Customer Reviews


11 Reviews
5 star:
 (5)
4 star:
 (4)
3 star:
 (1)
2 star:
 (1)
1 star:    (0)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 

The most helpful favourable review
The most helpful critical review


1 of 1 people found the following review helpful
4.0 out of 5 stars A good companion to "Security Warrior"
"Network Security Assessment" (NSA) is the latest in a long line of vulnerability assessment / penetration testing books, stretching back to "Maximum Security" in 1997 and "Hacking Exposed" shortly thereafter. NSA is also the second major security title from O'Reilly this year, soon to be followed by "Network Security Hacks." NSA...
Published on May 3 2004 by Richard Bejtlich

versus
1 of 2 people found the following review helpful
3.0 out of 5 stars nice book but unix based
the book is good, but its almost totally unix based, I downloaded the tools and they all require unix systems
we just use Microsoft, and 99% of our clients use MS only
Really should be called unix security hacks
Published on July 7 2004 by Mr. Paul Keely


‹ Previous | 1 2 | Next ›
Most Helpful First | Newest First

1 of 2 people found the following review helpful
3.0 out of 5 stars nice book but unix based, July 7 2004
By 
Mr. Paul Keely "paulkeely" (wicklow, ireland) - See all my reviews
(REAL NAME)   
the book is good, but its almost totally unix based, I downloaded the tools and they all require unix systems
we just use Microsoft, and 99% of our clients use MS only
Really should be called unix security hacks
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


