Hack Attacks Testing: How to Conduct Your Own Security Audit |
|
|
|
| Title: | Hack Attacks Testing: How to Conduct Your Own Security Audit |
| Author: | John Chirillo |
| Publisher: | Wiley [Website] |
| Type: | Book / Paperback |
| Publication Date: | 06 November, 2002 |
| ISBN / ISBN-13: | 0471229466 / 9780471229469 |
| List Price: | $50.00 |
| You Save: | $13.50 |
| Amazon Price: | $36.50 |
|
This book is also available, brand-new, from 3rd-party marketplace sellers at Amazon.com, from $5.99.
|
The HTML code below can be pasted onto your web-site, your MySpace page, or blog - or any number of similar places - to create a link to this page:
If, instead of a text link, you'd like to create a link to this page which will display the book cover, if it's available, then the code below will do exactly that:
Check for the same book at these other US book sites:
• [ Abebooks ]
• [ Alibris ]
• [ Barnes & Noble ]
• [ Half.com ]
• [ Powells ]
… or check UK bookstores
|
Editorial Review / Publisher's Information:
Product Description
Learn how to conduct thorough security examinations via illustrations and virtual simulations
A network security breach (a hack, crack, or other invasion) occurs when unauthorized access to the network is achieved and havoc results. The best possible defense is an offensive strategy that allows you to regularly test your network to reveal the vulnerabilities and close the holes before someone gets in. Written by veteran author and security expert John Chirillo, Hack Attacks Testing explains how to perform your own security audits.
Step by step, the book covers how-to drilldowns for installing and configuring your Tiger Box operating systems, installations, and configurations for some of the most popular auditing software suites. In addition, it includes both common and custom usages, scanning methods, and reporting routines of each. Finally, Chirillo inspects the individual vulnerability scanner results and compares them in an evaluation matrix against a select group of intentional security holes on a target network. Chirillo tackles such topics as:
* Building a multisystem Tiger Box
* Basic Windows 2000 Server installation and configuration for auditing
* Basic Linux and Solaris installation and configuration
* Basic Mac OS X installation and configuration for auditing
* ISS, CyberCop, Nessus, SAINT, and STAT scanners
* Using security analysis tools for Mac OS X
* Vulnerability assessment
Bonus CD!
The CD contains virtual simulations of scanners, ISS Internet Scanner evaluation version, and more.
|
Other Items You May Enjoy:
Browse Books From These Related Subjects:
Customer Reviews:
• Excellent Starting Place For Security Evaluation Training
22 September, 2003
John Chirillo routinely stuffs his books with a wide variety of hard to find technical gems. This book is no exception as he has created an exceptional manual on security auditing. His compilation of tools is excellent and the book descriptions and how-to's, even better. For those that are inclined, he outlines the building of a Tiger Box (testing system) which takes full advantage of the tools contained on the CDROM. The head to head comparisons of the popular security tools help you in selecting the security tool that is right for you. If you are playing catch up in the mad-cap world of Internet security, this book can help you level the playing field. The CDROM also contains the highly functional Tiger Tools Suite which takes the difficult job of security testing to the level of simple mouse clicks. This is a good book to break in a beginner and is full of information to satisfy the security veteran.
- Amazon Customer Review
• Way Outdated
06 September, 2008
This book may have had some value when it was written, but most of the content is obsolete by now.
Moreover, it spends a good portion of the text describing how to install the products and most of the rest is dedicated to the description of the options (essentially a cut-and-paste) from the manuals.
A waste of time (money and paper).
- Amazon Customer Review
• I Learned Absolutely Nothing From This Book
16 September, 2006
I expected this book to cover security audits.
This book is a step by step guide to using a handfull of auditing tools (including installation).
If you have never seen an auditing tool like Nessus or hping then this book may teach you something. However, after reading this book alone, you will by no means have the knowledge required to conduct a security audit. You are only shown how a few tools work. Not what to do with the information provided, not what it means, nothing.
- Amazon Customer Review
• Good Beginner Guide To Vulnerability Assessments
29 March, 2003
I enjoyed the detail in this book and the configurations are technically sound. The author covered the best known software with clear instructions on getting up and running and then performing an audit with each package. The book closes with an interesting evaluation ranking chart and compares each package based on number of issues detected. The text is easy to follow and formatted well. This is a good beginner guide to vulnerability assessments (veterans need not apply).
