Network Protocols for Security Professionals: Probe and identify network-based vulnerabilities and safeguard against network protocol breaches
- Length: 499 pages
- Edition: 1
- Language: English
- Publisher: Packt Publishing
- Publication Date: 2022-08-09
- ISBN-10: 1789953480
- ISBN-13: 9781789953480
- Sales Rank: #0 (See Top 100 Books)
Discover network-based attacks and learn to defend your organization’s network and network devices
Key Features
- Exploit vulnerabilities and use custom modules and scripts to crack authentication protocols
- Safeguard against web, mail, database, DNS, voice, video, and collaboration server attacks
- Monitor and protect against brute-force attacks by implementing defense mechanisms
Book Description
Network security plays an important role in securing IT infrastructures against attacks. The increased demand for computer systems, and the ever-evolving internet, has allowed people to find vulnerabilities and infiltrate into organizations through their network. Network Protocol Security will help you safeguard your organization’s network and networking devices.
This book is a comprehensive guide that begins with the basics, gradually increases in complexity, and later takes you through advanced concepts. You will start by understanding the structure of data network protocols and devices as well as breaches. In addition to this, you’ll become familiar with attacking tools and scripts that take advantage of these breaches. After covering the basics, you will learn attacks that target networks and network devices. Next, you will perform eavesdropping, learn data analysis, and use behavior analysis for network forensics. Toward the concluding chapters, you will understand network protocols and how to use methods and tools you learned in the previous parts to attack and protect these protocols.
By the end of this network security book, you will have learned network protocol security and security counter-measures to protect network protocols.
What you will learn
- Understand security breaches, weaknesses, and protection techniques
- Attack and defend wired as well as wireless networks
- Discover how to attack and defend LAN, IP, and TCP/UDP-based vulnerabilities
- Focus on encryption, authorization, and authentication principles
- Gain insights into implementing security protocols the right way
- Use tools and scripts to perform attacks on network devices
- Wield Python, PyShark, and other scripting tools for packet analysis
- Identify attacks on web servers to secure web and email services
Who This Book Is For
This book is for red team and blue team pentesters, security professionals, or bug hunters. Anyone involved in network protocol management and security will also benefit from this book. Basic experience in network security will be an added advantage.
Network Protocols for Security Professionals: Probe and identify network-based vulnerabilities and safeguard against network protocol breaches 1 Data Centers and the Enterprise Network Architecture and its Components Exploring networks and data flows The data center, core, and user networks Switching (L2) and routing (L3) topologies Switching (L2) and routing (L3) L2 and L3 architectures L2 and L3 architecture data flow L2 and L3 architecture data flow with redundancy L2 and L3 topologies with firewalls L2 and L3 topologies with overlays The network perimeter The data, control, and management planes The data plane The control plane The management plane SDN and NFV Software-defined networking (SDN) Network function virtualization (NFV) Cloud connectivity Type of attacks and where they are implemented Attacks on the internet Attacks from the internet targeting the organization network Attacks on firewalls Attacks on servers Attacks on local area networks (LANs) Attacks on network routers and routing protocols Attacks on wireless networks Summary Questions Answers 2 Network Protocol Structures and Operations Data network protocols and data structures Layer 2 protocols –STP, VLANs, and security methods The Ethernet protocols LAN switching VLANs and VLAN tagging Spanning tree protocols Layer 3 protocols – IP and ARP Routers and routing protocols Routing operations Routing protocols Layer 4 protocols – UDP, TCP, and QUIC UDP TCP QUIC Vulnerabilities in layer 4 protocols Encapsulation and tunneling Summary Questions Answers 3 Security Protocols and Their Implementation Security pillars – confidentiality, integrity, and availability Encryption basics and protocols Services provided by encryption Stream versus block ciphers Symmetric versus asymmetric encryption Public key infrastructure and certificate authorities Authentication basics and protocols Authentication types Username/password with IP address identification authentication Encrypted username/password authentication Extensible authentication protocol (EAP) Authorization and access protocols Hash functions and message digests IPSec and key management protocols Virtual Private Networks (VPNs) IPSec principles of operation IPSec tunnel establishment IPSec modes of operation IPSec authentication and encryption protocols IPSec authentication header (AH) protocol IPSec encapsulation security payload (ESP) protocol SSL/TLS and proxies Protocol basics The handshake protocol Network security components – RADIUS/TACACS+, FWs, IDS/IPSs, NAC, and WAFs Firewalls RADIUS, NAC, and other authentication features Web application firewalls (WAFs) Summary Questions )4Using Network Security Tools, Scripts, and Code Commercial, open source, and Linux-based tools Open source tools Commercial tools Information gathering and packet analysis tools Basic network scanners Network analysis and management tools Protocol discovery tools Vulnerability analysis tools Nikto Legion Exploitation tools Metasploit Framework (MSF) Stress testing tools Windows tools Kali Linux tools Network forensics tools Wireshark and packet capture tools Summary Questions Answers 5 Finding Protocol Vulnerabilities Black box, white box, and gray box testing Black box and fuzzing Enterprise networks testing Provider networks testing Fuzzing phases Common vulnerabilities Layer 2-based vulnerabilities Layer 3-based vulnerabilities Layer 4-based vulnerabilities Layer 5-based vulnerabilities Layer 6-based vulnerabilities Layer 7-based vulnerabilities Fuzzing tools Basic fuzzing Breaking usernames and passwords (brute-force attacks) Fuzzing network protocols Crash analysis – what to do when we find a bug Summary Questions Answers 6 Finding Network-Based Attacks Planning a network-based attack Gathering information from the network Stealing information from the network Preventing users from using IT resources Active and passive attacks Active attacks Passive attacks Reconnaissance and information gathering Listening to network broadcasts Listening on a single device/port-mirror Network-based DoS/DDoS attacks and flooding Flooding through scanning attacks Random traffic generation flooding Generating and defending against flooding and DoS/DDoS attacks L2-based attacks MAC flooding STP, RSTP, and MST attacks L3- and ARP-based attacks ARP poisoning DHCP starvation Summary Questions 7 Finding Device-Based Attacks Network devices’ structure and components The functional structure of communications devices The physical structure of communications devices Attacks on the management plane and how to defend against them Brute-force attacks on console, Telnet, and SSH passwords Brute-force attacks against SNMP passwords (community strings) Brute-force attacks against HTTP/HTTPS passwords Attacks on other ports and services SYN-scan and attacks targeting the management plane processes’ availability Attacks on the control plane and how to defend against them Control plane-related actions that influence device resources Attacks on the data plane and how to defend against them Protection against heavy traffic through an interface Attacks on system resources Memory-based attacks, memory leaks, and buffer overflows CPU overload and vulnerabilities Summary Questions Answers 9 Using Behavior Analysis and Anomaly Detection Collection and monitoring methods SNMP NetFlow and IPFIX Wireshark and network analysis tools Establishing a baseline Small business/home network Medium-size enterprise network Typical suspicious patterns Scanning patterns Summary Questions Answers
Donate to keep this site alive
How to download source code?
1. Go to: https://github.com/PacktPublishing
2. In the Find a repository… box, search the book title: Network Protocols for Security Professionals: Probe and identify network-based vulnerabilities and safeguard against network protocol breaches
, sometime you may not get the results, please search the main title.
3. Click the book title in the search results.
3. Click Code to download.
1. Disable the AdBlock plugin. Otherwise, you may not get any links.
2. Solve the CAPTCHA.
3. Click download link.
4. Lead to download server to download.