Table of Contents

Previous page
Table of content
Next page
 < Day Day Up > 

book cover
Penetration Testing and Network Defense
By Andrew Whitaker, Daniel P. Newman
...............................................
Publisher: Cisco Press
Pub Date: November 04, 2005
ISBN: 1-58705-208-3
Pages: 624
 

Table of Contents  | Index

   Copyright
   About the Authors
   About the Technical Reviewers
   Acknowledgments
   Icons Used in This Book
   Command Syntax Conventions
   Foreword
   Introduction
      Who Should Read this Book
      Ethical Considerations
      How This Book Is Organized
    Part I:  Overview of Penetration Testing
        Chapter 1.  Understanding Penetration Testing
      Defining Penetration Testing
      Assessing the Need for Penetration Testing
      Attack Stages
      Choosing a Penetration Testing Vendor
      Preparing for the Test
      Summary
        Chapter 2.  Legal and Ethical Considerations
      Ethics of Penetration Testing
      Laws
      Logging
      To Fix or Not to Fix
      Summary
        Chapter 3.  Creating a Test Plan
      Step-by-Step Plan
      Open-Source Security Testing Methodology Manual
      Documentation
      Summary
    Part II:  Performing the Test
        Chapter 4.  Performing Social Engineering
      Human Psychology
      What It Takes to Be a Social Engineer
      First Impressions and the Social Engineer
      Tech Support Impersonation
      Third-Party Impersonation
      E-Mail Impersonation
      End User Impersonation
      Customer Impersonation
      Reverse Social Engineering
      Protecting Against Social Engineering
      Case Study
      Summary
        Chapter 5.  Performing Host Reconnaissance
      Passive Host Reconnaissance
      Active Host Reconnaissance
      Port Scanning
      NMap
      Detecting a Scan
      Case Study
      Summary
        Chapter 6.  Understanding and Attempting Session Hijacking
      Defining Session Hijacking
      Tools
      Beware of ACK Storms
      Kevin Mitnick's Session Hijack Attack
      Detecting Session Hijacking
      Protecting Against Session Hijacking
      Case Study
      Summary
      Resources
        Chapter 7.  Performing Web Server Attacks
      Understanding Web Languages
      Website Architecture
      E-Commerce Architecture
      Web Page Spoofing
      Cookie Guessing
      Brute Force Attacks
      Tools
      Detecting Web Attacks
      Protecting Against Web Attacks
      Case Study
      Summary
        Chapter 8.  Performing Database Attacks
      Defining Databases
      Testing Database Vulnerabilities
      Securing Your SQL Server
      Detecting Database Attacks
      Protecting Against Database Attacks
      Case Study
      Summary
      References and Further Reading
        Chapter 9.  Password Cracking
      Password Hashing
      Password-Cracking Tools
      Detecting Password Cracking
      Protecting Against Password Cracking
      Case Study
      Summary
        Chapter 10.  Attacking the Network
      Bypassing Firewalls
      Evading Intruder Detection Systems
      Testing Routers for Vulnerabilities
      Testing Switches for Vulnerabilities
      Securing the Network
      Case Study
      Summary
        Chapter 11.  Scanning and Penetrating Wireless Networks
      History of Wireless Networks
      Antennas and Access Points
      Wireless Security Technologies
      War Driving
      Tools
      Detecting Wireless Attacks
      Case Study
      Summary
        Chapter 12.  Using Trojans and Backdoor Applications
      Trojans, Viruses, and Backdoor Applications
      Common Viruses and Worms
      Trojans and Backdoors
      Detecting Trojans and Backdoor Applications
      Prevention
      Case Study
      Summary
        Chapter 13.  Penetrating UNIX, Microsoft, and Novell Servers
      General Scanners
      UNIX Permissions and Root Access
      Microsoft Security Models and Exploits
      Novell Server Permissions and Vulnerabilities
      Detecting Server Attacks
      Preventing Server Attacks
      Case Study
      Summary
        Chapter 14.  Understanding and Attempting Buffer Overflows
      Memory Architecture
      Buffer Overflow Examples
      Preventing Buffer Overflows
      Case Study
      Summary
        Chapter 15.  Denial-of-Service Attacks
      Types of DoS Attacks
      Tools for Executing DoS Attacks
      Detecting DoS Attacks
      Preventing DoS Attacks
      Case Study
      Summary
        Chapter 16.  Case Study: A Methodical Step-By-Step Penetration Test
      Case Study: LCN Gets Tested
      DAWN Security
    Part III:  Appendixes
        Appendix A.  Preparing a Security Policy
      What Is a Security Policy?
      Risk Assessment
      Basic Policy Requirements
      Security Policy Implementation and Review
      Preparing a Security Policy in Ten Basic Steps
      Reference Links
        Appendix B.  Tools
      Performing Host Reconnaissance (Chapter 5)
      Understanding and Attempting Session Hijacking (Chapter 6)
      Performing Web-Server Attacks (Chapter 7)
      Performing Database Attacks (Chapter 8)
      Cracking Passwords (Chapter 9)
      Attacking the Network (Chapter 10)
      Scanning and Penetrating Wireless Networks (Chapter 11)
      Using Trojans and Backdoor Applications (Chapter 12)
      Penetrating UNIX, Microsoft, and Novell Servers (Chapter 13)
      Understanding and Attempting Buffer Overflows (Chapter 14)
      Denial-of-Service Attacks (Chapter 15)
   Glossary
      A
      B
      C
      D
      E
      F
      H
      I
      J K L
      M
      N
      O P
      R
      S
      T
      U
      V
      W
   Index
 < Day Day Up > 

Previous page
Table of content
Next page
Penetration Testing and Network Defense
Penetration Testing and Network Defense
ISBN: 1587052083
EAN: 2147483647
Year: 2005
Pages: 209
Authors: Andrew Whitaker, Daniel Newman
BUY ON AMAZON
Interprocess Communications in Linux: The Nooks and Crannies
Image Processing with LabVIEW and IMAQ Vision
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
MySQL Clustering
InDesign Type: Professional Typography with Adobe InDesign CS2
Extending and Embedding PHP
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy