Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical Network Scanning

You're reading from   Practical Network Scanning Capture network vulnerabilities using standard tools such as Nmap and Nessus

Arrow left icon
Product type Paperback
Published in May 2018
Publisher
ISBN-13 9781788839235
Length 326 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Ajay Singh Chauhan Ajay Singh Chauhan
Author Profile Icon Ajay Singh Chauhan
Ajay Singh Chauhan
Arrow right icon
View More author details
Toc

Table of Contents (15) Chapters Close

Preface 1. Fundamental Security Concepts FREE CHAPTER 2. Secure Network Design 3. Server-Level Security 4. Cloud Security Design 5. Application Security Design 6. Threat Detection and Response 7. Vulnerability Assessment 8. Remote OS Detection 9. Public Key Infrastructure-SSL 10. Firewall Placement and Detection Techniques 11. VPN and WAN Encryption 12. Summary and Scope of Security Technologies 13. Assessment 14. Other Books you may enjoy

Why security?

As the internet grows and technology evolves for modern computer networks, network security has become one of the most crucial factors for everyone. This includes everyone from end users and small and medium-sized businesses (SMBs) to cloud service providers.

Due to a growing volume of network attacks, network security should be a priority when designing network architecture. To understand the importance of this, imagine what could happen if there was a network integrity breach at a bank, stock exchange, or other financial database.

The importance of network security is not just limited to the IT industry. It is also important within industries such as health care. Health records contain some of the most valuable information available, including Social Security numbers, home addresses, and patient health histories. If this data is accessed by unauthorized persons, it can be stolen or sold to the black market.

Security awareness is important for everybody and not just the IT department. If you work with internet enabled devices, it's your responsibility too. However, you can only control information security once you know how to secure it.

No one can get into your system until something is compromised. Similarly, if your door is locked from the outside, nobody can enter your house unless they gain access to a duplicate key or have a similar key built by getting physical access to the lock. A few examples of how a system might be compromised are as follows:

  • A targeted email could be sent to random users with an attachment (Drive by Download). If a user opened that attachment, their system would be compromised.
  • An email is received which poses as a domain such as banking and asks you to change your password through a provided link. Once you do this, your username and password can be stolen.
  • If a small typo is made when typing a website address into a browser, a similar page may open (Phishing) which is not genuine, and your credentials can be stolen.
  • Features provided by websites for resetting forgotten passwords can also be very risky. Let's say somebody knows my email ID and attempts to access my account by selecting a forgotten password option. If the security question asks for my date of birth, this can easily be found on my resume.
  • A password for an Excel file can easily be broken by a brute-force attack.
  • The most widespread types of ransomware encrypt all or some of the data on your PC, and then ask for a large payment (the ransom) in order to restore access to your data.
  • During DNS hijacking, an online attacker will override your computer's TCP/IP settings so that the DNS translation gets altered. For example, typing in abc.com will translate it into this IP: 140.166.226.26. However, a DNS hijacker will alter the translation so that abc.com will now send you the IP address of a different website.
  • Denial of Service network attacks disrupt the normal volume of traffic sent to targeted services with excessive amounts of traffic. This can be damaging in various ways. One example could be if a company has a Friday sale, and a competitor launches an attack on them in order to shut their services down and consequently increase their own sales.

According to research by British insurance company Lloyd's, the damage from hacks cost businesses $400 billion a year.

To further explore the cost of cybercrimes, visit the following webpage:  https://www.forbes.com/sites/stevemorgan/2016/01/17/cyber-crime-costs-projected-to-reach-2-trillion-by-2019/#612db25c3a91.

The market research firm Gartner estimates that global spending on cybersecurity is somewhere around $96 billion in 2018. By 2020, companies around the world are expected to spend around $170 billion—a growth rate of nearly ten percent in the next five years.

You have been reading a chapter from
Practical Network Scanning
Published in: May 2018
Publisher:
ISBN-13: 9781788839235
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image