Rating:
Author: Andrew Whitaker
ISBN : B000RH0EMA
New from $46.54
Format: PDF, EPUB
Download books file now Free Penetration Testing and Network Defense [Kindle Edition] from 4shared, mediafire, hotfile, and mirror link
The practical guide to simulating, detecting, and responding to network attacks
- Create step-by-step testing plans
- Learn to perform social engineering and host reconnaissance
- Evaluate session hijacking methods
- Exploit web server vulnerabilities
- Detect attempts to breach database security
- Use password crackers to obtain access information
- Circumvent Intrusion Prevention Systems (IPS) and firewall protections and disrupt the service of routers and switches
- Scan and penetrate wireless networks
- Understand the inner workings of Trojan Horses, viruses, and other backdoor applications
- Test UNIX, Microsoft, and Novell servers for vulnerabilities
- Learn the root cause of buffer overflows and how to prevent them
- Perform and prevent Denial of Service attacks
Penetration testing is a growing field but there has yet to be a definitive resource that instructs ethical hackers on how to perform a penetration test with the ethics and responsibilities of testing in mind. Penetration Testing and Network Defense offers detailed steps on how to emulate an outside attacker in order to assess the security of a network.
Unlike other books on hacking, this book is specifically geared towards penetration testing. It includes important information about liability issues and ethics as well as procedures and documentation. Using popular open-source and commercial applications, the book shows you how to perform a penetration test on an organization’s network, from creating a test plan to performing social engineering and host reconnaissance to performing simulated attacks on both wired and wireless networks.
Penetration Testing and Network Defense also goes a step further than other books on hacking, as it demonstrates how to detect an attack on a live network. By detailing the method of an attack and how to spot an attack on your network, this book better prepares you to guard against hackers. You will learn how to configure, record, and thwart these attacks and how to harden a system to protect it against future internal and external attacks.
Full of real-world examples and step-by-step procedures, this book is both an enjoyable read and full of practical advice that will help you assess network security and develop a plan for locking down sensitive data and company resources.
“This book goes to great lengths to explain the various testing approaches that are used today and gives excellent insight into how a responsible penetration testing specialist executes his trade.”
–Bruce Murphy, Vice President, World Wide Security Services, Cisco Systems®
Direct download links available for Free Penetration Testing and Network Defense
- File Size: 13960 KB
- Print Length: 624 pages
- Simultaneous Device Usage: Up to 5 simultaneous devices, per publisher limits
- Publisher: Cisco Press; 1 edition (October 31, 2005)
- Sold by: Amazon Digital Services, Inc.
- Language: English
- ASIN: B000RH0EMA
- Text-to-Speech: Enabled
X-Ray:
- Lending: Not Enabled
- Amazon Best Sellers Rank: #897,732 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
Free Penetration Testing and Network Defense
Penetration testing is becoming a hot topic again, but the available books on the subject continue to underwhelm. Penetration Testing and Network Defense (PTAND), published in the fall of 2005, would be a four star book if it had been published two years earlier. Stephen Northcutt, unlike all other reviewers, noticed this fact as well. When you combine this problem with PTAND with several other deficiencies, the result is a book you can unfortunately skip.
I usually try to avoid reading and reviewing books that I expect not to like. However, PTAND looked promising. I have several excellent Cisco Press books, like Cisco Router Firewall Security. A major problem with PTAND is that it is largely out of date. For example, Ch 12 discusses malware, but uses B02K, SubSeven, the Melissa virus, and Brown Orifice as examples. In Ch 6, session hijacking is done with Hunt and Juggernaut, but ignores Ettercap, Cain and Abel, and Yersinia. (I found it funny that p 131 of this Cisco Press book describes Juggernaut's author as "someone with the handle of 'route'", but doesn't say that 'route' is Mike Schiffman, Cisco employee since April 2003.)
In addition to outdated or missing tools (THC's Amap and Hydra are also neglected), PTAND fails to mention problems with many of its techniques. In Ch 5, the authors never hint that servers susceptible to DNS zone transfers are not as plentiful as they were in 1998. A discussion of Visual Route doesn't explain that information reported by the tool may have nothing to do with the physical location of a system. Ch 10's description of ACK tunnels ignores that stateful firewalls have been denying such covert channels for years.
PTAND also misses some technical and conceptual details.