Penetration Testing and Network Defense 1st Edition by Andrew Whitaker, Daniel Newman ISBN 1587052083 97815870520838
Original price was: $50.00.$35.00Current price is: $35.00.
Authors:Andrew Whitaker; Daniel P. Newman , Series:Cyber Security [242] , Tags:Computers; Networking; Vendor Specific , Author sort:Whitaker, Andrew & Newman, Daniel P. , Ids:Google; 9780133987843 , Languages:Languages:eng , Published:Published:Oct 2005 , Publisher:Cisco Press , Comments:Comments:The practical guide to simulating, detecting, and responding to network attacks Create step-by-step testing plans Learn to perform social engineering and host reconnaissance Evaluate session hijacking methods Exploit web server vulnerabilities Detect attempts to breach database security Use password crackers to obtain access information Circumvent Intrusion Prevention Systems (IPS) and firewall protections and disrupt the service of routers and switches Scan and penetrate wireless networks Understand the inner workings of Trojan Horses, viruses, and other backdoor applications Test UNIX, Microsoft, and Novell servers for vulnerabilities Learn the root cause of buffer overflows and how to prevent them Perform and prevent Denial of Service attacks Penetration testing is a growing field but there has yet to be a definitive resource that instructs ethical hackers on how to perform a penetration test with the ethics and responsibilities of testing in mind. Penetration Testing and Network Defense offers detailed steps on how to emulate an outside attacker in order to assess the security of a network. Unlike other books on hacking, this book is specifically geared towards penetration testing. It includes important information about liability issues and ethics as well as procedures and documentation. Using popular open-source and commercial applications, the book shows you how to perform a penetration test on an organization’s network, from creating a test plan to performing social engineering and host reconnaissance to performing simulated attacks on both wired and wireless networks. Penetration Testing and Network Defense also goes a step further than other books on hacking, as it demonstrates how to detect an attack on a live network. By detailing the method of an attack and how to spot an attack on your network, this book better prepares you to guard against hackers. You will learn how to configure, record, and thwart these attacks and how to harden a system to protect it against future internal and external attacks. Full of real-world examples and step-by-step procedures, this book is both an enjoyable read and full of practical advice that will help you assess network security and develop a plan for locking down sensitive data and company resources. “This book goes to great lengths to explain the various testing approaches that are used today and gives excellent insight into how a responsible penetration testing specialist executes his trade.†–Bruce Murphy, Vice President, World Wide Security Services, Cisco Systems®
Penetration Testing and Network Defense 1st Edition by Andrew Whitaker, Daniel P. Newman – Ebook PDF Instant Download/Delivery. 1587052083, 978-1587052088
Full download Penetration Testing and Network Defense 1st Edition after payment
Product details:
ISBN 10: 1587052083
ISBN 13: 978-1587052088
Author: Andrew Whitaker, Daniel P. Newman
Penetration Testing and Network Defense 1st Table of contents:
Part I: Overview of Penetration Testing
Chapter 1: Understanding Penetration Testing
- Defining Penetration Testing
- Assessing the Need for Penetration Testing
- Proliferation of Viruses and Worms
- Wireless LANs
- Complexity of Networks Today
- Frequency of Software Updates
- Availability of Hacking Tools
- The Nature of Open Source
- Reliance on the Internet
- Unmonitored Mobile Users and Telecommuters
- Marketing Demands
- Industry Regulations
- Administrator Trust
- Business Partnerships
- Hacktivism
- Attack Stages
- Choosing a Penetration Testing Vendor
- Preparing for the Test
- Summary
Chapter 2: Legal and Ethical Considerations
- Ethics of Penetration Testing
- Laws
- U.S. Laws Pertaining to Hacking
- 1973 U.S. Code of Fair Information Practices
