Network Security Assessment 3rd Pdf.
What is a network security assessment? How does it differ from penetration testing? What tools should I use?
“Network security assessment” is a term that refers to the practice of performing tests on a computer network to determine its security posture. This is through various means such as scanning ports, looking at logs, and examining software installed on the system.
Network security can mean different things depending on who you ask. For example, to a company that develops software for enterprise networks, network security means the protection of corporate resources from an external attacker.
A network security assessment is different from penetration testing in that it’s not a black-box test. Penetration testing involves actively attacking a computer or network. Such as sending malformed packets to see if they can exploit any vulnerabilities.
The network security assessment is a more passive form of testing. Whereby we see vulnerabilities by passively observing system activity without actively trying to exploit them. This requires less technical skill but it still requires a knowledge of how computers work and the ability to interpret logs and other system data.
In most cases, performing a network security assessment requires using some kind of software or hardware device that allows you to scan ports and look at system logs remotely. Some examples include
Port scanners:
These can scan ports on individual systems or entire subnets. They are to discover whether any ports are open on a system that shouldn’t be (e.g., running services like telnet or FTP). When performing this kind of scan, it must be with caution. Because it’s possible to inadvertently break something when scanning certain systems such as Windows XP machines.
Packet sniffers:
These can capture traffic on your local network. A packet sniffer will capture all traffic passing through it. So it should only be run on a trusted local network segment with no outside connections if at all possible.
Sniffers can also be in conjunction with port scanners or vulnerability scanners. Since they will often have the ability to save captured packets locally for later analysis.
Log analysis tools:
These are to interpret log files generated by various services such as apache webservers, Sendmail email servers, and MySQL databases. They are for figuring out which users have accessed which systems and when they did so as well as where they came from (IP address).
Vulnerability scanners:
These are to scan for known vulnerabilities in systems such as a web server running on a windows 2003 server. Vulnerability scanners are black-box tools in that they actively send test packets to the target and look for any indication that something has gone wrong.
If something does go wrong, then the vulnerability scanner will save the information collected so you can try to reproduce the problem later.
Passive scanning
Passive scanning is how it sounds – it’s a passive way of checking a system for security weaknesses. It involves watching network traffic, examining logs and monitoring files. The output from these tools can be analyzed to determine what weaknesses may exist on a system or network that an attacker could exploit.
The problem with passive scanning is that you need to know what weaknesses exist to know what to look for, and there are too many unknowns out there. You never know what vulnerabilities might be lurking in your system – that’s why active scanning is a must.
Active scanning
Active scanning involves actively sending packets to a computer or network and analyzing how they behave in response. This kind of testing can be with or without permission from the owner of the system on test. The reason why this kind of testing is often with malicious activity such as hacking or cracking.
However, this kind of testing is also used by network administrators who need to troubleshoot network problems when they can’t connect remotely (e.g., because of a firewall). Active scanning can also be used by security professionals who want to learn more about a system’s defenses by actively trying to break into it.