About the Book

The Network Security Test Lab guides you through the security assessment and penetration testing process. This book delivers the set-up guidance needed to build your own security testing lab, with a look inside the actual attacks; decodes and will demonstrate how to run attacks in an isolated sandbox so you can understand how attackers target systems and how you can build the defenses to stop them. You will be introduced to tools such as Wireshark, Networkminer, Nmap, Metasploit and others.

About the Author

Michael Gregg, is President of Superior Solutions w/more than 20 years' experience in security, networking and Internet technologies. He developed the Advanced Security Boot Camp for Global Knowledge, the lab guide for Intense School's Professional Hacking Boot Camp and the training class, Assessing Network Vulnerabilities for ASPE. 

Table of Contents:
Introduction Chapter 1 Building a Hardware and Software Test Platform ·Why Build a Lab? ·Hardware Requirements ·Physical Hardware ·Equipment You Already Have ·New Equipment Purchases ·Used Equipment Purchases ·Online Auctions ·Thrift Stores ·Company Sales ·Virtual Hardware ·VMware ·Virtual Box ·Hacker Hardware ·Software Requirements ·Operating Systems ·Microsoft Windows ·Linux ·Navigating in Linux ·Linux Basics ·Mac OS X ·Software and Applications ·Learning Applications ·Hacking Software ·Summary ·Key Terms ·Exercises ·Equipment Checklist ·Installing VMware Workstation ·Exploring Linux Operating System Options ·Using VMware to Build a Windows Image ·Using VMware Converter to Create a Virtual Machine ·Exploring Other Operating System Options ·Running Kali from VMware ·Installing Tools on Your Windows Virtual Machine Chapter 2 Passive Information Gathering ·Starting at the Source ·Scrutinizing Key Employees ·Dumpster Diving (Electronic) ·Analyzing Web Page Coding ·Exploiting Website Authentication Methods ·Mining Job Ads and Analyzing Financial Data ·Using Google to Mine Sensitive Information ·Exploring Domain Ownership ·WHOIS ·Regional Internet Registries ·Domain Name System ·Identifying Web Server Software ·Web Server Location ·Summary ·Key Terms ·Exercises ·IP Address and Domain Identification ·Information Gathering ·Google Hacking ·Banner Grabbing ·Telnet ·Netcat ·Visual Route Chapter 3 Analyzing Network Traffic ·Why Packet Analysis is Important ·How to Capture Network Traffic ·Promiscuous Mode ·Hubs and Switches ·Hubbing Out and using Taps ·Switches ·Capturing Network Traffic ·Managed and Unmanaged Switches ·ARP Cache Poisoning ·Flooding ·DHCP Redirection ·Redirection and Interception with ICMP ·Preventing Packet Capture ·Dynamic Address Inspection ·DHCP Snooping ·Preventing VLAN Hopping ·Detecting Packet Capture ·Wireshark ·Wireshark Basics ·Filtering and Decoding Traffic ·Basic Data Capture--A Layer-by-Layer Review ·Physical--Data-Link Layer ·Network-Internet Layer ·Transport--Host-Host Layer ·Application Layer ·Other Network Analysis Tools ·Summary ·Key Terms ·Exercises ·Fun with Packets ·Packet Analysis with tcp dump ·Packet Filters ·Making a One-Way Data Cable Chapter 4 Detecting Live Systems and Analyzing Results ·TCP / IP Basics ·The Network Access Layer ·The Internet Layer ·The Host-to-Host Layer ·Transmission Control Protocol ·User Datagram Protocol ·The Application Layer ·Detecting Live Systems with ICMP ·ICMP--Ping ·Traceroute ·Port Scanning ·TCP and UDP Port Scanning ·Advanced Port-Scanning Techniques ·Idle Scan ·Analyzing Port Scans ·Port-Scanning Tools ·Nmap ·SuperScan ·Other Scanning Tools ·OS Fingerprinting ·Passive Fingerprinting ·Active Fingerprinting ·How Nmap OS Fingerprinting Works ·Scanning Countermeasures ·Summary ·Key Terms ·Exercises ·Understanding Wireshark ·Interpreting TCP Flags ·Performing an ICMP Packet Decode ·Port Scanning with Nmap ·Traceroute ·An Analysis of a Port Scan ·OS Fingerprinting Chapter 5 Enumerating Systems ·Enumeration ·Router and Firewall Enumeration ·Router Enumeration ·Firewall Enumeration ·Router and Firewall Enumeration Countermeasures ·Windows Enumeration ·Server Message Block and Interprocess Communication ·Enumeration and the IPC$ Share ·Windows Enumeration Countermeasures ·Linux / Unix Enumeration ·Enumeration of Application Layer Protocols ·Simple Network Management Protocol ·SNMP Enumeration Countermeasures ·Enumeration of Other Applications ·Advanced Enumeration ·SCADA Systems ·User Agent Strings ·Mapping the Attack Surface ·Password Speculation and Cracking ·Sniffing Password Hashes ·Exploiting a Vulnerability ·Protecting Passwords ·Summary ·Key Terms ·Exercises ·SNMP Enumeration ·Enumerating Routing Protocols ·Enumeration with DumpSec ·Identifying User Agent Strings ·Browser Enumeration Chapter 6 Automating Encryption and Tunneling Techniques ·Encryption ·Secret Key Encryption ·Data Encryption Standard ·Triple DES ·Advanced Encryption Standard ·One Way Functions (Hashes) ·MD Series ·SHA ·Public Key Encryption ·RSA ·Diffie Hellman ·El Gamal ·Elliptic Curve Cryptography ·Hybrid Cryptosystems ·Public Key Authentication ·Public Key Infrastructure ·Certificate Authority ·Registration Authority ·Certificate Revocation List ·Digital Certificates ·Certificate Distribution System ·Encryption Role in Authentication ·Password Authentication ·Password Hashing ·Challenge Response ·Session Authentication ·Session Cookies ·Basic Authentication ·Certificate Based Authentication ·Tunneling Techniques to Obscure Traffic ·Internet Layer Tunneling ·Transport Layer Tunneling ·Application Layer Tunneling ·Attacking Encryption and Authentication ·Extracting Passwords ·Password Cracking ·Dictionary Attack ·Brute Force Attack ·Rainbow Table ·Other Cryptographic Attacks ·Summary ·Key Terms ·Exercises ·CrypTool ·Extract an Email Username and Password ·Rainbow Crack ·John the Ripper Chapter 7 Automated Attack and Penetration Tools ·Why Attack and Penetration Tools Are Important ·Vulnerability Assessment Tools ·Source Code Assessment Tools ·Application Assessment Tools ·System Assessment Tools ·Attributes of a Good System Assessment Tool ·Nessus ·Automated Exploit Tools ·Metasploit ·Armitage ·Metasploit Console ·Metasploit Command Line Interface ·Updating Metasploit ·BeEF ·Core Impact ·CANVAS ·Determining Which Tools to Use ·Picking the Right Platform ·Summary ·Key Terms ·Exercises ·Exploring N Stalker, a Vulnerability Assessment Tool ·Exploring Search sploit on Kali Linux ·Metasploit Kali Chapter 8 Securing Wireless Systems ·Wi-Fi Basics ·Wireless Clients and NICs ·Wireless Access Points ·Wireless Communication Standards ·Bluetooth Basics ·Wi-Fi Security ·Wired Equivalent Privacy ·Wi-Fi Protected Access ·802.1x Authentication ·Wireless LAN Threats ·Wardriving ·Net Stumbler ·Kismet ·Eavesdropping ·Rogue and Unauthorized Access Points ·Denial of Service ·Exploiting Wireless Networks ·Finding and Assessing the Network ·Setting Up Airodump ·Configuring Aireplay ·Deauthentication and ARP Injection ·Capturing IVs and Cracking the WEP KEY ·Other Wireless Attack Tools ·Exploiting Bluetooth ·Securing Wireless Networks ·Defense in Depth ·Misuse Detection ·Summary ·Key Terms ·Exercises ·Using Net Stumbler ·Using Wireshark to Capture Wireless Traffic Chapter 9 An Introduction to Malware ·History of Malware ·Types of Malware ·Viruses ·Worms ·Logic Bombs ·Backdoors and Trojans ·Packers, Crypters and Wrappers ·Rootkits ·Crimeware Kits ·Botnets ·Advanced Persistent Threats ·Spyware and Adware ·Common Attack Vectors ·Social Engineering ·Faking It! ·Pretending through Email ·Defenses against Malware ·Antivirus ·File Integrity Verification ·User Education ·Summary ·Key Terms ·Exercises ·Virus Signatures ·Building Trojans ·Rootkits ·Finding Malware Chapter 10 Detecting Intrusions and Analyzing Malware ·An Overview of Intrusion Detection ·IDS Types and Components ·IDS Engines ·An Overview of Snort ·Platform Compatibility ·Limiting Access to the IDS ·Verification of Configuration ·Building Snort Rules ·The Rule Header ·Logging with Snort ·Rule Options ·Advanced Snort: Detecting Buffer Overflows ·Responding to Attacks and Intrusions ·Analyzing Malware ·Tracking Malware to Its Source ·Identifying Domains and Malicious Sites ·Building a Testbed ·Virtual and Physical Targets ·Operating Systems ·Network Isolation ·Testbed Tools ·Malware Analysis Techniques ·Static Analysis ·Dynamic Analysis ·Summary ·Key Terms ·Exercises ·Building a Snort Windows System ·Analyzing Malware Communication ·Analyzing Malware with Virus Total Chapter 11 Forensic Detection ·Computer Forensics ·Acquisition ·Drive Removal and Hashing ·Drive-Wiping ·Logical and Physical Copies ·Logical Copies ·Physical Copies ·Imaging the Drive ·Authentication ·Trace-Evidence Analysis ·Browser Cache ·Email Evidence ·Deleted or Overwritten Files and Evidence ·Other Trace Evidence ·Hiding Techniques ·Common File-Hiding Techniques ·Advanced File-Hiding Techniques ·Steganography ·Detecting Steganographic Tools ·Antiforensics ·Summary ·Key Terms ·Exercises ·Detecting Hidden Files ·Basic File-Hiding ·Advanced File-Hiding ·Reading Email Headers ·Use S-Tools to Embed and Encrypt a Message Index