Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
KALI LINUX NETWORK SCANNING COOKBOOK
KALI LINUX NETWORK SCANNING COOKBOOK

KALI LINUX NETWORK SCANNING COOKBOOK: Over 90 hands-on recipes explaining how to leverage custom scripts, and integrated tools in Kali Linux to effectively master network scanning

eBook
€30.99 €34.99
Paperback
€42.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

KALI LINUX NETWORK SCANNING COOKBOOK

Chapter 1. Getting Started

This first chapter covers the basics of setting up and configuring a virtual security lab, which can be used to practice most of the scenarios and exercises addressed throughout this book. Topics addressed in this chapter include the installation of the virtualization software, the installation of various systems in the virtual environment, and the configuration of some of the tools that will be used in the exercises. The following recipes will be covered in this chapter:

  • Configuring a security lab with VMware Player (Windows)
  • Configuring a security lab with VMware Fusion (Mac OS X)
  • Installing Ubuntu Server
  • Installing Metasploitable2
  • Installing Windows Server
  • Increasing the Windows attack surface
  • Installing Kali Linux
  • Configuring and using SSH
  • Installing Nessus on Kali Linux
  • Configuring Burp Suite on Kali Linux
  • Using text editors (VIM and Nano)

Configuring a security lab with VMware Player (Windows)

You can run a virtual security lab on a Windows PC with relatively low available resources by installing VMware Player on your Windows workstation. You can get VMware Player for free, or the more functional alternative, VMware Player Plus, for a low cost.

Getting ready

To install VMware Player on your Windows workstation, you will first need to download the software. The download for the free version of VMware Player can be found at https://my.vmware.com/web/vmware/free. From this page, scroll down to the VMware Player link and click on Download. On the next page, select the Windows 32- or 64-bit installation package and then click on Download. There are installation packages available for Linux 32-bit and 64-bit systems as well.

How to do it…

Once the software package has been downloaded, you should find it in your default download directory. Double-click on the executable file in this directory to start the installation process. Once started, it is as easy as following the onscreen instructions to complete the install. After the installation is complete, you should be able to start VMware Player by accessing the desktop icon, the quick launch icon, or by browsing to it in All Programs. Once loaded, you will see the virtual machine library. This library will not yet contain any virtual machines, but they will be populated as you create them on the left-hand side of the screen, as shown in the following screenshot:

How to do it…

Once you have opened VMware Player, you can select Create a New Virtual Machine to get started. This will initialize a very easy-to-use virtual machine installation wizard:

How to do it…

The first task that you need to perform in the installation wizard is to define the installation media. You can choose to install it directly from your host machine's optical drive, or you can use an ISO image file. ISOs will be used for most of the installs discussed in this section, and the place where you can get them will be mentioned in each specific recipe. For now, we will assume that we browsed to an existing ISO file and clicked on Next, as shown in the following screenshot:

How to do it…

You then need to assign a name for the virtual machine. The virtual machine name is merely an arbitrary value that serves as a label to identify and distinguish it from other VMs in your library. Since a security lab is often classified by a diversity of different operating systems, it can be useful to indicate the operating system as part of the virtual machine's name. The following screenshot displays the Specify Disk Capacity window:

How to do it…

The next screen requests a value for the maximum size of the installation. The virtual machine will only consume hard drive space as required, but it will not exceed the value specified here. Additionally, you can also define whether the virtual machine will be contained within a single file or spread across multiple files. Once you are done with specifying the disk capacity, you get the following screenshot:

How to do it…

The final step provides a summary of the configurations. You can either select the Finish button to finalize the creation of the virtual machine or select the Customize Hardware… button to manipulate more advanced configurations. Have a look at the following screenshot for the advanced configurations:

How to do it…

The advanced configuration settings give you full control over shared resources, virtual hardware configurations, and networking. Most of the default configurations should be sufficient for your security lab, but if changes need to be made at a later time, these configurations can be readdressed by accessing the virtual machine settings. When you are done with setting up the advanced configuration, you get the following screenshot:

How to do it…

After the installation wizard has finished, you should see the new virtual machine listed in your virtual machine library. From here, it can now be launched by pressing the play button. Multiple virtual machines can be run simultaneously by opening multiple instances of VMware Player and a unique VM in each instance.

