- Shopping Bag ( 0 items )
Posted September 28, 2006
VERY VERY HIGHLY RECOMMENDED!!
Are you a computer security penetration tester? If you are, then this book is for you! Authors Max Moser, Johnny Long, Chris Hurley, James C Foster, Mike Petruzzi, Noam Rathaus, SensePost, and Mark Wolfgang, have done an outstanding job of writing a book that describes the knowledge of penetration testers in relation to the other great open source security testing tools that are available. Moser, Long, Hurley, Foster, Petruzzi, Rathaus, SensePost, and Wolfgang, begin by showing you the need for enumeration and scanning activities at the start of your penetration test, and how best to perform these activities with toolkits like Auditor. Then, the authors discuss the basic database technologies and the tools and methods used to assess database security. Next, they explain how a penetration tester would most likely be able to identify your specific WLAN target and determine what security measures are being used. Then, the authors demonstrate and discuss the most common vulnerabilities and configuration errors on routers and switches, which open-source tools the penetration tester should use to exploit them, and how this activity fits into the big picture of penetration testing. Next, they look at writing open source security tools, which is much easier than you might think. The authors continue by showing you how to write and code proper NASL scripts that can be shared with other Nessus users. Then, the authors cover Nesus¿, by including files implementation of the SMB protocol, followed by Nessus¿, which includes files implementation of Windows-related hotfix and service pack verification. Next, they discuss how to use the MSF as an exploitation platform. Finally, they comprehensively cover the usage and benefits of the Metasploit Framework as an exploitation platform. In this most excellent book, the authors use examples and explanations to lead the reader through the different phases of a security penetration test. More importantly, this book provides all of the information you need to start working in a great and challenging area of computer security.Was this review helpful? Yes NoThank you for your feedback. Report this reviewThank you, this review has been flagged.
Posted September 30, 2011
No text was provided for this review.