Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Network Security Assessment", Chris McNab

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKNTSCAS.RVW 20040511 Network Security Assessment , Chris McNab, 2004, 0-596-00611-X, U$39.95/C$57.95 %A Chris McNab chris.mcnab@trustmatta.com %C 103
    Message 1 of 1 , Oct 15 11:14 AM
      BKNTSCAS.RVW 20040511

      "Network Security Assessment", Chris McNab, 2004, 0-596-00611-X,
      %A Chris McNab chris.mcnab@...
      %C 103 Morris Street, Suite A, Sebastopol, CA 95472
      %D 2004
      %G 0-596-00611-X
      %I O'Reilly & Associates, Inc.
      %O U$39.95/C$57.95 707-829-0515 fax: 707-829-0104 nuts@...
      %O http://www.amazon.com/exec/obidos/ASIN/059600611X/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/059600611X/robsladesin03-20
      %P 507 p.
      %T "Network Security Assessment"

      In general, "learn to hack in order to secure" books provide very
      little useful material for helping security administrators to protect
      their systems. McNab's work is somewhat different: his descriptions
      (though not perfect) have a conceptual component, and the details
      often use accessible system tools, rather than relying on blackhat
      tools (of unknown reliability) or an extensive range of commercial

      Chapter one defines network security assessment somewhere between
      vulnerability scanning and penetration testing, and outlines the
      general campaign. A list of scanning tools, with very terse
      descriptions, is in chapter two. The querying of public information,
      using search engines and network information centres, is in chapter
      three. Chapter four provides details on IP network scanning, although
      the explanations are not always clear, seemingly missing particulars
      or skipping steps. This lack of description is even more evident in
      the material on remote information services (DNS - Domain Name
      Services, SNMP - Simple Network Management Protocol, LDAP -
      Lightweight Directory Access Protocol, and the like) in chapter five.

      Chapter six provides content on obtaining information about a number
      of Web utilities, products, and services, and lists a number of
      specific exploits. Chapter seven gives advice on identifying and
      exploiting specific terminal and terminal-like remote services. ftp
      and database exploits are listed in chapter eight. Chapter nine
      describes some tools for assessing and exploiting network (and
      particularly SMB (Server Message Block) services in Windows NT and
      2000. Gathering information from SMTP (Simple Mail Transfer Protocol)
      is described in chapter ten, as well as a way to code MIME
      (Multipurpose Internet Mail Extensions) fields in order to defeat
      virus scanning on email. The exploits for VPN (Virtual Private
      Network) products, in chapter eleven are product specific and
      unstructured. Chapter twelve lists certain UNIX RPC (Remote Procedure
      Call) bugs. The explanation of general overflow and overwriting
      attacks in chapter thirteen provides thorough descriptions, but relies
      unnecessarily on coded C language references rather than broader
      explanations, reducing the conceptual clarity. Chapter fourteen
      reviews a combination of some of the techniques listed earlier in the
      book as an integrated attack example.

      The material could be helpful to security instructors, and fascinating
      for those interested in the topic, but may not be presented in a
      manner useful to network security administrators as direction for
      protection of their resources. The book is demanding of the reader,
      but it does do a better job than most of demonstrating the value of
      knowing how to find weaknesses in order to build defence.

      copyright Robert M. Slade, 2004 BKNTSCAS.RVW 20040511

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      I haven't lost my mind -- it's backed up on tape somewhere.
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.