How it works…

VMware creates a virtualized environment in which resources from a single hosting system can be shared to create an entire network environment. Virtualization software such as VMware has made it significantly easier and cheaper to build a security lab for personal, independent study.

Configuring a security lab with VMware Fusion (Mac OS X)

You can also run a virtual security lab on Mac OS X with relative ease by installing VMware Fusion on your Mac. VMware Fusion does require a license that has to be purchased, but it is very reasonably priced.

Getting ready

To install VMware Player on your Mac, you will first need to download the software. To download the free trial or purchase the software, go to the following URL: https://www.vmware.com/products/fusion/.

How to do it…

Once the software package has been downloaded, you should find it in your default download directory. Run the .dmg installation file and then follow the onscreen instructions to install it. Once the installation is complete, you can launch VMware Fusion either from the dock or within the Applications directory in Finder. Once loaded, you will see the virtual machine library. This library will not yet contain any virtual machines, but they will be populated as you create them on the left-hand side of the screen. The following screenshot shows the Virtual Machine Library:

How to do it…

To get started, click on the Add button in the top-left corner of the screen and then click on New. This will start the virtual machine installation wizard. The installation wizard is a very simple guided process to set up your virtual machine, as shown in the following screenshot:

How to do it…

The first step requests that you select your installation method. VMware Fusion gives you options to install from a disc or image (ISO file), or offers several techniques to migrate existing systems to a new virtual machine. For all of the virtual machines discussed in this section, you will select the first option.

After selecting the first option, Install from disc or image, you will be prompted to select the installation disc or image to be used. If nothing is populated automatically, or if the automatically populated option is not the image you want to install, click on the Use another disc or disc image button. This should open up Finder, and it will allow you to browse to the image you would like to use. The place where you can get specific system image files will be discussed in later recipes in this section. Finally, we are directed to the Finish window:

How to do it…

After you have selected the image file that you wish to use, click on the Continue button and you will be brought to the summary screen. This will provide an overview of the configurations you selected. If you wish to make changes to these settings, click on the Customize Settings button. Otherwise, click on the Finish button to create the virtual machine. When you click on it, you will be requested to save the file(s) associated with the virtual machine. The name you use to save it will be the name of the virtual machine and will be displayed in you virtual machine library, as shown in the following screenshot:

How to do it…

As you add more virtual machines, you will see them included in the virtual machine library on the left-hand side of the screen. By selecting any particular virtual machine, you can launch it by clicking on the Start Up button at the top. Additionally, you can use the Settings button to modify configurations or use the Snapshots button to save the virtual machine at various moments in time. You can run multiple virtual machines simultaneously by starting each one independently from the library.

How it works…

By using VMware Fusion within the Mac OS X operating system, you can create a virtualized lab environment to create an entire network environment on an Apple host machine. Virtualization software such as VMware has made it significantly easier and cheaper to build a security lab for personal, independent study.

Installing Ubuntu Server

Ubuntu Server is an easy-to-use Linux distribution that can be used to host network services and/or vulnerable software for testing in a security lab. Feel free to use other Linux distributions if you prefer; however, Ubuntu is a good choice for beginners because there is a lot of reference material and resources publicly available.

Getting ready

Prior to installing Ubuntu Server in VMware, you will need to download the image disk (ISO file). This file can be downloaded from Ubuntu's website at the following URL: http://www.ubuntu.com/server.

How to do it…

After the image file has been loaded and the virtual machine has been booted from it, you will see the default Ubuntu menu that is shown in the following screenshot. This includes multiple installation and diagnostic options. The menu can be navigated to with the keyboard. For a standard installation, ensure that the Install Ubuntu Server option is highlighted and press Enter.

