The Network Security Test Lab

The ultimate hands-on guide to IT security and proactive
defense

The Network Security Test Lab is a hands-on, step-by-step
guide to ultimate IT security implementation. Covering the full
complement of malware, viruses, and other attack technologies, this
essential guide walks you through the security assessment and
penetration testing process, and provides the set-up guidance you
need to build your own security-testing lab. You'll look inside the
actual attacks to decode their methods, and learn how to run
attacks in an isolated sandbox to better understand how attackers
target systems, and how to build the defenses that stop them.
You'll be introduced to tools like Wireshark, Networkminer, Nmap,
Metasploit, and more as you discover techniques for defending
against network attacks, social networking bugs, malware, and the
most prevalent malicious traffic. You also get access to open
source tools, demo software, and a bootable version of Linux to
facilitate hands-on learning and help you implement your new
skills.

Security technology continues to evolve, and yet not a week goes
by without news of a new security breach or a new exploit being
released. The Network Security Test Lab is the ultimate
guide when you are on the front lines of defense, providing the
most up-to-date methods of thwarting would-be attackers.

• Get acquainted with your hardware, gear, and test platform

• Learn how attackers penetrate existing security systems

• Detect malicious activity and build effective defenses

• Investigate and analyze attacks to inform defense strategy

The Network Security Test Lab is your complete, essential
guide.

Autorentext

MICHAEL GREGG is CEO of Superior Solutions. He is the author of twenty security books, including Security+ Street Smarts, and a regular contributor to Huffington Post, SearchNetworking.com, and other periodicals. During his twenty years working in security, networking, and Internet technology, he has testified before U.S. Congress and has developed a variety of learning tools for colleges and training organizations.

Zusammenfassung
The ultimate hands-on guide to IT security and proactive defense The Network Security Test Lab is a hands-on, step-by-step guide to ultimate IT security implementation. Covering the full complement of malware, viruses, and other attack technologies, this essential guide walks you through the security assessment and penetration testing process, and provides the set-up guidance you need to build your own security-testing lab. You'll look inside the actual attacks to decode their methods, and learn how to run attacks in an isolated sandbox to better understand how attackers target systems, and how to build the defenses that stop them. You'll be introduced to tools like Wireshark, Networkminer, Nmap, Metasploit, and more as you discover techniques for defending against network attacks, social networking bugs, malware, and the most prevalent malicious traffic. You also get access to open source tools, demo software, and a bootable version of Linux to facilitate hands-on learning and help you implement your new skills.

Security technology continues to evolve, and yet not a week goes by without news of a new security breach or a new exploit being released. The Network Security Test Lab is the ultimate guide when you are on the front lines of defense, providing the most up-to-date methods of thwarting would-be attackers.

• Get acquainted with your hardware, gear, and test platform
• Learn how attackers penetrate existing security systems
• Detect malicious activity and build effective defenses
• Investigate and analyze attacks to inform defense strategy
  The Network Security Test Lab is your complete, essential guide.

Inhalt
Introduction xxi Chapter 1 Building a Hardware and Software Test Platform 1

Why Build a Lab? 2

Hardware Requirements 4

Physical Hardware 5

Equipment You Already Have 6

New Equipment Purchases 7

Used Equipment Purchases 7

Online Auctions 8

Thrift Stores 9

Company Sales 10

Virtual Hardware 10

VMware 12

VirtualBox 15

Hacker Hardware 16

Software Requirements 18

Operating Systems 19

Microsoft Windows 19

Linux 20

Navigating in Linux 23

Linux Basics 25

Mac OS X 28

Software and Applications 28

Learning Applications 29

Hacking Software 31

Summary 32

Key Terms 33

Exercises 34

Equipment Checklist 34

Installing VMware Workstation 35

Exploring Linux Operating System Options 35

Using VMware to Build a Windows Image 35

Using VMware Converter to Create a Virtual Machine 36

Exploring Other Operating System Options 37

Running Kali from VMware 37

Installing Tools on Your Windows Virtual Machine 38

Chapter 2 Passive Information Gathering 39

Starting at the Source 40

Scrutinizing Key Employees 43

Dumpster Diving (Electronic) 45

Analyzing Web Page Coding 48

Exploiting Website Authentication Methods 51

Mining Job Ads and Analyzing Financial Data 53

Using Google to Mine Sensitive Information 56

Exploring Domain Ownership 57

WHOIS 59

Regional Internet Registries 61

Domain Name System 63

Identifying Web Server Software 66

Web Server Location 69

Summary 70

Key Terms 70

Exercises 72

IP Address and Domain Identifi cation 72

Information Gathering 72

Google Hacking 74

Banner Grabbing 74

Telnet 75

Netcat 75

VisualRoute 76

Chapter 3 Analyzing Network Traffic 77

Why Packet Analysis Is Important 77

How to Capture Network Traffi c 78

Promiscuous Mode 78

Hubs and Switches 79

Hubbing Out and Using Taps 79

Switches 79

Capturing Network Traffi c 82

Managed and Unmanaged Switches 83

ARP Cache Poisoning 85

Flooding 91

DHCP Redirection 92

Redirection and Interception with ICMP 94

Preventing Packet Capture 94

Dynamic Address Inspection 95

DHCP Snooping 95

Preventing VLAN Hopping 96

Detecting Packet Capture 97

Wireshark 99

Wireshark Basics 99

Filtering and Decoding Traffi c 102

Basic Data CaptureA Layer-by-Layer Review 108

PhysicalData-Link Layer 108

Network-Internet Layer 110

TransportHost-Host Layer 111

Application Layer 115

Other Network Analysis Tools 115

Summary 118

Key Terms 118

Exercises 119

Fun with Packets 119

Packet Analysis with tcpdump 120

Packet Filters 121

Making a One-Way Data Cable 122

Chapter 4 Detecting Live Systems and Analyzing Results 125

TCP/IP Basics 125

The Network Access Layer 127

The Internet Layer 128

The Host-to-Host Layer 132

Transmission Control Protocol 132

User Datagram Protocol 134

The Application Layer 134

Detecting Live Systems with ICMP 138

ICMPPing 138

Traceroute 142

Port Scanning 147

TCP and UDP Port Scanning 147

Advanced Port-Scanning Techniques 151

Idle Scan 151

Analyzing Port Scans 155 Port...