Packt+ | Advance your knowledge in tech

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Securing Network Infrastructure

You're reading from Securing Network Infrastructure Discover practical network security with Nmap and Nessus 7

Product type Course

Published in Mar 2019

Publisher

ISBN-13 9781838642303

Length 538 pages

Edition 1st Edition

Tools

Nessus

Concepts

Infrastructure Management

Authors (2):

Sairam Jetty

Sagar Rahalkar

View More author details

Table of Contents (28) Chapters

Title Page

Copyright and Credits

About Packt

Contributors

Preface

1. Introduction to Network Vulnerability Scanning FREE CHAPTER

2. Understanding Network Scanning Tools

3. Port Scanning

4. Vulnerability Scanning

5. Configuration Audits

6. Report Analysis and Confirmation

7. Understanding the Customization and Optimization of Nessus and Nmap

8. Network Scanning for IoT, SCADA/ICS

9. Vulnerability Management Governance

10. Setting Up the Assessment Environment

11. Security Assessment Prerequisites

12. Information Gathering

13. Enumeration and Vulnerability Assessment

14. Gaining Network Access

15. Assessing Web Application Security

16. Privilege Escalation

17. Maintaining Access and Clearing Tracks

18. Vulnerability Scoring

19. Threat Modeling

20. Patching and Security Hardening

21. Vulnerability Reporting and Metrics

1. Other Books You May Enjoy

Leave a review - let other readers know what you think

Index

How to use Zenmap

Zenmap is the graphical interface of Nmap. It is open source and comes in the same installation package as Nmap:

Sometimes, working with command-line tools can be tedious for administrators, thus Zenmap acts as an alternate GUI option.

How do it…

Here are the steps:

Open Zenmap from the list of programs.
Enter the target to be scanned in the text field provided, as shown here:

Select Quick scanfrom the Profile drop-down list, as shown here:

This will perform a fast scan with the –F option, thereby giving results for the top 100 ports along with a detailed analysis in different tabs, as shown in the following screenshot:

The Ports/Hosts tab shows the various open ports along with the services and versions running on them based on the options selected in the scans:

The Topology tab shows the network topology detected. This will help an attacker to map the entire network in cases when entire subnets are scanned:

The Host Details tab gives information about the MAC address, the state...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at R$50/month. Cancel anytime

Authors (2)

Sairam Jetty

Sairam Jetty

Sairam Jetty has more than 5 years of hands-on experience in many verticals of penetration testing, compliance, digital forensics, and malware research. He is currently working with Paladion Networks, Abu Dhabi, as a senior analyst and team lead. He has assisted and associated with various financial, telecom, and industrial institutions for testing and securing their applications and environments. Sairam has industry-standard certifications, such as OSCP, Digital Forensic Analyst, Digital Forensic Investigator, and Mobile Security Expert. He also specializes in source code review and mobile application security. He has acquired a great knowledge of SCADA/ICS and nuclear security from his corporate experience and self-learning.

See other products by Sairam Jetty

Sagar Rahalkar

Sagar Rahalkar

Sagar Rahalkar is a seasoned information security professional having more than 10 years of comprehensive experience in various verticals of IS. His domain expertise is mainly into breach detection, cyber crime investigations, digital forensics, application security, vulnerability assessment and penetration testing, compliance for mandates and regulations, IT GRC, and much more. He holds a masters degree in computer science and several industry-recognized certifications such as Certified Cyber Crime Investigator, Certified Ethical Hacker, Certified Security Analyst, ISO 27001 Lead Auditor, IBM certified Specialist-Rational AppScan, Certified Information Security Manager (CISM), and PRINCE2. He has been closely associated with Indian law enforcement agencies for more than 3 years dealing with digital crime investigations and related training and received several awards and appreciations from senior officials of the police and defense organizations in India. Sagar has also been a reviewer and author for various books and online publications.

See other products by Sagar Rahalkar

Personalised recommendations for you

Based on your interests and search pattern

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Network Automation with Nautobot

Network Automation with Nautobot

This book will help you understand why a network source of truth is needed for long-term network automation success, which will in turn save you hundreds of hours in deploying and integrating Nautobot into network automation.

May 2024 27h 12m

NGINX HTTP Server

NGINX HTTP Server

Explore the power of NGINX with this guide covering an array of essential practical topics, including securing your infrastructure with automatic TLS certificates, placing NGINX in front of your existing applications, and much more.

May 2024 8h 44m

Mastering Azure Virtual Desktop

Mastering Azure Virtual Desktop

This updated edition will help you plan an Azure Virtual Desktop Architecture, implement its infrastructure, and manage its access and security. With content aligned with the exam objectives, it'll help you ace the Microsoft AZ-140 exam.

Jul 2024 23h 56m

Learn Ansible will teach you how to write Ansible Playbooks for deploying simple apps. This updated edition covers the latest Ansible features, helping you confidently implement Ansible in your daily workflows.

May 2024 13h 48m

HashiCorp Terraform Associate (003) Exam Guide

HashiCorp Terraform Associate (003) Exam Guide

This book will help you explore HashiCorp Terraform and prepare for Associate (003) certification, from understanding core concepts to advanced modules. You'll gain hands-on expertise, troubleshoot with confidence, and more.

May 2024 11h 28m

Kubernetes – An Enterprise Guide

Kubernetes – An Enterprise Guide

Navigate the complexities of Kubernetes and fully leverage its capabilities for enterprise applications. This edition dives into advanced deployments, groundbreaking techniques, and insights that will elevate your skills and redefine your expertise.

Aug 2024 22h 44m

Atlassian DevOps Toolchain Cookbook

Atlassian DevOps Toolchain Cookbook

Master setting up a DevOps toolchain using Atlassian tools and Open DevOps as a framework with this recipe-driven guide to automated testing, integration, deployment, observability, and incident management for streamlining development processes.

Jul 2024 16h 48m

AWS Certified Developer Associate Certification and Beyond

AWS Certified Developer Associate Certification and Beyond

This is your guide to passing the challenging AWS Certified Developer – Associate certification exam and setting yourself up for a rewarding career. Through a sample project, it explains how to design, architect, and implement applications on AWS.

Jul 2024 23h 40m

Implementing GitOps with Kubernetes

Implementing GitOps with Kubernetes

This book provides step-by-step tutorials and hands-on examples for effectively implementing GitOps practices in your Kubernetes deployments. You'll learn how to automate, monitor, and secure your infrastructure for efficient application delivery.

Aug 2024 14h 48m