Penetration Testing and Cisco Network Defense / Edition 1

Paperback (Print)
Buy Used
Buy Used from
(Save 41%)
Item is in good condition but packaging may have signs of shelf wear/aging or torn packaging.
Condition: Used – Good details
Used and New from Other Sellers
Used and New from Other Sellers
from $17.16
Usually ships in 1-2 business days
(Save 76%)
Other sellers (Paperback)
  • All (14) from $17.16   
  • New (7) from $52.02   
  • Used (7) from $17.16   


The practical guide to simulating, detecting, and responding to network attacks

  • Create step-by-step testing plans
  • Learn to perform social engineering and host reconnaissance
  • Evaluate session hijacking methods
  • Exploit web server vulnerabilities
  • Detect attempts to breach database security
  • Use password crackers to obtain access information
  • Circumvent Intrusion Prevention Systems (IPS) and firewall protections and disrupt the service of routers and switches
  • Scan and penetrate wireless networks
  • Understand the inner workings of Trojan Horses, viruses, and other backdoor applications
  • Test UNIX, Microsoft, and Novell servers for vulnerabilities
  • Learn the root cause of buffer overflows and how to prevent them
  • Perform and prevent Denial of Service attacks

Penetration testing is a growing field but there has yet to be a definitive resource that instructs ethical hackers on how to perform a penetration test with the ethics and responsibilities of testing in mind. Penetration Testing and Network Defense offers detailed steps on how to emulate an outside attacker in order to assess the security of a network.

Unlike other books on hacking, this book is specifically geared towards penetration testing. It includes important information about liability issues and ethics as well as procedures and documentation. Using popular open-source and commercial applications, the book shows you how to perform a penetration test on an organization’s network, from creating a test plan to performing social engineering and host reconnaissance to performing simulated attacks on both wired and wireless networks.

Penetration Testing and Network Defense also goes a step further than other books on hacking, as it demonstrates how to detect an attack on a live network. By detailing the method of an attack and how to spot an attack on your network, this book better prepares you to guard against hackers. You will learn how to configure, record, and thwart these attacks and how to harden a system to protect it against future internal and external attacks.

Full of real-world examples and step-by-step procedures, this book is both an enjoyable read and full of practical advice that will help you assess network security and develop a plan for locking down sensitive data and company resources.

“This book goes to great lengths to explain the various testing approaches that are used today and gives excellent insight into how a responsible penetration testing specialist executes his trade.”

–Bruce Murphy, Vice President, World Wide Security Services, Cisco Systems®

Read More Show Less

Product Details

  • ISBN-13: 9781587052088
  • Publisher: Cisco Press
  • Publication date: 10/31/2005
  • Series: Networking Technology Series
  • Edition description: New Edition
  • Edition number: 1
  • Pages: 800
  • Product dimensions: 7.40 (w) x 8.90 (h) x 1.50 (d)

Meet the Author

Andrew Whitaker, CCSP™, is the Director of Enterprise InfoSec and Networking for TechTrain, where he performs penetration tests and teaches ethical hacking and Cisco® courses. He has been working in the IT industry for more than ten years, specializing in Cisco and security technologies, and has performed penetration tests for numerous financial institutions and Fortune 500 companies.

Daniel P. Newman, CISSP, CCSP, has been in the computer industry for over 12 years specializing in application programming, database design and network security for projects all over the world. He is the managing director and chief security officer for Tribal Knowledge Security and specializes in penetration testing and advanced technical training in Cisco, Microsoft, and Ethical Hacking topics.

Read More Show Less

Table of Contents



Part I Overview of Penetration Testing

Chapter 1 Understanding Penetration Testing

Defining Penetration Testing

Assessing the Need for Penetration Testing

Proliferation of Viruses and Worms

Wireless LANs

Complexity of Networks Today

Frequency of Software Updates

Availability of Hacking Tools

The Nature of Open Source

Reliance on the Internet

Unmonitored Mobile Users and Telecommuters

Marketing Demands

Industry Regulations

Administrator Trust

Business Partnerships


Attack Stages

Choosing a Penetration Testing Vendor

Preparing for the Test


Chapter 2 Legal and Ethical Considerations

Ethics of Penetration Testing


U.S. Laws Pertaining to Hacking

1973 U.S. Code of Fair Information Practices

1986 Computer Fraud and Abuse Act (CFAA)

State Laws

Regulatory Laws

1996 U.S. Kennedy-Kasselbaum Health Insurance Portability and Accountability

Graham-Leach-Bliley (GLB)


