Chapter 5. Local Network Discovery

This chapter describes the tactics used to evaluate local network configuration. Goals include enumeration of available resources and exploitation of weaknesses to access data.

Most of the protocols described here are nonroutable (using the data link layer and local broadcast addresses) and thus you can evaluate them only from the local network. You will likely find yourself in one of two situations during testing: either you are onsite and have physical access to the network, or you have secured remote access to a system elsewhere. Some of the attacks discussed here require physical network access, but most do not.

Get Network Security Assessment, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.