1 of 1 people found the following review helpful
4.0 out of 5 stars A good companion to "Security Warrior", May 3 2004
By 
Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   
"Network Security Assessment" (NSA) is the latest in a long line of vulnerability assessment / penetration testing books, stretching back to "Maximum Security" in 1997 and "Hacking Exposed" shortly thereafter. NSA is also the second major security title from O'Reilly this year, soon to be followed by "Network Security Hacks." NSA is a good book with some new material to offer, but don't expect to find deep security insight in this or similar assessment books.
NSA begins with the almost obligatory reference to the king of assessment books, "Hacking Exposed" (HE), saying "I leave listings of obscure techniques to behemoth 800-page 'hacking' books." I don't think some of the techniques covered in HE but not NSA are "obscure." Noticably lacking in NSA is coverage of dial-up techniques, wireless insecurities, Novell vulnerabilities, and attacking clients rather than servers. Should NSA receive a second edition, I expect to see the book expand closer to the "behemoth" it seems to deride.
The best chapter by far was ch. 11, where the author with assistance from Michael Thumann takes the reader on a tour of exploiting vulnerable code. The stack diagrams and code snippets were especially helpful and the explanations were clear enough. This sort of material is a solid introduction to some of the techniques found in "Security Warrior." I also liked ch. 14, where the author explains a sample assessment using the tools already introduced. Kudos as well for maintaining an errata page and tool archive on the publisher's Web site.
The advantage NSA has over HE is the variety of tools on hand. I learned of at least a dozen tools not mentioned elsewhere. The author seems to be thorough while listing various exploitable flaws from the last several years. While the prose is well-written, I believe the HE series does a better job communicating fundamentals of the underlying technology. In other words, HE gives better explanations of 'what' we are compromising, while "NSA" prefers to concentrate more on the compromising itself. This technology education aspect of the HE series has always been its strong point. For example, there's no need to read a 500 page book on Microsoft FrontPage to understand the problems with it when a quick look in a HE book explains the technology's basics as well as its security flaws.
It's been over a year since the 4th edition of HE was published, so I recommend buying NSA to freshen your assessment skills. For the scenarios it does cover, which include most UNIX and Windows Internet-based attacks, it is thorough and accurate. Combined with O'Reilly's "Security Warrior," NSA presents an updated picture of the assessment scene.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars Covers tools and techniques, July 1 2004
"Network Security Assessment" is a fun little book that covers vanilla network security assessment approach from planning to scanning to exploitation (but for whatever reason no reporting and remediation in the end). I liked that the author outlined the methodology first before diving into techniques. Such methodology presents (as it is common in the security arena) a double-edged sword, since it is used by security consultants as well as amateur blackhats.
The book is mostly fun to read (especially when the author is picking on the CIA in his remote information gathering activities). Sometimes though it boils down to listings of known vulnerabilities, some dated, going back to the times of RedHat 5.x and public exploit references. The coverage is pretty comprehensive, includes UNIX and Windows platforms and applications as well as VPN (but not network devices and wireless). I also liked his description of information gathering activities. The book covers most of the commonly used tools such as "nmap" (covering some of the relatively lesser known details of this scanner) as well as touches upon some of the less common such as "scanrand"). Every chapter ends with a brief summary of possible countermeasures to the activities in the chapter.
The book is definitely recommended to people new to the whole security assessment area. I suspect that those involved in the field will pick up some new things as well. For example, I liked that the author emphasizes various brute-forcing tools that can be as handy as the actual exploits when attacking a networked service. Also, I learned a new approach for picking up an internal IP address from behind the NAT by watching for certain ICMP packets.
Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004) and a contributor to "Know Your Enemy II' (AWL, 2004). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Excellent book, July 1 2004
This is an excellent written book that I would definitely recommend to anyone interested in Network Security. The author has a very professional approach to security assessment and every chapter covers in detail ways to find out information about systems and their vulnerabilities. The final chapter walks through the process of creating a detailed report about an attack. One of the best security related books I have ever read.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars a worthy addition to a network security bookshelf, June 21 2004
By 
Nigel Hedges (Melbourne, Australia) - See all my reviews
Hello,
I've bought a lot of network security books, as keeping up to date is important in my industry (security analyst). My bookshelf is literally filled with books on this topic which I use both as reference material and/or as a total read from start to finish.
When I saw Network Security Assessment on Amazon, I was immediately attracted to the title, but felt it might be just another unwieldy book with a lot of techniques but little explanation. But I bought it anyway, and since it arrived before Security Warrior did, I started to read it first.
It just goes to show that even when you think you know alot, there's someone out there that has some worthy experience to share. This book shares a wealth of tools, and supplements it with not only examples of how to use those tools, but surrounds the whole use of those tools with a methodology without directly ramming a methodology down your throat.
From the introduction of what tools are required, through to network enumeration, scanning, remote information services (dns, ldap), and right through to specifics of assessing ftp, email, vpn and others...I felt this book was a worthy addition to anyones network security library. It even makes multiple references to materials outside the scope of this book, so if you want to read up more on something else - you've got a great start.
I like books to be simple in their approach, because as we all know network security can be very complex. I think this book achieves this goal, and I recommend it to beginners, intermediates and even some experts who are open to refreshers.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars Excellent book to assess your own network security..., May 19 2004
By 
