| | |  | Software Engineering | Home » » » Build Your Own Security Lab: A Field Guide for Network Testing | | | | | | | Product Promotions: | | | | | Description: | | If your job is to design or implement IT security solutions or if you’re studying for any security certification, this is the how-to guide you’ve been looking for. Here’s how to assess your needs, gather the tools, and create a controlled environment in which you can experiment, test, and develop the solutions that work. With liberal examples from real-world scenarios, it tells you exactly how to implement a strategy to secure your systems now and in the future.Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file. | | | Product Details: | | | Author:
| Michael Gregg | | Paperback:
| 456 pages | | Publisher:
| Wiley | | Publication Date:
| April 28, 2008 | | Language:
| English | | ISBN:
| 0470179864 | | Product Length:
| 7.4 inches | | Product Width:
| 0.98 inches | | Product Height:
| 9.2 inches | | Product Weight:
| 1.46 pounds | | Package Length:
| 9.1 inches | | Package Width:
| 7.3 inches | | Package Height:
| 1.1 inches | | Package Weight:
| 1.45 pounds | | Average Customer Rating:
|  based on 8 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 8 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
22 of 26 found the following review helpful:
 Excellent for novicesNov 18, 2008
By A. Johnson
I'll be completely honest. I went through this in about two hours, and I plan on returning it. It simply didn't have anything new for me. I was expecting it to be more along the lines of setting up a virtual network, attempting to hack the VMs, and then checking the procedures to see if you did it right.
Instead, this book covers things like how to install OSes into VMs, gives basic overviews of tools, etc. However, this is a great book if you're at the appropriate level for it. I think this makes a good follow-up to CompTIA's Security+ certification. It'll help novices get their feet wet with actual hands-on activities. I've done nearly everything in this book on my own, and that's really the only problem with it. While I didn't pay a great deal of attention to every bit of text, it seemed to be technically accurate and free from errors.
I wish I could give a more detailed review, but I thought I'd at least post this since no one has reviewed it yet. Just take your skill level into account when considering this title. If you want more advanced books, check out the Hacking Exposed series, Grey Hat Hacking, and the Penetration Tester's Open Source Toolkit.
13 of 15 found the following review helpful:
 Excellent book for a beginner, not recommended for the experienced Info Sec individualJul 11, 2009
By Jesse G. Lands
"Build your own Security Lab A field guide for network testing" is great at what it is intended to be: an introduction for a novice security person in what they should be working on to get experience in the field. I have Michael Gregg's Certified Ethical Hacker and in most terms I would say this book is more of a work book for the study guide. It gives you a feel for what equipment you will need and how the equipment should be connected, but doesn't go to in-depth into the nuts and bolts of it.
The book includes a copy of BackTrack and a few other tools on the DVD and these items help the novice have an idea of what tools they should be looking for on the Internet, but a better idea may be to have a central repository for the tools or include the link to the tools since most of the tools were outdated by the time the book was published.
Almost every chapter or in some cases a group of chapters could be written as a stand-alone book. The author did an excellent job of summarizing some of the areas and others I felt he could have covered in more detail.
It would have been nice to see more information on sniffers and packet analyzing. The book was labeled "field guide for network testing", but there was only a page dedicated to Wireshark. A big part of network security is analyzing the traffic that is crossing the network. The author covers some of it under Intrusion Detection, but again it is not sufficient in my opinion.
I was a little surprised by the lack of anything more than a mention of Netcat. With the value of this tool and the wide spread use of variants of the tool I would have expected a page at least of the use of the software and how it is distributed. There was no reference to Tiny and a few other tools or there variants that are in common use throughout the Internet. There was no reference to VNC, RDP or Dameware some remote administration tools that are commonly exploited on most networks.
I would have thought at this level a chapter on forensics and cryptography would have been over the top of most of the readers heads. The author does make a good job just summarizing the information just enough to wet the appetite of a serious novice. I think it would have been a great benefit to the reader to have more references to in-depth material, but a determined reader will find what they need.
The cryptography chapter gets somewhat confusing. The author is discussing symmetric algorithms and then starts discussing PGP before going back to symmetric algorithms and then goes into asymmetric algorithms. The inexperienced reader would believe that PGP is a symmetric algorithm.
Overall the book was good and the exercises were great, but anyone who has mid-level experience or greater in information security will find this book a little to novice. I have already recommended the book to a few beginners.
5 of 6 found the following review helpful:
First try at Security LabNov 01, 2009
By Elba L. Stevenson
"Avaid reader"
After taking several classes in the local Jr College to study for my CCNA, I came to realize that I was not interested in going down the CISCO certification path. So I started looking at other certifications and decided to work towards a CEH and LPT certification. After my experience with the CISCO classes, I understood that I would either have to rent time through a web lab or create my own. This book that I found that followed my mine set of build it on a shoe string and expand as your needs require. This book is great for me because the author introduces the subject in a way I can pick it up from the book and do the hands on stuff with having to already know the subject or have a reference source to go to for questions.
If you already know the subject matter, than pass this book on by for a more advanced book. If like me, you are in IT and expanding your knowledge, then this is a great book.
2 of 2 found the following review helpful:
Helpful to a beginner.Jan 24, 2011
By TTAllen
I am only about half way through digesting this book but it is clear to me that the orientation for a beginner is helpful. We learn the terminology and the history. We also get concrete steps to take. I am hopeful that this book will help me to generate data within one more week.
5 of 7 found the following review helpful:
A good foundationFeb 05, 2009
By Charles Tholen
The book is a solid foundation for information security practitioners or those wanting to move into the field. The author gives the reader enough to get a lab built and plenty of activities to preform in the lab. Seasoned security professionals probably already know most of what is in the book but may pick up a few new tools.
See all 8 customer reviews on Amazon.com
| | |
|
