computer Networks: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Cyber Operations: Building, Defending, and Attacking Modern Computer Networks" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

Learn to set up, defend, and attack computer networks. This book focuses on networks and real attacks, offers extensive coverage of offensive and defensive techniques, and is supported by a rich collection of exercises and resources.

Youll learn how to configure your network from the ground up, starting by setting up your virtual test environment with basics like DNS and active directory, through common network services, and ending with complex web applications involving web servers and backend databases.

Key defensive techniques are integrated throughout the exposition. You will develop situational awareness of your network and will build a complete defensive infrastructureincluding log servers, network firewalls, web application firewalls, and intrusion detection systems.

Of course, you cannot truly understand how to defend a network if you do not know how to attack it, so you will attack your test systems in a variety of ways beginning with elementary attacks against browsers through privilege escalation to a domain administrator, or attacks against simple network servers through the compromise of a defended e-commerce site.

The author, who has coached his universitys cyber defense team three times to the finals of the National Collegiate Cyber Defense Competition, provides a practical, hands-on approach to cyber security.

What youll learn

How to securely set up a complete network, from its infrastructure through web applications
How to integrate defensive technologies such as firewalls and intrusion detection systems into your network
How to attack your network with tools like Kali Linux, Metasploit, and Burp Suite
How to gain situational awareness on your network to detect and prevent such attacks

Who this book is for

This book is for beginning and intermediate professionals in cyber security who want to learn more about building, defending, and attacking computer networks. It is also suitable for use as a textbook and supplementary text for hands-on courses in cyber operations at the undergraduate and graduate level.

Table of Contents

Chapter 1. System Setup

Chapter 2. Basic Offense

Chapter 3. Operational Awareness

Chapter 4. DNS & BIND

Chapter 5. Enumerating the Network

Chapter 6. Active Directory

Chapter 7. Attacking the Domain

Chapter 8. Logging

Chapter 9. Network Services

Chapter 10. Malware

Chapter 11. Apache and ModSecurity

Chapter 12. IIS and ModSecurity

Chapter 13. Web Attacks

Chapter 14. Firewalls

Chapter 15. MySQL

Chapter 16. Snort

Chapter 17. PHP

Chapter 18. Web Applications

Mike OLeary: author's other books

Who wrote Cyber Operations: Building, Defending, and Attacking Modern Computer Networks? Find out the surname, the name of the author of the book and a list of all author's works by series.

Cyber Operations: Building, Defending, and Attacking Modern Computer Networks — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Cyber Operations: Building, Defending, and Attacking Modern Computer Networks" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

Mike O'Leary 2015

Mike O'Leary Cyber Operations 10.1007/978-1-4842-0457-3_1

1. System Setup

Mike OLeary 1

(1)

Department of Mathematics, Towson University, Towson, MD, US

Introduction

Cyber operations is about the configuration, defense, and attack of real systems. Publicly known vulnerabilities in deployed systems are patched, though perhaps not as rapidly as the security might hope. Any publicly known vulnerabilities that might be exploited in currently deployed systems are necessarily 0-days. In contrast, older systems can be attacked using a range of exploits that are known today, but were unknown when the systems were deployed. Thus, this book focuses on systems that were deployed between 2008 and 2013.

To configure, attack, and defend systems, a testing laboratory is required. Such a laboratory must not only allow systems to be built and run, but must provide a way to segregate them from the wider Internet; after all, older systems are known to be vulnerable to public exploits. One excellent solution is virtualization. A range of virtualization solutions exist; two commonly deployed solutions are VMWare and VirtualBox. This chapter begins with a review of these virtualization solutions.

The Notes and References lists the major Windows desktop and server operating systems released between 2008 and 2013; it also includes major releases from the CentOS, OpenSuSE, Ubuntu, and Mint Linux distributions. The section provides download locations for the various Linux distributions. This chapter shows how to build virtual machines running these operating systems.

A functioning computer system is more than just its operating system though; its entire ecosystem of installed applications must be considered. Desktop systems generally include a browser as well as plug-ins for various kinds of active web content. This chapter shows how to install three commonly used programs: Firefox, Java, and Adobe Flash Player on Windows and Linux workstations. These tools have been released in different versions and patch levels; the Notes and References lists release dates and download locations for these tools.

One advantage of modern operating systems and many major software packages is that they automatically download and install the latest security patches, often without user interaction. In almost every circumstance this is a good thing. To keep these test systems at a preferred patch level, this functionality must be disabled.

When this chapter is complete, the reader will have set up and configured a fully functional testing laboratory that can be used to run Windows and Linux virtual machines as they were deployed on a selected date between 2008 and 2013.

Virtualization Tools

A good testing laboratory needs a wide range of systems. Rather than use dedicated hardware for each system, it is much simpler to build systems using virtualization. Two of the most common tools for operating system virtualization are VMWare Workstation 10.0 and VirtualBox, while other choices include Hyper-V, Parallels, QEMU, and Xen. This section focuses solely on the first two of these. VMWare Workstation is a long-standing, solid commercial product that runs on Windows and Linux; it has a free version called VMWare Player with reduced functionality. VirtualBox is a free, open source alternative; it runs on Windows Linux, Macintosh, and Solaris. In its current version, it is comparable to VMWare Workstation in functionality.

