REVIEW: "Network Security Assessment", Chris McNab

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Oct 15, 2004.

  1. BKNTSCAS.RVW 20040511

    "Network Security Assessment", Chris McNab, 2004, 0-596-00611-X,
    U$39.95/C$57.95
    %A Chris McNab
    %C 103 Morris Street, Suite A, Sebastopol, CA 95472
    %D 2004
    %G 0-596-00611-X
    %I O'Reilly & Associates, Inc.
    %O U$39.95/C$57.95 707-829-0515 fax: 707-829-0104
    %O http://www.amazon.com/exec/obidos/ASIN/059600611X/robsladesinterne
    http://www.amazon.co.uk/exec/obidos/ASIN/059600611X/robsladesinte-21
    %O http://www.amazon.ca/exec/obidos/ASIN/059600611X/robsladesin03-20
    %P 507 p.
    %T "Network Security Assessment"

    In general, "learn to hack in order to secure" books provide very
    little useful material for helping security administrators to protect
    their systems. McNab's work is somewhat different: his descriptions
    (though not perfect) have a conceptual component, and the details
    often use accessible system tools, rather than relying on blackhat
    tools (of unknown reliability) or an extensive range of commercial
    utilities.

    Chapter one defines network security assessment somewhere between
    vulnerability scanning and penetration testing, and outlines the
    general campaign. A list of scanning tools, with very terse
    descriptions, is in chapter two. The querying of public information,
    using search engines and network information centres, is in chapter
    three. Chapter four provides details on IP network scanning, although
    the explanations are not always clear, seemingly missing particulars
    or skipping steps. This lack of description is even more evident in
    the material on remote information services (DNS - Domain Name
    Services, SNMP - Simple Network Management Protocol, LDAP -
    Lightweight Directory Access Protocol, and the like) in chapter five.

    Chapter six provides content on obtaining information about a number
    of Web utilities, products, and services, and lists a number of
    specific exploits. Chapter seven gives advice on identifying and
    exploiting specific terminal and terminal-like remote services. ftp
    and database exploits are listed in chapter eight. Chapter nine
    describes some tools for assessing and exploiting network (and
    particularly SMB (Server Message Block) services in Windows NT and
    2000. Gathering information from SMTP (Simple Mail Transfer Protocol)
    is described in chapter ten, as well as a way to code MIME
    (Multipurpose Internet Mail Extensions) fields in order to defeat
    virus scanning on email. The exploits for VPN (Virtual Private
    Network) products, in chapter eleven are product specific and
    unstructured. Chapter twelve lists certain UNIX RPC (Remote Procedure
    Call) bugs. The explanation of general overflow and overwriting
    attacks in chapter thirteen provides thorough descriptions, but relies
    unnecessarily on coded C language references rather than broader
    explanations, reducing the conceptual clarity. Chapter fourteen
    reviews a combination of some of the techniques listed earlier in the
    book as an integrated attack example.

    The material could be helpful to security instructors, and fascinating
    for those interested in the topic, but may not be presented in a
    manner useful to network security administrators as direction for
    protection of their resources. The book is demanding of the reader,
    but it does do a better job than most of demonstrating the value of
    knowing how to find weaknesses in order to build defence.

    copyright Robert M. Slade, 2004 BKNTSCAS.RVW 20040511

    --
    ======================

    ============= for back issues:
    [Base URL] site http://victoria.tc.ca/techrev/
    or mirror http://sun.soci.niu.edu/~rslade/
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Book reviews: [Base URL]mnbk.htm
    Review mailing list: send mail to
    or
     
    Rob Slade, doting grandpa of Ryan and Trevor, Oct 15, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "A Guide to Forensic Testimony", Fred Chris Smith/Rebecca Gurley Bace

    Rob Slade, doting grandpa of Ryan and Trevor, Jul 29, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    1,362
    Rob Slade, doting grandpa of Ryan and Trevor
    Jul 29, 2003
  2. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Official (ISC)^2 Guide to the CISSP Exam", Susan Hansche/John Berti/Chris Hare

    Rob Slade, doting grandpa of Ryan and Trevor, Jul 30, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    983
    Rob Slade, doting grandpa of Ryan and Trevor
    Jul 30, 2004
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "WarDriving: Drive, Detect, Defend", Chris Hurley/Frank Thornton/Michael Puchol

    Rob Slade, doting grandpa of Ryan and Trevor, Nov 11, 2004, in forum: Computer Security
    Replies:
    0
    Views:
    605
    Rob Slade, doting grandpa of Ryan and Trevor
    Nov 11, 2004
  4. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Network Security Assessment", Steve Manzuik/Andre Gold/Chris Gatford

    Rob Slade, doting grandpa of Ryan and Trevor, Dec 23, 2009, in forum: Computer Security
    Replies:
    0
    Views:
    1,572
    Rob Slade, doting grandpa of Ryan and Trevor
    Dec 23, 2009
  5. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Security Monitoring", Chris Fry/Martin Nystrom

    Rob Slade, doting grandpa of Ryan and Trevor, Jan 25, 2010, in forum: Computer Security
    Replies:
    0
    Views:
    1,600
    Rob Slade, doting grandpa of Ryan and Trevor
    Jan 25, 2010
Loading...

Share This Page