- Shopping Bag ( 0 items )
How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened ...
How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened and immune from attack.
Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks at the bigger picture by grouping and analyzing threats at a high-level. By grouping threats in this way, you learn to create defensive strategies against entire attack categories, providing protection now and into the future.
Network Security Assessment helps you assess:
Chapter 1: Network Security Assessment
Chapter 2: Network Security Assessment Platform
Chapter 3: Internet Host and Network Enumeration
Chapter 4: IP Network Scanning
Chapter 5: Assessing Remote Information Services
Chapter 6: Assessing Web Servers
Chapter 7: Assessing Web Applications
Chapter 8: Assessing Remote Maintenance Services
Chapter 9: Assessing Database Services
Chapter 10: Assessing Windows Networking Services
Chapter 11: Assessing Email Services
Chapter 12: Assessing IP VPN Services
Chapter 13: Assessing Unix RPC Services
Chapter 14: Application-Level Risks
Chapter 15: Running Nessus
Chapter 16: Exploitation Frameworks
TCP, UDP Ports, and ICMP Message Types
Sources of Vulnerability Information
Exploit Framework Modules
Posted April 3, 2004
A logically very systematic delineation of ways that your system could be attacked over the Internet. There are standard ways to access your computer like rlogin, telnet, ssh and ftp. But each implementation of these faces the risk that an error was made in its coding, which might then be found and exploited by a cracker. Plus, since the advent of the Web, there are Web services that have not checked for the stereotypical but very real case of buffer overflow in submitted input over the network. McNab describes all these, and more. But perhaps more usefully, his book is not a simple recital of implementation versions and associated known bugs and available patches. He tries instead to guide the reader into understanding the broad ideas in network access, and using a viewpoint of logically analysing for any weaknesses. Because any static listing of versions and bugs runs the risk of being obsoleted in a few years. He presents web sites that are good resources for patches or latest versions of key programs. If you are concerned about a specific program, try going straight to it in the book and seeing what advice he offers. For all the programs he mentions, some prior knowledge of their use would be handy. He gives a succinct description of each, but really he assumes you have already used it.
1 out of 1 people found this review helpful.Was this review helpful? Yes NoThank you for your feedback. Report this reviewThank you, this review has been flagged.