第1页 / 共413页
第2页 / 共413页
第3页 / 共413页
第4页 / 共413页
第5页 / 共413页
第6页 / 共413页
第7页 / 共413页
第8页 / 共413页
Network Scanning Cookbook.pdf
Title Page
Copyright and Credits
Network Scanning Cookbook
Packt Upsell
Why subscribe?
Packt.com
Foreword
Contributors
About the author
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Sections
Getting ready
How to do it…
How it works…
There's more…
See also
Get in touch
Reviews
Introduction to Network Vulnerability Scanning
Basic networks and their components
Network Vulnerability Scanning
Flow of procedures
Discovery
Port scanning
Vulnerability scanning
Uses
Complexity
Scope of the scan
Network architecture
Network access
Response
Summary
Understanding Network Scanning Tools
Introducing Nessus and Nmap
Useful features of Nessus
Policies
Plugin Rules
Customized Reports
Scanners
Various features of Nmap
Host discovery
Scan techniques
Port specification and scan order
Service or version detection
Script scan
OS detection
Timing and performance
Evasion and spoofing
Output
Target specification
Installing and activating Nessus
Getting ready
How to do it …
How it works…
There's more…
Downloading and installing Nmap
Getting ready
How to do it…
How it works…
There's more…
Updating Nessus
Getting ready
How to do it…
There's more…
Updating Nmap
Getting ready
How to do it…
Removing Nessus
Getting ready
How to do it…
There's more…
Removing Nmap
How to do it…
There's more…
Port Scanning
Introduction
How to specify a target
Getting ready
How do it…
How it works...
How to perform host discovery
How do it…
How it works…
How to identify open ports
How do it…
How it works…
How to manage specification and scan order
How do it…
How it works…
How to perform a script and version scan
How do it…
How it works …
How to detect operating system
How do it…
How it works…
How to detect and bypass network protection systems
How do it…
How it works…
How to use Zenmap
How do it…
How it works…
Vulnerability Scanning
Introduction
How to manage Nessus policies
Getting ready
How to do it…
How it works...
How to manage Nessus settings
Getting ready
How to do it…
How it works...
How to manage Nessus user accounts
Getting ready
How to do it…
How it works...
How to choose a Nessus scan template and policy
Getting ready
How to do it…
How it works...
How to perform a vulnerability scan using Nessus
Getting ready
How to do it…
How it works...
How to manage Nessus scans
Getting ready
How to do it…
How it works...
Configuration Audits
Introducing compliance scans
Selecting a compliance scan policy
Plugins
Synopsis
Description
Solution
Plugin information
Risk information
Vulnerability information
Reference information
Compliance standards
Getting ready
How do it…
How it works...
Introducing configuration audits
Database audit
Network device audit
Operating system audit
Application audit
Performing an operating system audit
Getting ready
How do it…
How it works...
Performing a database audit
Getting ready
How do it…
How it works...
Performing a web application scan
Getting ready
How do it…
How it works...
Report Analysis and Confirmation
Introduction
Understanding Nmap outputs
Getting ready
How do it…
How it works...
Understanding Nessus outputs
Nessus
HTML
CSV
Nessus DB
Getting ready
How do it…
How it works...
How to confirm Nessus vulnerabilities using Nmap and other tools
Getting ready
How do it…
How it works...
Understanding the Customization and Optimization of Nessus and Nmap
Introduction
Understanding Nmap Script Engine and its customization
Syntax
Environment variables
Script template
Getting ready
How do it…
How it works...
Understanding the Nessus Audit policy and its customization
Getting ready
How do it…
How it works...
Network Scanning for IoT, SCADA/ICS
Introduction to SCADA/ICS
Using Nmap to scan SCADA/ICS
Getting ready
How do it…
How it works...
There's more...
Using Nessus to scan SCADA/ICS systems
Getting ready
How do it..
How it works...
There's more...
