Network Security Assessment: Know Your Network [Paperback]

Chris McNab (Author)

Book Description

Series: Network Security Assessment | Publication Date: November 8, 2007

How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened and immune from attack.

Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks at the bigger picture by grouping and analyzing threats at a high-level. By grouping threats in this way, you learn to create defensive strategies against entire attack categories, providing protection now and into the future.

Network Security Assessment helps you assess:

• Web services, including Microsoft IIS, Apache, Tomcat, and subsystems such as OpenSSL, Microsoft FrontPage, and Outlook Web Access (OWA)



• Web application technologies, including ASP, JSP, PHP, middleware, and backend databases such as MySQL, Oracle, and Microsoft SQL Server



• Microsoft Windows networking components, including RPC, NetBIOS, and CIFS services



• SMTP, POP3, and IMAP email services



• IP services that provide secure inbound network access, including IPsec, Microsoft PPTP, and SSL VPNs



• Unix RPC services on Linux, Solaris, IRIX, and other platforms



• Various types of application-level vulnerabilities that hacker tools and scripts exploit

Assessment is the first step any organization should take to start managing information risks correctly. With techniques to identify and assess risks in line with CESG CHECK and NSA IAM government standards, Network Security Assessment gives you a precise method to do just that.

Editorial Reviews

About the Author

Chris McNab is the technical director of Matta, a vendor-independent security consulting outfit based in the United Kingdom. Since 2000, Chris has presented and run applied hacking courses across Europe, training a large number of financial, retail, and government clients in practical attack and penetration techniques, so that they can assess and protect their own networks effectively.

Chris speaks at a number of security conferences and seminars, and is routinely called to comment on security events and other breaking news. He has appeared on television and radio stations in the UK (including BBC 1 and Radio 4), and in a number of publications and computing magazines.

Responsible for the provision of security assessment services at Matta, Chris and his team undertake Internet-based, internal, application, and wireless security assessment work, providing clients with practical and sound technical advice relating to secure network design and hardening strategies. Chris boasts a 100% success rate when compromising the networks of multinational corporations and financial services companies over the last five years.

Product Details

• Paperback: 512 pages
• Publisher: O'Reilly Media; Second Edition edition (November 8, 2007)
• Language: English
• ISBN-10: 0596510306
• ISBN-13: 978-0596510305
• Product Dimensions: 9.3 x 6.9 x 1.1 inches
• Shipping Weight: 1.8 pounds (View shipping rates and policies)
• Average Customer Review: 4.3 out of 5 stars  See all reviews (22 customer reviews)
• Amazon Best Sellers Rank: #217,438 in Books (See Top 100 in Books)
  • #93 in Books > Computers & Technology > Certification > Microsoft

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

20 of 22 people found the following review helpful:

4.0 out of 5 stars A good companion to "Security Warrior", May 3, 2004

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: Network Security Assessment: Know Your Network (Paperback)

"Network Security Assessment" (NSA) is the latest in a long line of vulnerability assessment / penetration testing books, stretching back to "Maximum Security" in 1997 and "Hacking Exposed" shortly thereafter. NSA is also the second major security title from O'Reilly this year, soon to be followed by "Network Security Hacks." NSA is a good book with some new material to offer, but don't expect to find deep security insight in this or similar assessment books.

NSA begins with the almost obligatory reference to the king of assessment books, "Hacking Exposed" (HE), saying "I leave listings of obscure techniques to behemoth 800-page 'hacking' books." I don't think some of the techniques covered in HE but not NSA are "obscure." Noticably lacking in NSA is coverage of dial-up techniques, wireless insecurities, Novell vulnerabilities, and attacking clients rather than servers. Should NSA receive a second edition, I expect to see the book expand closer to the "behemoth" it seems to deride.

The best chapter by far was ch. 11, where the author with assistance from Michael Thumann takes the reader on a tour of exploiting vulnerable code. The stack diagrams and code snippets were especially helpful and the explanations were clear enough. This sort of material is a solid introduction to some of the techniques found in "Security Warrior." I also liked ch. 14, where the author explains a sample assessment using the tools already introduced. Kudos as well for maintaining an errata page and tool archive on the publisher's Web site.

