|
| SANS GIAC Certification: Security Essentials Toolkit (GSEC) (Certification) | 
| Authors: Eric Cole, Mathew Newfield, John M. Millican
Creator: Stephen Northcutt
Publisher: Que
Category: Book
List Price: $54.99
Buy New: $15.95
You Save: $39.04 (71%)
New (15) from $15.95
Avg. Customer Rating:  9 reviews
Sales Rank: 59467
Media: Textbook Binding
Number Of Items: 1
Pages: 384
Shipping Weight (lbs): 3
Dimensions (in): 11.4 x 8.4 x 0.7
ISBN: 0789727749
Dewey Decimal Number: 005.8
UPC: 029236727741
EAN: 9780789727749
ASIN: 0789727749
Publication Date: March 28, 2002
Availability: Usually ships in 1-2 business days
Condition: Good Condition, delivery time 10 to 12 Working days, via Priority airmail from UK
|
| Similar Items:
|
| Editorial Reviews:
Amazon.com Review
The best way to develop a working knowledge of anything is to actually work with it--see it work, see it fail, and see what happens when variables are adjusted. Under the guise of an exam-preparation aid, SANS GIAC Certification: Security Essentials Toolkit guides its readers through a series of carefully designed experiments that collectively illustrate how attackers go about breaking into (or just plain breaking) their targets. The authors assume little background knowledge on the reader's part and take care to show you what you need to do in order to see the effects they're trying to demonstrate. This is, above all, a laboratory manual, and the authors deserve kudos for their effort to ensure that you can reproduce their results. A highly graphical design and wide, lay-flat binding make this book all the more useful as a hands-on companion. The authors' dedication to standardization is evident from the first exercise (this book consists almost entirely of exercises), in which they show how to build a dual-boot system with both Linux and Windows 2000 installed. The idea is that you can build this system once, make an image of it, and then be able to repeatedly break and rebuild your system without wasting time. Subsequent exercises deal with different types of attacks and the defenses that are effective against each. Each exercise has an explicitly illustrated procedure--usually illustrating a successful attack and a failed one (i.e., one that was defended against). You learn not only to install defensive software and trust it, but also to recognize evidence of attacks in log files and in behavioral symptoms. More security books--and technical books in general--should be like this one. --David Wall Topics covered: The kinds of attacks--against Windows 2000 and Linux systems--that are covered on the SANS Institute's Global Information Assurance Certification (GIAC) exam, as well as the software tools and configuration strategies that you can use to protect your systems against them. The authors cover many attacks--including Trojans, host spoofs, and others--and many defensive weapons (like firewalls and intrusion detection systems).
Product Description
Master the tools of the network security trade with the official book from SANS Press! You need more than a hammer to build a house, and you need more than one tool to secure your network. Security Essentials Toolkit covers the critical tools that you need to secure your site, showing you why, when, and how to use them. Based on the SANS Institute's renowned Global Information Assurance Certification (GIAC) program, this book takes a workbook-style approach that gives you hands-on experience and teaches you how to install, configure, and run the best security tools of the trade.
|
| Customer Reviews: Read 4 more reviews...
Not a complete Exam Prep ... but still essential for anyone studying the basics of IT Security June 28, 2007
The Security Essentials Toolkit is a book that is very easy to pick up and read, and concentrates on the practical elements of the GIAC SANS GSEC exam that differentiate it from the other major vendor neutral certifications (such as the SSCP and Security+). While the Security+ exam may discuss the fact that "Viruses are bad" and review the different types of malware, the GSEC also looks at HOW to detect, avoid, block and/or remove such exploits.
This text was originally published in 2002, and recently celebrated its 5th birthday. However, I would argue that this is not as critical as it may first appear to be. The entire thrust of this book is to encourage you to download, install and experiment with these tools - this is not so much a Textbook, but rather a Lab Guide / Workbook. Although this book includes the vast majority of the tools that you require to sit this exam, it should be noted that the GSEC curriculum is revised regularly, and consequently, this text should be considered an effective starting point - not an all-inclusive text.
