Es wird kein Kindle Gerät benötigt. Laden Sie eine der kostenlosen Kindle Apps herunter und beginnen Sie, Kindle-Bücher auf Ihrem Smartphone, Tablet und Computer zu lesen.
Geben Sie Ihre E-Mail-Adresse oder Mobiltelefonnummer ein, um die kostenfreie App zu beziehen.
BackTrack 4: Assuring Security by Penetration Testing Kindle Edition
|Neu ab||Gebraucht ab|
|Länge: 392 Seiten||Sprache: Englisch|
Kunden, die diesen Artikel gekauft haben, kauften auch
Die hilfreichsten Kundenrezensionen auf Amazon.com (beta)
The authors introduce the idea that pen testing is not about randomly using a collection of tools to plink around a network. Instead, a structured, procedural methodology should be used to achieve timely, thorough, and reportable results. The author's also provide a detailed description of a security testing methodology to be used with BackTrack itself.
Each step in this methodology represents an element in the penetration testing life cycle management performed for each customer. The authors describe how this organized progression allows pen testers to determine their course of action, plan for needed resources, and not waste time and resources by duplicating effort. My only complaint is that this section is too small, and deserves expanding using actual case studies.
A considerable number of pen testing tools for each step in the methodology are covered with examples and instruction. Popular tools covered include Metasploit (Meterpreter), Maltego, NMap, NetXpose, and Nessus. Tools for exploiting (uh, testing) Web servers, databases, applications, and even Cisco devices are also covered.
I was very happy to see a chapter on Social Engineering. Experienced pen testers often remark that the most penetrable area of any system are the people who use and control it. The authors provide a detailed description of the psychology, tactics, and objectives of social engineering and how it is used to penetrate the "fleshy" parts of information systems.
This book is intended to educate both novice and experienced pen testers on how to successfully use BackTrack 4. I am sure not every professional pen testing will agree with everything in this book, as it represents the personal experience of only a few people in the profession. However, novices will find a tremendous amount of hands-on practice and enlightening information related to the pen testing profession in clear and readable instructions. Pros should a few things about becoming an even more efficient and versatile pen tester too.
That being said, I believe the information in this book to be directly applicable to Backtrack 5 and a good reference for it!
The book is a great tutorial and walk-through on how to use Backtrack for security and penetration testing, but, more than that, it offers good information about the field in general. You will go through software installations, software overviews, methodologies, tests / testing, and my favorite part, reporting and deliverables, a MUST for professional computer people.
I think this is an excellent book to add to your knowledge arsenal and you may be surprised at just how much you didn't know. I know I was. This really is an important subject for computer professionals and I cant think of a better way to brush up than by grabbing a copy today. Thumbs up!
I would recommend this to anyone who doesn't know very much about BackTrack, or anyone who just wants a reference for it. This is also a great book for beginner Pen Testers.
This book did wonders for me. Not only did it begin talking about the process and procedures for for planning and mapping out your testing, but also goes in-depth detailing and demonstrating the tools following that process. Those are: Target Scoping, Information Gathering, Target Discovery, Enumerating Target, Vulnerability Mapping, Social Engineering, Target Exploitation, Privilege Escalation, and Maintaining Access.
I went through this book with the latest distribution, BackTrack 5. Although majority of the information was applicable, i still had to pop over to a BackTrack 4 virtual for some of the exercises. Overall, I found this book extremely useful and would definitely recommend it to anyone wanting to learn about penetration and network security or test their home defenses. While not a complete or definitive volume by any means, it is a great foundation for those wanting to start down the path of penetration testing.
Reading through the initial chapters you will encounter the core pen-testing concepts and descriptions of various assessment methodologies. They are explained very clearly and precisely as a whole. You will also find explanations of best security assessment tools, their options usage and results interpretation, and pen-testing project management and reporting guidelines. What I most like about this book is that the tools are well-organized in penetration testing methodology shown with practical examples and best yet, compatible with BackTrack 5 too. I hope the authors will take out an update of this book for BackTrack 5 soon. It is a great addition to my information warfare arsenal.