Network Protocols for Security Professionals: Probe and identify network-based vulnerabilities and safeguard against network protocol breaches
- Length: 499 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2022-08-09
- ISBN-10: 1789953480
- ISBN-13: 9781789953480
- Sales Rank: #0 (See Top 100 Books)
Discover network-based attacks and learn to defend your organization’s network and network devices
Key Features
- Exploit vulnerabilities and use custom modules and scripts to crack authentication protocols
- Safeguard against web, mail, database, DNS, voice, video, and collaboration server attacks
- Monitor and protect against brute-force attacks by implementing defense mechanisms
Book Description
Network security plays an important role in securing IT infrastructures against attacks. The increased demand for computer systems, and the ever-evolving internet, has allowed people to find vulnerabilities and infiltrate into organizations through their network. Network Protocol Security will help you safeguard your organization’s network and networking devices.
This book is a comprehensive guide that begins with the basics, gradually increases in complexity, and later takes you through advanced concepts. You will start by understanding the structure of data network protocols and devices as well as breaches. In addition to this, you’ll become familiar with attacking tools and scripts that take advantage of these breaches. After covering the basics, you will learn attacks that target networks and network devices. Next, you will perform eavesdropping, learn data analysis, and use behavior analysis for network forensics. Toward the concluding chapters, you will understand network protocols and how to use methods and tools you learned in the previous parts to attack and protect these protocols.
By the end of this network security book, you will have learned network protocol security and security counter-measures to protect network protocols.
What you will learn
- Understand security breaches, weaknesses, and protection techniques
- Attack and defend wired as well as wireless networks
- Discover how to attack and defend LAN, IP, and TCP/UDP-based vulnerabilities
- Focus on encryption, authorization, and authentication principles
- Gain insights into implementing security protocols the right way
- Use tools and scripts to perform attacks on network devices
- Wield Python, PyShark, and other scripting tools for packet analysis
- Identify attacks on web servers to secure web and email services
Who This Book Is For
This book is for red team and blue team pentesters, security professionals, or bug hunters. Anyone involved in network protocol management and security will also benefit from this book. Basic experience in network security will be an added advantage.
Network Protocols for Security Professionals: Probe and identify network-based vulnerabilities and safeguard against network protocol breaches
1 Data Centers and the Enterprise Network Architecture and its Components
Exploring networks and data flows
The data center, core, and user networks
Switching (L2) and routing (L3) topologies
Switching (L2) and routing (L3)
L2 and L3 architectures
L2 and L3 architecture data flow
L2 and L3 architecture data flow with redundancy
L2 and L3 topologies with firewalls
L2 and L3 topologies with overlays
The network perimeter
The data, control, and management planes
The data plane
The control plane
The management plane
SDN and NFV
Software-defined networking (SDN)
Network function virtualization (NFV)
Cloud connectivity
Type of attacks and where they are implemented
Attacks on the internet
Attacks from the internet targeting the organization network
Attacks on firewalls
Attacks on servers
Attacks on local area networks (LANs)
Attacks on network routers and routing protocols
Attacks on wireless networks
Summary
Questions
Answers
2 Network Protocol Structures and Operations
Data network protocols and data structures
Layer 2 protocols –STP, VLANs, and security methods
The Ethernet protocols
LAN switching
VLANs and VLAN tagging
Spanning tree protocols
Layer 3 protocols – IP and ARP
Routers and routing protocols
Routing operations
Routing protocols
Layer 4 protocols – UDP, TCP, and QUIC
UDP
TCP
QUIC
Vulnerabilities in layer 4 protocols
Encapsulation and tunneling
Summary
Questions
Answers
3 Security Protocols and Their Implementation
Security pillars – confidentiality, integrity, and availability
Encryption basics and protocols
Services provided by encryption
Stream versus block ciphers
Symmetric versus asymmetric encryption
Public key infrastructure and certificate authorities
Authentication basics and protocols
Authentication types
Username/password with IP address identification authentication
Encrypted username/password authentication
Extensible authentication protocol (EAP)
Authorization and access protocols
Hash functions and message digests
IPSec and key management protocols
Virtual Private Networks (VPNs)
IPSec principles of operation
IPSec tunnel establishment
IPSec modes of operation
IPSec authentication and encryption protocols
IPSec authentication header (AH) protocol
IPSec encapsulation security payload (ESP) protocol
SSL/TLS and proxies
Protocol basics
The handshake protocol
Network security components – RADIUS/TACACS+, FWs, IDS/IPSs, NAC, and WAFs
Firewalls
RADIUS, NAC, and other authentication features
Web application firewalls (WAFs)
Summary
Questions
)4Using Network Security Tools, Scripts, and Code
Commercial, open source, and Linux-based tools
Open source tools
Commercial tools
Information gathering and packet analysis tools
Basic network scanners
Network analysis and management tools
Protocol discovery tools
Vulnerability analysis tools
Nikto
Legion
Exploitation tools
Metasploit Framework (MSF)
Stress testing tools
Windows tools
Kali Linux tools
Network forensics tools
Wireshark and packet capture tools
Summary
Questions
Answers
5 Finding Protocol Vulnerabilities
Black box, white box, and gray box testing
Black box and fuzzing
Enterprise networks testing
Provider networks testing
Fuzzing phases
Common vulnerabilities
Layer 2-based vulnerabilities
Layer 3-based vulnerabilities
Layer 4-based vulnerabilities
Layer 5-based vulnerabilities
Layer 6-based vulnerabilities
Layer 7-based vulnerabilities
Fuzzing tools
Basic fuzzing
Breaking usernames and passwords (brute-force attacks)
Fuzzing network protocols
Crash analysis – what to do when we find a bug
Summary
Questions
Answers
6 Finding Network-Based Attacks
Planning a network-based attack
Gathering information from the network
Stealing information from the network
Preventing users from using IT resources
Active and passive attacks
Active attacks
Passive attacks
Reconnaissance and information gathering
Listening to network broadcasts
Listening on a single device/port-mirror
Network-based DoS/DDoS attacks and flooding
Flooding through scanning attacks
Random traffic generation flooding
Generating and defending against flooding and DoS/DDoS attacks
L2-based attacks
MAC flooding
STP, RSTP, and MST attacks
L3- and ARP-based attacks
ARP poisoning
DHCP starvation
Summary
Questions
7 Finding Device-Based Attacks
Network devices’ structure and components
The functional structure of communications devices
The physical structure of communications devices
Attacks on the management plane and how to defend against them
Brute-force attacks on console, Telnet, and SSH passwords
Brute-force attacks against SNMP passwords (community strings)
Brute-force attacks against HTTP/HTTPS passwords
Attacks on other ports and services
SYN-scan and attacks targeting the management plane processes’ availability
Attacks on the control plane and how to defend against them
Control plane-related actions that influence device resources
Attacks on the data plane and how to defend against them
Protection against heavy traffic through an interface
Attacks on system resources
Memory-based attacks, memory leaks, and buffer overflows
CPU overload and vulnerabilities
Summary
Questions
Answers
9 Using Behavior Analysis and Anomaly Detection
Collection and monitoring methods
SNMP
NetFlow and IPFIX
Wireshark and network analysis tools
Establishing a baseline
Small business/home network
Medium-size enterprise network
Typical suspicious patterns
Scanning patterns
Summary
Questions
AnswersDonate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Network Protocols for Security Professionals: Probe and identify network-based vulnerabilities and safeguard against network protocol breaches, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.