Because some of these labs entail installing and running applications that would often breach company policies (port scans, root kits, trojan horses, key loggers and the like), warning are scattered liberally throughout the book to ensure that you have the written permission of the appropriate department before performing any of these steps on your company network - and it's a warning that really must be heeded ... if you're studying for this sort of certification, you must start to understand the requirement for creating such policies, because in the long run, you'll probably be creating the policies for your minions colleagues!
In some environments, setting up these labs may be difficult, as many companies will have web filters that could well block some of these things from being downloaded; a CD with these tools would be a welcome addition to the toolkit.
I would consider this title to be essential reading for anyone considering studying not only the GSEC certification, but for any practical introduction to Information Security / Computer Security (such as the Security+ and SSCP certifications, to name just a selection). However, this should be one of several study texts - it is not a complete exam preparation guide (but doesn't claim to be either).
 good book, but not always accurate April 20, 2003
7 out of 7 found this review helpful
If you don't have any security background then this book is a good place to start. Be ready, however, for most of the links to be out of date (the book was published in 2002). This can be circumvented by a little help from Google to find the utilities you need for the exercises. There are also a few inaccuracies in the syntax provided. These can be resolved with help from "man" (i.e. 'man ipchains') or the help for the particular utility.
 Great hands on book January 9, 2003
3 out of 4 found this review helpful
I really liked this book. I liked how it did not just inform you about these tools but actually had you use them to gain understanding. Any good systems/network admin should be familier with the tools in this book. Both UNIX and Windows admins will gain great experiance and understanding of their systems weaknesses.
I have read many books on "hacking" and security and this one is the only one that actually has you use these tools.
It is setup in a very easy to follow and understand format. This book is a must for EVERY Admin, not just for preparing you for a test. Even if you never take a security exam, this book will give you great intro and experience with the use of the tools described.
No time spent proofreading this book December 17, 2002
2 out of 2 found this review helpful
This book presents some welcome hands on exercises to learn about security. However, it is very clear that at no time did anyone sit down with the book and actually try out the exercises before the book was published. The result is that many of the exercises simply do not work as written and much time is spent simply troubleshooting the steps.Apart from the poor quality control of this book, it lacks good solid explanations to accompany most of them. Like many such exercise-oriented book the minimal level of explanations leaves one feeling that they are merely following a recipe in a cookbook. In summary, while the book offers something that is missing in the marketplace, it seems that is was rushed into print with little quality control. Unfortunately there are no errata sheets available from the publisher.
SANS books are usually very good. But... July 4, 2002
5 out of 20 found this review helpful
Hi,I love Sans courses and books,
I liked how this book started but I really got stuck right on the first exercise. L I'm a MCSE and I'm starting to learn the Linux world, and on the first exercise where he was showing how to create a user account thru RLogin on Linux, I believe he missed a step.
I followed his instructions installing Linux (it really has to be the version 7.2 Red Hat) if you try 7.1 the screens will be different from the one in the book. The instructions were good, I created a User account (Linux gave me an opportunity to create a normal user account during installation). I logged in as this new user to start the exercise where he is explaining about trust relationship. And using the Rlogin command, I create the new user account ++ jmm and then on the next step he asks to log in with the new user account?? That is when I got lost. Is there a way the log off in the Shell Prompt (that is where the exercise was done) as "user A" and log in as the new user (user B) that I just created or do I have to totally get out and log off and then connect as jmm (I tried the second option but then it asks for a password in which I did not create for jmm since the exercise did not mentioned to do so. I could not log back in.) Trying to research to see if there are any good books on Windows admins learning Linux (red hat).
I understand that this issue might be too basic, sorry guys, I always been a MS kind of guy. But now I'm trying to test new waters. It would have been great if the author might suggested some previous reading that would give further details on the type of exercise that he is trying to show and just in case you are totally newbie with the Linux O.S.
Thanks
|
|
|
Wildlife, nature and the Environment
Sponsored Links
Learn how to get your own Amazon Book shop | |