VMWare Workstation

The simplest way to learn about VMWare Workstation 10.0 is to dive right in by installing and running a guest operating system.

Installing a guest

Grab the install disc for a Linux distributionfor example, the DVD for CentOS 6.0, and save that .iso file in some convenient location. Launch VMWare Workstation. If the home tab appears, select Create a New Virtual Machine; if it does not, then the same option is available from the File menu.

VMWare Workstation begins the process of creating a new virtual machine by presenting the user with the New Virtual Machine Wizard. The Typical configuration is nearly always sufficient, so select it. The first question is the location of the install media; provide the location of the saved .iso file for the Installer disc image file (iso). In most, though not all cases, VMWare Workstation is able to recognize the operating system on the disc image. When VMWare Workstation moves to install a recognized operating system, it uses Easy Install and makes a number of choices for the user. This automated process is often convenient, however, it precludes the user from choosing some things, such as the system partition table or the precise collection of installed software; this can occasionally cause difficulty later.

When installing CentOS, VMWare Workstation asks for information about a system user: the users full name, the username, and the password for that user. The same password for the user is also used for the root account on the system. VMWare Workstation asks for both the name of the virtual machine and the location in which it will be stored. The VMWare Workstation name is separate and distinct from any host name of the system; in fact it is used solely by VMWare Workstation. It is used to generate the names of the files that comprise the virtual machine and will appear as the machines title within VMWare Workstation. When selecting the location of those files, note that there are many files for each virtual machine, so it is a very good idea to store each system in its own separate directory.

VMWare Workstation asks for the size of the virtual hard disk; it provides the option to split the virtual disk into smaller files. The rationale for this question is the limitation of some file systems, including FAT32. The FAT32 file system remains commonly used on flash drives, despite the fact that files in FAT32 are limited to less than 4GB in size. A virtual machine with a hard drive of 4GB or more could not be copied onto such a flash drive. When VMWare Workstation uses a split virtual disk, each file is no more than 2GB in size.

Be sure that your host has sufficient memory for all of the running guests.

Before creating the virtual machine, VMWare Workstation allows the hardware to be customized. Key settings that can be modified include the systems memory, the number of network cards it possesses, and installed peripherals such as CD/DVD or a USB controller.

When all of the choices have been made, VMWare Workstation installs the operating system.

Managing guests

Once the guest operating system is installed, the guest will reboot. Interact with the guest as any other system; log on, providing the password selected during the installation process. The guest responds as if it were the only system currently running.

One issue that may arise is control of the keyboard and the mouse. This is not an issue for the CentOS 6.0 system when installed on VMWare Workstation 10.0, because VMWare Tools is installed on the guest as part of the installation process. In general, though, the keyboard combination CTRL+ALT, when pressed inside a guest returns control of the keyboard and the mouse to the host. Try it; if the cursor for the mouse in the CentOS 6.0 guest is different for the cursor for your host operating system, you will see the change.

Another problematic keyboard combination is CTRL+ALT+DEL. On a Windows host, that combination will be intercepted by the host operating system. To send that combination to the guest, use CTRL+ALT+INSERT instead.

Once the guest is running, it can be powered down from within the guest. VMWare Workstation also provides the ability to shut down or restart the guest from VMWare Workstation itself. It also provides the ability to suspend the guest, essentially pausing it. This can be convenient when the current state of the system is critical. The process of pausing and restarting guests is resource intensive and can be somewhat slow.

Light

Font size:

↓

↑

Reset

Interval:

↓

↑

Bookmark:

Make

Similar books «Cyber Operations: Building, Defending, and Attacking Modern Computer Networks»

Look at similar books to Cyber Operations: Building, Defending, and Attacking Modern Computer Networks. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.

Seth Enoka

Cybersecurity for Small Networks : A No-Nonsense Guide for the Reasonably Paranoid

Yoram Orzach

Network Protocols for Security Professionals: Probe and identify network-based vulnerabilities and safeguard against network protocol breaches

Rob VandenBrink

Linux for Networking Professionals: Securely configure and operate Linux network services for the enterprise

Aditya Mukherjee

Network Security Strategies: Protect your network and enterprise against advanced cybersecurity attacks and threats

OLeary

Cyber Operations

Rehim

Python Penetration Testing Cookbook: Practical recipes on implementing information gathering, network security, intrusion detection, and post-exploitation

Rash

Linux firewalls attack detection and response with iptables, psad, and fwsnort

Pretty Bill

Building networks and servers using BeagleBone: set up and configure a local area network and file server by building your own home-based multimedia server

Ettore Galluccio

SQL Injection Strategies: Practical techniques to secure old vulnerabilities against modern attacks

Arthur Salmon

Applied Network Security: Proven tactics to detect and defend against all kinds of network attack

Oriyano Sean-Philip

Client-Side Attacks and Defense

Michael Rash

Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort

Reviews about «Cyber Operations: Building, Defending, and Attacking Modern Computer Networks»

Discussion, reviews of the book Cyber Operations: Building, Defending, and Attacking Modern Computer Networks and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.