How secure is your network? The best way to find out is to attack it, using the same tactics attackers employ to identify and exploit weaknesses. With the third edition of this practical book, you’ll learn how to perform network-based penetration testing in a structured manner. Security expert Chris McNab demonstrates common vulnerabilities, and the steps you can take to identify them in your environment.
System complexity and attack surfaces continue to grow. This book provides a process to help you mitigate risks posed to your network. Each chapter includes a checklist summarizing attacker techniques, along with effective countermeasures you can use immediately.
Learn how to effectively test system components, including:
- Common services such as SSH, FTP, Kerberos, SNMP, and LDAP
- Microsoft services, including NetBIOS, SMB, RPC, and RDP
- SMTP, POP3, and IMAP email services
- IPsec and PPTP services that provide secure network access
- TLS protocols and features providing transport security
- Web server software, including Microsoft IIS, Apache, and Nginx
- Frameworks including Rails, Django, Microsoft ASP.NET, and PHP
- Database servers, storage protocols, and distributed key-value stores