The book is about network security in operating systems such as Linux and Unix. In my opinion, this book will be really helpful for those students studying c335 Network Security as it addresses most of the issues in that module. The book itself is divided into three parts: Hacking Techniques and Defenses, Host Hardening and Special Topics.
Part 1: Hacking Techniques and Defenses
In this part, the reader will get to know what intrusion tactics hackers use to break into computer networks. One of the tools used for footprinting is Nmap which can scan hosts on the network with an amazing speed. With Nmap and its various commands we will know what ports are opened on the host and what operating systems the network devices are running on.
Besides Nmap, there are many other tools introduced such as Ettercap, Wireshark (also known as Ethereal) or Dsniff for capturing the packets – also called sniffing. For wireless hacking, or in other words wardriving, tools like Kismet and Airsnort can be used. Using methods of privilege escalation, a hacker can access and take control of a computer network through bugs and flaws in the operating system or software. A particular tool used in this situation is Metasploit.
An important thing to note here is that after each tutorial on hacking, a technique of defense against the hacking method is highlighted. Therefore the reader will be able to understand more fully how to secure a computer or network.
Part 2: Host hardening
Basically this part shows us how to harden our system in order to secure it from intruders. The concepts of protecting the most popular network services, including FTP, SSH, Telnet, SMTP, HTTP, HTTPS, POP, IMAP, MySQL and VNC is listed.
Part 3: Special Tools
Nessus is one of the tools that this chapter addresses. Nessus is a vulnerability scanning tool which used to be free. This powerful tool shows which machines on the network are vulnerable to which kinds of attacks.
This part of the book covers not only tools but also on writing scripts for tools such as Nessus. There is section on “Writing Nessus Plug-ins Using NASL” (Nessus Attack Scripting Language). Moreover, the reader will understand the latest wireless (802.11) hacking techniques and tools and will be able to use those tools even on PDAs.
Where to find the book?
Call.No: QA76.9.A25 DHA 2003
Written by Ngo Minh Nam