BackTrack 4: Assuring Security by Penetration Testing

BackTrack 4: Assuring Security by Penetration Testing

Book rating: 05 Paperback

By (author) Shakeel Ali, By (author) Tedi Heriyanto

USD$49.99

Free delivery worldwide
Available
Dispatched in 3 business days
When will my order arrive?

  • Publisher: Packt Publishing Limited
  • Format: Paperback | 371 pages
  • Dimensions: 208mm x 272mm x 28mm | 1,061g
  • Publication date: 19 April 2011
  • Publication City/Country: Birmingham
  • ISBN 10: 1849513945
  • ISBN 13: 9781849513944
  • Illustrations note: black & white illustrations
  • Sales rank: 335,178

Product description

BackTrack is a penetration testing and security auditing platform with advanced tools to identify, detect, and exploit any vulnerabilities uncovered in the target network environment. Applying appropriate testing methodology with defined business objectives and a scheduled test plan will result in robust penetration testing of your network. BackTrack 4: Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating the cutting-edge hacker tools and techniques in a coherent step-by-step strategy. It offers all the essential lab preparation and testing procedures to reflect real-world attack scenarios from your business perspective in today's digital age. The authors' experience and expertise enables them to reveal the industry's best approach for logical and systematic penetration testing. The first and so far only book on BackTrack OS starts with lab preparation and testing procedures, explaining the basic installation and configuration set up, discussing types of penetration testing (black-box and white-box), uncovering open security testing methodologies, and proposing the BackTrack specific testing process. The authors discuss a number of security assessment tools necessary to conduct penetration testing in their respective categories (target scoping, information gathering, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation, maintaining access, and reporting), following the formal testing methodology. Each of these tools is illustrated with real-world examples to highlight their practical usage and proven configuration techniques. The authors also provide extra weaponry treasures and cite key resources that may be crucial to any professional penetration tester. This book serves as a single professional, practical, and expert guide to developing hardcore penetration testing skills from scratch. You will be trained to make the best use of BackTrack OS either in a commercial environment or an experimental test bed. A tactical example-driven guide for mastering the penetration testing skills with BackTrack to identify, detect, and exploit vulnerabilities at your digital doorstep.

Other people who viewed this bought:

Showing items 1 to 10 of 10

Other books in this category

Showing items 1 to 11 of 11
Categories:

Customer reviews

By Dainius Valatka 15 May 2011 5

This review is from: BackTrack 4: Assuring Security by Penetration Testing (Paperback)
The authors tackle a persistent danger to many websites and networks that hang off the Internet, where often the complexity of the operating systems and applications and the interactions between these can open doors to attackers. So the basic idea of penetration testing is to preemptively probe ('attack') your system. Find the weaknesses first, before others do so.

In part, the text offers a good overview of the field, separate from the usages of BackTrack. So you get a summary of several common security testing methodologies. Including the Open Source Security Testing Methodology Manual. If you have a background in science experiments, you'll see clear parallels in how this OSSTMM approach investigates an unknown system.

As far as BackTrack is concerned, its capabilities are explored in depth through most of the text. It does seem to have covered all the bases. Like checking/scanning for open TCP and UDP ports on target machines. Or looking for live machines on a network. One thing that becomes clear is that you can treat BackTrack as a repertoire of free tools. And you can pick just a subset of these tools to initially use against your network, if you have specific needs or suspicions,

To be sure, the recommended usage is a top down one, where you treat BackTrack as an integrated whole and you systematically first plan out your entire testing. No argument from me. You should do this, if you decide to use BackTrack in the first place. But a pragmatic incremental approach might still have some nuopelnas. Where you can just choose a tool and look up its usage in the text and run it. Easy to get some experience and confidence.