IN THIS CHAPTER

Selecting tools

Scanning network hosts

Assessing security with a network analyzer

Preventing denial of service and infrastructure vulnerabilities

To have secure operating systems and applications, you need a secure network. Devices such as routers, firewalls, and even generic network hosts (including servers and workstations) must be assessed as part of the security testing process.

Thousands of possible network vulnerabilities exist, along with equally many tools and even more testing techniques. You probably don’t have the time or resources available to test your network infrastructure systems for all possible vulnerabilities, using every tool and method imaginable. Instead, you need to focus on tests that produce a good overall assessment of your network. The tests I describe in this chapter produce exactly that.

You can eliminate many well-known, network-related vulnerabilities by simply patching your network hosts with the latest vendor software and firmware updates. Because many network infrastructure systems aren’t ...