Conducting Network Penetration and Espionage in a Global Environment: 1st Edition (Paperback) book cover

Conducting Network Penetration and Espionage in a Global Environment

1st Edition

By Bruce Middleton

Auerbach Publications

599 pages | 687 B/W Illus.

Purchasing Options:$ = USD
New in Paperback: 9781138374911
pub: 2018-09-18
$71.00
x
Hardback: 9781482206470
pub: 2014-04-28
$80.95
x
eBook (VitalSource) : 9781498760294
pub: 2015-09-15
from $28.98


FREE Standard Shipping!

Description

When it’s all said and done, penetration testing remains the most effective way to identify security vulnerabilities in computer networks. Conducting Network Penetration and Espionage in a Global Environment provides detailed guidance on how to perform effective penetration testing of computer networks—using free, open source, and commercially available tools, including Backtrack, Metasploit, Wireshark, Nmap, Netcat, and Nessus. It also considers exploits and other programs using Python, PERL, BASH, PHP, Ruby, and Windows PowerShell.

The book taps into Bruce Middleton’s decades of experience with computer security, including penetration testing of military networks, the White House, utilities, manufacturing facilities, CIA headquarters, the Defense Information Systems Agency, and NASA. Mr. Middleton begins with a chapter on defensive measures/privacy issues and then moves on to describe a cyber-attack on one of his labs and how he responded to the attack.

Next, the book explains how to research a target without directly "touching" that target. Once you’ve learned all you can, the text describes how to gather even more information using a more direct approach. From there, it covers mathematical analysis, considers target exploitation, and discusses Chinese and Syrian cyber-attacks.

Providing authoritative guidance on cyberforensics, reverse engineering, and penetration testing, the book categorizes testing tools according to their use within the standard penetration testing framework. For each of the above-mentioned categories, you will find basic and advanced tools and procedures to help you identify security vulnerabilities in today’s networks.

After reading this book, you will understand how to perform an organized and efficient penetration test. You will also learn techniques used to bypass anti-virus software and capture keystrokes of remote systems. Explaining how to put together your own penetration testing lab, the text concludes by describing how to utilize various iPhone apps to perform reconnaissance activities on wireless networks.

Table of Contents

What You Need to Know First

MatLab and SimuLink (MathSoft.com)

Recommended Defensive Measures

Google News Groups

Typical PT Process

Recommended Books/Classes

Last but Not Least—A Pet Peeve

Training

Minimal Paperwork

Attack from Christmas Island

Indirect Target Information Acquisition (ITIA)

Shodan

Using Google to Obtain Information

;TheHarvester

Nslookup

Dig

Dnsenum

Dnswalk

Dnsrecon

Fierce

Smtp-user-enum

Dnsmap

Dmitry

Itrace

Tcptraceroute

Tctrace

Goorecon

Snmpenum

Snmpwalk

Snmpcheck

Direct Target Information Acquisition (DTIA)

Target Discovery

Ping

# ping -c 2 <target>

#ping -c 3 -s 1000 IP

Fping

Genlist

Hping

Nbtscan

Nping

Onesixtyone

P0f

Xprobe2

Enumerating Target

Some Miscellaneous Items to Keep in Mind (Refer to as Needed)

Start Networks

Create Videos

Whois xumpidhjns.it.cx

Whois 95.141.28.91

Whois nucebeb.changeip.name

Whois 64.120.252.74

Netcraft

Host

DNS Tools (More)

