Network Security: Book Reviews (Security Power Tools and Network Security Assessment)
McNab, Chris. Network Security Assessment, Second Edition. O'Reilly: Sebastopol, CA. $39.99 (1350 baht); 478 pages. ISBN 0-596-51030-6
A high proportion of computer users are dependent on networks. A problem with the system means that productivity falls and, in proportion, frustration rises. For many of us, mercifully, once a small network at home is set up, it rarely needs any change. For someone with such a small, home network, Scott Lowe's, Home Networking: The Missing Manual, is fine.
A larger organisation will have perhaps scores of users with accounts, data, settings; all of which must be managed. That falls to the system administrators who may have to contend with different operating systems, special needs, security, updates and the occasional service outage. A monumental task.
There are several sources of help. As well as online information, there are many books aimed at all, or specific concepts: for example TCP/IP. A major concern these days is security, as networks may come under attack from a variety of directions: external and internal.
Two books came my way a while back, both with the subject of network security, but each with its own approach: McNab's Network Security Assessment (2nd edition) and the multi-authored, Security Power Tools.
McNab looks at specific examples of technology used, for example the Apache web server or port scanning and in many cases outlines any known vulnerabilities, then suggests solutions. Apache for example, he tells us, "has a number of known remotely exploitable issues. . ." which he explains both in text and a quick-access table.
As much of the text is taken up with code, it is primarily a work for reference. There are screen shots in places throughout the book although it is not heavily illustrated -- no need. An excellent, in-depth work that should grace the shelves of any system admin., university computer department, or library.
The opening chapter, in a section by itself, covers the legal and ethical. As some tools that are available to those who work in networking may allow access to other networks, it is a good idea to know where the line is before we over-step it. Simple examples of these probes are "ping" and "whois" - both legal: port scanning might not be, depending on who does it and for what purpose.
The book's sections are, Reconnaisance, Penetration, Control, Defense, Monitoring, and Discovery. Nic Beauchsesne's writing on Rootkits, for example, defines the term and explains some of the tools available to those who would seek to install the like. The best solution to the rootkit is a good defense as removal "could end up being a very difficult task" he claims. In the examination, rootkit identifiers are also reviewed; then the solution: in this case it includes a fresh install.
There are also occasionally snippets of information or suggestions, separated from the text and indicated by thumbtack images. For example, in "Finding a Windows Backdoor with Netstat", we read, "You can use the -v flag in conjunction with the -b flag. . . ."
Security Power Tools, with over 800 pages, is clearly the more comprehensive, although this does not exclude the McNab work by any means: they complement each other. MacNab veering towards analysis; while Burns is more proactive in defense of a system. Both include references to different operating systems: Solaris, Windows, Mac OS X and various flavours of Linux; McNab also has a passing reference to the Silicon Graphics IRIX system.
Both are wide-ranging and valuable reference works for those charged with security or learning about the tools to make our networks and computers safer. As such, the index in each is detailed. Included in the price is access to online versions via the Safari website.
For further information, e-mail to
To eXtensions: 2004-05
To eXtensions: Year Two
To eXtensions: Year One
To eXtensions: Book Reviews
Back to homepage