買這商品的人也買了...
-
$580$458 -
$680$537 -
$1,400$1,330 -
$980$774 -
$1,900$1,805 -
$600$588 -
$590$466 -
$780$663 -
$750$675 -
$720$569 -
$560$504 -
$850$723 -
$480$379 -
$750$593 -
$780$616 -
$590$460 -
$490$382 -
$620$490 -
$990$782 -
$1,176Computer Organization and Design: The Hardware/Software Interface, 3/e(IE) (美國版ISBN:1558606041)
-
$2,350$2,233 -
$650$507 -
$1,225C++ Primer Plus, 5/e (Paperback)
-
$580$452 -
$400$340
相關主題
商品描述
There are hundreds--if not thousands--of techniques used to compromise both
Windows and Unix-based systems. Malicious code and new exploit scripts are
released on a daily basis, and each evolution becomes more and more
sophisticated. Keeping up with the myriad of systems used by hackers in the wild
is a formidable task, and scrambling to patch each potential vulnerability or
address each new attack one-by-one is a bit like emptying the Atlantic with
paper cup.
If you're a network administrator, the pressure is on you to
defend your systems from attack. But short of devoting your life to becoming a
security expert, what can you do to ensure the safety of your mission critical
systems? Where do you start?
Using the steps laid out by professional
security analysts and consultants to identify and assess risks, Network
Security Assessment offers an efficient testing model that an administrator
can adopt, refine, and reuse to create proactive defensive strategies to protect
their systems from the threats that are out there, as well as those still being
developed.
This thorough and insightful guide covers offensive
technologies by grouping and analyzing them at a higher level--from both an
offensive and defensive standpoint--helping administrators design and deploy
networks that are immune to offensive exploits, tools, and scripts. Network
administrators who need to develop and implement a security assessment program
will find everything they're looking for--a proven, expert-tested methodology on
which to base their own comprehensive program--in this time-saving new book.
Table of Contents:
Foreword
Preface
1. Network Security Assessment
The Business Benefits
IP: The Foundation of the Internet
Classifying Internet-Based Attackers
Assessment Service Definitions
Network Security Assessment Methodology
The Cyclic Assessment Approach2. The Tools Required
The Operating Systems
Free Network Scanning Tools
Commercial Network Scanning Tools
Protocol-Dependent Assessment Tools3. Internet Host and Network Enumeration
Web Search Engines
NIC Querying
DNS Querying
Enumeration Technique Recap
Enumeration Countermeasures4. IP Network Scanning
ICMP Probing
TCP Port Scanning
UDP Port Scanning
IDS Evasion and Filter Circumvention
Low-Level IP Assessment
Network Scanning Recap
Network Scanning Countermeasures5. Assessing Remote Information Services
Remote Information Services
systat and netstat
DNS
finger
auth
SNMP
LDAP
rwho
RPC rusers
Remote Information Services Countermeasures6. Assessing Web Services
Web Services
Identifying the Web Service
Identifying Subsystems and Components
Investigating Web Service Vulnerabilities
Accessing Poorly Protected Information
Assessing CGI Scripts and Custom ASP Pages
Web Services Countermeasures7. Assessing Remote Maintenance Services
Remote Maintenance Services
SSH
Telnet
R-Services
X Windows
Microsoft Remote Desktop Protocol
VNC
Citrix
Remote Maintenance Services Countermeasures8. Assessing FTP and Database Services
FTP
FTP Banner Grabbing and Enumeration
FTP Brute-Force Password Guessing
FTP Bounce Attacks
Circumventing Stateful Filters Using FTP
FTP Process Manipulation Attacks
FTP Services Countermeasures
Database Services
Microsoft SQL Server
Oracle
MySQL
Database Services Countermeasures9. Assessing Windows Networking Services
Microsoft Windows Networking Services
Microsoft RPC Services
The NetBIOS Name Service
The NetBIOS Datagram Service
The NetBIOS Session Service
The CIFS Service
Unix Samba Vulnerabilities
Windows Networking Services Countermeasures10. Assessing Email Services
Email Service Protocols
SMTP
POP-2 and POP-3
IMAP
Email Services Countermeasures11. Assessing IP VPN Services
IPsec VPNs
Attacking IPsec VPNs
Check Point VPN Security Issues
Microsoft PPTP
VPN Services Countermeasures12. Assessing Unix RPC Services
Enumerating Unix RPC Services
RPC Service Vulnerabilities
Unix RPC Services Countermeasures13. Application-Level Risks
The Fundamental Hacking Concept
The Reasons Why Software Is Vulnerable
Network Service Vulnerabilities and Attacks
Classic Buffer-Overflow Vulnerabilities
Heap Overflows
Integer Overflows
Format String Bugs
Memory Manipulation Attacks Recap
Mitigating Process Manipulation Risks
Recommended Secure Development Reading14. Example Assessment Methodology
Network Scanning
Accessible Network Service Identification
Investigation of Known Vulnerabilities
Network Service Testing
Methodology Flow Diagram
Recommendations
Closing CommentsA. TCP, UDP Ports, and ICMP Message Types
TCP Ports
UDP Ports
ICMP Message TypesB. Sources of Vulnerability Information
Security Mailing Lists
Vulnerability Databases and Lists
Underground Web Sites
Security Events and ConferencesIndex