What do you think?
Rate this book
Network Security Assessment: Know Your Network
How secure is your network? The best way to find out is to attack it, using the same tactics attackers employ to identify and exploit weaknesses. With the third edition of this practical book, you’ll learn how to perform network-based penetration testing in a structured manner. Security expert Chris McNab demonstrates common vulnerabilities, and the steps you can take to identify them in your environment.
System complexity and attack surfaces continue to grow. This book provides a process to help you mitigate risks posed to your network. Each chapter includes a checklist summarizing attacker techniques, along with effective countermeasures you can use immediately.
Learn how to effectively test system components,
Common services such as SSH, FTP, Kerberos, SNMP, and LDAPMicrosoft services, including NetBIOS, SMB, RPC, and RDPSMTP, POP3, and IMAP email servicesIPsec and PPTP services that provide secure network accessTLS protocols and features providing transport securityWeb server software, including Microsoft IIS, Apache, and NginxFrameworks including Rails, Django, Microsoft ASP.NET, and PHPDatabase servers, storage protocols, and distributed key-value stores
System complexity and attack surfaces continue to grow. This book provides a process to help you mitigate risks posed to your network. Each chapter includes a checklist summarizing attacker techniques, along with effective countermeasures you can use immediately.
Learn how to effectively test system components,
Common services such as SSH, FTP, Kerberos, SNMP, and LDAPMicrosoft services, including NetBIOS, SMB, RPC, and RDPSMTP, POP3, and IMAP email servicesIPsec and PPTP services that provide secure network accessTLS protocols and features providing transport securityWeb server software, including Microsoft IIS, Apache, and NginxFrameworks including Rails, Django, Microsoft ASP.NET, and PHPDatabase servers, storage protocols, and distributed key-value stores
748 pages, Kindle Edition
First published January 1, 2004
45 people are currently reading
237 people want to read
About the author
Chris McNab
1 bookChristopher Ross McNab is an author, computer hacker, and founder of AlphaSOC. McNab is best known for his Network Security Assessment books, which detail practical penetration testing tactics that can be adopted to evaluate the security of networks in-line with CESG CHECK, PCI DSS, and NIST SP 800-115 standards.
He is not to be confused with Chris McNab, Welsh author, survivalist and military expert.
He is not to be confused with Chris McNab, Welsh author, survivalist and military expert.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 8 of 8 reviews
Read
October 5, 2022Inte så kul att läsa från pärm till pärm. Funkar nog bäst som uppslagsverk.
May 24, 2019
The book is a guide that covers the full stack when you're trying to do security assesment in your network. It is mainly offensive, more than defensive, but at the end of each chapter you can find a small guide on hardening that specific layer/app.
The book is quite hands-on, with many commands, and lots of links. So reading it on paper is not the best use of your time and/or money. Also I was expecting something more theoretical, but it's full of details on specific technologies.
All in all, it's a well-written book, but I was not the target.
The book is quite hands-on, with many commands, and lots of links. So reading it on paper is not the best use of your time and/or money. Also I was expecting something more theoretical, but it's full of details on specific technologies.
All in all, it's a well-written book, but I was not the target.
December 25, 2012
I found this book while searching for security protocols book. I must say it wasn't a bad coincidence. Expect to learn lot of tricks about networks. By the end the book talk about local buffer overflow techniques. This author knows what he is saying.
Warning: out dated (2007) but still very - very useful
Warning: out dated (2007) but still very - very useful
July 2, 2012
A little bit out of date but not by much. As a starter into the industry, NSA provided a good foundation for further practical learning. Covers the basic techniques required for network infrastructure testing.
January 9, 2015
Although most of the tools related content is obsolete the book is still OK
July 30, 2016
Easy read and good introduction to network security. The content is outdated though and much of the information included is irrelevant to modern day pentesting
February 24, 2018
First chapters were great. Last few seemed to give up.
Displaying 1 - 8 of 8 reviews