Network Security Assessment
Know Your Network
By Chris McNab
Publisher: O'Reilly Media
Final Release Date: March 2004
Pages: 400

There are hundreds--if not thousands--of techniques used to compromise both Windows and Unix-based systems. Malicious code and new exploit scripts are released on a daily basis, and each evolution becomes more and more sophisticated. Keeping up with the myriad of systems used by hackers in the wild is a formidable task, and scrambling to patch each potential vulnerability or address each new attack one-by-one is a bit like emptying the Atlantic with paper cup.If you're a network administrator, the pressure is on you to defend your systems from attack. But short of devoting your life to becoming a security expert, what can you do to ensure the safety of your mission critical systems? Where do you start?Using the steps laid out by professional security analysts and consultants to identify and assess risks, Network Security Assessment offers an efficient testing model that an administrator can adopt, refine, and reuse to create proactive defensive strategies to protect their systems from the threats that are out there, as well as those still being developed.This thorough and insightful guide covers offensive technologies by grouping and analyzing them at a higher level--from both an offensive and defensive standpoint--helping administrators design and deploy networks that are immune to offensive exploits, tools, and scripts. Network administrators who need to develop and implement a security assessment program will find everything they're looking for--a proven, expert-tested methodology on which to base their own comprehensive program--in this time-saving new book.

Table of Contents
Product Details
Colophon
Recommended for You
Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews
oreillyNetwork Security Assessment
 
3.9

(based on 7 reviews)

Ratings Distribution

  • 5 Stars

     

    (3)

  • 4 Stars

     

    (0)

  • 3 Stars

     

    (4)

  • 2 Stars

     

    (0)

  • 1 Stars

     

    (0)

Reviewed by 7 customers

Sort by

Displaying reviews 1-7

Back to top

 
5.0

Experience speaks for itself!

By James Ko, CISSP

from Undisclosed

Comments about oreilly Network Security Assessment:

This is a great book to have for those who are security practitioners.

While some may say this is very similar to those "hacking" books out on the market, I see a difference. One thing stands out is that the author provides a lot of his experience drawing from the field. He does not just talk about how to use the tools, he also goes into the reasons/depth behind why this is happening. For example, in the Windows Networking Services, I learned a lot about the Samba exploits and brute force password attacks. Another good example is the format string overflow, where the author provides a lot of pointers for further readings on the topic. Finally, the list of hacker sites listed in the Appendix comes in handy because there are tons of evil hacking tools (or treasures, depending how you look at it) out there that every security practitioners should know about to combat against these malicious hackers.

James Ko, CISSP

OAM & Security, Data Network Engineering

(0 of 1 customers found this review helpful)

 
3.0

Network Security Assessment Review

By Steve McGrane

from Undisclosed

Comments about oreilly Network Security Assessment:

The sample chapter is definitive, covering all the right bases of network mapping and scanning techniques. I've preordered a copy, and think its great that someone with a past has written this (instead of others who have written very simple books aligned with SANS and other organizations). Can't wait to get this book in the post in the coming weeks!!

(0 of 1 customers found this review helpful)

 
3.0

Network Security Assessment Review

By xavier mitchell

from Undisclosed

Comments about oreilly Network Security Assessment:

hmm,

I found the sample chapter pretty useful - perhaps I'm not as clever as some of the other people here.

is this a witch hunt? I'm not from USA, not read the *whole* book which hasn't been released yet, but looks to me like a lot of very excited people in US. yawn. I can't find the book on PDF to download. seems like a lot of talk. also labtekwon who are you? you can't find some guy on google - so its a conspiracy... hahah we make fun of people like you over here. I searched for your name, but couldn't find it. post some links to where you are mentioned - maybe you are all same person! I wish people just review the book, your comments are all worthless.

 
5.0

Network Security Assessment Review

By Shahid

from Undisclosed

Comments about oreilly Network Security Assessment:

Chris, I read the beta chapter and your book is a eye opener! I already preordered it and desparately waiting for its release. Keep up the good work and ignore the ignarant people.

 
3.0

Network Security Assessment Review

By Kyle

from Undisclosed

Comments about oreilly Network Security Assessment:

Just a note of clarification - the "reader review" referred to earlier was deleted because it contained an explicit call to violence and was not in fact a review of the book at all.

 
5.0

Network Security Assessment Review

By Chris McNab

from Undisclosed

Comments about oreilly Network Security Assessment:

Well it's 3:50am on Sunday morning, and I've been talking to Kyle and my editors about some character assassination attempts by an individual who seems hell-bent on branding me as a terrorist. What is funny to me, are the convictions and motives of this anonymous individual, who is part of the GOBBLES group, and responsible for similar character assassination attempts in the past (leading to Ryan Russell's dismissal from SecurityFocus.com, for example). ORA have provided me with a lot of support over this, and my book will be published.

In response to this individual's allegations, which contain some elements of truth, but a lot of incorrect details, I've put together an article for O'Reilly, titled The Journey From Poacher to Gamekeeper, which fully documents the truth of my career as a teenage hacker (from 1996-1999) and as a security consultant (from 2000 to present), including my membership of various groups, including Rhino9, and Masters of Downloading. This article is available for you to all read from Monday, in black and white, so that you can draw your own conclusions.

My book is not plagarised from the ISS Ethical Hacking PDF, which was co-incidentally written by one of my technical reviewers a number of years ago! Also, I have a number of personal and professional references from individuals in USA and UK government and law enforcement, so I can't see how I could possibly be a terrorist with this endorsement.

Anway, on to the book--It is a technical attack and penetration guide, written in line with UK (CESG CHECK) and USA (NSA IAM) testing standards. I use my experience from both sides of the fence to fully discuss all of the techniques used by blackhat attackers and security consultants alike, allowing readers to correctly fortify and protect their networks from attack into the future.

A number of technical reviewers from professional security consultancy companies, the US military, government, and other areas, have given glowing reviews, and provided me with some excellent insight into areas of improvement for the book. Hopefully, by reading the book itself (which is not distributed until March 19th), you can draw your own conclusions, and post an accurate review in your own words here.

 
3.0

Network Security Assessment Review

By Kyle

from Undisclosed

Comments about oreilly Network Security Assessment:

Considering the fact that this book has not yet left our warehouse, I'm suprised by the amount and vehemence of the criticism. I hope that when the book reaches a larger audience, we'll have an informed and spirited dialogue about its strengths and weaknesses.

For the reviewer who last read the manuscript while it was still being written (I wont comment on the "hacking Chris's system" part), I hope you'll try again now that the book is finished, considering that significant changes are made in a book as it is developed.

One more thing,

I think most folks who are familiar with O'Reilly know that supporting terrorism is not what we're all about...

Happy Friday.

Displaying reviews 1-7

Back to top

 
Buy 2 Get 1 Free Free Shipping Guarantee
Buying Options
Immediate Access - Go Digital what's this?
Ebook: $27.99
Formats:  DAISY, ePub, Mobi, PDF