Assessing Network Security

Assessing Network Security
by Ben Smith, David LeBlanc, Kevin Lam

Assessing Network Security
List Price: $49.99
Our Price: $19.99
You Save: $30.00 (60%)
Availability: Usually ships in 1-2 business days
Buy Used: from $3.85 (click here)
Category: Book
See more book details and other editions


or
Compare Prices for Assessing Network Security

Book Summary Information

Author: Ben Smith, David LeBlanc, Kevin Lam
Brand: Microsoft
Edition: Paperback
Audio: English (Unknown); English (Original Language); English (Published)
Published: 2004-07-21
ISBN: 8120326601
Number of pages: 592
Publisher: Microsoft Press

Book Reviews of Assessing Network Security

Book Review: The best pentesting book I've seen
Summary: 5 Stars


Now, I've read some pretty bad books on penetration testing and nobody seemed to get this fun subject right! Good news - this time somebody did! This great tome ("Assessing Network Security") comes to us direct from the bunkers of Redmond. Written by three Microsoft security researchers, the book provides a great overview as well as in-depth coverage of assessing security via pen testing, scanning, IT audit and other means.

The books starts from a nice overview of key principles of security (definitely not news for industry practitioners, but nice anyway), and then goes on to defines vulnerability assessment, penetration testing and security audit. A critically important section on reporting the findings is also nicely written and shows that the authors are knowledgeable about the subject. The book then goes into developing and maintaining the pentesting skills, and descends into choosing the training and resources (nice for those starting in the field). The actual pentesting process is split into non-intrusive (combining the usual "intelligence gathering" with port scans, sweeps and various host queries) and intrusive tests (such as running a vulnerability scanner, brute-forcing passwords, DoS testing and others). Some entries seem to belong in both categories (such as sniffing) but are placed into the intrusive section, for whatever reason. All the host latest content (wireless, Bluetooth and web assessments) is well represented in the book. A fairly insightful social engineering testing section (that touched on dumpster diving and other non-network assessment methods) is also present. My favorite chapter was the one on 'case studies' - examples of specific threats/tests against web, email, VPN and domain controller systems.

Among other features that I liked were 'notes from the field' sidebars with fun stories related by authors and FAQs at the end of each section. On the down side, the book is somewhat Windows-focused (although it is amazingly vendor-neutral in most respects, considering the source). The book is also somewhat dry, although sidebars provide the needed relief when the text gets too process-oriented at times.

The book is largely about methodology, but I'd have preferred to see a bit more technical content, since it is a 600-page volume. I think checklists, present in the Appendix, are a great step in that direction.

Overall, I enjoyed the book and think it is both a great guide and a reference for most security professionals, especially for those starting to be involved with penetration testing.

Anton Chuvakin, Ph.D., GCIA, GCIH is a Security Strategist with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004) and a contributor to "Known Your Enemy II (AWL, 2004). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
Write your own review

Summary of Assessing Network Security

Don?t wait for an attacker to find and exploit your security vulnerabilities—take the lead by assessing the state of your network?s security. This book delivers advanced network testing strategies, including vulnerability scanning and penetration testing, from members of the Microsoft security teams. These real-world practitioners provide hands-on guidance on how to perform security assessments, uncover security vulnerabilities, and apply appropriate countermeasures. The companion CD features time-saving tools and scripts that you can use to reveal and help correct security vulnerabilities in your own network.

Sharpen and advance your security assessment skills, including how to:

  • Detect vulnerabilities and perform penetration tests
  • Conduct and properly report an IT security audit
  • Find hidden hosts by using DNS, WINS, and NetBIOS
  • Sweep your network to analyze network topology, existing hosts, and multi-homed systems
  • Determine the status of ICP and UDP ports by using port scanning

Recognize and help counter common network threats, including:

  • War dialing, war driving, and Bluetooth attacks
  • Packet and network sniffing
  • IP, e-mail, and DNS spoofing
  • Password cracking
  • Communication interceptions and modifications
  • IDS and IPS attacker detection avoidance
  • Spam and other e-mail abuses

CD features:

  • Tools for testing e-mail, databases, and Web servers
  • Scripts for finding common information leaks and other potential security issues
  • Complete eBook in PDF format

A Note Regarding the CD or DVD

The print version of this book ships with a CD or DVD. For those customers purchasing one of the digital formats in which this book is available, we are pleased to offer the CD/DVD content as a free download via O'Reilly Media's Digital Distribution services. To download this content, please visit O'Reilly's web site, search for the title of this book to find its catalog page, and click on the link below the cover image (Examples, Companion Content, or Practice Files). Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to booktech@oreilly.com.

