Cargando…
Network security assessment /
"Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Sebastopol, Calif. :
O'Reilly,
2007.
|
| Edición: | 2nd ed. |
| Temas: | |
| Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
MARC
| LEADER | 00000cam a2200000 a 4500 | ||
|---|---|---|---|
| 001 | OR_ocn180989270 | ||
| 003 | OCoLC | ||
| 005 | 20231017213018.0 | ||
| 006 | m o d | ||
| 007 | cr unu|||||||| | ||
| 008 | 071109s2007 cau o 001 0 eng d | ||
| 040 | |a UMI |b eng |e pn |c UMI |d OCLCG |d OCLCQ |d CEF |d OCLCQ |d NHM |d DEBSZ |d OCLCQ |d OCLCO |d OCLCF |d OCLCQ |d MERUC |d OCLCQ |d UAB |d AU@ |d CNCEN |d OCLCQ |d OCLCO |d OCLCQ |d OCLCO |d OCLCQ | ||
| 019 | |a 776507570 |a 1105792261 | ||
| 020 | |a 9780596510305 | ||
| 020 | |a 0596510306 | ||
| 020 | |a 9780596520809 | ||
| 020 | |a 0596520808 | ||
| 024 | 8 | |a 9780596510305 | |
| 029 | 1 | |a AU@ |b 000067113052 | |
| 029 | 1 | |a DEBSZ |b 355420562 | |
| 029 | 1 | |a HEBIS |b 291492347 | |
| 035 | |a (OCoLC)180989270 |z (OCoLC)776507570 |z (OCoLC)1105792261 | ||
| 037 | |a CL0500000015 |b Safari Books Online | ||
| 050 | 4 | |a TK5105.59 |b .M34 2007 | |
| 082 | 0 | 4 | |a 005.8 |
| 049 | |a UAMI | ||
| 100 | 1 | |a McNab, Chris |q (Chris R.), |d 1980- | |
| 245 | 1 | 0 | |a Network security assessment / |c by Chris McNab. |
| 250 | |a 2nd ed. | ||
| 260 | |a Sebastopol, Calif. : |b O'Reilly, |c 2007. | ||
| 300 | |a 1 online resource | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 347 | |a text file | ||
| 588 | 0 | |a Print version record. | |
| 505 | 0 | |a 1. Network Security Assessment -- The Business Benefits -- IP: The Foundation of the Internet -- Classifying Internet-Based Attackers -- Assessment Service Definitions -- Network Security Assessment Methodology -- The Cyclic Assessment Approach -- 2. Network Security Assessment Platform -- Virtualization Software -- Operating Systems -- Reconnaissance Tools -- Network Scanning Tools -- Exploitation Frameworks -- Web Application Testing Tools -- 3. Internet Host and Network Enumeration -- Querying Web and Newsgroup Search Engines -- Querying Domain WHOIS Registrars -- Querying IP WHOIS Registrars -- BGP Querying -- DNS Querying -- Web Server Crawling -- Automating Enumeration -- SMTP Probing -- Enumeration Technique Recap -- Enumeration Countermeasures -- 4. IP Network Scanning -- ICMP Probing -- TCP Port Scanning -- UDP Port Scanning -- IDS Evasion and Filter Circumvention -- Low-Level IP Assessment -- Network Scanning Recap -- Network Scanning Countermeasures -- 5. Assessing Remote Information Services -- Remote Information Services -- DNS -- Finger -- Auth -- NTP -- SNMP -- LDAP -- rwho -- RPC rusers -- Remote Information Services Countermeasures -- 6. Assessing Web Servers -- Web Servers -- Fingerprinting Accessible Web Servers -- Identifying and Assessing Reverse Proxy Mechanisms -- Enumerating Virtual Hosts and Web Sites -- Identifying Subsystems and Enabled Components -- Investigating Known Vulnerabilities -- Basic Web Server Crawling -- Web Servers Countermeasures -- 7. Assessing Web Applications -- Web Application Technologies Overview -- Web Application Profiling -- Web Application Attack Strategies -- Web Application Vulnerabilities -- Web Security Checklist -- 8. Assessing Remote Maintenance Services -- Remote Maintenance Services -- FTP -- SSH -- Telnet -- R-Services -- X Windows -- Citrix -- Microsoft Remote Desktop Protocol -- VNC -- Remote Maintenance Services Countermeasures -- 9. Assessing Database Services -- Microsoft SQL Server -- Oracle -- MySQL -- Database Services Countermeasures -- 10. Assessing Windows Networking Services -- Microsoft Windows Networking Services -- Microsoft RPC Services -- The NetBIOS Name Service -- The NetBIOS Datagram Service -- The NetBIOS Session Service -- The CIFS Service -- Unix Samba Vulnerabilities -- Windows Networking Services Countermeasures -- 11. Assessing Email Services -- Email Service Protocols -- SMTP -- POP-2 and POP-3 -- IMAP -- Email Services Countermeasures -- 12. Assessing IP VPN Services -- IPsec VPNs -- Attacking IPsec VPNs -- Microsoft PPTP -- SSL VPNs -- VPN Services Countermeasures -- 13. Assessing Unix RPC Services -- Enumerating Unix RPC Services -- RPC Service Vulnerabilities -- Unix RPC Services Countermeasures -- 14. Application-Level Risks -- The Fundamental Hacking Concept -- Why Software Is Vulnerable -- Network Service Vulnerabilities and Attacks -- Classic Buffer-Overflow Vulnerabilities -- Heap Overflows -- Integer Overflows -- Format String Bugs -- Memory Manipulation Attacks Recap -- Mitigating Process Manipulation Risks -- Recommended Secure Development Reading -- 15. Running Nessus -- Nessus Architecture -- Deployment Options and Prerequisites -- Nessus Installation -- Configuring Nessus -- Running Nessus -- Nessus Reporting -- Running Nessus Recap -- 16. Exploitation Frameworks -- Metasploit Framework -- CORE IMPACT -- Immunity CANVAS -- Exploitation Frameworks Recap -- A. TCP, UDP Ports, and ICMP Message Types -- B. Sources of Vulnerability Information -- C. Exploit Framework Modules. | |
| 520 | 1 | |a "Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks at the bigger picture by grouping and analyzing threats at a high level. You'll learn to create defensive strategies against entire attack categories, providing protection now and into the future." "Assessment is the first step any organization should take to start managing information risks correctly. With techniques to identify and assess risks in line with CESG CHECK and NSA IAM government standards, Network Security Assessment gives you a precise method to do just that."--Jacket | |
| 542 | |f Copyright © O'Reilly Media, Inc. |g 2007 | ||
| 590 | |a O'Reilly |b O'Reilly Online Learning: Academic/Public Library Edition | ||
| 650 | 0 | |a Computer networks |x Security measures. | |
| 650 | 6 | |a Réseaux d'ordinateurs |x Sécurité |x Mesures. | |
| 650 | 7 | |a Computer networks |x Security measures. |2 blmlsh | |
| 650 | 7 | |a Computer networks |x Security measures. |2 fast |0 (OCoLC)fst00872341 | |
| 776 | 0 | 8 | |i Print version: |a McNab, Chris. |t Network Security Assessment. |d Sebastopol : O'Reilly Media, Inc., ©2008 |z 9780596006112 |
| 856 | 4 | 0 | |u https://learning.oreilly.com/library/view/~/9780596510305/?ar |z Texto completo (Requiere registro previo con correo institucional) |
| 994 | |a 92 |b IZTAP | ||