Nslookup

Nmap

Nmap -T0 -O -sTV -vv -p- -PN IP

Nmap -O -sSV -vv -p- -PN IP

Nmap–script http-enum, http-headers, http-methods, http-php-version-p 80 IP

Nmap -A -vvv -p- -PN -iL IPlist.txt

Nmap -f -f -vvv -p- -PN IP

Nmap -sP -PA IP.0/24

Nmap -sS -sU -p U:53,T:22,134-139 IP

Nmap -O -sUV -vvv -p- -PN IP

Nmap -O -sXV -vvv -p- -PN IP

Nmap -O -sNV -vvv -p- -PN IP

Nmap -mtu 16 -vvv -p- -PN IP

Nmap -sM -vvv -p- -PN IP

Nmap -sC -p- -PN IP

Nmap -p 139,445 IP

Nmap -scanflags PSH -p- -PN IP

Nmap -scanflags PSH -p135 IP

Nmap -scanflags SYN -p135 IP

Nmap -sA -scanflags PSH -p- -PN IP

Nmap -sP IP.0/24 -oA Results

Nmap -sP -PA -oN Results IP.0/24

Nmap -n -sP 192.168.4.1-20

Nmap -sP -oG Results IP.0/24

Nmap -v -sP 192.168.0.0/16 10.0.0.0/8

Nmap -sP -PN -PS -reason IP

Nmap -sL IP.1-255

Nmap -sS -sV -O -v IP

Nmap -T0 -vv -b FTP_IP TARGET_IP -oA Results

Nmap -sF -PN -p22 IP

Nmap -sU -p0-65535 IP

Nmap -sU -v -p 1-65535 IP

Nmap -sU -p 161

Nmap -sU -T5 -p 69, 123, 161, 1985 IP

Nmap -PP -PM IP

Nmap -sO IP

Nmap -O IP

Nmap -sV IP

MatLab, SimuLink, and R

Metasploit Pro

Now Verify Database Connectivity with Metasploit

Perform an Nmap Scan within Metasploit

Using Auxiliary Modules in Metasploit

Using Metasploit to Exploit

No Options to Set

See Lots of Them

Did We Obtain a Command Shell?

See the Active Driver, such as postgresql

If You Get an Error While Connecting to the DB

Using the DB to Store Pen Test Results

Analyzing Stored Results of DB

Unfiltered Port

Using Metasploit Auxiliary Module for Scans

Use

Set

Run

To Make the Scan Faster across Multiple Devices

Target Services Scanning with Auxiliary Modules

Vulnerability Scan with Metasploit Using Nessus

Scanning with Nexpose within Metasploit

Note about Exploit-db

Some Metasploit Exploit Commands

Microsoft Exploit

Exploiting a Windows 2003 Server

Exploiting Windows 7/Server 2008 R2 SMB Client

Exploiting Linux Ubuntu System

Client Side Exploitation and A/V Bypass

Msfpayload Can Be Used to Generate Binary and Shellcode

To Set Up a Listener for the Reverse Connection

Run Some Linux PPC Payloads against the FSB

Generate Shellcode in C

Meterpreter Commands

Executive Summary

Detailed Findings

Tools Utilized

Recommendations to Resolve Issues

China, Syria, and the American Intelligence Community

The Burning

China

Syria

Building a Penetration Testing Lab

Vendor Default Passwords and Default Unix Ports

Oldies but Goodies if You Have Physical Access

SafeBack

GetTime.

FileList and FileCnvt and Excel.

GetFree.

Swap Files and GetSwap

GetSlack

Temporary Files

Filter_I

Keyword Generation

TextSearch Plus

Crcmd5

DiskSig

Doc

Mcrypt

Micro-Zap

Map

M-Sweep

Net Threat Analyzer

AnaDisk

Seized

Scrub

Spaces

NTFS FileList

NTFS GetFree

NTFS GetSlack

NTFS VIEW

NTFS Check

NTIcopy

Disk Search 32

Order of Operations for Your Tools

Reconnaissance

Enumeration

Exploitation

Wireless Networks

VOIP Networks

Reporting

Scripting/Programming/Debugging

Using Your iPhone as a Network Scanner

IP Scanner

NetPro

WiFi Scanner

iNet

Net Detective

Net Swiss Army Knife

Ping Analyzer

WiFi Net Info

TraceRoute

PortScan

Net Utility

zTools

Index

About the Author

Bruce Middleton is a graduate of the University of Houston and has been involved with the security of electronic communications systems since 1972, when he enlisted in the military (U.S. Army Security Agency) during the Vietnam conflict and worked overseas in the field for NSA. Since that time he has worked with various government, military, and commercial entities such as NASA (Space Station Freedom communications systems design team), CIA, NAVSEA, and Boeing (ground station-to-aircraft communications systems).

Mr. Middleton has been the keynote speaker at select national and international industry events and a trusted advisor in both the government and commercial sectors. He has written multiple books, e-books, and magazine articles in the fields of communications security, cybercrime, and computer network penetration.

Subject Categories

BISAC Subject Codes/Headings:
COM053000
COMPUTERS / Security / General
LAW041000
LAW / Forensic Science
POL012000
POLITICAL SCIENCE / Political Freedom & Security / International Security