Hacking Exposed Cisco Networks: Cisco Security Secrets & Solutions | |
by Andrew A. Vladimirov, Konstantin V. Gavrilenko, Janis N. Vizulis and Andrei A. Mikhailovsky | |
McGraw-Hill/Osborne 2006 (648 pages) | |
ISBN:0072259175 | |
Defend against the sneakiest attacks by looking at your Cisco network through the eyes of the intruder. With the help of this step-by-step guide, youll prevent catastrophes by learning how new flaws in Cisco-centered networks are discovered and abused. | |
Implement bulletproof Cisco security the battle- tested Hacking Exposed way Defend against the sneakiest attacks by looking at your Cisco network and devices through the eyes of the intruder. Hacking Exposed Cisco Networks shows you, step-by-step, how hackers target exposed systems, gain access, and pilfer compromised networks. All device-specific and network-centered security issues are covered alongside real-world examples, in-depth case studies, and detailed countermeasures. Its all here--from switch, router, firewall, wireless, and VPN vulnerabilities to Layer 2 man-in-the-middle, VLAN jumping, BGP, DoS, and DDoS attacks. Youll prevent tomorrows catastrophe by learning how new flaws in Cisco-centered networks are discovered and abused by cyber-criminals. Plus, youll get undocumented Cisco commands, security evaluation templates, and vital security tools. Use the tried-and-true Hacking Exposed methodology to find, exploit, and plug security holes in Cisco devices and networks
About the Authors Dr. Andrew A. Vladimirov (Bristol, England), CCNP, CCDP, CISSP, CWNA, TIA Linux+, is a researcher with a wide area of expertise ranging from applied cryptography and network security to bioinformatics and neuroscience. He published his first scientific paper at the age of 13 and is one of the co-founders of Arhont Ltd., one of the leading IT/network security consultancies in the UK. Andrew has extensive experience working with Cisco routers, switches, and PIX firewalls, including design and penetration testing of Cisco-based networks, and has previously uncovered and published several flaws in IOS at Bugtraq. He has also published a variety of papers devoted to network/protocol security and authored a chapter on the subject of wireless security in Network Security: The Complete Reference (McGraw-Hill/Osborne) and is a co-author of Wi-Foo: The Secrets of Wireless Hacking (Addison Wesley, 2004). Andrew is supportive of both the open source and full disclosure movements. He is a graduate of Kings College London and the University of Bristol. Konstantin V. Gavrilenko (Bristol, England) has more than 12 years ' experience in IT and security and together with his co-authors is a co-founder of Arhont Ltd. Konstantin's writing draws primarily from his real-world knowledge and experience in security consultancy and infrastructure development for a vast range of clients . He is open minded and enthusiastic about research, where his main areas of interest lie in security in general and more specifically in firewalling, cryptography, VPNs, and IDS. Konstantin has an extensive experience working with Cisco PIX firewalls and Cisco VPN concentrators and client applications. He is proud to say that he is an active supporter of open source solutions and ideology, public disclosure included. Konstantin has published a variety of advisories at SecurityFocus and PacketStorm, uncovering new software security vulnerabilities, along with being a co-author of the bestselling Wi-Foo: The Secrets of Wireless Hacking . He holds a first class BS honors degree in Management Science from DeMontfort University and an MS in Management from Lancaster University. Janis N. Vizulis (Bristol, England) is a researcher and programmer with a wide area of expertise ranging from digital forensics (11 years of forensics experience in criminal police work) to black and white box penetration testing with a main focus on the gambling industry, including security consultancy in the development of online banking applications for major players in the gambling industry and developing anti-DDoS and load-balancing solutions, many of them Cisco-based. His main interest in security lies in network protocols and web application security, including the development of protocol and application fuzzing tools for new vulnerabilities discovery and equipment and application security stress-testing. Janis was the leading developer of the new tools released during the writing process of this Hacking Exposed tome. Andrei A. Mikhailovsky (Bristol, England) first became enticed by UNIX flavors back in school. He cultivated and expanded his knowledge into networking aspects of information technology while obtaining his bachelor's degree from the University of Kent at Canterbury. Soon he was engrossed in network security and penetration testing of Internet-centric equipment including various Cisco devices. On accomplishing his MBA, he co-founded information security company Arhont and participated in security research, published articles and advisories, and greatly contributed to the overall success of the Arhont team. Andrei's technical particularities include user authentication mechanisms, database and directory services, wireless networking security, and systems integration. He has extensive experience working with Cisco implementations of RADIUS and TACACS authentication protocols. |