The advantage NSA has over HE is the variety of tools on hand. I learned of at least a dozen tools not mentioned elsewhere. The author seems to be thorough while listing various exploitable flaws from the last several years. While the prose is well-written, I believe the HE series does a better job communicating fundamentals of the underlying technology. In other words, HE gives better explanations of 'what' we are compromising, while "NSA" prefers to concentrate more on the compromising itself. This technology education aspect of the HE series has always been its strong point. For example, there's no need to read a 500 page book on Microsoft FrontPage to understand the problems with it when a quick look in a HE book explains the technology's basics as well as its security flaws.

It's been over a year since the 4th edition of HE was published, so I recommend buying NSA to freshen your assessment skills. For the scenarios it does cover, which include most UNIX and Windows Internet-based attacks, it is thorough and accurate. Combined with O'Reilly's "Security Warrior," NSA presents an updated picture of the assessment scene.

11 of 12 people found the following review helpful:

4.0 out of 5 stars Systematically understanding network access, April 3, 2004

By 

W Boudville (Terra, Sol 3) - See all my reviews
(VINE VOICE)    (TOP 1000 REVIEWER)    (HALL OF FAME REVIEWER)    (REAL NAME)   

This review is from: Network Security Assessment: Know Your Network (Paperback)

[A review of the 2nd EDITION. This review was written on 3 December 2007.]

Over 3 years has elapsed since McNab wrote his first edition. Much of that edition is still valid. Sadly, in a way, because it means that despite the best efforts of that book and others of its ilk, we remain plagued with network attackers and insecure systems.

One of the constants between the editions is the focus on IPv4. Still! IPv6 only gets a glancing mention in the second edition. While everyone recognises that IPv4 will get exhausted of addresses, the transition to v6 still gets postponed. McNab ruminates that this very transition will of its own accord generate compromises. I wish he'd expand on this remark. But maybe there is yet little market reason to do so.

Another thing that does not get mentioned is phishing. In early 2004, it was still a minor threat. It has since blossomed into a chronic problem. But McNab is correct to ignore it, up to a point. He believes, as apparently does most of the IT security field, that phishing is largely a social engineering problem. That it is not a technical problem of patching bugs, per se. Yet viewed properly, phishing is a network attack that uses social engineering, and it is amenable to technical countermeasures that involve, in part, network actions.

I especially favour this edition, for the reasons in the preceding paragraph. In 2004, I and a co-inventor, Marvin Shannon, devised a US Patent Pending against phishing. The second edition of McNab's book came out in November 2007, and by not discussing phishing, it buttresses our claims of non-obviousness, 3 years after our filing.

==============================================================================
[A review of the 1st Edition. This review was written on 3 April 2004.]

A logically very systematic delineation of ways that your system could be attacked over the Internet. There are standard ways to access your computer like rlogin, telnet, ssh and ftp. But each implementation of these faces the risk that an error was made in its coding, which might then be found and exploited by a cracker. Plus, since the advent of the Web, there are Web services that have not checked for the stereotypical but very real case of buffer overflow in submitted input over the network.

McNab describes all these, and more. But perhaps more usefully, his book is not a simple recital of implementation versions and associated known bugs and available patches. He tries instead to guide the reader into understanding the broad ideas in network access, and using a viewpoint of logically analysing for any weaknesses. Because any static listing of versions and bugs runs the risk of being obsoleted in a few years.

He presents web sites that are good resources for patches or latest versions of key programs. If you are concerned about a specific program, try going straight to it in the book and seeing what advice he offers.

For all the programs he mentions, some prior knowledge of their use would be handy. He gives a succinct description of each, but really he assumes you have already used it.

14 of 17 people found the following review helpful:

5.0 out of 5 stars Better than Hacking Exposed, April 9, 2004

By 

James Drake (Arlington, VA USA) - See all my reviews

This review is from: Network Security Assessment: Know Your Network (Paperback)

This book is a great resource for any administrator with IP networks to protect. As Wes Boudville says, it certainly is systematic with some great guidelines and useful checklists. The high level concepts laid out by the author make it much easier to understand the underlying issues with security nowadays. Instead of listing bugs and patches, McNab explains the different bug types, and I learnt a lot about stack and heap overflows in the application security chapter.

I'd recommend this book over Hacking Exposed and other books with the word 'hacking' in the title. The assessment material is comprehensive from both Unix and Windows standpoints, and I certainly picked up a bunch of new tricks that I wasn't aware of before. The book has great coverage of all the latest tools and techniques, but written in a timeless way. At just under 400 pages you'll find that it's not too long either!