Network Security Assessment 2e (Anglais) Broché – 23 novembre 2007
|Neuf à partir de||Occasion à partir de|
Il y a une édition plus récente de cet article:
Les clients ayant acheté cet article ont également acheté
Descriptions du produit
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.
Détails sur le produit
Dans ce livre(En savoir plus)
Commentaires en ligne
Commentaires client les plus utiles sur Amazon.com (beta)
In terms of it's applicability to penetration testing as a whole...we're talking about a huge field of knowledge, but this book should at least be seen as a very good place from which to start. Some of the more exotic attacks and exploits are not covered, but then again, the more exotic sides of penetration testing rarely are deployed in anger in a commercial penetration test.
As I have commented in my own book (Security De-Engineering: Solving the Problems in Information Risk Management) Penetration testing in today's commercial world is in most cases just a compliance show (companies need to show auditors their perimeter (whatever that is these days) has been tested by an independent third party), but there are some niches where quality is sought and appreciated. This book gives those entering such areas of the industry a very good start.
The book is still very concise (its strength) and to the point. The previous edition had some links (or many I'd say) that were not working, or simply do not exist anymore. In this sense it's a good update.
Probably the author had to decide between waiting more and revamp an important part of the book, or publish this edition with no major updates or changes.
The book is still a good companion so buy it if it's not in your library. But if you have it wait for a third edition when all major updates in major operating systems take place.
Nowadays when the security is an issue not only in the computers and systems but also in the networks and internet based process and transactions, this book provided its structure is quite easy to undertand and a helps you findout the explanation of this process.
From IIS to VPN to Databases and regular Windows usage there are tons of case studies and examples throughout that will help you plug leaks and keep the bad guys out. Here's a chapter overview:
01. Network Security Assessment Basics
02. Network Security Assessment Platform
03. Internet Host and Network Enumeration
04. IP Network Scanning
05. Assessing Remote Information Services
06. Assessing Web Servers
07. Assessing Web Applications
08. Assessing Remote Maintenance Services
09. Assessing Database Services
10. Assessing Windows Networking Services
11. Assessing Email Services
12. Assessing IP VPN Services
13. Assessing Unix RPC Services
14. Application-Level Risks
15. Running Nessus
16. Exploitation Frameworks
***** HIGHLY RECOMMENDED