Ethical Hacking and Penetration Testing Guide
Yüklə 22,44 Mb. Pdf görüntüsü
|
|
119
Further Reading We have discussed pretty much everything that you need that can help you get started with nmap, but if you are interested in learning more about the different types of scanning and evasion tech- niques, I highly recommend you go ahead and read the book NMAP Network Scanning by Gordon “Fyodor” Lyon, the creator of nmap. This book describes every method inside nmap in great detail. However, I suggest you read the “PORT-SCAN Types” chapter to understand the pros and cons of every type of scan. The knowledge of what type of scan to use in a certain situation would make you a better pentester. The book is freely available for download at nmap.org/book. You can also buy the print version from amazon.com. 121 Chapter 5 Vulnerability Assessment Now that we have information on open ports, services, service version, and operating system of our target host/network, we will look for its potential vulnerabilities (weaknesses) in order to get one step closer into compromising our target (dealt with in the next chapter). Nessus vulnerability scanner would be the prime focus of this chapter as it is one of the oldest and best vulnerability scanners in the market. We will also see its integration with Metasploit and how Nessus could be used within Metasploit to perform vulnerability assessment more effectively. Apart from that, we will also take a look at another vulnerability scanner “OpenVAS,” which is not as powerful as nessus, but is worth mentioning. We will also take a look at nmap’s scripting engine , which is a built-in feature inside nmap and can also be used for scanning different kinds of vulnerabilities. It is not as powerful as nessus as it includes very few plug-ins, but it can still be used to detect vulnerable hosts on a target network. So let’s start from the basics. Yüklə 22,44 Mb. Dostları ilə paylaş:
|