Penetration Testing and Network Defense

Security threats are on the rise, and companies must be prepared to face them. One way companies are assessing security risk and the vulnerability of their networks is by hiring security firms to attempt to penetrate their networks or by developing in-house penetration testing skills to continually monitor network vulnerabilities. Penetration testing is a growing field, yet there is no definite resource on how to perform a penetration test and the ethics of testing. Penetration Testing and Cisco Network Defense offers detailed steps on how to emulate an outside attacker to assess the security of a network. Unlike other books on hacking, this book is specifically geared toward penetration testing. Divided into two parts, this book provides a set of guidelines and methodologies for understanding and performing internal penetration tests. It also shows how an attack can be detected on a network. Part one covers understanding penetration testing, assessing risks, and creating a testing plan. Part two focuses on the particulars of testing, and each chapter includes three essential components: the steps to perform a simulated attack using popular commercial and open-source applications; how to detect the attack with Cisco Intrusion Detection Sensor and Security Agent; suggestions on how to harden a system against attacks.