Internet Cross Logo
Internet Cross your one stop web tutorial website
Your Ad Here
Search Internet Cross Shop:

Nessus Network Auditing (Jay Beale's Open Source Security) (Jay Beale's Open Source Security)

List Price: $49.95
Our Price: $41.99
Your Save:$ 7.96 ( 16% )
Availability: Usually ships in 24 hours
Manufacturer: Syngress Average Customer Rating: Average rating of 4.0/5Average rating of 4.0/5Average rating of 4.0/5Average rating of 4.0/5Average rating of 4.0/5

Buy it now at Amazon.com!

Back to previous page




Nessus Network Auditing (Jay Beale's Open Source Security) (Jay Beale's Open Source Security)

Binding: Paperback
Dewey Decimal Number: 005.8
EAN: 9781931836081
Format: Illustrated
ISBN: 1931836086
Label: Syngress
Manufacturer: Syngress
Number Of Items: 1
Number Of Pages: 544
Publication Date: 2004-08-03
Publisher: Syngress
Studio: Syngress
Related Items
Spotlight customer reviews:
Customer Rating: Average rating of 2/5Average rating of 2/5Average rating of 2/5Average rating of 2/5Average rating of 2/5
Summary: Getting Old and Lacking Real Meat
Comment: First, it's old. Even if you're using the open source 2.x versions and not the commerical 3.x versions, you'll find the content to be a bit dated. Not a problem for the most part, as this book talks a lot about vuln scanning concepts and all that is still applicable. And the differences in GUI layout between the book and latest versions isn't hard to rectify just by clicking around a little. The age of the text is more of a problem in that it lacks discussions of current attacks.

Second, a lot of the book just covers basics about vuln scans and using nessus. Sorry, but for the money I paid for this book, I'm not seeing the value that other reviewers are referring to. IMHO lots of this basic usage and intro stuff is covered in numerous online articles (some of which are linked from Tenable's website on the Nessus documentation page). Even topics like dealing with false-positives are covered pretty well in those resources.

Granted, the reviews are generally from 2004 and 2005, and many of the articles I'm referring to were written after then. So maybe this book was really helpful at that time - but for anyone considering buying this book circa 2008 or later, save your money. Either wait for an updated edition or look at free resources online.

As for the "lack of meat", this book just doesn't go deep enough. Again, I'm not getting much insight beyond what I already found online. I've gleaned some good tips, but again, not enough to justify the length (and cost) of this book.
Customer Rating: Average rating of 4/5Average rating of 4/5Average rating of 4/5Average rating of 4/5Average rating of 4/5
Summary: Worth a read.
Comment: Considering Nessus is one of the best free network monitoring tools on the market, this is a perfect book to get to start working with Network Systems Auditing. For people that have a decent working knowledge with multi-platforms and Networking, this book is a good way to get your feet wet with to start preparing for your CISA Cert.
Customer Rating: Average rating of 4/5Average rating of 4/5Average rating of 4/5Average rating of 4/5Average rating of 4/5
Summary: Excellent primer for new Nessus users
Comment: A good source for experienced users and a must read for novices.

At times the syntax of this book leaves a bit to be desired (the editors could have done a better job at polishing the final product). You cannot, however get a better source for Nessus information than the creator himself, who is a contributor to the book.

I would highly reccomend this book.
Customer Rating: Average rating of 4/5Average rating of 4/5Average rating of 4/5Average rating of 4/5Average rating of 4/5
Summary: Great book!
Comment: don't even try to use Nessus without Renaud's book. it is great.
Customer Rating: Average rating of 5/5Average rating of 5/5Average rating of 5/5Average rating of 5/5Average rating of 5/5
Summary: Required reading for network administrators
Comment: The purpose of Nessus is to provide an Open Source Solution for network auditing on all Unix like systems. This book not only details using Nessus but also comes with a CD containing the program, as well as Ethereal, Snort, and Newt (a port of the program to the Windows environment).

What is a network assessment? At its basic level it is an attempt to detect a live system and then identify the computing environment, services, applications, and vulnerabilities on that system. Basically there are two types of assessment - internal and external. An internal assessment is done over the local network and external is done from outside the LAN. Nessus will do both types and the book details how to do either, or both of them.

The authors do an excellent job of detailing installation, setup, and how to interpret the results of a scan as well as various factors that can affect the report. One of the parts not to be missed is the discussion of not only the benefits but also the potential problems of scanning your system. Some of the vulnerability types scanned for include buffer overflows, default passwords, backdoors, information leaks, and denial of service.

The Nessus scripting language is covered in detail in Appendix A instead of the main portion of the book; a choice I appreciated very much as it allowed the flow of the book to not be interrupted by such a highly technical section. With Open Source products there generally is no organized technical support phone number you can call of help. So, the authors include information on how to get help via the Nessus User Community, mailing lists, and archives.

Nessus Network Auditing is a highly recommended book for anyone interested in auditing their network to find potential problems before they become reality.
  
Editorial Reviews:
The ONLY Book to Read if You Run Nessus Across the Enterprise

Ever since its beginnings in early 1998, the Nessus Project has attracted security researchers from all walks of life. It continues this growth today. It has been adopted as a de facto standard by the security industry, vendor, and practitioner alike, many of whom rely on Nessus as the foundation to their security practices. Now, Nessus project founder Renaud Deraison and a team of leading developers have created the definitive book for the Nessus community.

* Perform a Vulnerability Assessment

Use Nessus to find programming errors that allow intruders to gain unauthorized access.

* Obtain and Install Nessus

Install from source or binary, set up up clients and user accounts, and update your plug-ins.

* Modify the Preferences Tab

Specify the options for Nmap and other complex, configurable components of Nessus.

* Understand Scanner Logic and Determine Actual Risk

Plan your scanning strategy and learn what variables can be changed.

* Prioritize Vulnerabilities

Prioritize and manage critical vulnerabilities, information leaks, and denial of service errors.

* Deal with False Positives

Learn the different types of false positives and the differences between intrusive and nonintrusive tests.

* Get Under the Hood of Nessus

Understand the architecture and design of Nessus and master the Nessus Attack Scripting Language (NASL).

* Scan the Entire Enterprise Network

Plan for enterprise deployment by gauging network bandwith and topology issues.

Your Solutions Membership Gives You Access to:

Comprehensive FAQ page that consolidates all of the key points of this book into an easy to search web page
Buy it now at Amazon.com!