Assessing Network Security [Paperback]

Kevin Lam (Author), David LeBlanc (Author), Ben Smith (Author)

Book Description

Publication Date: July 21, 2004 | ISBN-10: 8120326601 | ISBN-13: 978-0735620339

Don’t wait for an attacker to find and exploit your security vulnerabilities—take the lead by assessing the state of your network’s security. This book delivers advanced network testing strategies, including vulnerability scanning and penetration testing, from members of the Microsoft security teams. These real-world practitioners provide hands-on guidance on how to perform security assessments, uncover security vulnerabilities, and apply appropriate countermeasures. The companion CD features time-saving tools and scripts that you can use to reveal and help correct security vulnerabilities in your own network.

Sharpen and advance your security assessment skills, including how to:

• Detect vulnerabilities and perform penetration tests
• Conduct and properly report an IT security audit
• Find hidden hosts by using DNS, WINS, and NetBIOS
• Sweep your network to analyze network topology, existing hosts, and multi-homed systems
• Determine the status of ICP and UDP ports by using port scanning

Recognize and help counter common network threats, including:

• War dialing, war driving, and Bluetooth attacks
• Packet and network sniffing
• IP, e-mail, and DNS spoofing
• Password cracking
• Communication interceptions and modifications
• IDS and IPS attacker detection avoidance
• Spam and other e-mail abuses

CD features:

• Tools for testing e-mail, databases, and Web servers
• Scripts for finding common information leaks and other potential security issues
• Complete eBook in PDF format

A Note Regarding the CD or DVD

The print version of this book ships with a CD or DVD. For those customers purchasing one of the digital formats in which this book is available, we are pleased to offer the CD/DVD content as a free download via O'Reilly Media's Digital Distribution services. To download this content, please visit O'Reilly's web site, search for the title of this book to find its catalog page, and click on the link below the cover image (Examples, Companion Content, or Practice Files). Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to booktech@oreilly.com.

Editorial Reviews

About the Author

David LeBlanc is a senior security technologist in ITG at Microsoft. His primary role is defending the Microsoft network from attack. He has worked in the security field throughout his professional life, including working at Internet Security Systems where he was the primary engineer on ISS’ award-winning security products. David serves on a number of external security-related advisory boards.

Product Details

• Paperback: 592 pages
• Publisher: Microsoft Press (July 21, 2004)
• Language: English
• ISBN-10: 8120326601
• ISBN-13: 978-0735620339
• ASIN: 0735620334
• Product Dimensions: 9 x 7.3 x 1.6 inches
• Shipping Weight: 2.6 pounds
• Average Customer Review: 5.0 out of 5 stars  See all reviews (3 customer reviews)
• Amazon Best Sellers Rank: #1,234,521 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

18 of 19 people found the following review helpful:

5.0 out of 5 stars The best pentesting book I've seen, October 5, 2004

By 

Dr Anton Chuvakin "Dr. Anton Chuvakin" (CA, USA) - See all my reviews

This review is from: Assessing Network Security (Paperback)

Now, I've read some pretty bad books on penetration testing and nobody seemed to get this fun subject right! Good news - this time somebody did! This great tome ("Assessing Network Security") comes to us direct from the bunkers of Redmond. Written by three Microsoft security researchers, the book provides a great overview as well as in-depth coverage of assessing security via pen testing, scanning, IT audit and other means.

The books starts from a nice overview of key principles of security (definitely not news for industry practitioners, but nice anyway), and then goes on to defines vulnerability assessment, penetration testing and security audit. A critically important section on reporting the findings is also nicely written and shows that the authors are knowledgeable about the subject. The book then goes into developing and maintaining the pentesting skills, and descends into choosing the training and resources (nice for those starting in the field). The actual pentesting process is split into non-intrusive (combining the usual "intelligence gathering" with port scans, sweeps and various host queries) and intrusive tests (such as running a vulnerability scanner, brute-forcing passwords, DoS testing and others). Some entries seem to belong in both categories (such as sniffing) but are placed into the intrusive section, for whatever reason. All the host latest content (wireless, Bluetooth and web assessments) is well represented in the book. A fairly insightful social engineering testing section (that touched on dumpster diving and other non-network assessment methods) is also present. My favorite chapter was the one on 'case studies' - examples of specific threats/tests against web, email, VPN and domain controller systems.

Among other features that I liked were 'notes from the field' sidebars with fun stories related by authors and FAQs at the end of each section. On the down side, the book is somewhat Windows-focused (although it is amazingly vendor-neutral in most respects, considering the source). The book is also somewhat dry, although sidebars provide the needed relief when the text gets too process-oriented at times.

The book is largely about methodology, but I'd have preferred to see a bit more technical content, since it is a 600-page volume. I think checklists, present in the Appendix, are a great step in that direction.

Overall, I enjoyed the book and think it is both a great guide and a reference for most security professionals, especially for those starting to be involved with penetration testing.

Anton Chuvakin, Ph.D., GCIA, GCIH is a Security Strategist with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004) and a contributor to "Known Your Enemy II (AWL, 2004). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org

7 of 10 people found the following review helpful:

5.0 out of 5 stars the ring of truth, the sound of experience, November 18, 2004

By 

John Matlock "Gunny" (Winnemucca, NV) - See all my reviews
(REAL NAME)   

This review is from: Assessing Network Security (Paperback)

Just the basic concept of this book is interesting. If anyone wanted to do a denial of service attack on my web site, or was really interested in coming in -- well, why would they care. But the Microsoft site, if you could bring it down you would certainly have bragging rights in certain circles.

So if you really want to know about security, who better to read than people responsible for keeping the Microsoft site up and running.

The book has four major sections:

Planning and Performing Security assessments
Penetration Testing for Nonintrusive Attacks
Penetration Testing for Instrusive Attacks
Security Assessment Case Studies.

One thing I really appreciate in this book is the little stories from the real world. In between the description and tutorials (this is computer stuff, it's pretty dry) there are little notes of what really happened in a situation where this particular area was being tested. It gives the book the ring of truth, the sound of experience.

Highly Recommended.

5.0 out of 5 stars An Excellent First Book on Pen Testing, November 11, 2007

By 

David Veuve (Palo Alto, California United States) - See all my reviews
(REAL NAME)   

This review is from: Assessing Network Security (Paperback)

I purchased this book a year and a half ago, after it was recommended to me, but didn't read it until now. Boy was I pleased to have picked it up, though.

This was my first book on the practice of Penetration Testing, so the processes, methodologies and general underlying theories it presented were extremely valuable. In my day to day course of work as a Sys Admin, I found myself reanalyzing my network with newly gained perspectives. I found it to be very effective in turning the vague unknown threat into something visible and tangible -- instead of following what best practices I was aware of to create security, this book helped greatly in defining -why- those best practices created a secure front, and which would be more valuable to implement in my organization.

I also echo the other reviews who said it was fairly dry in general, but the sidebars and real life stories were very enjoyable. All in all, I would highly recommend this to anyone, particularly if they're entering the world of security from a Microsoft background.