₦airaland Forum

Welcome, Guest: RegisterLoginWith GoogleTrendingRecentNew

Stats: 3,330,997 members, 8,448,158 topics. Date: Sunday, 19 July 2026 at 08:50 PM

Toggle theme

Jasonsmit9818's Posts

Nairaland ForumJasonsmit9818's ProfileJasonsmit9818's Posts

1 (of 1 pages)

CrimeWhat Is Network Security? by jasonsmit9818(op): 11:41am On Apr 03, 2020
Network security is the practice of preventing and protecting against unauthorized intrusion into corporate networks. As a philosophy, it complements endpoint security, which focuses on individual devices; Network security focuses on how those devices interact and the connective tissue between them. The venerable SANS Institute takes the definition of network security a little further: network security is the process of taking physical and preventive measures to protect the underlying network from misuse, misuse, malfunction, modification, destruction or disclosure incorrect. critical functions within a secure environment. But the overall impetus is the same: Network security is implemented through the tasks and tools you use to prevent unauthorized people from entering your networks. In essence, your computer cannot be hacked if hackers cannot access it over the network.

Network Security Basics
Definitions are good as high-level statements of intent. How do you plan to implement that vision? We looked at three phases of network security that should be the base framework for your strategy.

Protection: You must configure your networks and networks as correctly as possible

Detection: You must be able to identify when the configuration has changed or if any network traffic indicates a problem

Reaction: After quickly identifying problems, responding to them and returning to a safe state.
This, in short, is an in-depth defense strategy. If there is a common theme among security experts, it is any individual defensive tool that can be defeated by a determined adversary. Your network is not a line or a point: it is a territory, and even if you have organized your defense correctly.

Network Security Methods
To implement this type of defense-in-depth, there are a variety of specialized techniques and types of network security.

Access control: You must be able to block unauthorized users and devices from your network. Users who have authorized access to the Internet have only been authorized to use the website.

Antimalware: viruses, worms, and Trojans by definition of a network, and can remain inactive on infected machines for days or weeks. Your security effort must be made to prevent infections and also for the rooting malware that targets your network.
Application security: Your network often accesses insecure applications. You must use hardware, software, and security processes to block those applications.

Behavioral analysis: You must know what normal network behavior is like to detect anomalies or breaches as they occur.

Data loss prevention: Humans are inevitably the weakest security link. You must implement technologies and processes to ensure that employees do not deliberately or inadvertently send sensitive data outside of the network.

Email security: Phishing is one of the most common ways to gain access to a network. Email security tools can block both incoming and outgoing messages with sensitive data.

Firewalls: Perhaps the grandfather of the world of network security, they follow the rules of their network or the Internet, establishing a barrier between their zone of trust and the Wild West. They do not exclude the need for an in-depth defense strategy, but they are still essential.

Intrusion detection and prevention - These systems scan network traffic to identify and block attacks.

Mobile and wireless security: wireless devices have all the possible security flaws of any other networked device. It can be connected to almost any wireless network anywhere, requiring extra security.

Network Segmentation: Segmentation defined by software in different classifications and facilitates the application of security policies.

Security Information and Event Management - These products aim to gather information from a variety of network tools to provide the data you need to identify and respond to threats.

VPN: A tool that authenticates communication between a device and a secure network, creating a secure and encrypted "tunnel" over the open Internet.

Web security: You must be able to control the use of internal staff to block web-based threats from the use of browsers as a vector to infect your network.