Certification Central Books
Book Subjects
Most talked about in Certification Central Books
QoS and Traffic Management in IP and ATM Networks ImageQoS and Traffic Management in IP and ATM Networks
by David McDysan
McGraw-Hill Companies; Published: 1999-11-01; Paperback; Book
Best price: $47.86
Price in other shops: $55.00
Accelerated Lotus Notes Application Development Study Guide ImageAccelerated Lotus Notes Application Development Study Guide
by Libby Ingrassia Schwarz
McGraw-Hill Companies; Published: 1998-12-30; Paperback; Book
Best price: $6.50
Price in other shops: $29.99
Real World Java 2 with CDROM (Java Masters) ImageReal World Java 2 with CDROM (Java Masters)
by Justin Couch
McGraw-Hill Companies; Published: 1999-01; Paperback; Book
Best price: $146.43
A+ Certification DOS/Windows (Accelerated A+ Certification Study Guide) ImageA+ Certification DOS/ Windows (Accelerated A+ Certification Study Guide)
Computing Mcgraw-Hill; Published: 1998-12; Paperback; Book
Best price: $12.80
Price in other shops: $24.99
PowerPoint 2000 Expert Microsoft Office User Specialist and Certification Procedures ImagePowerPoint 2000 Expert Microsoft Office User Specialist and Certification Procedures
Glencoe McGraw-Hill; Published: 2000-01-01; Unknown Binding; Book
Excel 97: Certification Procedures (Glencoe Comprehensive Approach Series) ImageExcel 97: Certification Procedures (Glencoe Comprehensive Approach Series)
by Carole Tobias
Mcgraw-Hill (Tx); Published: 1997-10; Hardcover; Book
Price in other shops: $40.75
Computer Networks (4th Edition) ImageComputer Networks (4th Edition)
by Andrew S. Tanenbaum
Prentice Hall; Published: 2002-08-19; Hardcover; Book
Best price: $29.97
Price in other shops: $120.67
CompTIA A+ Certification All-in-One Exam Guide, Sixth Edition ImageCompTIA A+ Certification All-in-One Exam Guide, Sixth Edition
by Michael Meyers
McGraw-Hill Osborne Media; Published: 2006-12-21; Hardcover; Book
Best price: $20.00
Price in other shops: $59.99
Sun Certified Programmer for Java 2 Study Guide (Exam 310-025) (Book/CD-ROM package) ImageSun Certified Programmer for Java 2 Study Guide (Exam 310-025) (Book/ CD-ROM package)
by Syngress Media Inc
McGraw-Hill Companies; Published: 2000-03-03; Hardcover; Book
Best price: $7.30
Price in other shops: $49.99
McGraw Hill's Encyclopedia of Networking and Telecommunications with CDROM (Network Professional's Library) ImageMcGraw Hill's Encyclopedia of Networking and Telecommunications with CDROM (Network Professional's Library)
by Tom Sheldon, Thomas Sheldon
McGraw-Hill Companies; Published: 2001-01; Hardcover; Book
Best price: $19.88
Price in other shops: $79.99
Similar Books and other products
Writing Secure Code, Second Edition ImageWriting Secure Code, Second Edition
by Michael Howard, David LeBlanc
MICROSOFT; Microsoft Press; Published: 2003-01-04; Paperback; Book
Best price: $14.99
Price in other shops: $49.99
Protect Your Windows Network: From Perimeter to Data ImageProtect Your Windows Network: From Perimeter to Data
by Jesper M. Johansson, Steve Riley
Addison-Wesley Professional; Published: 2005-05-30; Paperback; Book
Best price: $25.00
Price in other shops: $64.99
The Security Development Lifecycle ImageThe Security Development Lifecycle
by Michael Howard, Steve Lipner
Microsoft Press; Published: 2006-06-28; Paperback; Book
Best price: $17.12
Price in other shops: $34.99
Network Security Assessment: Know Your Network ImageNetwork Security Assessment: Know Your Network
by Chris McNab
O'Reilly Media; Published: 2007-11-08; Paperback; Book
Best price: $24.98
Price in other shops: $49.99
Threat Modeling (Microsoft Professional) ImageThreat Modeling (Microsoft Professional)
by Frank Swiderski, Window Snyder
Microsoft Press; Published: 2004-07-14; Paperback; Book
Best price: $17.95
Price in other shops: $34.99
DVD Video | VHS Video | Music CDs | Health and Personal Care | Digital Cameras and Photo | Kitchen and Housewares | Tools and Hardware | Sports Equipment | Dresses shirts shoes apparel pants
Copyright © 2005-2007 booknear.com
Google
 
Web booknear.com

Booknear.com