Network Security - Chapter 4

active vulnerability scanner

A scanner that initiates traffic on the network in order to identify security holes.

passive vulnerability scanner

A scanner that listens in on the network and identifies vulnerable versions of both server and client software.

attack protocol

A series of steps or processes used by an attacker, in a logical sequence, to launch an attack against a target system or network.

fingerprinting

A systematic survey of all the target organization's Internet addresses to identify the network services offered by the hosts in that range.

footprinting

The organized research of the Internet addresses owned or controlled by a target organization.

port scanners

Tools used by both attackers and defenders to identify the computers that are active on the network, as well as the ports and services active on those computers, the functions and roles the machines are fulfilling, and other useful information.

packet sniffer

a network tool that collects copies of packets from the network an analyzes them

white box

the penetration test in which the red team has full information on the organization and its structure.

gray box

the penetration test in which the red team is given some general information about the organization, such as general structure, network address ranges, software, and versions.

black box

the penetration test which the red team is given no information whatsoever about the organization as an external hacker.