Network security software
To cover all of those bases, you'll need a variety of hardware and software tools in your toolkit. The best is an element in your hybrid defense-in-depth strategy. Some of these tools are corporate products from large vendors, while others come in the form of free and open-source utilities. The main categories include packet analyzers, which offer an in-depth look at data traffic, vulnerability scanners like intrusion detection and prevention software.
For more plz visit: https://www.avanturebytes.com/

CrimeImportance Of Penetration Testing by jasonsmit9818(op): 5:24pm On Mar 27, 2020
The [vulnerabilities][https://www.avanturebytes.com/penetration-testing-services] scan allows identifying weaknesses in the evaluated system, based on the details obtained during the previous phases; the objective is to identify the most effective attack method and anticipate the type of information that will be obtained when the vulnerability found is exploited. You should take the same approach that a real attacker would take, viewing the organization as a potential adversary and trying to inflict as much damage as possible on it.
There are different methods to discover vulnerabilities, as well as there, are different automated tools that can help in this phase. Here are some techniques that can be used to discover vulnerabilities:

Check the software version: It is one of the most common techniques, identifies the version number, and compare it with the lists of free vulnerable versions for free in different security sites. At this point, you should also check for patches and upgrades applied that could eliminate the vulnerability. Here the free tools Nmap and a map could be used.

Check the communication protocol version: The software version probably does not contain vulnerabilities, but could use some network protocol with security problems.

Verify the configuration: It is necessary to analyze the different accesses that could be given, remote, local and with different types of privileges, it is not enough to analyze if there is a default configuration, it is necessary to check if the configurations applied by the administrator are enough to avoid security issues.

Exploit execution: Exploits can be executed without knowing the current vulnerabilities, based on the prestige of the exploit and the information obtained during the previous phases. This technique can be dangerous as it could cause system damage, including denial of service. However, it is possible to represent a technique very close to what would happen if they were subjected to real attacks.

On the other hand, there are automatic tools that allow the identification of vulnerabilities, among the most common are the following:

1. Nessus:
It is a tool with a commercial and free option, it has the advantages of creating different scan profiles depending on the type of evaluation required and the site from which the tests are run. Nessus generates reports categorizing the vulnerabilities found according to impact and associates an identifier for each one of them that facilitates the search for information related to the exploitation.

2. OpenVas:
It is another free software option that has flexibility in the application of different evaluation profiles, it is a client-server tool, despite not being as "friendly" as Nessus, it is an excellent option to verify the vulnerabilities found by other tools. It is the most exciting part of running penetration tests and the one that makes it different from a vulnerability scan, often incorrectly called "vulnerability analysis," where you only go to the previous stage, only the vulnerabilities are found without checking if they can be exploited. This stage will depend on the results obtained in the previous stages so that each test will be different according to the existing services and the current vulnerabilities. At this stage, different actions can be carried out as a result of exploitation, to mention a few:
Copy files to the target
Copy files from the target
View confidential traffic
Reconfigure the target
Install software
Take full control
Cause denial of service
Use one goal to reach another
Obtain passwords
There are a vast number of tools to exploit vulnerabilities; there are sites where independent exploits can be found, and there are complete attack frameworks, one of the most useful and essential is Metasploit, which contains hundreds of exploits applicable to different operating systems, to different services. And in different versions, it contains three types of interfaces that facilitate execution.

On the other side, on the target, you can see a fault in the system.
The example shown above is only a small part of what a pentester does when checking vulnerabilities, there are other tools for exploitation, some commercial and some free, it is necessary to make a combination of the different tools. On the other hand, in some cases, the exploit does not exist to check specific vulnerabilities, so it is necessary to generate it, for which there are also different tools and frameworks, including Metasploit again. The final and most crucial stage is the creation of the report of findings since it is in this phase where it is communicated what was done, how it was done and how the organization can eliminate the vulnerabilities detected during the analysis, so it is great importance to generate reports with the highest possible quality. The format of a report can be very variable, but here are some points that must be presented:
Table of Contents
Executive Summary
Methodology used
Findings ordered according to impact
Detailed evidence including screenshots of the find
It is recommended to present the evidence hierarchically, since taking as the fact that all vulnerabilities must be eliminated, some may represent a more significant impact on the organization, so an immediate solution is a priority. It is possible to believe that the report is not important when an internal pentest is carried out, but it is necessary to have a log that stores the history of the security problems that have been encountered, this could help to solve problems in the future. To conclude, it is necessary to say that the task of a pentester is not easy, but it is decisive for a good security strategy, so it is advisable to carry out internal evaluations and periodically request professional services.

1 (of 1 pages)