There are hundreds--if not thousands--of techniques used to compromise both Windows and Unix-based systems. Malicious code and new exploit scripts are released on a daily basis, and each evolution becomes more and more sophisticated. Keeping up with the myriad of systems used by hackers in the wild is a formidable task, and scrambling to patch each potential vulnerability or address each new attack one-by-one is a bit like emptying the Atlantic with paper cup. If you're a network administrator, the pressure is on you to defend your systems from attack. But short of devoting your life to becoming a security expert, what can you do to ensure the safety of your mission critical systems? Where do you start? Using the steps laid out by professional security analysts and consultants to identify and assess risks, Network Security Assessment offers an efficient testing model that an administrator can adopt, refine, and reuse to create proactive defensive strategies to protect their systems from the threats that are out there, as well as those still being developed. This thorough and insightful guide covers offensive technologies by grouping and analyzing them at a higher level--from both an offensive and defensive standpoint--helping administrators design and deploy networks that are immune to offensive exploits, tools, and scripts. Network administrators who need to develop and implement a security assessment program will find everything they're looking for--a proven, expert-tested methodology on which to base their own comprehensive program--in this time-saving new book.

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 21 Ratings

Very good book for security policy enablers and admins - 2005-05-29
Reviewer Rating:
This is one of the few books that I have come across that focuses mainly on the innards of security assessments. The services based security and counter measures are helpful for threat modeling. This book is really great for people in the security risk and threat analysis for a quantitative and qualitative validation. Good book to help in setting up corporate security policy model.

Other people have already provided a good chapter wise run-down so I will skip that here...

Buy this book :)

Network Security Assessment - 2005-07-20
Reviewer Rating:
explainsa variety of exploits and tells you how to harden your network. This book is very well researched and extremely well written and is reader friendly, as some security books leave the reader lost in techno babble, not this book however very easy reading it now sits on my desk as a ready reckoner.

Essential For Security Concerned IT Admins - 2008-04-02
Reviewer Rating:
'Network Security Assessment: Know Your Network' is an absolute must buy for anyone that runs/admins a network and needs to know the tricks to keeping things safer in today's connected world. Warning right off the bat that this is a very niche market of reader and it's NOT NOT NOT for the regular developer or admin. This is heavy on the technical jargon and you better know all your acronyms like there is no tomorrow from TCP to IP to LDAP to xxx!!

From IIS to VPN to Databases and regular Windows usage there are tons of case studies and examples throughout that will help you plug leaks and keep the bad guys out. Here's a chapter overview:

01. Network Security Assessment Basics
02. Network Security Assessment Platform
03. Internet Host and Network Enumeration
04. IP Network Scanning
05. Assessing Remote Information Services
06. Assessing Web Servers
07. Assessing Web Applications
08. Assessing Remote Maintenance Services
09. Assessing Database Services
10. Assessing Windows Networking Services
11. Assessing Email Services
12. Assessing IP VPN Services
13. Assessing Unix RPC Services
14. Application-Level Risks
15. Running Nessus
16. Exploitation Frameworks

***** HIGHLY RECOMMENDED

Any collection catering to programmers or network managers needs - 2008-01-06
Reviewer Rating:
Chris McNab's NETWORK SECURITY ASSESSMENT appears in its second updated edition to cover the protocols for testing network security - by trying to attack it internally. Tricks and tools professional security consultants use to identify and correct risks in Internet-based networks are revealed in chapters covering everything from Windows networking components and Unix RPC services on various platforms to application-level vulnerabilities. Any collection catering to programmers or network managers needs NETWORK SECURITY ASSESSMENT in its latest updated second edition.

Still good companion for the security prosessional - 2008-07-02
Reviewer Rating:
This review is a comparison between the first and second edition. Other readers have properly described the book and you won't find anything different.

The book is still very concise (its strength) and to the point. The previous edition had some links (or many I'd say) that were not working, or simply do not exist anymore. In this sense it's a good update.

Probably the author had to decide between waiting more and revamp an important part of the book, or publish this edition with no major updates or changes.

The book is still a good companion so buy it if it's not in your library. But if you have it wait for a third edition when all major updates in major operating systems take place.

Browse Similar Topics

Top Level Categories:
Networking
Security

Sub-Categories:
Networking > Security
Security > Networking