on May 11, 2011
I suppose these tools are going to be in the public domain anyway, so we might as well educate white hats as well as the black hats that may know them already. This book is a complete guide to penetration testing, aimed at potential security consultants. (That's the good part.) The bad part is that this book in the wrong hands can wreak all kinds of havoc-- it makes hacking way too easy. The authors do a good job of providing the right level of detail in all sorts of IT disciplines (networking, protocols, remote access, etc.), not spending too much time because there's just too many tools to introduce.
Frightening, yet useful in the right hands. If you are a security testing professional, you really need a copy of this book.
on April 27, 2011
The authors tackle a persistent danger to many websites and networks that hang off the Internet, where often the complexity of the operating systems and applications and the interactions between these can open doors to attackers. So the basic idea of penetration testing is to preemptively probe ('attack') your system. Find the weaknesses first, before others do so.
In part, the text offers a good overview of the field, separate from the usages of BackTrack. So you get a summary of several common security testing methodologies. Including the Open Source Security Testing Methodology Manual. If you have a background in science experiments, you'll see clear parallels in how this OSSTMM approach investigates an unknown system.
As far as BackTrack is concerned, its capabilities are explored in depth through most of the text. It does seem to have covered all the bases. Like checking/scanning for open TCP and UDP ports on target machines. Or looking for live machines on a network. One thing that becomes clear is that you can treat BackTrack as a repertoire of free tools. And you can pick just a subset of these tools to initially use against your network, if you have specific needs or suspicions,
To be sure, the recommended usage is a top down one, where you treat BackTrack as an integrated whole and you systematically first plan out your entire testing. No argument from me. You should do this, if you decide to use BackTrack in the first place. But a pragmatic incremental approach might still have some merit. Where you can just choose a tool and look up its usage in the text and run it. Easy to get some experience and confidence.