HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Assessing and Hacking Network Security

Radu State 1
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : The objective of this tutorial is to give a hands-on experience to network security assessment. Looking at your own network through the eyes of an enemy might surprise you in many cases. Some necessary insights about your vulnerabilities and poor security practices might suddenly become visible, thus identifying high security risks. This tutorial presents a comprehensive overview of the technical procedures and techniques that drive such a process. There is a fine line between a full penetration study, in which vulnerabilities are detected and exploited by a red team hired for this purpose (or a malicious hacker), and an assessment procedure, where an overall picture of the potential vulnerabilities and weaknesses is drawn. While some of the tools are common in both activities, including network scanners (tools to detect the network topology and services available on a network), enumeration tools, and automatic vulnerability scanners for network services or Web applications (helpful in identifying whether the target system is exposed to a series of known vulnerabilities), security assessment is less invasive (no fine tuning of exploit code is done to prove the effective exploitation of a vulnerability), and focuses more on providing the overall security level for a network and its available services.This tutorial will provide an introduction to this topic, covering both the operational procedures and the required technical skills and tools.
Document type :
Conference papers
Complete list of metadata

Contributor : Radu State Connect in order to contact the contributor
Submitted on : Thursday, September 13, 2007 - 11:50:12 PM
Last modification on : Friday, February 26, 2021 - 3:28:04 PM


  • HAL Id : inria-00172056, version 1



Radu State. Assessing and Hacking Network Security. 10th IFIP/IEEE International Symposium on Integrated Management (IM 2007), May 2007, Munich, Germany. ⟨inria-00172056⟩



Record views