Assessing and Hacking Network Security

Radu State 1
1 MADYNES - Management of dynamic networks and services
INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : The objective of this tutorial is to give a hands-on experience to network security assessment. Looking at your own network through the eyes of an enemy might surprise you in many cases. Some necessary insights about your vulnerabilities and poor security practices might suddenly become visible, thus identifying high security risks. This tutorial presents a comprehensive overview of the technical procedures and techniques that drive such a process. There is a fine line between a full penetration study, in which vulnerabilities are detected and exploited by a red team hired for this purpose (or a malicious hacker), and an assessment procedure, where an overall picture of the potential vulnerabilities and weaknesses is drawn. While some of the tools are common in both activities, including network scanners (tools to detect the network topology and services available on a network), enumeration tools, and automatic vulnerability scanners for network services or Web applications (helpful in identifying whether the target system is exposed to a series of known vulnerabilities), security assessment is less invasive (no fine tuning of exploit code is done to prove the effective exploitation of a vulnerability), and focuses more on providing the overall security level for a network and its available services.This tutorial will provide an introduction to this topic, covering both the operational procedures and the required technical skills and tools.
Type de document :
Communication dans un congrès
IEEE. 10th IFIP/IEEE International Symposium on Integrated Management (IM 2007), May 2007, Munich, Germany. IEEE, 2007
Liste complète des métadonnées

https://hal.inria.fr/inria-00172056
Contributeur : Radu State <>
Soumis le : jeudi 13 septembre 2007 - 23:50:12
Dernière modification le : jeudi 11 janvier 2018 - 06:19:50

Identifiants

  • HAL Id : inria-00172056, version 1

Collections

Citation

Radu State. Assessing and Hacking Network Security. IEEE. 10th IFIP/IEEE International Symposium on Integrated Management (IM 2007), May 2007, Munich, Germany. IEEE, 2007. 〈inria-00172056〉

Partager

Métriques

Consultations de la notice

159