Master the tools of the network security trade with the official book from SANS Press! You need more than a hammer to build a house, and you need more than one tool to secure your network. Security Essentials Toolkit covers the critical tools that you need to secure your site, showing you why, when, and how to use them. Based on the SANS Institute’s renowned Global Information Assurance Certification (GIAC) program, this book takes a workbook-style approach that gives you hands-on experience and teaches you how to install, configure, and run the best security tools of the trade.
Amazon.com ReviewThe best way to develop a working knowledge of anything is to actually work with it–see it work, see it fail, and see what happens when variables are adjusted. Under the guise of an exam-preparation aid, SANS GIAC Certification: Security Essentials Toolkit guides its readers through a series of carefully designed experiments that collectively illustrate how attackers go about breaking into (or just plain breaking) their targets. The authors assume little background knowledge on the reader’s part and take care to show you what you need to do in order to see the effects they’re trying to demonstrate. This is, above all, a laboratory manual, and the authors deserve kudos for their effort to ensure that you can reproduce their results. A highly graphical design and wide, lay-flat binding make this book all the more useful as a hands-on companion.
The authors’ dedication to standardization is evident from the first exercise (this book consists almost entirely of exercises), in which they show how to build a dual-boot system with both Linux and Windows 2000 installed. The idea is that you can build this system once, make an image of it, and then be able to repeatedly break and rebuild your system without wasting time. Subsequent exercises deal with different types of attacks and the defenses that are effective against each. Each exercise has an explicitly illustrated procedure–usually illustrating a successful attack and a failed one (i.e., one that was defended against). You learn not only to install defensive software and trust it, but also to recognize evidence of attacks in log files and in behavioral symptoms. More security books–and technical books in general–should be like this one. –David Wall
Topics covered: The kinds of attacks–against Windows 2000 and Linux systems–that are covered on the SANS Institute’s Global Information Assurance Certification (GIAC) exam, as well as the software tools and configuration strategies that you can use to protect your systems against them. The authors cover many attacks–including Trojans, host spoofs, and others–and many defensive weapons (like firewalls and intrusion detection systems).