How to do it…

When the installation process begins, you will be asked a series of questions to define the configurations of the system. The first two options request that you specify your language and country of residence. After answering these questions, you will be required to define your keyboard layout configuration as shown in the following screenshot:

How to do it…

There are multiple options available to define the keyboard layout. One option is detection, in which you will be prompted to press a series of keys that will allow Ubuntu to detect the keyboard layout you are using. You can use keyboard detection by clicking on Yes. Alternatively, you can select your keyboard layout manually by clicking on No. This process is streamlined by defaulting to the most likely choice based on your country and language. After you have defined your keyboard layout, you are requested to enter a hostname for the system. If you will be joining the system to a domain, ensure that the hostname is unique. Next, you will be asked for the full name of the new user and username. Unlike the full name of the user, the username should consist of a single string of lowercase letters. Numbers can also be included in the username, but they cannot be the first character. Have a look at the following screenshot:

How to do it…

After you have provided the username of the new account, you will be requested to provide a password. Ensure that the password is something you can remember as you may later need to access this system to modify configurations. Have a look at the following screenshot:

How to do it…

After supplying a password, you will be asked to decide whether the home directories for each user should be encrypted. While this offers an additional layer of security, it is not essential in a lab environment as the systems will not be holding any real sensitive data. You will next be asked to configure the clock on the system as shown in the following screenshot:

How to do it…

Even though your system is on an internal IP address, it will attempt to determine the public IP address through which it is routing out and will use this information to guess your appropriate time zone. If the guess provided by Ubuntu is correct, select Yes; if not, select No to manually choose the time zone. After the time zone is selected, you will be asked to define the disk partition configurations as shown in the following screenshot:

How to do it…

If you have no reason to select differently, it is recommended that you choose the default selection. It is unlikely that you will need to perform any manual partitioning in a security lab as each virtual machine will usually be using a single dedicated partition. After selecting the partitioning method, you will be asked to select the disk. Unless you have added additional disks to the virtual machine, you should only see the following option here:

How to do it…

After selecting the disk, you will be asked to review the configurations. Verify that everything is correct and then confirm the installation. Prior to the installation process, you will be asked to configure your HTTP proxy. For the purposes of this book, a separate proxy is unnecessary, and you can leave this field blank. Finally, you will be asked whether you want to install any software on the operating system as shown in the following screenshot:

How to do it…

To select any given software, use the Space bar. To increase the attack surface, I have included multiple services, only excluding virtual hosting and additional manual package selection. Once you have selected your desired software packages, press Enter to complete the process.

How it works…

Ubuntu Server has no GUI and is exclusively command line driven. To use it effectively, you are recommended to use SSH. To configure and use SSH, see the Configuring and using SSH recipe later in this section.

Installing Metasploitable2

Metasploitable2 is an intentionally vulnerable Linux distribution and is also a highly effective security training tool. It comes fully loaded with a large number of vulnerable network services and also includes several vulnerable web applications.

Getting ready

Prior to installing Metasploitable2 in your virtual security lab, you will first need to download it from the Web. There are many mirrors and torrents available for this. One relatively easy method to acquire Metasploitable is to download it from SourceForge at the following URL: http://sourceforge.net/projects/metasploitable/files/Metasploitable2/.

How to do it…

Installing Metasploitable2 is likely to be one of the easiest installations that you will perform in your security lab. This is because it is already prepared as a VMware virtual machine when it is downloaded from SourceForge. Once the ZIP file has been downloaded, you can easily extract the contents of this file in Windows or Mac OS X by double-clicking on it in Explorer or Finder respectively. Have a look at the following screenshot:

How to do it…

Once extracted, the ZIP file will return a directory with five additional files inside. Included among these files is the VMware VMX file. To use Metasploitable in VMware, just click on the File drop-down menu and click on Open. Then, browse to the directory created from the ZIP extraction process and open Metasploitable.vmx as shown in the following screenshot:

How to do it…

Once the VMX file has been opened, it should be included in your virtual machine library. Select it from the library and click on Run to start the VM and get the following screen:

How to do it…

After the VM loads, the splash screen will appear and request login credentials. The default credential to log in is msfadmin for both the username and password. This machine can also be accessed via SSH, as addressed in the Configuring and using SSH recipe later in this section.

