Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security Books Media Encryption Programming Book Reviews IT Technology

HackNotes Network Security Portable Reference 44

Posted by timothy from the checklists-can-be-helpful dept.
Blaine Hilton contributes this review of the Network Security Portable Reference, part of Osborne's "HackNotes" series. He writes "This book is best suited as an introductory overview to network security. Very little is covered in-depth. However, the book touches on pretty much the whole breadth of security topics. For people that are experienced with computer/network security topics, this book can be used to round out that knowledge and find weak areas." The rest of his review follows.
Hack Notes Network Security Portable Reference
author Mike Horton and Clinton Mugge
pages 228
publisher Osborne
rating 9
reviewer Blaine Hilton
ISBN 0072227834
summary A concise overview of network security

It may sound like a problem that the book doesn't give all of the details, but if it did there is no way it could be a "Portable Reference". My favorite feature of the book is its small size. I can easily keep it in my laptop bag and reference it as needed. I can then use that as a springboard to look up more information such as man pages. It is important to understand though that one will not become a network security expert after reading this book alone.

The book starts off talking about the Asset and Risk Based INFOSEC Lifecycle Model (ARBIL). This is something that I've heard many times before, but the drawing of the process helped engrain that concept. It also visually demonstrates how security is not just a one-time activity, but a continual process that just keeps going. You analyze the system, find the weaknesses, fix them, and then start over again. In the same fashion the book covers the SMIRA risk assessment process in a highly graphic way.

The Network Security Portable Reference is for people who have access to and are very familiar with both *nix systems and Windows. Depending on what tool or commands they are using both systems are used throughout the references. The book gives a list of tools they think you need, and basically say go to the site to learn about it. If you want detailed information on how to use these tools then this is not the book for you.

The book goes over different security aspects for *nix and Windows machines, it also talks about how the network itself can be compromised, including wired networks, and wireless. The authors also go over web applications and older technology such as phone PBX systems.

The assessment checklist at the end of the book provides a great check to determine your network security baseline and see what areas need work. Along with the assessment checklist there is a list of best practices. However, they are in the front of the book and while I can vaguely understand the difference, it seems to me that they should be together. As I believe when auditing a network you would check if best practices were implemented along with the rest of the checklist.

Another odd layout issue in the book is what they call the Reference Center. This is an area in the middle of the book, with a separate numbering system and the first page in the table of contents. There is no mention as to what this Reference Center is until you flip through the book and find the blue pages in the middle that begin with page rc1.

As I've mentioned before this book is a great springboard that will help point you in the right direction for information. One of the ways the authors do this is by having a Reference Center in the middle of the book and quite a few appendixes in the back of the book, there is also an index which is helpful for quick look ups.

When doing consulting work I've found that using the checklist in this book is a great way to begin looking at a company's network security. I have used this on two networks so far and have found it helpful, it is much better then trying to remember to check everything that you can think of at any particular moment. I have also found the Open Source Security Testing Methodology Manual to be quite thorough.

You can purchase HackNotes Network Security Portable Reference from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, carefully read the book review guidelines, then visit the submission page.
This discussion has been archived. No new comments can be posted.

HackNotes Network Security Portable Reference More

HackNotes Network Security Portable Reference

Comments Filter:

  • My copy of this book was hacked (Score:2, Funny)

    by Anonymous Coward
    There was a picture of goatse on page 114.

  • The reference guide is very good. (Score:5, Informative)

    by Muda69 ( 718162 ) on Tuesday May 04, 2004 @02:25PM (#9054234)
    The refrence guide inside is very useful. It has a list of commonly used ports by attackers and what exploit is mostly used on the specific port. Simple guid on some command line port scanners like nmap and Scanline. Includes some commonly used passwords. The book is a portable reference that has a lot of information.
    • Whoaf for a second I was worried they'd start trying to attack my IIS server using the traverse directory attack (IIS 4, unpatched), now at least I'll know they are using port 80 to attack me, what a relief, for a minute I thought it was port 4221.. :O

      Common passwords? But password IS my password, what do you mean that's not secure? :O

      It's laughable that anyone would need to run nmap on there OWN COMPUTERS, except maybe for mass scanning.. Never heard of NETSTAT or TCPVIEW?!

      Good thing it's p
      • Netstat and/or TCPView can be trojaned as part of a rootkit.

      • I run nmap on all my servers all the time - from a protected host with lots of tripwire scanners. Some boxes are windows, some are solaris, lots are linux - having a single host running scans against all my boxes helps me spot a new port open up, gives me more trust that my local copy of netstat hasn't been rooted, and lets me archive and compare against the results of a previous run.

        Maybe you don't manage very many machines?

  • Bah (Score:5, Funny)

    by Prince Vegeta SSJ4 ( 718736 ) on Tuesday May 04, 2004 @02:25PM (#9054236)
    this book can be used to round out that knowledge and find weak areas. I have no weak areas, I just run Windows XP, with no security patches, no antivirus, no firewalls, on a wireless lan with no WEP or WAP, Broadcast SSID turned ON, the password for Administrator is administrator. and everything us shared and accessible by the everyone group.

    it is so wide open, all the hackers think it is a honeypot and just leave it alone. now that's security.

    • so... (Score:2, Funny)

      by Anonymous Coward
      what's your ip address?

      • Re:so... (Score:5, Funny)

        by HiredMan ( 5546 ) on Tuesday May 04, 2004 @02:44PM (#9054515) Journal
        His address is 127.0.0.1!

        But don't bother going there - I've pwned his box and I'm busy deleting his files as we speak. SuX0r!

        =tkk
        • From http://bash.org/?119969

          <ruffkin2> HAHAHAH dat dude you sent me 127.0.0.1 iz enfected wit sub7 im fuckin with him now
          <andrw> oh good, format his computer
          <Testicular_One> format his computer
          <TheGreaterZero> format him
    • How do you have a wireless LAN with no access points? WTF?!! Your right, that IS secure!
    • ... the password for Administrator is administrator ... all the hackers think it is a honeypot ...


      You have an adminstrator password ... that's what tipped them off! Let me guess -- you're also runing a sepearate user account?
  • The second and third chapters (at least) are filled with typos!!
    • 'There is no mention as to what this Reference Center is until you flip through the book and find the blue pages in the middle that begin with page rc1.' [emphasis mine]

      And you couldn't tell us?

  • Two issues (Score:4, Informative)

    by GoneGaryT ( 637267 ) on Tuesday May 04, 2004 @02:55PM (#9054630) Journal
    The first couple of things that I thought of:

    Legal: The law tends to steer much about security and defines, outside of the "market", what things are to be held of value and the penalties for not protecting these things. Different countries, different laws. "IT Security" means subtly different things according to your location. How -centric is this book? Would it be useful to me in the UK or EU?

    Secondly, port lists. Above 1024, these change their primary meaning as new worms, bots and sploits emerge. I label ports as information becomes available, just to remind me what nasty is at the other end, and never mind what innocent app used it before. How useful / up to date is the trojan list in the book?

    Just my 2 penn'orth.

  • All most people need for their security is a simple firewall. I like Tiny Personal Firewall personally. The only other thing is to use common sense. If anyone is interested in PHP or SQL security, check out http://www.uberhacker.com/

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close