Best Network Security Assessment Methodology
The best practice assessment methodology used by ambitious attackers and network security consultants includes four different high-level components: Network discovery to identify IP networks and hosts of interest Batch network scanning and research to identify potentially vulnerable hosts Investigation of vulnerabilities and further manual network exploration Exploiting vulnerabilities and bypassing security mechanisms network security assessment This complete methodology pertains to Internet-based networks that are blindly tested with limited target information (such as a single DNS domain name). If a consultant is commissioned to evaluate a particular block of IP domains, he or she will skip the initial network enumeration and begin mass network scanning and investigation of vulnerabilities. Internet Host and Network Enumeration Various discovery techniques are used to query open sources to identify hosts and networks of interest. These open sources include web and newsgroup search e