Network Security Assessment

Know Your Network

by Chris McNab

ebook

1 of 1 copy available

How secure is your network? The best way to find out is to attack it, using the same tactics attackers employ to identify and exploit weaknesses. With the third edition of this practical book, you'll learn how to perform network-based penetration testing in a structured manner. Security expert Chris McNab demonstrates common vulnerabilities, and the steps you can take to identify them in your environment.

System complexity and attack surfaces continue to grow. This book provides a process to help you mitigate risks posed to your network. Each chapter includes a checklist summarizing attacker techniques, along with effective countermeasures you can use immediately.

Learn how to effectively test system components, including:

Common services such as SSH, FTP, Kerberos, SNMP, and LDAP

Microsoft services, including NetBIOS, SMB, RPC, and RDP

SMTP, POP3, and IMAP email services

IPsec and PPTP services that provide secure network access

TLS protocols and features providing transport security

Web server software, including Microsoft IIS, Apache, and Nginx

Frameworks including Rails, Django, Microsoft ASP.NET, and PHP

Database servers, storage protocols, and distributed key-value stores

Creators
- Chris McNab
  
  Author
Publisher

O'Reilly Media

Edition: 3
Release date

December 6, 2016
Formats
- OverDrive Read
  - ISBN: 9781491911051
  - File size: 17628 KB
- EPUB ebook
  - ISBN: 9781491911051
  - File size: 17628 KB
Languages
- English
Reviews
- Library Journal
  
  July 15, 2004
  Network security assessment (see also Computer Media, LJ 8/03) involves identifying vulnerabilities so that they can be minimized, and these guides address the topic from varying perspectives. Case Studies delves into implementing the framework of network security standards (IAM, or Information Assurance Methodology) defined by the U.S. National Security Agency (NSA), while Network Security Assessment focuses partially on NSA IAM and partially on the UK's Government Communication Headquarters (GCHQ) security framework, CESG (Communications and Electronics Security Group) CHECK. Case Studies ' checklists, case studies, and sample templates create a practical and useful guide for firms that provide security assessments, individuals who have taken an IAM class, and organizations conducting security audits. A nice overview of an often-confusing topic, moving from the security contract stage through final reporting and follow-up. Network Security Assessment 's broader coverage--as well as its step-by-step discussion of security risks and how to combat or minimize them--makes it a good choice for those addressing security issues in general. Its take on multiple services and operating systems, and its real-world examples create a comprehensive, useful guide. Both are appropriate for larger libraries; buy McNab's if you can afford only one. For advanced administrators and security experts, Warrior addresses security assessment in general. It focuses most heavily, however, on the topic of reverse engineering, or of disassembling applications to see what is going on at their lowest levels. This allows administrators to dissect malware and spyware in order to disinfect and secure their systems more effectively. Its coverage of multiple environments and tools and the overview of attacks from a cracker's perspective make this an appropriate purchase for larger libraries.
  Copyright 2004 Library Journal, LLC Used with permission.

Network Security Assessment

Creators

Publisher

Release date

Formats

OverDrive Read

EPUB ebook

Languages

Reviews

Library Journal

Formats

subjects

Languages