Thomas Duff "Duffbert" (Portland, OR United States) - See all my reviews
(REAL NAME)   
Target Audience
Network administrators or security administrators who want to assess the security of their systems.
Contents
This book is a series of assessments that you can do to your systems to determine the level of your system security
The book is divided into the following chapters: Network Security Assessment; The Tools Required; Internet Host And Network Enumeration; IP Network Scanning; Assessing Remote Information Systems; Assessing Web Services; Assessing Remote Maintenance Services; Assessing FTP And Database Services; Assessing Windows Networking Services; Assessing Email Services; Assessing IP VPN Services; Assessing Unix RPC Services; Application-Level Risks; Example Assessment Methodology; TCP, UDP Ports, And ICMP Message Types; Sources Of Vulnerability Information
Review
Every day brings word of new exploits and new security bugs in various operating systems. Some are new and unique, and many are rehashed exploits made possible by the failure to patch and secure your systems. In order to see your system as a cracker would, you need to understand the mindset and toolsets that are used against you. This book, Network Security Assessment, will help you do just that.
Each chapter starts with a brief explanation of the area being discussed, as well as some of the overall security concerns related to that service. The rest of the chapter is then devoted to various exploits and tools that can be launched against the different operating systems. Chris McNab uses extensive illustrations and output listings to show the reader how the tools work and what type of information can be exposed to an attacker. Since many of the tools are Unix-based or are expected to be used against Unix-type systems, the author does assume familiarity with administration of Unix variants.
There are a lot of things to like about this book. The assessment methodology is organized and well thought out. It's not just a random scattering of exploits. The author also takes great pains to provide the sites where you can download the tools. In addition to that, the tools are also mirrored at the O'Reilly site so that you are protected against websites that may move around. The argument could be made that this provides a fledging cracker with all the information they need to break into your system. True, but the information already exists, and they will find it with or without this book. This book levels the playing field by making security information available to corporate administrators so that they have a chance against attackers.
Conclusion
A worthy addition to the bookshelf of network and security administrators. By following the exploits and processes outlined, you'll be able to sleep well knowing that you've covered as many bases as you can.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Comprehensive is an understatement, May 2 2004
By 
The author has managed to pack a serious amount of low-level technical information into this book. In the other penetration testing and hacking books I've read, I haven't yet found one to be as comprehensive as Network Security Assessment--to give you an example this book covers IPsec, Citrix and Oracle issues that I have not seen covered elsewhere in print, let alone in the same book. A downside is that the book is hard to read from cover-to-cover, and should be used more as a reference, and the author does assume a level of reader knowledge. I've just finished reading Shellcoder's Handbook too, and found chapter 13 of this book to be a great technical primer for application level issues (such as heap, stack, integer overflows and format string bugs)--the diagrams are excellent and easy for anyone to understand.
All in all this is a very useful book for both the professional security analyst and systems admin with large networks to protect. The Oreilly site has some good info that you should check out, such as the TOC, index and sample chapter on network scanning ([...]
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2.0 out of 5 stars Confessions of a former script kiddie, April 24 2004
By A Customer
Two years ago Mr. McNab was a teenager running rootkits against random web servers. Now he is supposedly a professional pen tester.
This book is the latest clone of Hacking Exposed, a theme that gets a new title every month. The addition of checklists reeks of big four style mechanization. What people on the outside, looking in, don't seem to understand is that real hacking/cracking is not about running tools to exploit known vulnerabilities. It's about reverse engineering and hand crafting new attacks. Otherwise you're just repeating the same tired lines about social engineering and using buffer overflows against unpatched systems. Nothing to see here folks. Move along.
I'm disappointed in O'Reilly for publishing this title.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Great, comprehensive introduction and reference, April 13 2004
This book can serve as both a great introduction and reference
to network auditing/penetration testing methodologies. It
presents an overview over a broad range of information security,
from many detailed and thorough methods of remote network
reconnaissance to testing server security, and goes beyond
by teaching a deep understanding of network exploits and their
common attack patterns, using examples of serious existing
exploits and expert instructions for source code auditing,
by showing how to detect and exploit known points of
vulnerability in programs. I enjoyed the detail level of
this book versus other "hacking" books, and the comprehensive,
systematic categorization of scanning and attack methods.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Better than Hacking Exposed, April 9 2004
By 
James Drake (Arlington, VA USA) - See all my reviews
This book is a great resource for any administrator with IP networks to protect. As Wes Boudville says, it certainly is systematic with some great guidelines and useful checklists. The high level concepts laid out by the author make it much easier to understand the underlying issues with security nowadays. Instead of listing bugs and patches, McNab explains the different bug types, and I learnt a lot about stack and heap overflows in the application security chapter.
I'd recommend this book over Hacking Exposed and other books with the word 'hacking' in the title. The assessment material is comprehensive from both Unix and Windows standpoints, and I certainly picked up a bunch of new tricks that I wasn't aware of before. The book has great coverage of all the latest tools and techniques, but written in a timeless way. At just under 400 pages you'll find that it's not too long either!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


‹ Previous | 1 2 | Next ›
Most Helpful First | Newest First

This product

Network Security Assessment: Know Your Network
Network Security Assessment: Know Your Network by Chris McNab (Paperback - Nov. 11 2007)
CDN$ 57.99 CDN$ 32.92
Not in stock; order now and we'll deliver when available
Add to cart Add to wishlist
Only search this product's reviews