Other Books You May Enjoy
Leave a review - let other readers know what you think
Network Scanning Cookbook
Practical network security using Nmap and Nessus 7
Sairam Jetty
BIRMINGHAM - MUMBAI
Network Scanning Cookbook
Copyright © 2018 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or
transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations
embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the
information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its
dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by
the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
Commissioning Editor: Pavan Ramchandani
Acquisition Editor: Akshay Jethani
Content Development Editor: Nithin George Varghese
Technical Editor: Komal Karne
Copy Editor: Safis Editing
Project Coordinator: Drashti Panchal
Proofreader: Safis Editing
Indexer: Priyanka Dhadke
Graphics: Tom Scaria
Production Coordinator: Aparna Bhagat
First published: September 2018
Production reference: 1290918
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham
B3 2PB, UK.
ISBN 978-1-78934-648-0
www.packtpub.com
mapt.io
Mapt is an online digital library that gives you full access to over 5,000 books
and videos, as well as industry leading tools to help you plan your personal
development and advance your career. For more information, please visit our
website.
Why subscribe?
Spend less time learning and more time coding with practical eBooks and
Videos from over 4,000 industry professionals
Improve your learning with Skill Plans built especially for you
Get a free eBook or video every month
Mapt is fully searchable
Copy and paste, print, and bookmark content
Packt.com
Did you know that Packt offers eBook versions of every book published, with
PDF and ePub files available? You can upgrade to the eBook version at www.packt.
com and as a print book customer, you are entitled to a discount on the eBook
copy. Get in touch with us at customercare@packtpub.com for more details.
At www.packt.com, you can also read a collection of free technical articles, sign up
for a range of free newsletters, and receive exclusive discounts and offers on
Packt books and eBooks.
Foreword
Nessus and Nmap are among the most useful tools that a pentester relies on.
However, it is difficult to find detailed information on how to use these tools and
their rich set of features. This book covers all such aspects, ranging right from
installation to configuration and execution. This book will help you gain mastery
over some of the lesser known but very handy features of these tools, including
how to use Nmap in a network with high latency and how to perform time-
throttled scanning.
The book includes several real-life scenarios encountered by the author as part of
his numerous ethical hacking assignments, making the content relevant and
insightful for first-time users looking to gain confidence as well as those who are
perhaps more seasoned.
If you are looking to master compliance scanning using Nessus and want to
tweak things to meet your custom requirements, look no further—this book will
help you understand this feature in detail and make the best of it. Another feature
that would be of interest to security enthusiasts and that is covered in this book,
is Nmap custom scripting, which is indispensable for when you want to create
scripts where official scripts are not available.
Several such features are covered in the experience that the author shares with
you, and they will not only help you understand the need for such advanced tools
and capabilities, but will also equip you with what you need to master them.
Sairam is a veteran in the network and application security testing domain. With
more than 5 years' experience in executing security projects for enterprise
customers across the globe, he has really pushed the limits when it comes to use
of the domain's tools. I am sure that you will gain a number of insights into the
use of these tools and the real-world scenarios where each of these features can
be applied.
Jose Varghese
相关推荐
2023年江西萍乡中考道德与法治真题及答案.doc
2012年重庆南川中考生物真题及答案.doc
2013年江西师范大学地理学综合及文艺理论基础考研真题.doc
2020年四川甘孜小升初语文真题及答案I卷.doc
2020年注册岩土工程师专业基础考试真题及答案.doc
2023-2024学年福建省厦门市九年级上学期数学月考试题及答案.doc
2021-2022学年辽宁省沈阳市大东区九年级上学期语文期末试题及答案.doc
2022-2023学年北京东城区初三第一学期物理期末试卷及答案.doc
2018上半年江西教师资格初中地理学科知识与教学能力真题及答案.doc
2012年河北国家公务员申论考试真题及答案-省级.doc
2020-2021学年江苏省扬州市江都区邵樊片九年级上学期数学第一次质量检测试题及答案.doc
2022下半年黑龙江教师资格证中学综合素质真题及答案.doc
