Vulnerability assessment
In the previous section, we enumerated the services aggressively. Some of the Nmap scripts will check for vulnerabilities—for example, when entering the option --script=http*, Nmap, in this case, will execute all the HTTP scripts, including the ones that check for vulnerabilities, for example, http-vuln-cve2010-2861.
In reality, in an enterprise environment, we would use automatic scanners, either Nessus or Nexpose. Nowadays, these companies offer scanners on the cloud as well—for example, the Nexpose equivalent in the cloud is called InsightVM. We heavily rely on these scanners to identify the vulnerabilities in the network infrastructure. Your role is to take the results and make sure that these flaws exist—in other ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access