Hack Attacks Testing: How to Conduct Your Own Security Audit (Paperback)

by John Chirillo (Author) "Within the International Information Systems Security Certification Consortium's Common Body of Knowledge domains, vulnerability scanning and penetration testing are positioned as part of problem identification..." (more)
Key Phrases: directory gcc, print protocol daemon, used uninitialized, Active Directory, Internet Scanner, Administrator Action (more...)

Editorial Reviews

Product Description
Learn how to conduct thorough security examinations via illustrations and virtual simulations
A network security breach (a hack, crack, or other invasion) occurs when unauthorized access to the network is achieved and havoc results. The best possible defense is an offensive strategy that allows you to regularly test your network to reveal the vulnerabilities and close the holes before someone gets in. Written by veteran author and security expert John Chirillo, Hack Attacks Testing explains how to perform your own security audits.
Step by step, the book covers how-to drilldowns for installing and configuring your Tiger Box operating systems, installations, and configurations for some of the most popular auditing software suites. In addition, it includes both common and custom usages, scanning methods, and reporting routines of each. Finally, Chirillo inspects the individual vulnerability scanner results and compares them in an evaluation matrix against a select group of intentional security holes on a target network. Chirillo tackles such topics as:
* Building a multisystem Tiger Box
* Basic Windows 2000 Server installation and configuration for auditing
* Basic Linux and Solaris installation and configuration
* Basic Mac OS X installation and configuration for auditing
* ISS, CyberCop, Nessus, SAINT, and STAT scanners
* Using security analysis tools for Mac OS X
* Vulnerability assessment
Bonus CD!
The CD contains virtual simulations of scanners, ISS Internet Scanner evaluation version, and more.

From the Back Cover
Learn how to conduct thorough security examinations via illustrations and virtual simulations

A network security breach (a hack, crack, or other invasion) occurs when unauthorized access to the network is achieved and havoc results. The best possible defense is an offensive strategy that allows you to regularly test your network to reveal the vulnerabilities and close the holes before someone gets in. Written by veteran author and security expert John Chirillo, Hack Attacks Testing explains how to perform your own security audits.

Step by step, the book covers how-to drilldowns for installing and configuring your Tiger Box operating systems, installations, and configurations for some of the most popular auditing software suites. In addition, it includes both common and custom usages, scanning methods, and reporting routines of each. Finally, Chirillo inspects the individual vulnerability scanner results and compares them in an evaluation matrix against a select group of intentional security holes on a target network. Chirillo tackles such topics as:

• Building a multisystem Tiger Box
• Basic Windows 2000 Server installation and configuration for auditing
• Basic Linux and Solaris installation and configuration
• Basic Mac OS X installation and configuration for auditing
• ISS, CyberCop, Nessus, SAINT, and STAT scanners
• Using security analysis tools for Mac OS X
• Vulnerability assessment

Bonus CD!

The CD contains virtual simulations of scanners, ISS Internet Scanner evaluation version, and more.

See all Editorial Reviews

Product Details

• Paperback: 576 pages
• Publisher: Wiley (November 6, 2002)
• Language: English
• ISBN-10: 0471229466
• ISBN-13: 978-0471229469
• Product Dimensions: 9.3 x 7.4 x 1.2 inches
• Shipping Weight: 1.9 pounds (View shipping rates and policies)
• Average Customer Review: 2.4 out of 5 stars See all reviews (5 customer reviews)
• Amazon.com Sales Rank: #820,255 in Books (See Bestsellers in Books)

Customer Reviews

Most Helpful Customer Reviews

32 of 35 people found the following review helpful:

2.0 out of 5 stars How to conduct 1/7th of your security audit, March 26, 2003

By	Anders Thulin (Malmo, Sweden) - See all my reviews (REAL NAME)

I find this to be a rather confusing book.

The title suggests I will learn how to conduct my own security audit,
but when I've finished the book, all that seems to remain is how
I install Windows 2000 Server and Linux/Solaris, a number of brief
user guides about various vulnerability scanners, and a short comparison
of them. Where did the audit bits go? Looking for them in the table of
contents produces nothing.

There is a description of what a security audit should include in the
introductory text of Part I. It's almost hidden away -- Part I is
titled "Building a Multisystem Tiger Box", and not even the table of
contents hints that there's more important information here.

The book says a security audit consists of seven phases:
blind testing, knowledegable penetration, Internet security and services,
dial-up audit, local infrastructure audit, WAN audit and reporting.
It comes as a disappointment to find, then, that only
phase 1 (blind testing) and phase 4 (dial-up audit) will be covered.
I hoped I would get pointers where to look for information how to do
the remaining five phases, but it seems to have been omitted.

The dial-up audit, furthermore, seems to have been lost. The only place
where it is mentioned in the book (according to the index) is in this
description.