2002 Federal Information Security Management Act (FISMA)

2003 Sarbanes-Oxley Act (SOX)

Non-U.S. Laws Pertaining to Hacking


To Fix or Not to Fix


Chapter 3 Creating a Test Plan

Step-by-Step Plan

Defining the Scope

Social Engineering

Session Hijacking


Open-Source Security Testing Methodology Manual


Executive Summary

Project Scope

Results Analysis




Part II Performing the Test

Chapter 4 Performing Social Engineering

Human Psychology

Conformity Persuasion

Logic Persuasion

Need-Based Persuasion

Authority-Based Persuasion

Reciprocation-Based Social Engineering

Similarity-Based Social Engineering

Information-Based Social Engineering

What It Takes to Be a Social Engineer

Using Patience for Social Engineering

Using Confidence for Social Engineering

Using Trust for Social Engineering

Using Inside Knowledge for Social Engineering

First Impressions and the Social Engineer

Tech Support Impersonation

Third-Party Impersonation

E-Mail Impersonation

End User Impersonation

Customer Impersonation

Reverse Social Engineering

Protecting Against Social Engineering

Case Study


Chapter 5 Performing Host Reconnaissance

Passive Host Reconnaissance

A Company Website

EDGAR Filings

NNTP USENET Newsgroups

User Group Meetings

Business Partners

Active Host Reconnaissance

NSLookup/Whois Lookups


Visual Route

Port Scanning

TCP Connect() Scan

SYN Scan


FIN Scan

ACK Scan

Xmas-Tree Scan

Dumb Scan


NMap Switches and Techniques

Compiling and Testing NMap



Detecting a Scan

Intrusion Detection

Anomaly Detection Systems

Misuse Detection System

Host-Based IDSs

Network-Based IDSs

Network Switches

Examples of Scan Detection

Detecting a TCP Connect() Scan

Detecting a SYN Scan

Detecting FIN, NULL, and Xmas-Tree Scans

Detecting OS Guessing

Case Study


Chapter 6 Understanding and Attempting Session Hijacking

Defining Session Hijacking

Nonblind Spoofing

Blind Spoofing

TCP Sequence Prediction (Blind Hijacking)






Other Tools

Beware of ACK Storms

Kevin Mitnick’s Session Hijack Attack

Detecting Session Hijacking

Detecting Session Hijacking with a Packet Sniffer

Configuring Ethereal

Watching a Hijacking with Ethereal

Detecting Session Hijacking with Cisco IDS

Signature 1300: TCP Segment Overwrite

Signature 3250: TCP Hijack

Signature 3251: TCP Hijacking Simplex Mode

Watching a Hijacking with IEV

Protecting Against Session Hijacking

Case Study



Chapter 7 Performing Web Server Attacks

Understanding Web Languages











PHP Hypertext Preprocessor


Java Once Called Oak

Client-Based Java

Server-Based Java

Website Architecture

E-Commerce Architecture

Apache HTTP Server Vulnerabilities

IIS Web Server


Privilege Escalation

Buffer Overflows

Web Page Spoofing

Cookie Guessing

Hidden Fields

Brute Force Attacks


HTTP Brute Forcer

Detecting a Brute Force Attack

Protecting Against Brute Force Attacks



Vulnerability Scanners

IIS Xploit




Web Server Banner Grabbing

Hacking with Google

Detecting Web Attacks

Detecting Directory Traversal

Detecting Whisker

Protecting Against Web Attacks

Securing the Operating System

Securing Web Server Applications



Securing Website Design

Securing Network Architecture

Case Study


Chapter 8 Performing Database Attacks

Defining Databases







SQL Server



Database Default Accounts

Testing Database Vulnerabilities

SQL Injection

System Stored Procedures


Connection Strings

Password Cracking/Brute Force Attacks

Securing Your SQL Server


Service Accounts

Public Role

Guest Account

Sample Databases

Network Libraries


Detecting Database Attacks


Failed Logins

System Stored Procedures

SQL Injection

Protecting Against Database Attacks

Case Study


References and Further Reading

Chapter 9 Password Cracking

Password Hashing

Using Salts

Microsoft Password Hashing

UNIX Password Hashing

Password-Cracking Tools

John the Ripper





Snadboy Revelation

Boson GetPass


Detecting Password Cracking

Network Traffic

System Log Files

Account Lockouts

Physical Access

Dumpster Diving and Key Logging

Social Engineering

Protecting Against Password Cracking

Password Auditing

Logging Account Logins

Account Locking

Password Settings

Password Length

Password Expiration

Password History

Physical Protection

Employee Education and Policy

Case Study


Chapter 10 Attacking the Network

Bypassing Firewalls

Evading Intruder Detection Systems

Testing Routers for Vulnerabilities


HTTP Service

Password Cracking

Modifying Routing Tables

Testing Switches for Vulnerabilities

VLAN Hopping

Spanning Tree Attacks

MAC Table Flooding

ARP Attacks

VTP Attacks

Securing the Network

Securing Firewalls

Securing Routers

Disabling CDP

Disabling or Restricting the HTTP Service

Securing Router Passwords

Enabling Authentication for Routing Protocols

Securing Switches

Securing Against VLAN Hopping

Securing Against Spanning Tree Attacks

Securing Against MAC Table Flooding and ARP Attacks

Securing Against VTP Attacks

Case Study


Chapter 11 Scanning and Penetrating Wireless Networks

History of Wireless Networks

Antennas and Access Points

Wireless Security Technologies

Service Set Identifiers (SSIDs)

Wired Equivalent Privacy (WEP)

