Home arrow Security arrow Network Security Assessment

Network Security Assessment

If you want to run a business with a website, security must be high on your list of important matters to get right up front. In this article, you will learn about Internet-based network security assessment and penetration testing, which can help you determine your website's risk of being successfully attacked -- and what to do to fix any problems. It is taken from chapter one of the book Network Security Assessment by Chris McNab (O'Reilly, 2004; ISBN: 059600611X).

  1. Network Security Assessment
  2. IP: The Foundation of the Internet
  3. Assessment Service Definitions
  4. Internet Host and Network Enumeration
  5. Investigation of Vulnerabilities
  6. The Cyclic Assessment Approach
By: O'Reilly Media
Rating: starstarstarstarstar / 12
May 19, 2005

print this article



This chapter discusses at a high level the rationale behind Internet-based network security assessment and penetration testing. To retain complete control over your networks and data, you must take a proactive approach to security, an approach that starts with assessment to identify and categorize your risks. Network security assessment is an integral part of any security life cycle.

The Business Benefits

From a commercial standpoint, assurance of network security is a business enabler. As a security consultant at the time of writing, I am helping a particular client in the retail sector to deploy and secure an 802.11b wireless network for use in nearly 200 stores across the United Kingdom. This wireless network has been designed in a security-conscious manner, allowing the retailer to embrace wireless technologies to improve efficiency and the quality of their service.

Shortcomings in network security and user adherence to security policy often allow Internet-based attackers to locate and compromise networks. High-profile examples of companies who have fallen victim to such determined Internet-based attackers over the last four years include:

These compromises have come about in similar ways, involving large losses in some cases. Cryptologic is an online casino gaming provider that lost $1.9 million in a matter of hours to determined attackers. In the majority of high profile incidents, the attackers used a selection of the following techniques:

  • Compromising a poorly configured or protected peripheral system that is related to the target network space or host using publicly available exploits, such as scripts available from Packet Storm (http://www.packetstormsecurity.org) and other archives

  • Directly compromising key network components using private exploit tools, such as scripts that the attacker or his hacking group have developed for their own personal use

  • Compromising traffic and circumventing security mechanisms using ARP redirection and network sniffing

  • Compromising user account passwords and using those passwords to compromise other hosts where the user may have an active account

  • Abusing blatant system or network configuration issues, reading sensitive information from publicly accessible web folders, or bypassing poor firewall rules that open up the network to attack

To protect networks and data from determined attack, you need assurance and understanding of the technical security of the network, along with adherence to security policy and incident response procedures. In this book, I discuss assessment of technical security and improving the integrity and resilience of IP networks. Taking heed of the advice presented here and acting in a proactive fashion ensures a decent level of network security.

>>> More Security Articles          >>> More By O'Reilly Media

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort


- Secure Your Business for Data Privacy Day
- Google Testing Security Fob Password Alterna...
- Security News Highlights Concerns
- Going to Extremes for Data Security
- Skipfish Website Vulnerability Scanner
- Critical Microsoft Visual Studio Security Pa...
- US Faces Tech Security Expert Deficit
- LAN Reconnaissance
- An Epilogue to Cryptography
- A Sequel to Cryptography
- An Introduction to Cryptography
- Security Overview
- Network Security Assessment
- Firewalls
- What’s behind the curtain? Part II

Developer Shed Affiliates


Dev Shed Tutorial Topics: