Chris McNab - Network Security Assessment: Know Your Network

by Chris McNab

Copyright 2017 Chris McNab. All rights reserved.

Printed in the United States of America.

Published by OReilly Media, Inc. , 1005 Gravenstein Highway North, Sebastopol, CA 95472.

OReilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://oreilly.com/safari.). For more information, contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com .

• Editors: Rachel Roumeliotis and Heather Scherer
• Production Editor: Melanie Yarbrough
• Copyeditor: Octal Publishing Services
• Proofreader: Jasmine Kwityn
• Indexer: Ellen Troutman-Zaig
• Interior Designer: David Futato
• Cover Designer: Karen Montgomery
• Illustrator: Rebecca Demarest

• December 2016: Third Edition

See http://oreilly.com/catalog/errata.csp?isbn=9781491910955 for release details.

The OReilly logo is a registered trademark of OReilly Media, Inc. Network Security Assessment, the cover image, and related trade dress are trademarks of OReilly Media, Inc.

While the publisher and the author have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the author disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellectual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights.

978-1-491-91095-5

[LSI]

Adversaries routinely target networks for gain. As I prepare this third edition of Network Security Assessment, the demand for incident response expertise is also increasing. Although software vendors have worked to improve the security of their products over the past decade, system complexity and attack surfaces have grown, and if anything, the overall integrity of the Internet has degraded.

Attacker tactics have become increasingly refined, combining intricate exploitation of software defects, social engineering, and physical attack tactics to target high-value assets. To make matters worse, many technologies deployed to protect networks have been proven ineffective. Google Project Zero

As stakes increase, so does the value of research output. Security researchers are financially incentivized to disclose zero-day vulnerabilities to third parties and brokers, who in turn share the findings with their customers, and in some cases, responsibly notify product vendors. There exists a growing gap by which the number of severe defects known only to privileged groups (e.g., governments and organized criminals) increases each day.

A knee-jerk reaction is to prosecute hackers and curb the proliferation of their tools. The adversaries we face, however, along with the tactics they adopt, are nothing but a symptom of a serious problem: the products we use are unfit for purpose. Product safety is an afterthought for many technology companies, and the challenges we face today a manifestation of this.

To aggravate things further, governments have militarized the Internet and eroded the integrity of cryptosystems used to protect data. As security professionals, we must advocate defense in depth to mitigate risks that will likely always exist, and work hard to ensure that our networks are a safe place to do commerce, store data, and communicate with one another. Life for us all would be very different without the Internet and the freedoms it provides.