Slashdot Mirror

← Back to Stories (view on slashdot.org)

Assessing Network Security

Posted by timothy on from the what-if-you-press-this-button-here dept.

Anton Chuvakin writes "I've read some pretty bad books on penetration testing; till now, nobody seemed to get this fun subject right! Good news - this time somebody did. Assessing Network Security comes to us direct from the bunkers of Redmond. Written by three Microsoft security researchers, the book provides a great overview as well as an in-depth coverage of assessing security via penetration testing ('pentesting'), scanning, IT audit and other means." Read on for the rest of Chuvakin's review of the book. Assessing Network Security author Ben Smith, David LeBlanc, Kevin Lam pages 592 publisher Microsoft Press rating 8/10 reviewer Anton Chuvakin ISBN 0735620334 summary Great pentesting book

Assessing Network Security starts with a nice overview of key principles of security (definitely not news for industry practitioners, but nice anyway), and then goes on to defines vulnerability assessment, penetration testing and security audit. A critically important section on reporting the findings is also nicely written, and shows that the authors are knowledgeable, and interested in showing a complete security process rather than just the looking-for-leaks part.

The authors then go into developing and maintaining pentesting skills, including advice on choosing training and resources (nice for those starting in the field). The actual pentesting process is split into non-intrusive (combining the usual "intelligence gathering" with port scans, sweeps and various host queries) and intrusive tests (such as running a vulnerability scanner, brute-forcing passwords, DoS testing and others). Some entries seem to belong in both categories (such as sniffing) but are placed into the intrusive section, for whatever reason. Up-to-date content (wireless, Bluetooth and web assessment, for instance) is well represented.

The authors also include a fairly insightful social engineering testing section (touching on dumpster diving and other non-network assessment methods). My favorite chapter was the one presenting various case studies - examples of specific threats/tests against Web, email, VPN and domain controller systems.

Among other features that I liked in Assessing Network Security were 'notes from the field' sidebars with fun stories related by authors, and FAQs at the end of each section. On the down side, the book is somewhat Windows-focused (although it is amazingly vendor-neutral in most respects, considering the source). The book is also somewhat dry, although the sidebars provide some needed relief when the text gets too process-oriented at times.

Assessing Network Security is largely about methodology, but I'd have preferred to see a bit more technical content, since it is a 600-page volume. I think the checklists present in the Appendix are a great step in that direction.

Overall, I enjoyed the book and think it is both a great guide and a reference for most security professionals, especially for those starting to be involved with penetration testing.

Anton Chuvakin, Ph.D., GCIA, GCIH is a Security Strategist with a security information management company and maintains the security portal info-secure.org. He wrote Security Warrior and contributed to Know Your Enemy, 2nd Edition . You can purchase Assessing Network Security from bn.com. Slashdot welcomes readers' book reviews. To see your own review here, carefully read the book review guidelines, then visit the submission page.

15 of 89 comments (clear)

  1. FP - obilgatory NS at redmund? by Anonymous Coward · · Score: 3, Funny

    They work at MS?!?!? what's the world coming to????

  2. What about... by fembots · · Score: 5, Funny

    I've read some pretty bad books on penetration testing; till now, nobody seemed to get this fun subject right!

    What about Kama Sutra?

    Seriously though, this book is written by three Microsoft security researchers, I guess that said enough.

    Is this a case of do as we say, not as we do.

    --
    Rock that crushes, Paper & Scissors that don't matter.
  3. penetration by Hohlraum · · Score: 0, Funny

    heheh .. he said penetration.

  4. Now, if they'd only... by Sensible+Clod · · Score: 3, Funny

    put this kind of effort into securing their software.

    --

    The difference between spam and poop is that you don't have to dig through septic tanks looking for real food. -- Me
  5. Karma be damned... by grub · · Score: 5, Funny


    "I've read some pretty bad books on penetration testing [...] Assessing Network Security comes to us direct from the bunkers of Redmond."

    Nah, too easy.

    --
    Trolling is a art,
  6. "Microsoft security" by Anonymous Coward · · Score: 5, Funny

    What is an oxymoron, Alex.

  7. remember now by LiquidMind · · Score: 5, Funny

    "...via penetration testing..."

    remember guys, often times computers are like women.

    this is not one of them

    --
    This sig contains repetition and redundancy.
    1. Re:remember now by lukewarmfusion · · Score: 4, Funny

      My floppy is...uhh...stuck.

  8. A book on security from microsoft... ? by Anonymous Coward · · Score: 5, Funny

    flamebait
    Wouldn't that be sort of like George Bush writing an english book?
    /flamebait

  9. This is old news by Anonymous Coward · · Score: 4, Funny

    A beta version of the book was leaked to the internet a year ago.

  10. From the Author: by Jacco+de+Leeuw · · Score: 3, Funny
    "Written by three Microsoft security researchers, the book provides a great overview as well as an in-depth coverage of assessing security via penetration testing."

    From the referenced BN page:

    "I have been fascinated by leadership dynamics throughout my working career. [...] A concern is that we often get to hear the same leadership issues over and over again, yet leaders continue to lead with mediocrity and passiveness".

    His Billness will not take this lightly! These guys can kiss their jobs at Microsoft Research goodbye! :-)

    --
    -------
    Warning: Slashdot may contain traces of nuts.
  11. Re:When did M$ become a network device? by jeffy210 · · Score: 3, Funny

    And it wasn't. Apperantly the drive crapped out a long time ago, and everything was running from memory. Btw the time I had to reboot it, the system wouldn't come back up. Finally got the company to cough up the money to get a Catalyst 3550 to replace it.

    --
    ------
    "And may your days be long upon the earth."
  12. Meanwhile, back at the MS penetration testing labs by Anonymous Coward · · Score: 3, Funny

    Stewie: "Does anyone else smell astroglide?"

  13. Can it be, O brothers by EphemeralPhart · · Score: 2, Funny

    that from the city of the fallen, True believers come ?

  14. Great Source by jthayden · · Score: 2, Funny

    M$ is the best source ever on security. After all they've made all the mistakes and created all the holes. Who else would know it better?