Hacking Exposed Cisco Networks (Hacking Exposed)
by: Andrew Vladimirov Konstantin Gavrilenko Andrei Mikhailovsky
Hacking Exposed Cisco Networks
By Andrew Vladimirov, Konstantin Gavrilenko, Andrei Mikhailovsky
Publisher: McGraw-Hill Osborne Media
Number Of Pages: 400
Publication Date: 2005-12-15
ISBN-10 / ASIN: 0072259175
ISBN-13 / EAN: 9780072259179
Product Description:
Here is the first book to focus solely on Cisco network hacking, security auditing, and defense issues. Using the proven Hacking Exposed methodology, this book shows you how to locate and patch system vulnerabilities by looking at your Cisco network through the eyes of a hacker. The book covers device-specific and network-centered attacks and defenses and offers real-world case studies.
Summary: A good reference on Cisco security
Rating: 4
If you are a cisco security expert maybe this book will not have any new information for you, but since most of us are not, I would recommend it for anyone who is trying to protect a Cisco infrastructure. The author covers a lot of material, and as with any internet resources, some move and disappear but it still puts you on the right path to know what needs to be hardened. The language is not as smooth as it could be, but it certainly better than most and the subject matter can get pretty complicated at times so some tolerance is reasonable. Overall I would recommend it to someone wanting to know more about practical Cisco security.
Summary: Pretty good
Rating: 4
I really nice first attempt at zeroing in on and attacking Cisco devices, something I do for a living. The book, however, is NOT really a "Hacking Exposed" line from the Scambray, Kurtz and McClure camps. It is funny how fast people will buy anything tagged with "Hacking Exposed." This book does deliver some VERY good hardening and attacking techniques and I would suggest it for anyone that is in the network security field, especially those that are directly involved with the routers/switches.
Summary: Not a great book - not a bad book either
Rating: 4
"Hacking Exposed: Cisco Networks" is not bad but then again not great. What caused it to only get 4 out 5 stars was that many of the tools and links no longer work and this review is being written in March 2006 for a book published in Jan 2006!
One example of many:
- page 521: Cisco's tcphijack
I would then have to Google to see if the tool was now elsewhere - sometimes successfully, sometimes - not.
Another example of bad tooling - page 519 - Arpworks. Yes it is still there but they fail to mention that it only works on Windows 95/98. I could go on and on.
The thing that really annoys me on this book is the binding. The softcover binding is made of some very cheap paper which curls up. For a $50 list-price book (I paid $50 for ordering it 1st and not waiting 2 months for the price to drop to $30), I would think that Osborne could have popped for an extra $1 on a good jacket quality - which would never happen with O'Reilly.
I did pick up a few tools I was not aware of, but was it worth $50?! Nope. Is it worth now $30? Questionable. If you live and breath Cisco security there won't be much new to learn here, but it does give you a reference to lend to others that keep asking you the same questions. :-)
Hank Nussbacher
Summary: Great Overall View of the Situation
Rating: 5
I think that it is difficult, perhaps impossible, to build a modern network that does include at least some Cisco equipment. Following the general set up rules in the various manuals produce a system architecture that is generally considered to be at least reasonably secure.
Basically this book may well change your mind on just how secure your Cisco system really is. As the major supplier of network equipment, Cisco is also the major target of the bad guys that are out there.
The information in this book is presented through the eyes of the penetrator. It discusses in a step-by-step way how to break into various Cisco devices on a network. By knowing how to break into the network, you can then go plug the holes in your system to keep other people from doing the same thing.
Much of the material here is available in bits and pieces around the web, in various postings, even in publication form. What this book does is bring all of the information together in one place. If you're already an expert on the subject, you might get a point or two here and there. If your just beginning to think about this kind of situation, here is a great way to get started.
Summary: A good first cut at Cisco-centric attack and defense
Rating: 4
I've always been a fan of Osborne's Hacking Exposed books (although subjects like "Computer Forensics" don't seem to fit the spirit of the series). I previously read Wi-Foo: The Secrets of Wireless Hacking by the same authors who wrote Hacking Exposed: Cisco Networks (HECN). Comparing the two books, I agree with previous reviewer Sean E. Connelly; I think HECN was rushed to market. The book needs better technical review, proofreading, and copyediting as well. Nevertheless, I still recommend reading HECN -- it's a unique book on a critical subject.
One of the more striking aspects of HECN is the amount of original research committed to the book. Sure, the authors document already known Cisco vulnerabilities. However, they also developed a suite of tools to implement attacks discussed in HECN. They demonstrate how to apply various tools and when those applications are realistic. HECN's authors discovered a variety of new exploits (documented at the book Web site) which they submitted to Cisco's PSIRT. I appreciated this degree of originality.
HECN is on the leading edge of attacks happening right now. While reading the book I assisted with an incident response involving a Cisco switch. It appeared that bot net command-and-control traffic was originating from a switch on a client network. Upon closer inspection, I could tell that unknown intruders were bouncing IRC traffic through the management interface of the switch, probably using a variant of the ciscoBNC tool introduced in Ch 10. HECN also describes the possibilities offered by Tcl scripting on Cisco routers, which I expect to see intruders abuse.
I had two sorts of problems with HECN. First, the text can be somewhat confusing to follow. In some parts this is caused by the authors' writing style. In others confusion is caused by the authors' unwillingness to fully describe sensitive exploitation techniques. For example, they mention ways to reverse engineer and/or patch IOS binary images, but they are deliberately vague. This helps the authors stay out of trouble with Cisco, but it leaves the reader frustrated. The second problem with HECN involves the tone of the book. In some places I was left wondering why the authors made certain comments. A good example of material that should simply be dropped is the final "case study" at the end of the book.
Some minor technical issues should be fixed in future editions. In addition to those outlined by previous reviewers, I would add the item on p 460 that says AH is IP proto 49; it should be 51. I also thought the Nmap scanning recommendations on p 136 were somewhat silly. It's best to stick with the simplest scan possible and avoid the poorly-named "stealth" options Nmap offers. Finally, some of the screen shots were too fuzzy. Images taken from Ethereal in Ch 4 are examples of this problem.
Overall, I would still buy HECN. Administrators and security professionals must recognize that Cisco equipment (along with infrastructure from other vendors) are actively targeted, exploited, and abused by intruders. HECN explains how this happens and what you can do to prevent, or at least detect, these compromises. It's like 1999 all over again -- get the Hacking Exposed title that will help you mitigate a new class of threats!
https://ifile.it/p1sior/0072259175.rar
المفضلات