My personal reaction is of course to retitle the book: "How to
do 1/7ths of a security audit". I feel a bit cheated.

The book goes on to describe how to set up a multi-boot system to use
for security audits (chapters 1-3). As far as I see, it's just basic
installation walkthroughs, without any discussions of why a particular
configuration choice is made, or how it affects the purpose of using
the multi-boot system. Also, very little is said about the problems
involved in multi-booting (such as choosing good partition sizes), and
there is nothing on how much disk is required, though the Solaris
description suggests 5 Gb for Solaris alone. The problem of sharing
information between the different environments is not touched upon either,
but will be encountered very quickly by anyone actually using the system in practice.

Nor is there anything about why Windows 2000 Server is used for the
installation description (what with all the bits about Active Directory, domains,
trust etc.), and there's nothing at all about the problems
and benefits of being able to conduct an audit both entirely outside a Windows

domain, as well as being part of it.

Part II is about using security analysis tools on windows. Again it starts
off with an introductory part (again hidden away to anyone
using the table of contents) describing audits of the SANS Top 20 Vulnerabilities.
I can't imagine why the table of contents does not mention this: it
is important. Some of the suggestions, though, (such as the question of missing
backups) does not really come withing the scope of the book, or even the full
seven phase security audit described earlier: security policies are not
covered. This is rather confusing: it feels as if something was missing from the book.

The main chapters of Part II describe the capabilities of Cerberus
Internet Scanner, CyberCop Scanner, ISS Internet Scanner, Harris STAT,
and TigerSuite 4.0. The descriptions are more of the nature of short
user guides -- it would have been far more useful to have actual
pratical experience from using them.

The last product (TigerSuite 4.0) can hardly be compared with the other
vulnerability scanners, and it's not clear from the description in what way
it may complement them. The only practical application described in that
of tracerouting, but it could easily have been done with already available tools.

Part III does the same, but for Linux, Solaris and Mac OS X. The different chapters
describes various Unix programs: hping2, Nessus, nmap, SAINT, SARA.
As the introductory part gives a list of Linux commands, it appears to
be intended for the novice, but already in the chapter on hping2 the
reader is expected to read and understand substantial material from tcpdump
without any help from the text.

The reason hping2 is included seems to be
on the idea that it can be used for IP spoofing -- indeed, there's a
fairly long description how spoofing was used by Kevin Mitnick to gain access to
another system. But just how this connects with hping2 is not explained.

Part IV is titled "Vulnerability Assessment" and contains one single
chapter in which the result from running the various vulnerability scanners
against a specially designed target network are compared in various tables.
No interpretation is provided, unfortunately.

In addition to the odd lacunas in the table of contents that already have been
mentioned, the text appears to has been badly served by the editor: there are
numerous ambiguities sprinkled around. One if the best can be found on the very
first line of the introduction:

"The objective of this book is to fill a gap found in most books on
security: How security examinations can be conducted via illustrations
and virtual simulations."

Most readers will hopefully be able to figure out what the intended meaning is.

Those 'virtual simulations' (whatever they may be) are found on the CD:
short recorded demo walkthroughs of how to use some of the tools described in
the book.

The two stars are mainly for the information on the vulnerability scanners.
Had the book described the pitfalls in using automated tools (such as the
inevitable false positives) and went into the pratical issues around using
the tools it would easily have obtained a third star, provided the title had been
modified to indicate that the book is mainly about tools.

I would recommend the book "Hack I.T. -- security through penetration testing"
by Klevinsky, Laliberte and Gupta instead. It works with a smaller scope -- that
of the penetration test, not the full security audit -- but covers it far better.

2 of 2 people found the following review helpful:

1.0 out of 5 stars I Learned Absolutely Nothing From This Book, September 15, 2006

By	P. Fleming "Security Auditor / Penetration Te... - See all my reviews (REAL NAME)

I expected this book to cover security audits.

This book is a step by step guide to using a handfull of auditing tools (including installation).

If you have never seen an auditing tool like Nessus or hping then this book may teach you something. However, after reading this book alone, you will by no means have the knowledge required to conduct a security audit. You are only shown how a few tools work. Not what to do with the information provided, not what it means, nothing.

2 of 2 people found the following review helpful:

4.0 out of 5 stars Good Beginner Guide to Vulnerability Assessments, March 29, 2003

By	"shlane" (Texas) - See all my reviews

I enjoyed the detail in this book and the configurations are technically sound. The author covered the best known software with clear instructions on getting up and running and then performing an audit with each package. The book closes with an interesting evaluation ranking chart and compares each package based on number of issues detected. The text is easy to follow and formatted well. This is a good beginner guide to vulnerability assessments (veterans need not apply).