Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Securing Network Infrastructure

You're reading from   Securing Network Infrastructure Discover practical network security with Nmap and Nessus 7

Arrow left icon
Product type Course
Published in Mar 2019
Publisher
ISBN-13 9781838642303
Length 538 pages
Edition 1st Edition
Tools
Arrow right icon
Authors (2):
Arrow left icon
Sairam Jetty Sairam Jetty
Author Profile Icon Sairam Jetty
Sairam Jetty
Sagar Rahalkar Sagar Rahalkar
Author Profile Icon Sagar Rahalkar
Sagar Rahalkar
Arrow right icon
View More author details
Toc

Table of Contents (28) Chapters Close

Title Page
Copyright and Credits
About Packt
Contributors
Preface
1. Introduction to Network Vulnerability Scanning FREE CHAPTER 2. Understanding Network Scanning Tools 3. Port Scanning 4. Vulnerability Scanning 5. Configuration Audits 6. Report Analysis and Confirmation 7. Understanding the Customization and Optimization of Nessus and Nmap 8. Network Scanning for IoT, SCADA/ICS 9. Vulnerability Management Governance 10. Setting Up the Assessment Environment 11. Security Assessment Prerequisites 12. Information Gathering 13. Enumeration and Vulnerability Assessment 14. Gaining Network Access 15. Assessing Web Application Security 16. Privilege Escalation 17. Maintaining Access and Clearing Tracks 18. Vulnerability Scoring 19. Threat Modeling 20. Patching and Security Hardening 21. Vulnerability Reporting and Metrics 1. Other Books You May Enjoy Index

Uses


As mentioned in the earlier sections of the chapter, the major advantage of performing a Network Vulnerability Scan is to understand the security posture of the network. The result of a Network Vulnerability Scan provides a bundle of information useful to both administrators and penetration testers, such as the following:

  • Unwanted ports are open and services running
  • Default user account and password information
  • Missing patches, updates, and upgrades
  • Vulnerable version of software installed
  • Vulnerable protocols in use
  • Vulnerable algorithms in use
  • Exploit information for all the preceding vulnerabilities

The Network Vulnerability Scan allows the identification of unnecessary ports that are open and the services running on these ports. For example, an application/web server in a demilitarized zone does not require TCP port 22 to be open and exposed to the internet. These unwanted ports make the host/device susceptible to attacks. Most of the scanners, when identifying a login interface to any of the hosted services, try to log in using a preexisting database of usernames and passwords, and provide a report of all the default usernames and passwords, the use of which can compromise the service.

A credentialed patch scan can reveal details about missing patches and updates for a variety of supported platforms. This information is critical as most of these missing patches have exploits available over the internet, which can be made use of to reproduce similar attacks on the network. This might also reveal various missing patches in the third-party tools installed on the machines of the network. This information helps an attacker to target these tools to exploit and obtain access to the nodes or, sometimes, even the entire network.

A Network Vulnerability Scan also highlights various vulnerable protocols used within the network or on the nodes. For example, if a server is running an SMB share supporting the SMBv1 protocol, it will be highlighted as vulnerability with an above moderate risk rating as SMBv1 is vulnerable to various known malware attacks. Also, a scan highlights the vulnerable ciphers and authentication methods used by the services running which are susceptible to known Man-in-the-Middle attacks. For example, if a web server is using basic authentication over HTTP protocol, it is vulnerable to expose user credentials when a Man-in-the-Middle attack is performed on the network.

Most of the vulnerability scanners, both open source and paid software, provide attack-related exploit information as a part of the description of the vulnerability. This will make the life of the attacker and the penetration tester easy by providing direct links either to the method of exploitation or the exploit code itself.

The following screenshot provides links to documents providing information about the vulnerability reported by the scanner:

Along with the previous technical use cases, a network vulnerability also has various uses from an organization's perspective, such as the following:

  • Giving importance and bringing focus to information security
  • Helping to find potential risks proactively
  • Resulting in network update
  • Advancing development in the administrative knowledge
  • Preventing financial loss in critical infrastructures
  • Prioritizing the vulnerabilities that require escalated patching versus delayed patching
You have been reading a chapter from
Securing Network Infrastructure
Published in: Mar 2019
Publisher:
ISBN-13: 9781838642303
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at R$50/month. Cancel anytime