Название: Vulnerability Assessment with Nessus and Wireshark: Identify, evaluate, treat, and report threats and vulnerabilities across your networkАвтор: Raphael Hungaro Moretti, Emerson E. Matsukawa
Издательство: BPB Publications
Год: 2023
Страниц: 216
Язык: английский
Формат: epub (true)
Размер: 10.2 MB
A practical guide that will help you map, shield, and harden your network perimeter using Nessus and Wireshark.
Description
Today, the world depends on services that run on the IT environments. These services, essentials for the modern world functioning constantly suffer attacks and invasions. This kind of preoccupation is true and must be a top priority for an IT security professional.
This book will help you explore different techniques to locate, understand, and fix vulnerabilities that may exist in an IT infrastructure environment. The book starts by sharing the findings of professionals who are looking to create a secure IT environment. It then focuses on the building blocks of vulnerability assessment, tools, and frameworks that will help you find and map IT vulnerabilities. Moving on, the book deep dives into Network segregation and separation. It then shows you how to secure and harden your web servers using Apache and Nginx. Lastly, the book explains how to apply important hardening techniques to avoid operating system threats.
In this book, two great tools will be discussed: Wireshark and Nessus. Wireshark was developed by Gerald Combs in 1997 under the name Ethereal. In 2006 the project changed its name to Wireshark. Wireshark is a network analyzer. It can read packets from the network, decode them and present them in an easy-to-understand format. It is a widely used tool for error analysis, for system administrators, and for network architecture; it is also used as a network intrusion detection system and capture of specific and proprietary protocols. For Wi-Fi and IoT networks, Wireshark is a powerful tool capable of providing a large amount of information. Because of the wide capacity with filters already in its capture, Wireshark becomes a great ally of the security analyst.
Nessus is an industry-standard tool when it comes to vulnerability assessment. Project Nessus was started by Renaud Deraison in 1998 as a free remote security scanner. On October 5, 2005, Tenable Network Security, a company co-founded by Renaud Deraison, changed Nessus 3 to a proprietary (closed source) license. It currently has two versions, the essential one, which is free and has a verification limit of 16 Ips, and the professional one, which is unlimited, can be used anywhere, has a configuration evaluator, and presents results in real-time. Nessus evaluates each IP with a large number of tests on different types of devices.
The Penetration Testing Execution Standard (PTES) is a methodology developed by a team of information security professionals. The PTES forms a complete and up-to-date standard. In addition to guiding security professionals, it also provides information for companies on what to expect from a penetration test and guides them in defining the scope and negotiating projects. It covers “what”, “when”, and “how”.
What you will learn:
- Use the SNMP protocol to monitor and configure devices on the network.
- Learn how to harden and secure your web servers.
- Get tips to improve your OS hardening.
Who this book is for:
This book is for Pentesters, Security analysts, Network administrators and also for any IT professionals who seek knowledge in security.
Скачать Vulnerability Assessment with Nessus and Wireshark