Chapter 5. Local Network Discovery

This chapter describes the tactics used to evaluate local network configuration. Goals include enumeration of available resources and exploitation of weaknesses to access data.

Most of the protocols described here are nonroutable (using the data link layer and local broadcast addresses) and thus you can evaluate them only from the local network. You will likely find yourself in one of two situations during testing: either you are onsite and have physical access to the network, or you have secured remote access to a system elsewhere. Some of the attacks discussed here require physical network access, but most do not.

Get Network Security Assessment, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.