Network Security Assessment

Awareness is a key component in a person's quest for mitigating the inherent risk of operating an IP network attached to the Internet. The book "Network Security Assessment" by Chris McNab, is recommended for anyone who is new to the profession of network perimeter assessment or anyone interested in learning more about how to defend their infrastructure. The book focuses upon the enumeration and exploitation process of assessing a network perimeter. The author has a great section on manipulating whois, dns and nmap for network enumeration. These sections provide the reader an understanding of the techniques used to determine their networks external façade in a way that is clear and easy to follow yet reiterating the importance of understanding protocols such as ICMP and the advanced usage of information gathering tools like tcpdump. A large portion of the book show tools, techniques and methodologies used to evaluate and exploit networks and host services. This information is useful and interesting to read; some of the exploits are quite old and could be useful for finding systems that were in dire need of patches. However, the book is about assessing the network not vulnerability re-mediation. The author does have a neat article "Top Ten Tips to Make Attackers' Lives Hell" on O'Reilly's web site. The assessment techniques cover Unix and Windows systems as well as many protocols such as LDAP, SNMP and applications such as IIS and Oracle. The book ends with a great section on Application-Level risks. This includes useful information on buffer overflows, integer overflows, format string bugs and the like. This is well written and an explanation that is clear. I feel like this book is a culmination of years of old notebooks, it is a handy resource. Overall, I would definitely recommend this book to anyone new to network security assessment. Even those who have experience in the field will find useful information and techniques in this book. It was a fun book to read and an excellent starting point when looking into the means by which one should assess their network.

This is an excellent written book that I would definitely recommend to anyone interested in Network Security. The author has a very professional approach to security assessment and every chapter covers in detail ways to find out information about systems and their vulnerabilities. The final chapter walks through the process of creating a detailed report about an attack. One of the best security related books I have ever read.

The author has managed to pack a serious amount of low-level technical information into this book. In the other penetration testing and hacking books I've read, I haven't yet found one to be as comprehensive as Network Security Assessment--to give you an example this book covers IPsec, Citrix and Oracle issues that I have not seen covered elsewhere in print, let alone in the same book. A downside is that the book is hard to read from cover-to-cover, and should be used more as a reference, and the author does assume a level of reader knowledge. I've just finished reading Shellcoder's Handbook too, and found chapter 13 of this book to be a great technical primer for application level issues (such as heap, stack, integer overflows and format string bugs)--the diagrams are excellent and easy for anyone to understand.All in all this is a very useful book for both the professional security analyst and systems admin with large networks to protect. The Oreilly site has some good info that you should check out, such as the TOC, index and sample chapter on network scanning (http://www.oreilly.com/catalog/networksa/).

This book is a great resource for any administrator with IP networks to protect. As Wes Boudville says, it certainly is systematic with some great guidelines and useful checklists. The high level concepts laid out by the author make it much easier to understand the underlying issues with security nowadays. Instead of listing bugs and patches, McNab explains the different bug types, and I learnt a lot about stack and heap overflows in the application security chapter.I'd recommend this book over Hacking Exposed and other books with the word 'hacking' in the title. The assessment material is comprehensive from both Unix and Windows standpoints, and I certainly picked up a bunch of new tricks that I wasn't aware of before. The book has great coverage of all the latest tools and techniques, but written in a timeless way. At just under 400 pages you'll find that it's not too long either!