1. Home
  2. Networking
  3. Network security assessment

Chapter 5. Assessing Remote Information Services

Remote information services can collect information for later use (such as username and internal IP address information) and run arbitrary commands on the target server by exploiting process manipulation vulnerabilities. This chapter focuses on the assessment of these services and lists relevant tools and techniques that can test and assure the security of your services.



    		Network Security Assessment
    		Foreword
    		Preface
    		Chapter 1. Network Security Assessment
    		Chapter 2. The Tools Required
    		Chapter 3. Internet Host and Network Enumeration
    		Chapter 4. IP Network Scanning
    		Chapter 5. Assessing Remote Information Services
    		5.1 Remote Information Services
    		5.2 systat and netstat
    		5.3 DNS
    		5.4 finger
    		5.5 auth
    		5.6 SNMP
    		5.7 LDAP
    		5.8 rwho
    		5.9 RPC rusers
    		5.10 Remote Information Services Countermeasures
    		Chapter 6. Assessing Web Services
    		Chapter 7. Assessing Remote Maintenance Services
    		Chapter 8. Assessing FTP and Database Services
    		Chapter 9. Assessing Windows Networking Services
    		Chapter 10. Assessing Email Services
    		Chapter 11. Assessing IP VPN Services
    		Chapter 12. Assessing Unix RPC Services
    		Chapter 13. Application-Level Risks
    		Chapter 14. Example Assessment Methodology
    		Appendix A. TCP, UDP Ports, and ICMP Message Types
    		Appendix B. Sources of Vulnerability Information
    		Colophon