Jetty Sairam - Securing network infrastructure: discover practical network security with Nmap and Nessus 7

Copyright 2019 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors nor Packt Publishing or its dealers and distributors will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: March 2019

Production reference: 1250319

Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.

ISBN 978-1-83864-230-3

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry-leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

• Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

• Improve your learning with Skill Plans built especially for you

• Get a free eBook or video every month

• Mapt is fully searchable

• Copy and paste, print, and bookmark content

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at customercare@packtpub.com for more details.

At www.packt.com , you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Sairam Jetty has more than 5 years of hands-on experience in many verticals of penetration testing, compliance, digital forensics, and malware research. He is currently working with Paladion Networks, Abu Dhabi, as a senior analyst and team lead. He has assisted and associated with various financial, telecom, and industrial institutions for testing and securing their applications and environments. Sairam has industry-standard certifications, such as OSCP, Digital Forensic Analyst, Digital Forensic Investigator, and Mobile Security Expert. He also specializes in source code review and mobile application security. He has acquired a great knowledge of SCADA/ICS and nuclear security from his corporate experience and self-learning.

Sagar Rahalkar is a seasoned information security professional with an experience of 12 years in various verticals of IS. His domain expertise is in Cybercrime investigations, Forensics, AppSec, VA/PT, Compliance, IT GRC and so on. He has a master's degree in computer science and several certifications, including Cyber Crime Investigator, CEH, ECSA, ISO 27001 LA, IBM AppScan Certified, CISM, and PRINCE2. He has been associated with Indian law enforcement agencies for around 4 years for dealing with cybercrime investigations and related training. He has received several awards and appreciations from senior officials of the police and defense organizations in India. He has also been a reviewer and author for various books and online publications.

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Digitization rules the tech world, and so its important for organizations to design security mechanisms for their network infrastructures. Analyzing vulnerabilities is one of the best ways to secure your network infrastructure. This learning path begins by introducing you to the various concepts of network security assessment, workflows, and architectures. You will use open source tools to perform both active and passive network scanning and use these results to analyze and design a threat model for network security. With a firm understanding of the basics, you will learn to scan your network for vulnerabilities and open ports and use them as back doors into a network with the top tools of network scanning: Nessus and Nmap. As you progress through the chapters, you will learn how to carry out various key scanning tasks, such as firewall detection, OS detection, and access management to detect vulnerabilities in your network. By the end of this learning path, you will be familiar with the tools for network scanning and the techniques for vulnerability scanning and network protection.

This learning path includes content from the following Packt products:

• Network Scanning Cookbook by Sairam Jetty
• Network Vulnerability Assessment by Sagar Rahalkar

If you are a software developer with a basic understanding of computer vision and image processing and want to develop interesting computer vision applications with OpenCV, then this course is for you. Prior knowledge of C++ will help you understand the concepts covered in this learning path.

, Introduction to Network Vulnerability Scanning, introduces basic network components and their architecture. It also explains the methods and methodologies of network vulnerability scanning and the complexities involved in it and looks at mitigation planning for identified vulnerabilities.

, Understanding Network Scanning Tools, consists of recipes that will give you a basic understanding of the Nessus and Nmap tools, including the technical requirements to install these tools and the details of their workings. The chapter then dives into the installation and removal instructions for Nessus and Nmap.

, Port Scanning, consists of recipes on techniques for performing port scanning. It begins with instructions and details regarding host discovery, moving to open ports, scripts, and version scanning. It also gives insights into evading network protection systems while performing port scans.