Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > REVIEW: "Network Security Assessment", Chris McNab

Thread Tools

REVIEW: "Network Security Assessment", Chris McNab

Rob Slade, doting grandpa of Ryan and Trevor
Posts: n/a

"Network Security Assessment", Chris McNab, 2004, 0-596-00611-X,
%A Chris McNab Removed)
%C 103 Morris Street, Suite A, Sebastopol, CA 95472
%D 2004
%G 0-596-00611-X
%I O'Reilly & Associates, Inc.
%O U$39.95/C$57.95 707-829-0515 fax: 707-829-0104 (E-Mail Removed)
%P 507 p.
%T "Network Security Assessment"

In general, "learn to hack in order to secure" books provide very
little useful material for helping security administrators to protect
their systems. McNab's work is somewhat different: his descriptions
(though not perfect) have a conceptual component, and the details
often use accessible system tools, rather than relying on blackhat
tools (of unknown reliability) or an extensive range of commercial

Chapter one defines network security assessment somewhere between
vulnerability scanning and penetration testing, and outlines the
general campaign. A list of scanning tools, with very terse
descriptions, is in chapter two. The querying of public information,
using search engines and network information centres, is in chapter
three. Chapter four provides details on IP network scanning, although
the explanations are not always clear, seemingly missing particulars
or skipping steps. This lack of description is even more evident in
the material on remote information services (DNS - Domain Name
Services, SNMP - Simple Network Management Protocol, LDAP -
Lightweight Directory Access Protocol, and the like) in chapter five.

Chapter six provides content on obtaining information about a number
of Web utilities, products, and services, and lists a number of
specific exploits. Chapter seven gives advice on identifying and
exploiting specific terminal and terminal-like remote services. ftp
and database exploits are listed in chapter eight. Chapter nine
describes some tools for assessing and exploiting network (and
particularly SMB (Server Message Block) services in Windows NT and
2000. Gathering information from SMTP (Simple Mail Transfer Protocol)
is described in chapter ten, as well as a way to code MIME
(Multipurpose Internet Mail Extensions) fields in order to defeat
virus scanning on email. The exploits for VPN (Virtual Private
Network) products, in chapter eleven are product specific and
unstructured. Chapter twelve lists certain UNIX RPC (Remote Procedure
Call) bugs. The explanation of general overflow and overwriting
attacks in chapter thirteen provides thorough descriptions, but relies
unnecessarily on coded C language references rather than broader
explanations, reducing the conceptual clarity. Chapter fourteen
reviews a combination of some of the techniques listed earlier in the
book as an integrated attack example.

The material could be helpful to security instructors, and fascinating
for those interested in the topic, but may not be presented in a
manner useful to network security administrators as direction for
protection of their resources. The book is demanding of the reader,
but it does do a better job than most of demonstrating the value of
knowing how to find weaknesses in order to build defence.

copyright Robert M. Slade, 2004 BKNTSCAS.RVW 20040511

(E-Mail Removed) (E-Mail Removed) (E-Mail Removed)
============= for back issues:
[Base URL] site
or mirror
CISSP refs: [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Book reviews: [Base URL]mnbk.htm
Review mailing list: send mail to (E-Mail Removed)
or (E-Mail Removed)

Reply With Quote

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
REVIEW: "Security Monitoring", Chris Fry/Martin Nystrom Rob Slade, doting grandpa of Ryan and Trevor Computer Security 0 01-25-2010 06:27 PM
REVIEW: "Network Security Assessment", Steve Manzuik/Andre Gold/Chris Gatford Rob Slade, doting grandpa of Ryan and Trevor Computer Security 0 12-23-2009 07:11 PM
OT, ATTN: Chris Smith; TOPIC: Jinx Oliver Wong Java 5 04-26-2006 12:28 AM
Come in Chris foghorn seeker MCSE 5 09-16-2003 12:37 PM
ASP.NET - Attn::Chris Jackson AV ASP .Net 0 08-05-2003 01:36 PM