Network Security Assessment, Second Edition
Know Your Network
By Chris McNab
November 2007
Pages: 504
ISBN 10: 0-596-51030-6 |
ISBN 13: 9780596510305
(5) (Average of 1 Customer Reviews)
Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened and immune from attack.
Full Description
How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened and immune from attack.
Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks at the bigger picture by grouping and analyzing threats at a high-level. By grouping threats in this way, you learn to create defensive strategies against entire attack categories, providing protection now and into the future.
Network Security Assessment helps you assess:
Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks at the bigger picture by grouping and analyzing threats at a high-level. By grouping threats in this way, you learn to create defensive strategies against entire attack categories, providing protection now and into the future.
Network Security Assessment helps you assess:
- Web services, including Microsoft IIS, Apache, Tomcat, and subsystems such as OpenSSL, Microsoft FrontPage, and Outlook Web Access (OWA)
- Web application technologies, including ASP, JSP, PHP, middleware, and backend databases such as MySQL, Oracle, and Microsoft SQL Server
- Microsoft Windows networking components, including RPC, NetBIOS, and CIFS services
- SMTP, POP3, and IMAP email services
- IP services that provide secure inbound network access, including IPsec, Microsoft PPTP, and SSL VPNs
- Unix RPC services on Linux, Solaris, IRIX, and other platforms
- Various types of application-level vulnerabilities that hacker tools and scripts exploit
Featured customer reviews
Great Book for Pen Testers, Admins, and IT Security, May 21 2009
Rating:
Submitted by
jdruin
[Respond | View]
This book covers both tools and techniques for investigating the security of networks but also provides a methodology on how to proceed.
In the first part, the methodology and tool used are listed and covered. Then the author explains how to investigate the network via querying DNS and scanning the edges of the networks. Specific areas are looked at as well such as web services, remote login and remote desktops, email servers, vpn connections, open ports and open services running as daemons.
For the mindset as much as the practical advice, this is a great book for the toolbox.
Media reviews
"The author provides access to all of the weapons used by hackers and others who seek to attack and disable networks. Providing a knowledge of these tactics will help network administrators to deploy tools and implement techniques and good practices to thwart malicious threats."
-- Michael Kleper, The Kleper Report
"Two key characteristics set this book apart from others. First, the author never claims that following the steps he lays out will make your network secure or hacker-proof. Instead, his goal is to give you the tools to assess the security of your network. Second, the book covers various tools, discussing what information each tool can provide and what this information means."
-- James Mohr, Linux Magazine
"While the book is quite technical, it is also very readable. This text is best used in the hands of your company’s network and security administrators. Once they finish reading it, your network security will improve."
-- Ben Rothke, CPP, Security Management
Read all reviews
©2009, O'Reilly Media, Inc. (707) 827-7000 / (800) 998-9938 All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. |
About O'Reilly
Academic Solutions Authors Contacts Customer Service Jobs Newsletters O'Reilly Labs Press Room Privacy Policy RSS Feeds Terms of Service User Groups Writing for O'Reilly Content Archive Business Technology Computer Technology Microsoft Mobile Network Operating System Digital Photography Programming Software Web Web Design |
More O'Reilly Sites
O'Reilly Radar Ignite Tools of Change for Publishing Digital Media Inside iPhone O'Reilly FYI makezine.com craftzine.com hackszine.com perl.com xml.com Partner Sites InsideRIA java.net O'Reilly Insights on Forbes.com |
More Technology News Ars Technica BBC News - Technology CNET News - Technology Guardian - Technology News Mashable ReadWriteWeb Slashdot TechCrunch Technology Review The New York Times - Technology The Washington Post - Technology Wired News |