Cisco Press - Penetration Testing and Network Defense.pdf

(13020 KB) Pobierz
Penetration Testing and
Network Defense
Andrew Whitaker, Daniel P. Newman
Cisco Press
800 East 96th Street
Indianapolis, IN 46240 USA
ii
Penetration Testing and Network Defense
Andrew Whitaker and Daniel P. Newman
Copyright© 2006 Cisco Systems, Inc.
Published by:
Cisco Press
800 East 96th Street
Indianapolis, IN 46240 USA
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic
or mechanical, including photocopying, recording, or by any information storage and retrieval system, without writ-
ten permission from the publisher, except for the inclusion of brief quotations in a review.
Printed in the United States of America 1 2 3 4 5 6 7 8 9 0
First Printing November 2005
Library of Congress Cataloging-in-Publication Number: 2004108262
ISBN: 1-58705-208-3
Warning and Disclaimer
This book is designed to provide information about penetration testing and network defense techniques. Every
effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is
implied.
The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc. shall have neither
liability nor responsibility to any person or entity with respect to any loss or damages arising from the information
contained in this book or from the use of the discs or programs that may accompany it.
The opinions expressed in this book belong to the authors and are not necessarily those of Cisco Systems, Inc.
Feedback Information
At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted
with care and precision, undergoing rigorous development that involves the unique expertise of members from the
professional technical community.
Readers' feedback is a natural continuation of this process. If you have any comments regarding how we could
improve the quality of this book or otherwise alter it to better suit your needs, you can contact us through e-mail at
feedback@ciscopress.com. Please make sure to include the book title and ISBN in your message.
iii
Trademark Acknowledgments
All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capital-
ized. Cisco Press or Cisco Systems, Inc. cannot attest to the accuracy of this information. Use of a term in this book
should not be regarded as affecting the validity of any trademark or service mark.
We greatly appreciate your assistance.
Publisher
Editor-in-Chief
Cisco Representative
Cisco Press Program Manager
Executive Editor
Production Manager
Senior Development Editor
Project Editor
Copy Editor
Technical Editors
Team Coordinator
Book/Cover Designer
Compositor
Indexer
John Wait
John Kane
Anthony Wolfenden
Jeff Brady
Brett Bartow
Patrick Kanouse
Christopher Cleveland
Marc Fowler
Karen A. Gill
Steve Kalman, Michael Overstreet
Tammi Barnett
Louisa Adair
Mark Shirar
Tim Wright
iv
About the Authors
Andrew Whitaker has been working in the IT industry for more than ten years, specializing in Cisco and security
technologies. Currently, he works as the Director of Enterprise InfoSec and Networking for TechTrain, an interna-
tional computer training and consulting company. Andrew performs penetration testing and teaches ethical hacking
and Cisco courses throughout the United States and Europe. Prior to teaching, Whitaker was performing penetration
tests for financial institutions across the southeastern United States. He also was previously employed as a senior
network engineer with an online banking company, where he was responsible for network security implementation
and data communications for e-finance websites. He is certified in the following: CCSP, CCNP, CCNA, CCDA,
InfoSec, MCSE, CNE, A+, CNE, Network+, Security+, CEH, and CEI.
Daniel P. Newman has been in the computer industry for more than twelve years specializing in application pro-
gramming, database design, and network security for projects all over the world. Daniel has implemented secure
computer and network solutions to a wide variety of industries ranging from titanium plants, diamond mines, and
robotic-control systems to secure Internet banking. Working across four continents, he has gained expertise provid-
ing secure computer network solutions within a wide range of systems. Daniel is currently working as a freelance
penetration tester and a senior technical trainer teaching Cisco and Microsoft products. In addition, Newman spe-
cializes in practicing and training certified ethical hacking and penetration testing. In his pursuit of increased
knowledge, he has become certified in the following: A+, Network+, I-Net+, Server+, Linux+, Security+, MCDST,
MCSA, MCSE (NT, 2000, 2003); Security, MCDBA, MCT, CCNA, CCDA, CSS1, CCSP, InfoSec, CEH, CEI, and
CISSP. In his off time, Newman has authored books on PIX Firewall and Cisco IDS and worked as technical editor
for books on the Cisco SAFE model.
About the Technical Reviewers
Stephen Kalman is a data security trainer. He is the author or tech editor of more than 20 books, courses, and CBT
titles. His most recent book is
Web Security Field Guide,
published by Cisco Press. In addition to those responsibil-
ities, he runs a consulting company, Esquire Micro Consultants, that specializes in network security assessments
and forensics.
Kalman holds CISSP, CEH, CHFI, CCNA, CCDA, A+, Network+, and Security+ certifications and is a member of
the New York State Bar.
Michael Overstreet is a delivery manager for Cisco Advanced Services within World Wide Security Practice. He is
responsible for the delivery of security assessment and implementation services with a focus on Security Posture
Assessments (SPA). He has worked for Cisco for six years delivering the security services. He is a graduate of
Christopher Newport University with a Bachelor of Science in Computer Science. Michael holds CISSP and CCNP
certifications.

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin