Chapter 10. Network and Host Discovery

Finding hosts by querying Domain Name Servers (DNS), Active Directory, or other information databases doesn’t tell you everything you want to know about the network you’re operating on. Here’s a list of the information that you won’t usually get from a query:

  • Network topology

  • Network infrastructure systems

  • Network access controls

  • Control systems

  • Telephone switches and systems

  • Systems not joined to managed domains

  • Rogue domains

  • Unauthorized cross-connections to other networks

By contrast, when you sweep a network, the information you gather often proves critical to network security. On a large network, the security team and even some of the operations team might not know about all the connections that are available ...

Get Assessing Network Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.