HackNotes(tm) Network Security Portable Reference [Paperback]

Michael Horton (Author), Clinton Mugge (Author)

Book Description

ISBN-10: 0072227834 | ISBN-13: 978-0072227833 | Publication Date: July 25, 2003 | Edition: 1

Here’s the quickest means to network security. Information systems security consultant Mike Horton provides trustworthy tips to help IT professionals deliver ready-made hacking and security architecture solutions. Plus, learn to use a full complement of effective, up-to-date security tools.

Editorial Reviews

From the Inside Flap

INDUSTRY QUOTES

"Surprisingly complete. I have found this book to be quite useful and a great time-saver. There is nothing more irritating than thrashing in a search engine trying to remember some obscure tool or an obscure tool's obscure feature. A great reference for the working security consultant."
- Simple Nomad - Renowned Security Researcher and Author of The Hack FAQ

"While a little knowledge can be dangerous, no knowledge can be deadly. HackNotes: Network Security Portable Reference covers an immense amount of information readily available that is required for network and system administrators, who need the information quickly and concisely. This book is a must-have reference manual for any administrator."
- Ira Winkler - Chief Security Strategist at HP, security keynote speaker and panelist

"HackNotes puts readers in the attacker's shoes, perhaps a little too close. Security pros will find this reference a quick and easily digestible explanation of common vulnerabilities and how hackers exploit them. The step-by-step guides are almost too good and could be dangerous in the wrong hands. But for those wearing white hats, HackNotes is a great starting point for understanding how attackers enumerate, attack and escalate their digital intrusions."
- Lawrence M. Walsh - Managing Editor, Information Security Magazine

"A comprehensive security cheat sheet for those short on time. This book is ideal for the consultant on a customer site in need of a robust reference manual in a concise and easy to parse format."
- Mike Schiffman - CISSP, Researcher, Critical Infrastructure Assurance Group, Cisco Systems, creator of the Firewalk tool and author of Hacker's Challenge 1 & 2

"Heavy firepower for light infantry; Hack Notes delivers critical network security data where you need it most, in the field."
- Erik Pace Birkholz - Principal Consultant, Foundstone, and Author of Special Ops: Host and Network Security for Microsoft, UNIX, and Oracle.

From the Back Cover

HackNotes Network Security Portable Reference gives you step-by-step details of intrusion tactics, tools, and actual techniques being used by hackers and criminals today to break into computer networks. Understand how the attacks work, then learn how to assess and strengthen your systems through a series of tested and trusted anti-hacking methods, bulletproof best practices, and code level techniques. Use the unique Reference Center in the middle of the book to access key information, including default passwords, common port numbers, system commands, reference links, the top security assessment and hacker tools, and more.

• Use information security and risk assessment principles
• Guard against common network threats and vulnerabilities
• Understand hacker tactics and methods seen on the Internet and intranet
• Protect common hacker and criminal targets
• Conduct best practice security checks and hardening steps for your systems
• Implement wireless security, Web application security, incident response, and more
• Reference operating system and security specific commands
• Access and utilize the best security and hacker tools in use today
• Focus on the techniques, results, and remediation for a wide range of exploits
• Protect networks, software code, e-commerce, and more

See all Editorial Reviews

Product Details

• Paperback: 288 pages
• Publisher: McGraw-Hill Osborne Media; 1 edition (July 25, 2003)
• Language: English
• ISBN-10: 0072227834
• ISBN-13: 978-0072227833
• Product Dimensions: 9 x 5.8 x 0.7 inches
• Shipping Weight: 14.9 ounces
• Average Customer Review: 5.0 out of 5 stars  See all reviews (3 customer reviews)
• Amazon Best Sellers Rank: #1,385,414 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

6 of 6 people found the following review helpful:

5.0 out of 5 stars Suberb, comprehensive and well-written, September 26, 2003

By 

Dr Anton Chuvakin "Dr. Anton Chuvakin" (CA, USA) - See all my reviews

This review is from: HackNotes(tm) Network Security Portable Reference (Paperback)

Now, let me disclaim that I am not a big fan of thin books claiming to be "comprehensive". In fact, I was deeply suspicious while getting this "Hacknotes" thing. Was I up for a pleasant surprise!! This book does deliver what it promises. It walks a fine line of being both wide and deep, which I am still amazed about. From risk assessment methodologies to "find / -perm 0400" in just 200 pages is no small feat.

I liked that the book and the entire series have a clearly stated goal, and readers can judge for themselves how well it delivered and there is no confusion as to "what should be there". The book is incredibly useful within those stated goals. Obviously, the book is not optimal for actually learning those methods and technologies, but it is an awesome reference in case you forget a thing or two or want to get an overview of a subject within network security. Unfortunately, the book will also benefit "script kiddies" by helping them to "hack without knowing how".

This includes high-level security principles, risk assessment (covering assets, threats and risks), hacking methodology (same as in "hacking Exposed") with details on all the attack stages (Discover, Scan, Enum, Exploit - split along the platform lines, Escalate, etc), wireless security, incident response (identification and recovery), pen testing and hardening. Amazing, but that is not all. It also covers web application security, social engineering, software flaws overview, war dialing and PBX hacking. Of course, all of the above is covered briefly, but thoroughly. Tools are mentioned where needed, and there is no excessive "tool obsession".

Yet another great component is several checklists. Those are used for incident response, security assessment and system hardening (Win, UNIX with some tips on specific servers - FTP, WWW, DNS, Mail etc). Additionally, the book has even more condensed part, "a reference center" with some handy commands from the worlds of DOS, Windows and UNIX/Linux. I liked a nice "important ports" overview.

Overall, unless you are just starting in infosec, get the book and it will come handy more often that you'd think.

Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major information security company. His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org

1 of 3 people found the following review helpful:

5.0 out of 5 stars Great Material, July 27, 2003

By 

Mike Schiffman (Walnut Creek, CA USA) - See all my reviews

This review is from: HackNotes(tm) Network Security Portable Reference (Paperback)

A comprehensive security cheat sheet for those short on time. This book is ideal for the consultant on a customer site in need of a robust reference manual in a concise and easy to parse format...

0 of 2 people found the following review helpful:

5.0 out of 5 stars Should be a reference for every admin, July 30, 2003

By 

Concerned Parent (Washington, DC) - See all my reviews

This review is from: HackNotes(tm) Network Security Portable Reference (Paperback)

While a little knowledge can be dangerous, no knowledge can be deadly. HackNotes Network Security Portable Reference covers an immense amount of readily available information that is required for network and system administrators, who need the information quickly and concisely. This book is a must-have reference manual for any administrator.