Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer -no Kindle device required.
Read instantly on your browser with Kindle for Web.
Using your mobile phone camera - scan the code below and download the Kindle app.
Hacking Exposed Cisco Networks: Cisco Security Secrets & Solutions 1st Edition
Here is the first book to focus solely on Cisco network hacking, security auditing, and defense issues. Using the provenHacking Exposed methodology, this book shows you how to locate and patch system vulnerabilities by looking at your Cisco network through the eyes of a hacker. The book covers device-specific and network-centered attacks and defenses and offers real-world case studies.
- ISBN-100072259175
- ISBN-13978-0072259179
- Edition1st
- PublisherMcGraw Hill
- Publication dateDecember 15, 2005
- LanguageEnglish
- Dimensions7.3 x 1.24 x 9 inches
- Print length400 pages
From the brand
As a leading global education company, our mission is to partner with educators, learners, and professionals to help them access all the value that education can offer, no matter where their starting points may be.
For over 130 years, we have never stopped innovating to meet the ever-changing needs of educators and learners around the world – and will continue to support and celebrate their efforts every step of the way.
Editorial Reviews
From the Publisher
Dr. Andrew A. Vladimirov, CCNP, CCDP, CISSP, CWNA, TIA Linux+, is a co-founder of Arhont Ltd., an international IT security consultancy.
Konstantin V. Gavrilenko, co-founder of Arhont Ltd., has extensive experience working with Cisco PIX firewalls and Cisco VPN concentrators.
Janis N. Vizulus is a researcher and programmer specializing in digital forensics and penetration testing.
Andrei A. Mikhailovsky, co-founder of Arhont Ltd., is an expert in network security and penetration testing
From the Back Cover
Implement bulletproof Cisco security the battle-testedHacking Exposed way
Defend against the sneakiest attacks by looking at your Cisco network and devices through the eyes of the intruder.Hacking Exposed Cisco Networks shows you, step-by-step, how hackers target exposed systems, gain access, and pilfer compromised networks. All device-specific and network-centered security issues are covered alongside real-world examples, in-depth case studies, and detailed countermeasures. It’s all here--from switch, router, firewall, wireless, and VPN vulnerabilities to Layer 2 man-in-the-middle, VLAN jumping, BGP, DoS, and DDoS attacks. You’ll prevent tomorrow’s catastrophe by learning how new flaws in Cisco-centered networks are discovered and abused by cyber-criminals. Plus, you’ll get undocumented Cisco commands, security evaluation templates, and vital security tools from hackingexposedcisco.com.
- Use the tried-and-trueHacking Exposed methodology to find, exploit, and plug security holes in Cisco devices and networks
- Locate vulnerable Cisco networks using Google and BGP queries, wardialing, fuzzing, host fingerprinting, and portscanning
- Abuse Cisco failover protocols, punch holes in firewalls, and break into VPN tunnels
- Use blackbox testing to uncover data input validation errors, hidden backdoors, HTTP, and SNMP vulnerabilities
- Gain network access using password and SNMP community guessing, Telnet session hijacking, and searching for open TFTP servers
- Find out how IOS exploits are written and if a Cisco router can be used as an attack platform
- Block determined DoS and DDoS attacks using Cisco proprietary safeguards, CAR, and NBAR
- Prevent secret keys cracking, sneaky data link attacks, routing protocol exploits, and malicious physical access
About the Author
Dr. Andrew A. Vladimirov, CCNP, CCDP, CISSP, CWNA, TIA Linux+, is a co-founder of Arhont Ltd., an international IT security consultancy.
Konstantin V. Gavrilenko, co-founder of Arhont Ltd., has extensive experience working with Cisco PIX firewalls and Cisco VPN concentrators.
Janis N. Vizulus is a researcher and programmer specializing in digital forensics and penetration testing.
Andrei A. Mikhailovsky, co-founder of Arhont Ltd., is an expert in network security and penetration testing
Product details
- Publisher : McGraw Hill
- Publication date : December 15, 2005
- Edition : 1st
- Language : English
- Print length : 400 pages
- ISBN-10 : 0072259175
- ISBN-13 : 978-0072259179
- Item Weight : 2.25 pounds
- Dimensions : 7.3 x 1.24 x 9 inches
- Part of series : Hacking Exposed
- Best Sellers Rank: #4,300,414 in Books (See Top 100 in Books)
- #675 inComputer Networks
- #1,884 inComputer Networking (Books)
- #2,115 inComputer Hacking
- Customer Reviews:
Customer reviews
Customer Reviews, including Product Star Ratings help customers to learn more about the product and decide whether it is the right product for them.
