INDUSTRY
Security through Attack: Know Your Network
An increasingly popular approach to network security is to think like the bad guys: by understanding the methods and motivations of those who attempt to penetrate your defenses, you'll be better able to withstand their assault. Unfortunately, most network administrators merely poke at their systems in a haphazard fashion. With a constant barrage of techniques used to compromise both Windows and Unix-based systems--and no end to the ingenuity and determination of those who employ them--keeping current with the latest modes of attack is just another responsibility a network administrator juggles. Short of becoming a security expert (if that luxury were possible), what can you do to ensure the safety of your
systems? "Network Security Assessment" (O'Reilly, US $39.95) by former-teen-hacker-turned-security-analyst Chris McNab provides a methodical approach to identifying and assessing the risks in computer networks. Using steps laid out by professional security analysts and consultants to identify and assess risks, the book offers an efficient testing model that network administrators can adopt, refine, and reuse to create defensive strategies to protect their systems from the threats that are out there, as well as those still being developed.
The book focuses on a single area of network security in detail: that of undertaking IP-based network security assessment in a structured and logical way. "Assessment is the first step any organization should take to start managing information risks correctly," says McNab. Over the last five years, McNab has achieved a one hundred percent success rate in compromising the networks of financial services companies and multinational corporations. With "Network Security Assessment," McNab hopes to use his expertise to help others by clearly defining an effective best practice network assessment methodology.
"By assessing your networks in the same way a determined attacker does, you can take a more proactive approach to risk management," McNab notes. "Throughout this book there are bulleted checklists of countermeasures to help you devise a clear technical strategy and fortify your environments at the network and application levels."
This thorough and insightful guide begins by introducing the tools attackers use and quickly moves through the various ways an attacker can learn about the vulnerabilities in your network. The bulk of the book examines the components of your network, the different services you run, and how they can be attacked. Some of the topics covered are:
-Tools that perform assessment
-Testing common services such as SSH, DNS, and LDAP
-Testing Microsoft Windows services, including NetBIOS, CIFS, and RPC
-Testing web applications running on Apache and Microsoft IIS
-Database service assessment for Oracle, SQL Server, and MySQL
-Assessing VPN services, including IPsec, FWZ, and PPTP
-Application risks
-Risk mitigation information and strategies, including checklists
"Network Security Assessment" is written in line with the most important assessment standards used by the US and UK governments, respectively, for critical national infrastructure testing and assurance: USA NSA IAM and UK CSEG CHECK. Network administrators who need to develop and implement a security assessment program will find everything they're looking for in this time-saving new book--a proven, expert-tested methodology on which to base their own comprehensive program.