- 1986 Computer Fraud and Abuse Act (CFAA)
- State Laws
- Regulatory Laws
- 1996 U.S. Kennedy-Kasselbaum Health Insurance Portability and Accountability Act (HIPAA)
- Graham-Leach-Bliley (GLB)
- USA PATRIOT ACT
- 2002 Federal Information Security Management Act (FISMA)
- 2003 Sarbanes-Oxley Act (SOX)
- Non-U.S. Laws Pertaining to Hacking
- Logging
- To Fix or Not to Fix
- Summary
Chapter 3: Creating a Test Plan
- Step-by-Step Plan
- Defining the Scope
- Social Engineering
- Session Hijacking
- Trojan/Backdoor
- Open-Source Security Testing Methodology Manual
- Documentation
- Executive Summary
- Project Scope
- Results Analysis
- Summary
Part II: Performing the Test
Chapter 4: Performing Social Engineering
- Human Psychology
- Types of Persuasion:
- Conformity Persuasion
- Logic Persuasion
- Need-Based Persuasion
- Authority-Based Persuasion
- Reciprocation-Based Social Engineering
- Similarity-Based Social Engineering
- Information-Based Social Engineering
- What It Takes to Be a Social Engineer
- Using Psychological Tactics for Social Engineering
- Patience
- Confidence
- Trust
- Inside Knowledge
- Types of Social Engineering Attacks
- Tech Support Impersonation
- E-Mail Impersonation
- Customer Impersonation
- Reverse Social Engineering
- Protecting Against Social Engineering
- Case Study
- Summary
Chapter 5: Performing Host Reconnaissance
- Passive Host Reconnaissance
- Active Host Reconnaissance
- Port Scanning (with NMap)
- Fingerprinting
- Detecting Scans
- IDS and Anomaly Detection Systems
- Misuse Detection System
- Case Study
- Summary
Chapter 6: Understanding and Attempting Session Hijacking
- Defining Session Hijacking
- Tools for Session Hijacking
- Detecting Session Hijacking
- Using Packet Sniffers
- Cisco IDS
- Protecting Against Session Hijacking
- Case Study
- Summary
Chapter 7: Performing Web Server Attacks
- Understanding Web Languages and Architectures
- Web Server Vulnerabilities
- Buffer Overflows
- Brute Force Attacks
- Cookie Guessing
- Detecting and Protecting Against Web Attacks
- Securing Web Servers
- Case Study
- Summary
Chapter 8: Performing Database Attacks
- Defining Databases
- Testing Database Vulnerabilities
- SQL Injection
- Password Cracking
- Detecting and Protecting Against Database Attacks
- Case Study
- Summary
Chapter 9: Password Cracking
- Password Hashing and Cracking Tools
- Detecting Password Cracking
- Protecting Against Password Cracking
- Case Study
- Summary
Chapter 10: Attacking the Network
- Bypassing Firewalls and IDS
- Testing Routers and Switches for Vulnerabilities
- Securing the Network
- Case Study
- Summary
Chapter 11: Scanning and Penetrating Wireless Networks
- History of Wireless Networks
- Wireless Security Technologies
- War Driving and Tools
- Detecting and Preventing Wireless Attacks
- Case Study
- Summary
Chapter 12: Using Trojans and Backdoor Applications
- Trojans, Viruses, and Backdoors
- Detecting and Preventing Trojan Attacks
- Case Study
- Summary
Chapter 13: Penetrating UNIX, Microsoft, and Novell Servers
- Server Vulnerabilities and Elevation Techniques
- Detecting and Preventing Server Attacks
- Case Study
- Summary
Chapter 14: Understanding and Attempting Buffer Overflows
- Memory Architecture
- Buffer Overflow Prevention
- Case Study
- Summary
Chapter 15: Denial-of-Service Attacks
- Types of DoS Attacks
- Tools for Executing DoS Attacks
- Detecting and Preventing DoS Attacks
- Case Study
- Summary
Chapter 16: Case Study: A Methodical Step-By-Step Penetration Test
- Case Study: LCN Gets Tested
- Planning the Attack
- Gaining Access and Maintaining Access
- Covering Tracks and Writing the Report
- Summary
Part III: Appendixes
Appendix A: Preparing a Security Policy
Appendix B: Tools
People also search for Penetration Testing and Network Defense 1st:
what is network penetration testing
network penetration testing vs application penetration testing
penetration and defense analyst
a penetration tester is testing a network’s vulnerability
what is the difference between penetration tests and security tests
You may also like…
eBook PDF
Ethical Hacking and Penetration Testing Guide 1st edition by Rafay Baloch 9781351381345 1351381342