How it works…

Metasploitable was built with the idea of security testing education in mind. This is a highly effective tool, but it must be handled with care. The Metasploitable system should never be exposed to any untrusted networks. It should never be assigned a publicly routable IP address, and port forwarding should not be used to make services accessible over the Network Address Translation (NAT) interface.

Left arrow icon Right arrow icon

Description

Kali Linux Network Scanning Cookbook is intended for information security professionals and casual security enthusiasts alike. It will provide the foundational principles for the novice reader but will also introduce scripting techniques and in-depth analysis for the more advanced audience. Whether you are brand new to Kali Linux or a seasoned veteran, this book will aid in both understanding and ultimately mastering many of the most powerful and useful scanning techniques in the industry. It is assumed that the reader has some basic security testing experience.

What you will learn

  • Develop a networktesting environment that can be used to test scanning tools and techniques
  • Understand the underlying principles of network scanning technologies by building custom scripts and tools
  • Perform comprehensive scans to identify listening on TCP and UDP sockets
  • Examine remote services to identify type of service, vendor, and version
  • Evaluate denial of service threats and develop an understanding of how common denial of service attacks are performed
  • Identify distinct vulnerabilities in both web applications and remote services and understand the techniques that are used to exploit them

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Aug 21, 2014
Length: 452 pages
Edition : 1st
Language : English
ISBN-13 : 9781783982158
Vendor :
Linux Foundation
Tools :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : Aug 21, 2014
Length: 452 pages
Edition : 1st
Language : English
ISBN-13 : 9781783982158
Vendor :
Linux Foundation
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 126.97
Mastering Kali Linux for Advanced Penetration Testing
€45.99
KALI LINUX NETWORK SCANNING COOKBOOK
€42.99
Kali Linux - Assuring Security by Penetration Testing
€37.99
Total 126.97 Stars icon

Table of Contents

9 Chapters
1. Getting Started Chevron down icon Chevron up icon
2. Discovery Scanning Chevron down icon Chevron up icon
3. Port Scanning Chevron down icon Chevron up icon
4. Fingerprinting Chevron down icon Chevron up icon
5. Vulnerability Scanning Chevron down icon Chevron up icon
6. Denial of Service Chevron down icon Chevron up icon
7. Web Application Scanning Chevron down icon Chevron up icon
8. Automating Kali Tools Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.7
(20 Ratings)
5 star 80%
4 star 15%
3 star 0%
2 star 0%
1 star 5%
Filter icon Filter
Top Reviews

Filter reviews by




John Johnson Jan 25, 2016
Full star icon Full star icon Full star icon Full star icon Full star icon 5
learned a lot from this book
Amazon Verified review Amazon
john doe Sep 01, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
love it cool as these books are the f.....g busness :) every one should read these things good for your heath bro
Amazon Verified review Amazon
Kris Dec 16, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Great product great seller !!!
Amazon Verified review Amazon
Dr.$am Oct 09, 2014
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Good
Amazon Verified review Amazon
J. T. Schreiner Nov 10, 2014
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I really enjoyed this book, and am looking forward to going back through it and practicing with the labs that were very aptly explained in the book. I've read a lot of IT books, and especially a lot of books on IT security. Most of these books are a disappointment because they either lack the CLI examples and explanations, or do not explain the context behind what you are doing AND why certain techniques either succeed or fail. This book covers both of these common issues, and does so quite well. If I wasn't already impressed enough with the author's ability to flow back and forth between high level general concepts (like the difference between Layer 2 and Layer 3 scanning) and very technical command line walk-thrus, he also went over a myriad of DIFFERENT tools. I liked how we weren't just told, "this is the best scanning tool that uses ARP and here is how you use it", the author actually went over several different tools and gave us exposure to what is out there, not just what the author prefers. This book really set the bar for me and I am very much looking forward to the author's next project.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.