Network Security Assessment: Know Your Network

Valutazione media 3,97
( su 29 valutazioni fornite da GoodReads )
 
9780596510305: Network Security Assessment: Know Your Network

How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened and immune from attack.

Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks at the bigger picture by grouping and analyzing threats at a high-level. By grouping threats in this way, you learn to create defensive strategies against entire attack categories, providing protection now and into the future.

Network Security Assessment helps you assess:

  • Web services, including Microsoft IIS, Apache, Tomcat, and subsystems such as OpenSSL, Microsoft FrontPage, and Outlook Web Access (OWA)


  • Web application technologies, including ASP, JSP, PHP, middleware, and backend databases such as MySQL, Oracle, and Microsoft SQL Server


  • Microsoft Windows networking components, including RPC, NetBIOS, and CIFS services


  • SMTP, POP3, and IMAP email services


  • IP services that provide secure inbound network access, including IPsec, Microsoft PPTP, and SSL VPNs


  • Unix RPC services on Linux, Solaris, IRIX, and other platforms


  • Various types of application-level vulnerabilities that hacker tools and scripts exploit


Assessment is the first step any organization should take to start managing information risks correctly. With techniques to identify and assess risks in line with CESG CHECK and NSA IAM government standards, Network Security Assessment gives you a precise method to do just that.

Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.

About the Author:

Chris McNab is the technical director of Matta, a vendor-independent security consulting outfit based in the United Kingdom. Since 2000, Chris has presented and run applied hacking courses across Europe, training a large number of financial, retail, and government clients in practical attack and penetration techniques, so that they can assess and protect their own networks effectively.

Chris speaks at a number of security conferences and seminars, and is routinely called to comment on security events and other breaking news. He has appeared on television and radio stations in the UK (including BBC 1 and Radio 4), and in a number of publications and computing magazines.

Responsible for the provision of security assessment services at Matta, Chris and his team undertake Internet-based, internal, application, and wireless security assessment work, providing clients with practical and sound technical advice relating to secure network design and hardening strategies. Chris boasts a 100% success rate when compromising the networks of multinational corporations and financial services companies over the last five years.

Contenuti:

Foreword; About Bob Ayers; Preface; Overview; Recognized Assessment Standards; Hacking Defined; Organization; Audience; Mirror Site for Tools Mentioned in This Book; Using Code Examples; Conventions Used in This Book; Comments and Questions; Acknowledgments; Chapter 1: Network Security Assessment; 1.1 The Business Benefits; 1.2 IP: The Foundation of the Internet; 1.3 Classifying Internet-Based Attackers; 1.4 Assessment Service Definitions; 1.5 Network Security Assessment Methodology; 1.6 The Cyclic Assessment Approach; Chapter 2: Network Security Assessment Platform; 2.1 Virtualization Software; 2.2 Operating Systems; 2.3 Reconnaissance Tools; 2.4 Network Scanning Tools; 2.5 Exploitation Frameworks; 2.6 Web Application Testing Tools; Chapter 3: Internet Host and Network Enumeration; 3.1 Querying Web and Newsgroup Search Engines; 3.2 Querying Domain WHOIS Registrars; 3.3 Querying IP WHOIS Registrars; 3.4 BGP Querying; 3.5 DNS Querying; 3.6 Web Server Crawling; 3.7 Automating Enumeration; 3.8 SMTP Probing; 3.9 Enumeration Technique Recap; 3.10 Enumeration Countermeasures; Chapter 4: IP Network Scanning; 4.1 ICMP Probing; 4.2 TCP Port Scanning; 4.3 UDP Port Scanning; 4.4 IDS Evasion and Filter Circumvention; 4.5 Low-Level IP Assessment; 4.6 Network Scanning Recap; 4.7 Network Scanning Countermeasures; Chapter 5: Assessing Remote Information Services; 5.1 Remote Information Services; 5.2 DNS; 5.3 Finger; 5.4 Auth; 5.5 NTP; 5.6 SNMP; 5.7 LDAP; 5.8 rwho; 5.9 RPC rusers; 5.10 Remote Information Services Countermeasures; Chapter 6: Assessing Web Servers; 6.1 Web Servers; 6.2 Fingerprinting Accessible Web Servers; 6.3 Identifying and Assessing Reverse Proxy Mechanisms; 6.4 Enumerating Virtual Hosts and Web Sites; 6.5 Identifying Subsystems and Enabled Components; 6.6 Investigating Known Vulnerabilities; 6.7 Basic Web Server Crawling; 6.8 Web Servers Countermeasures; Chapter 7: Assessing Web Applications; 7.1 Web Application Technologies Overview; 7.2 Web Application Profiling; 7.3 Web Application Attack Strategies; 7.4 Web Application Vulnerabilities; 7.5 Web Security Checklist; Chapter 8: Assessing Remote Maintenance Services; 8.1 Remote Maintenance Services; 8.2 FTP; 8.3 SSH; 8.4 Telnet; 8.5 R-Services; 8.6 X Windows; 8.7 Citrix; 8.8 Microsoft Remote Desktop Protocol; 8.9 VNC; 8.10 Remote Maintenance Services Countermeasures; Chapter 9: Assessing Database Services; 9.1 Microsoft SQL Server; 9.2 Oracle; 9.3 MySQL; 9.4 Database Services Countermeasures; Chapter 10: Assessing Windows Networking Services; 10.1 Microsoft Windows Networking Services; 10.2 Microsoft RPC Services; 10.3 The NetBIOS Name Service; 10.4 The NetBIOS Datagram Service; 10.5 The NetBIOS Session Service; 10.6 The CIFS Service; 10.7 Unix Samba Vulnerabilities; 10.8 Windows Networking Services Countermeasures; Chapter 11: Assessing Email Services; 11.1 Email Service Protocols; 11.2 SMTP; 11.3 POP-2 and POP-3; 11.4 IMAP; 11.5 Email Services Countermeasures; Chapter 12: Assessing IP VPN Services; 12.1 IPsec VPNs; 12.2 Attacking IPsec VPNs; 12.3 Microsoft PPTP; 12.4 SSL VPNs; 12.5 VPN Services Countermeasures; Chapter 13: Assessing Unix RPC Services; 13.1 Enumerating Unix RPC Services; 13.2 RPC Service Vulnerabilities; 13.3 Unix RPC Services Countermeasures; Chapter 14: Application-Level Risks; 14.1 The Fundamental Hacking Concept; 14.2 Why Software Is Vulnerable; 14.3 Network Service Vulnerabilities and Attacks; 14.4 Classic Buffer-Overflow Vulnerabilities; 14.5 Heap Overflows; 14.6 Integer Overflows; 14.7 Format String Bugs; 14.8 Memory Manipulation Attacks Recap; 14.9 Mitigating Process Manipulation Risks; 14.10 Recommended Secure Development Reading; Chapter 15: Running Nessus; 15.1 Nessus Architecture; 15.2 Deployment Options and Prerequisites; 15.3 Nessus Installation; 15.4 Configuring Nessus; 15.5 Running Nessus; 15.6 Nessus Reporting; 15.7 Running Nessus Recap; Chapter 16: Exploitation Frameworks; 16.1 Metasploit Framework; 16.2 CORE IMPACT; 16.3 Immunity CANVAS; 16.4 Exploitation Frameworks Recap; TCP, UDP Ports, and ICMP Message Types; TCP Ports; UDP Ports; ICMP Message Types; Sources of Vulnerability Information; Security Mailing Lists; Vulnerability Databases and Lists; Underground Web Sites; Security Events and Conferences; Exploit Framework Modules; MSF; CORE IMPACT; Immunity CANVAS; Colophon;

Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.

I migliori risultati di ricerca su AbeBooks

Edizione Internazionale
Edizione Internazionale

1.

Chris McNab
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi Brossura Quantità: 15
Edizione Internazionale
Da
US_Superfast_Bookstore
(New Castle, DE, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Condizione libro: New. This is an International Edition Brand New Paperback Same Title Author and Edition as listed. ISBN and Cover design differs. Similar Contents as U.S Edition. Standard Delivery within 6-14 business days ACROSS THE GLOBE. We can ship to PO Box address in US. International Edition Textbooks may bear a label "Not for sale in the U.S. or Canada" or "For sale in Asia only" or similar restrictions- printed only to discourage students from obtaining an affordable copy. US Court has asserted your right to buy and use International edition. Access code/CD may not provided with these editions. We may ship the books from multiple warehouses across the globe including Asia depending upon the availability of inventory. Printed in English. Customer satisfaction guaranteed. Codice libro della libreria NU3_9788184044256

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 18,15
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 2,51
In U.S.A.
Destinazione, tempi e costi
Edizione Internazionale
Edizione Internazionale

2.

Chris McNab
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi Soft cover Quantità: > 20
Edizione Internazionale
Da
University Bookstore
(DELHI, DELHI, India)
Valutazione libreria
[?]

Descrizione libro 2007. Soft cover. Condizione libro: New. This book is BRAND NEW Soft cover International edition with black and white printing. ISBN number & cover page may be different but contents identical to the US edition word by word. Book is in English language. Codice libro della libreria UN-SHRO-601

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 12,64
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 10,00
Da: India a: U.S.A.
Destinazione, tempi e costi

3.

Chris McNab
Editore: O'Reilly Media
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi PAPERBACK Quantità: > 20
Da
Mediaoutlet12345
(Springfield, VA, U.S.A.)
Valutazione libreria
[?]

Descrizione libro O'Reilly Media. PAPERBACK. Condizione libro: New. 0596510306 *BRAND NEW* Ships Same Day or Next!. Codice libro della libreria SWATI2122349726

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 25,95
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,78
In U.S.A.
Destinazione, tempi e costi

4.

Chris McNab
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi Paperback Quantità: > 20
Print on Demand
Da
BargainBookStores
(Grand Rapids, MI, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Paperback. Condizione libro: New. This item is printed on demand. Item doesn't include CD/DVD. Codice libro della libreria 1693860

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 26,11
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,78
In U.S.A.
Destinazione, tempi e costi

5.

