U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Guideline on Network Security Testing

Published

Author(s)

John P. Wack, Miles C. Tracy, Murugiah P. Souppaya

Abstract

[Superseded by NIST SP 800-115, Technical Guide to Information Security Testing and Assessment, http://www.nist.gov/manuscript-publication-search.cfm?pub_id=152164] The purpose of this document is to provide guidance for security program manager, technical managers, functional managers, and other information technology (IT) staff members who deal with systems concerning when and how to perform tests for network security vulnerabilities and policy implementation. This document identifies network testing requirements and how to prioritize testing activities with limited resources. It describes security testing techniques and tools. This document provides guidance to assist organizations in avoiding redundancy and duplication of effort by providing a consistent approach to network security testing throughout an organization's networks. Furthermore, this document provides a feasible approach for organizations by offering varying levels of network security testing as mandated by an organization's mission and security objectives.The main focus of this document is the basic information about techniques and tools for individuals to begin a testing program. This document is by no means all-inclusive and individuals and organizations should consult the references provided in this document as well as vendor production descriptions and other sources of information.
Citation
Special Publication (NIST SP) - 800-42
Report Number
800-42
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs

Download Paper

DOI Link

Keywords

intrusion detection, network security testing, password cracking, system test & evaluation, vulnerability scanners
Information technology, Cybersecurity and Networking

Citation

Wack, J. , Tracy, M. and Souppaya, M. (2003), Guideline on Network Security Testing, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/nist.sp.800-42 (Accessed April 19, 2024)

Created October 15, 2003, Updated November 10, 2018