How secure is your network? The best way to find out is to attack it, using the same tactics attackers employ to identify and exploit weaknesses. With the third edition of this practical book, you’ll learn how to perform network-based penetration testing in a structured manner. Security expert Chris McNab demonstrates common vulnerabilities, and the steps you can take to identify them in your environment.
System complexity and attack surfaces continue to grow. This book provides a process to help you mitigate risks posed to your network. Each chapter includes a checklist summarizing attacker techniques, along with effective countermeasures you can use immediately.
Learn how to effectively test system components, including:
Common services such as SSH, FTP, Kerberos, SNMP, and LDAP
Microsoft services, including NetBIOS, SMB, RPC, and RDP
SMTP, POP3, and IMAP email services
IPsec and PPTP services that provide secure network access
TLS protocols and features providing transport security
Web server software, including Microsoft IIS, Apache, and Nginx
Frameworks including Rails, Django, Microsoft ASP.NET, and PHP
Database servers, storage protocols, and distributed key-value stores