MAC Filtering

802.1x Port Security


War Driving







AiroPeek NX



Detecting Wireless Attacks

Unprotected WLANs

DoS Attacks

Rogue Access Points

MAC Address Spoofing

Unallocated MAC Addresses

Preventing Wireless Attacks

Preventing Man-in-the-Middle Attacks

Establishing and Enforcing Standards for Wireless Networking

Case Study


Chapter 12 Using Trojans and Backdoor Applications

Trojans, Viruses, and Backdoor Applications

Common Viruses and Worms


I Love You






SQL Slammer


Trojans and Backdoors

Back Orifice 2000


Donald Dick




Brown Orifice


Beast Server Settings

Beast Client

Detecting Trojans and Backdoor Applications

MD5 Checksums

Monitoring Ports Locally




Monitoring Ports Remotely

Anti-virus and Trojan Scanners Software

Intrusion Detection Systems


Case Study


Chapter 13 Penetrating UNIX, Microsoft, and Novell Servers

General Scanners






UNIX Permissions and Root Access

Elevation Techniques

Stack Smashing Exploit

rpc.statd Exploit



Linux Rootkit IV


Microsoft Security Models and Exploits

Elevation Techniques




Novell Server Permissions and Vulnerabilities



Detecting Server Attacks

Preventing Server Attacks

Case Study


Chapter 14 Understanding and Attempting Buffer Overflows

Memory Architecture




Buffer Overflow Examples

Simple Example

Linux Privilege Escalation

Windows Privilege Escalation

Preventing Buffer Overflows

Library Tools to Prevent Buffer Overflows

Compiler-Based Solutions to Prevent Buffer Overflows

Using a Non-Executable Stack to Prevent Buffer Overflows

Case Study


Chapter 15 Denial-of-Service Attacks

Types of DoS Attacks

Ping of Death

Smurf and Fraggle

LAND Attack

SYN Flood

Tools for Executing DoS Attacks




Other Tools

Detecting DoS Attacks

Appliance Firewalls

Host-Based IDS

Signature-Based Network IDS

Network Anomaly Detectors

Preventing DoS Attacks


Network Hardening

Application Hardening

Intrusion Detection Systems

Case Study


Chapter 16 Case Study: A Methodical Step-By-Step Penetration Test

Case Study: LCN Gets Tested

Planning the Attack

Gathering Information

Scanning and Enumeration

External Scanning

Wireless Scanning

Gaining Access

Gaining Access via the Website

Gaining Access via Wireless

Maintain Access

Covering Tracks

Writing the Report

DAWN Security

Executive Summary





Graphical Summary

Technical Testing Report

Black-Box Testing

Presenting and Planning the Follow-Up

Part III Appendixes

Appendix A Preparing a Security Policy

Appendix B Tools


Read More Show Less

Customer Reviews

Average Rating 4.5
( 3 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 3 Customer Reviews
  • Anonymous

    Posted February 12, 2007

    Andrew Whitaker has a gift for teaching

    Andrew Whitaker was an instructor of mine when I was first getting serious about networking. He trained me for my CCNA and CCDA exams through 'The Training Camp' in Austin Texas a few years ago. Andrew has a unique gift for making the difficult seem simple and helping those around him feel good about learning. The methods he uses to explain things leaves you with lightbulbs coming on everywhere. Although I have not read his book, I am anxious to do so when my unit gets back from deployment in Iraq sometime this summer. Andrew if you read this, I'd love to hear from you if you can find the time.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted February 16, 2006

    Paranoia with a Purpose

    Andrew Whitaker and Daniel Newman show how to protect a network by showing how to attack it. Penetration Testing and Network Defense, written for network security professionals, has strong disclosures that warn against the temptation to try some of the techniques taught in the book without written permission from those who own target systems. If you have been administering a network or consulting, you will already be familiar with much of the contents of the book. However, the authors present the material very well. The book saves the reader the time of going many places to acquire all this information. There are a few non-technical parts to the book. Chapter 4, Performing Social Engineering, should be ready by practically everyone who works with computers or lives in the information age for that matter. This was the scary part for me. The authors almost had me thinking like a criminal. But this is a necessary exercise to stay one step ahead of the bad guys. There is apparently an emotional high for some to see what they can get away with. And then there is financial incentive as well. Appendix A walks the reader through preparing a security policy. Most of the book is written directly to those who already have a working knowledge of networking and the TCP/IP protocol. For over 10 chapters the authors cover many techniques for stealing data or taking down a network. The perspective of this guide flips flops from hacker to security administrator, showing both how to defend and how to get around that defense. There is mention of many of the newer features available in systems today, such as Flood Defender for Cisco PIX firewall. All of the best tools are listed, both free and commercial, for evaluating the security of a network. I give Penetration Testing and Network Defense five stars because it is easy to read and has excellent real world examples. I learned several new things and got some old questions answered. The book reinforces one of life¿s most important lessons I try to teach my kids. Respect other people: respect other people¿s things.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted December 29, 2009

    No text was provided for this review.

Sort by: Showing all of 3 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)