- Amazon Customer Review
• How To Conduct 1/7th Of Your Security Audit
26 March, 2003
I find this to be a rather confusing book. The title suggests I will learn how to conduct my own security audit, but when I've finished the book, all that seems to remain is how I install Windows 2000 Server and Linux/Solaris, a number of brief user guides about various vulnerability scanners, and a short comparison of them. Where did the audit bits go? Looking for them in the table of contents produces nothing. There is a description of what a security audit should include in the introductory text of Part I. It's almost hidden away -- Part I is titled "Building a Multisystem Tiger Box", and not even the table of contents hints that there's more important information here. The book says a security audit consists of seven phases: blind testing, knowledegable penetration, Internet security and services, dial-up audit, local infrastructure audit, WAN audit and reporting. It comes as a disappointment to find, then, that only phase 1 (blind testing) and phase 4 (dial-up audit) will be covered. I hoped I would get pointers where to look for information how to do the remaining five phases, but it seems to have been omitted. The dial-up audit, furthermore, seems to have been lost. The only place where it is mentioned in the book (according to the index) is in this description. My personal reaction is of course to retitle the book: "How to do 1/7ths of a security audit". I feel a bit cheated. The book goes on to describe how to set up a multi-boot system to use for security audits (chapters 1-3). As far as I see, it's just basic installation walkthroughs, without any discussions of why a particular configuration choice is made, or how it affects the purpose of using the multi-boot system. Also, very little is said about the problems involved in multi-booting (such as choosing good partition sizes), and there is nothing on how much disk is required, though the Solaris description suggests 5 Gb for Solaris alone. The problem of sharing information between the different environments is not touched upon either, but will be encountered very quickly by anyone actually using the system in practice. Nor is there anything about why Windows 2000 Server is used for the installation description (what with all the bits about Active Directory, domains, trust etc.), and there's nothing at all about the problems and benefits of being able to conduct an audit both entirely outside a Windowsdomain, as well as being part of it. Part II is about using security analysis tools on windows. Again it starts off with an introductory part (again hidden away to anyone using the table of contents) describing audits of the SANS Top 20 Vulnerabilities. I can't imagine why the table of contents does not mention this: it is important. Some of the suggestions, though, (such as the question of missing backups) does not really come withing the scope of the book, or even the full seven phase security audit described earlier: security policies are not covered. This is rather confusing: it feels as if something was missing from the book. The main chapters of Part II describe the capabilities of Cerberus Internet Scanner, CyberCop Scanner, ISS Internet Scanner, Harris STAT, and TigerSuite 4.0. The descriptions are more of the nature of short user guides -- it would have been far more useful to have actual pratical experience from using them. The last product (TigerSuite 4.0) can hardly be compared with the other vulnerability scanners, and it's not clear from the description in what way it may complement them. The only practical application described in that of tracerouting, but it could easily have been done with already available tools. Part III does the same, but for Linux, Solaris and Mac OS X. The different chapters describes various Unix programs: hping2, Nessus, nmap, SAINT, SARA. As the introductory part gives a list of Linux commands, it appears to be intended for the novice, but already in the chapter on hping2 the reader is expected to read and understand substantial material from tcpdump without any help from the text. The reason hping2 is included seems to be on the idea that it can be used for IP spoofing -- indeed, there's a fairly long description how spoofing was used by Kevin Mitnick to gain access to another system. But just how this connects with hping2 is not explained. Part IV is titled "Vulnerability Assessment" and contains one single chapter in which the result from running the various vulnerability scanners against a specially designed target network are compared in various tables. No interpretation is provided, unfortunately. In addition to the odd lacunas in the table of contents that already have been mentioned, the text appears to has been badly served by the editor: there are numerous ambiguities sprinkled around. One if the best can be found on the very first line of the introduction: "The objective of this book is to fill a gap found in most books on security: How security examinations can be conducted via illustrations and virtual simulations." Most readers will hopefully be able to figure out what the intended meaning is. Those 'virtual simulations' (whatever they may be) are found on the CD: short recorded demo walkthroughs of how to use some of the tools described in the book. The two stars are mainly for the information on the vulnerability scanners. Had the book described the pitfalls in using automated tools (such as the inevitable false positives) and went into the pratical issues around using the tools it would easily have obtained a third star, provided the title had been modified to indicate that the book is mainly about tools. I would recommend the book "Hack I.T. -- security through penetration testing" by Klevinsky, Laliberte and Gupta instead. It works with a smaller scope -- that of the penetration test, not the full security audit -- but covers it far better.
- Amazon Customer Review
|