To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyzed reviews to verify trustworthiness.
Learn more how customers reviews work on AmazonTop reviews from the United States
There was a problem filtering reviews. Please reload the page.
- Reviewed in the United States on January 29, 2006Format: PaperbackThis book is pretty informative, however I feel that it is incomplete in more than a few ways. While I have absolutely NO doubt that the authors are very well versed in using penetration tools to test cisco devices, many mitagation techniques are missing. For an untrained user (aka "lazy admin") this would leave a "the sky is falling, or oh oh cisco is such an insecure platform" feeling, when in reality alot of these attack attempts can be totally avoided.
case in point
unless i missed it, i saw tcp based nmap and xprobe scans all over the book but i did not see (and i apologize if overlooked) one instance of 'ip inspect tcp max-incomplete host block [block-time]' that would throw off the tcp scans
also
as far as routing protocol injection, it is never mentioned to simply apply acls and static arps to the interfaces where the route advertisements are recieved/sent (and i apologize if overlooked). the author will leave you feeling "well anyone can just inject routes into the routers table or perform a DoS even if md5 authentication is used to protect it". The worst that could happen is someone spoofs the ip and mac address of the peer. if security is of extreme importance then just run a gre/ipsec tunnel to tunnel the route advertisements between the routers.
in contrast
i feel the coverage of ike-scan and the insecurities of ike aggressive mode is excellent as well as issues with wireless. beyond that all the old historical attacks that affect pix 4.x - 5.x and ios 11.x shouldn't matter as if you are still running pix 5.x, you probably are not concerned enough with security to pick up the book - Reviewed in the United States on March 11, 2006Format: PaperbackI think that it is difficult, perhaps impossible, to build a modern network that does include at least some Cisco equipment. Following the general set up rules in the various manuals produce a system architecture that is generally considered to be at least reasonably secure.
Basically this book may well change your mind on just how secure your Cisco system really is. As the major supplier of network equipment, Cisco is also the major target of the bad guys that are out there.
The information in this book is presented through the eyes of the penetrator. It discusses in a step-by-step way how to break into various Cisco devices on a network. By knowing how to break into the network, you can then go plug the holes in your system to keep other people from doing the same thing.
Much of the material here is available in bits and pieces around the web, in various postings, even in publication form. What this book does is bring all of the information together in one place. If you're already an expert on the subject, you might get a point or two here and there. If your just beginning to think about this kind of situation, here is a great way to get started. - Reviewed in the United States on March 29, 2006Format: PaperbackVerified Purchase"Hacking Exposed: Cisco Networks" is not bad but then again not great. What caused it to only get 4 out 5 stars was that many of the tools and links no longer work and this review is being written in March 2006 for a book published in Jan 2006!
One example of many:
- page 521: Cisco's tcphijack
I would then have to Google to see if the tool was now elsewhere - sometimes successfully, sometimes - not.
Another example of bad tooling - page 519 - Arpworks. Yes it is still there but they fail to mention that it only works on Windows 95/98. I could go on and on.
The thing that really annoys me on this book is the binding. The softcover binding is made of some very cheap paper which curls up. For a $50 list-price book (I paid $50 for ordering it 1st and not waiting 2 months for the price to drop to $30), I would think that Osborne could have popped for an extra $1 on a good jacket quality - which would never happen with O'Reilly.
I did pick up a few tools I was not aware of, but was it worth $50?! Nope. Is it worth now $30? Questionable. If you live and breath Cisco security there won't be much new to learn here, but it does give you a reference to lend to others that keep asking you the same questions. :-)
Hank Nussbacher - Reviewed in the United States on February 13, 2006Format: PaperbackI found this book super and rather helpful in my CCIE Security exam preparations. After all, this seems to be the only source on Cisco-related attacks available in print. The attacks are well-outlined and supplied with appropriate countermeasures; the fact that the authors did not dwell on common knowledge generic attacks like ARP injections (although the countermeasures against these are provided) is also good, since I can read about them elsewhere. I was also quite surprised to see the bold attempts at supplying two algorithms for constructing IOS worms. Perhaps, such data should not be put onto the public domain, but than, won't the Black Hats think along the same lines anyway ?
As to the comments above, the scans of devices are limited to a single chapter where they rightfuly belong. And "ip inspect tcp max-incomplete host block" is by no means a panacea. First of all, TCP scanning is not limited to the SYN scans. Second, before setting a limit on the TCP half-connects one has to baseline the network behavior first and find out how common the half-connects to the protected hosts are and why do they occur, otherwise there could be connectivity troubles. So, in my opinion, the methods of hiding your routers from attackers described in the book are quite sufficient.