Chris McNab
Editore: O Reilly Media, Inc, USA, United States (2007)
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi Paperback Quantità: 10
Da
The Book Depository
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro O Reilly Media, Inc, USA, United States, 2007. Paperback. Condizione libro: New. 2nd Revised edition. 232 x 178 mm. Language: English . Brand New Book. How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened and immune from attack. Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks at the bigger picture by grouping and analyzing threats at a high-level. By grouping threats in this way, you learn to create defensive strategies against entire attack categories, providing protection now and into the future. Network Security Assessment helps you assess: * Web services, including Microsoft IIS, Apache, Tomcat, and subsystems such as OpenSSL, Microsoft FrontPage, and Outlook Web Access (OWA) * Web application technologies, including ASP, JSP, PHP, middleware, and backend databases such as MySQL, Oracle, and Microsoft SQL Server * Microsoft Windows networking components, including RPC, NetBIOS, and CIFS services * SMTP, POP3, and IMAP email services * IP services that provide secure inbound network access, including IPsec, Microsoft PPTP, and SSL VPNs * Unix RPC services on Linux, Solaris, IRIX, and other platforms * Various types of application-level vulnerabilities that hacker tools and scripts exploit Assessment is the first step any organization should take to start managing information risks correctly. With techniques to identify and assess risks in line with CESG CHECK and NSA IAM government standards, Network Security Assessment gives you a precise method to do just that. Codice libro della libreria AAH9780596510305

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 31,67
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

6.

Chris McNab
Editore: O Reilly Media, Inc, USA, United States (2007)
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi Paperback Quantità: 10
Da
The Book Depository US
(London, Regno Unito)
Valutazione libreria
[?]

Descrizione libro O Reilly Media, Inc, USA, United States, 2007. Paperback. Condizione libro: New. 2nd Revised edition. 232 x 178 mm. Language: English . Brand New Book. How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened and immune from attack. Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks at the bigger picture by grouping and analyzing threats at a high-level. By grouping threats in this way, you learn to create defensive strategies against entire attack categories, providing protection now and into the future. Network Security Assessment helps you assess: * Web services, including Microsoft IIS, Apache, Tomcat, and subsystems such as OpenSSL, Microsoft FrontPage, and Outlook Web Access (OWA) * Web application technologies, including ASP, JSP, PHP, middleware, and backend databases such as MySQL, Oracle, and Microsoft SQL Server * Microsoft Windows networking components, including RPC, NetBIOS, and CIFS services * SMTP, POP3, and IMAP email services * IP services that provide secure inbound network access, including IPsec, Microsoft PPTP, and SSL VPNs * Unix RPC services on Linux, Solaris, IRIX, and other platforms * Various types of application-level vulnerabilities that hacker tools and scripts exploit Assessment is the first step any organization should take to start managing information risks correctly. With techniques to identify and assess risks in line with CESG CHECK and NSA IAM government standards, Network Security Assessment gives you a precise method to do just that. Codice libro della libreria AAH9780596510305

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 31,98
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi

7.

Chris McNab
Editore: O'Reilly Media (2007)
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi Brossura Quantità: 1
Da
Book Deals
(Lewiston, NY, U.S.A.)
Valutazione libreria
[?]

Descrizione libro O'Reilly Media, 2007. Condizione libro: New. Brand New, Unread Copy in Perfect Condition. A+ Customer Service! Summary: This thorough and insightful guide covers security technologies by grouping and analyzing them at a higher level--from both an offensive and defensive standpoint--to help administrators design and deploy security assessment networks. Codice libro della libreria ABE_book_new_0596510306

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 41,71
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
In U.S.A.
Destinazione, tempi e costi

8.

Chris McNab
Editore: O'Reilly Media (2007)
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi Paperback Quantità: 1
Da
Irish Booksellers
(Rumford, ME, U.S.A.)
Valutazione libreria
[?]

Descrizione libro O'Reilly Media, 2007. Paperback. Condizione libro: New. book. Codice libro della libreria 0596510306

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 41,73
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
In U.S.A.
Destinazione, tempi e costi

9.

Chris McNab
Editore: O'Reilly Media (2007)
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi Paperback Quantità: 10
Da
Ergodebooks
(RICHMOND, TX, U.S.A.)
Valutazione libreria
[?]

Descrizione libro O'Reilly Media, 2007. Paperback. Condizione libro: New. Codice libro della libreria INGM9780596510305

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 40,29
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,78
In U.S.A.
Destinazione, tempi e costi

10.

Chris McNab
Editore: O'Reilly Media (2007)
ISBN 10: 0596510306 ISBN 13: 9780596510305
Nuovi Paperback Quantità: 1
Da
Ergodebooks
(RICHMOND, TX, U.S.A.)
Valutazione libreria
[?]

Descrizione libro O'Reilly Media, 2007. Paperback. Condizione libro: New. Second Edition. Codice libro della libreria DADAX0596510306

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 40,54
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,78
In U.S.A.
Destinazione, tempi e costi

Vedi altre copie di questo libro

Vedi tutti i risultati per questo libro