Network Security Assessment, 3rd Edition
Know Your Network
Publisher: O'Reilly Media
Final Release Date: December 2016
Pages: 494

How secure is your network? The best way to find out is to attack it, using the same tactics attackers employ to identify and exploit weaknesses. With the third edition of this practical book, you’ll learn how to perform network-based penetration testing in a structured manner. Security expert Chris McNab demonstrates common vulnerabilities, and the steps you can take to identify them in your environment.

System complexity and attack surfaces continue to grow. This book provides a process to help you mitigate risks posed to your network. Each chapter includes a checklist summarizing attacker techniques, along with effective countermeasures you can use immediately.

Learn how to effectively test system components, including:

  • Common services such as SSH, FTP, Kerberos, SNMP, and LDAP
  • Microsoft services, including NetBIOS, SMB, RPC, and RDP
  • SMTP, POP3, and IMAP email services
  • IPsec and PPTP services that provide secure network access
  • TLS protocols and features providing transport security
  • Web server software, including Microsoft IIS, Apache, and Nginx
  • Frameworks including Rails, Django, Microsoft ASP.NET, and PHP
  • Database servers, storage protocols, and distributed key-value stores
Table of Contents
Product Details
About the Author
Colophon
Recommended for You
Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews
oreillyNetwork Security Assessment, 3rd Edition
 
4.2

(based on 5 reviews)

Ratings Distribution

  • 5 Stars

     

    (2)

  • 4 Stars

     

    (2)

  • 3 Stars

     

    (1)

  • 2 Stars

     

    (0)

  • 1 Stars

     

    (0)

100%

of respondents would recommend this to a friend.

Pros

  • Accurate (5)
  • Concise (3)
  • Easy to understand (3)
  • Well-written (3)

Cons

No Cons

Best Uses

  • Intermediate (5)
  • Expert (3)

Reviewed by 5 customers

Displaying reviews 1-5

Back to top

(0 of 1 customers found this review helpful)

 
3.0

MOBI copy unusable - no Table of Contents

By Stormcrow

from Metro Seattle

About Me Sys Admin

Verified Buyer

Pros

  • Accurate
  • Concise
  • Well-written

Cons

  • Too many errors

Best Uses

  • Intermediate

Comments about oreilly Network Security Assessment, 3rd Edition:

The EPUB and PDF copies are fine.

The EPUB copy also lacks an inline ToC, but (i) this seems to be the norm for O'Reilly EPUBs since about 2012, and (ii) the bookmark ToC suffices. I wish you'd reconsider that decision. An inline hyperlinked ToC is useful in ways that a bookmark ToC sometimes is not.

But the MOBI edition lacks a ToC of ANY sort. How is the reader supposed to navigate?

The app I used to test is Mobipocket Reader 6.2, and you cannot get more canonical than that.

What makes this a *fatal* error, is that there is no way to *repair* a damaged MOBI.

You can edit a broken EPUB with Sigil. There are several very competent editors for PDFs, and a few GPL'ed tools that are specifically designed to insert a bookmark ToC into one. But there is nothing you can do with a broken MOBI except rebuild it from scratch, and an end user cannot do that.

(1 of 1 customers found this review helpful)

 
4.0

A worthy update.

By Jay

from Israel

Verified Buyer

Pros

  • Accurate
  • Helpful examples

Cons

  • Not comprehensive enough

Best Uses

  • Expert
  • Intermediate

Comments about oreilly Network Security Assessment, 3rd Edition:

The book is a great update and offers a lot of expanded information (after all almost 10 years have passed).
This book is great and I believe should be in every security and networm expert arsenal, it is not perfect as sometimes the attack details could be expanded upon (for example in the smb attacks) but the books does offer a protocol breakdown for the mentioned protocols which is invaluable information.

 
5.0

Updated content now with diagrams

By M

from Singapore

About Me Infosec Professional

Verified Reviewer

Pros

  • Accurate
  • Easy to understand
  • Helpful examples
  • Well-written

Cons

    Best Uses

    • Expert
    • Intermediate
    • Novice

    Comments about oreilly Network Security Assessment, 3rd Edition:

    The previous edition was released in 2007 so this book is a much anticipated edition with content on new popular technologies. Many thanks to Chris McNab and O'Reilly for releasing a version today (7th Oct) with diagrams.

     
    4.0

    Good

    By Mpoed

    from Andromeda

    About Me Sys Admin

    Verified Reviewer

    Pros

    • Accurate
    • Concise
    • Easy to understand
    • Well-written

    Cons

      Best Uses

      • Expert
      • Intermediate

      Comments about oreilly Network Security Assessment, 3rd Edition:

      Content looks quite good. However "early release" concept needs some revision. It's far better to have an early release book with some chapters fully complete than to have all the chapters 'complete' and all the diagrams missing! This is not very useful.

      (5 of 5 customers found this review helpful)

       
      5.0

      Must have book for advanced penetration testing

      By Raj

      from Chennai, India

      About Me Penetration Tester

      Verified Reviewer

      Pros

      • Accurate
      • Concise
      • Easy to understand

      Cons

        Best Uses

        • Intermediate

        Comments about oreilly Network Security Assessment, 3rd Edition:

        I have been into penetration testing for almost 4 years. While most of the books I came across talks about pen test processes, scanning networks and usage of frameworks like Metasploit, this is the book that teaches vulnerability identification and exploitation using freely available tools and exploit codes.

        Displaying reviews 1-5

        Back to top

         
        Buy 2 Get 1 Free Free Shipping Guarantee
        Buying Options
        Immediate Access - Go Digital what's this?
        Ebook:  $42.99
        Formats:  DAISY, ePub, Mobi, PDF
        Print & Ebook:  $54.99
        Print:  $49.99