HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 74 guests and 2 members online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Featuresarrow Book Reviewsarrow [Article]-Book Review: BackTrack 4: Assuring Security by Penetration Testing
EH-Net
May 26, 2012, 06:47:59 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: [Article]-Book Review: BackTrack 4: Assuring Security by Penetration Testing  (Read 15113 times)
0 Members and 3 Guests are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 3917


Editor-In-Chief


View Profile WWW
« on: June 25, 2011, 04:02:23 PM »
Another sneak peak into a book that may end up on your shelf. Let us know what you think of the review or the book itself if you've also read it.

Permanent link: [Article]-Book Review: BackTrack 4: Assuring Security by Penetration Testing

Quote

by Jason Haddix



Don’t have the cash for a $2000 - 3000 penetration testing course? Don’t know which tools are outdated or relevant? Lost in the sea of Backtrack options? You learn better on your own anyway?

No problem!

BackTrack 4: Assuring Security by Penetration Testing (BASPT), authored by Shakeel Ali and Tedi Heriyanto, is a 12-chapter compendium on everyone’s favorite hacking distribution, Backtrack 4. Filling the need for a refresher to older titles on abandoned projects like Knoppix or Auditor (see somewhat outdated: Penetration Tester’s  Open Source Toolkit, Vol. 2), BASPT gives syntax and usage tips on a plethora of different tools included in the suite and is broken down into the generic pentesting methodology with which most people today are familiar. Not only that, but also the book itself reads like some of those intro to penetration testing classes we have all been to costing many more times the cost of a single book.

Intrigued? Let’s take a closer look.


Enjoy this review and be sure to check out Jason Haddix's column by cicking on his name above,
Don
Logged
CISSP, MCSE, CSTA, Security+ SME
WCNA
Full Member
***
Offline Offline

Posts: 182



View Profile
« Reply #1 on: June 25, 2011, 06:04:14 PM »
Speaking of Backtrack books, Vivek Ramachandran, who discovered the Caffe Latte Attack, has a book "BackTrack 5 Wireless Penetration Testing Beginner’s Guide" coming out in August. You can get more info here-
http://www.packtpub.com/backtrack-5-wireless-penetration-testing-beginners-guide/book
Logged
ISC2 Associate, WCNA, CWNA, OSCP, Network+
lorddicranius
Sr. Member
****
Offline Offline

Posts: 396



View Profile WWW
« Reply #2 on: June 25, 2011, 11:57:26 PM »
I thought I remember hearing about this book elsewhere on the forums.  Great review, thanks Jason.

And thanks for the heads up on Vivek's book, WCNA.  I love his WLAN security megaprimers series, definitely adding that one to my wishlist as well.
Logged
Blog: http://lorddicranius.wordpress.com/
chrisj
Hero Member
*****
Offline Offline

Posts: 997


View Profile
« Reply #3 on: June 26, 2011, 02:38:57 PM »
lorddicranius You did, It was talked about in the books for beginner's topic under Book Reviews.

Personally I've been looking forward to a full review of this book. Can't wait until I get to that tab now.

---- Edit----

Read the review. Still questioning whether I'd buy this book or not.  I might buy one if I can get it good price used off amazon. Having a command reference book might be worth it.
« Last Edit: June 26, 2011, 02:54:56 PM by chrisj » Logged
OSWP, Sec+
El33tsamurai
Full Member
***
Offline Offline

Posts: 180


View Profile
« Reply #4 on: June 26, 2011, 03:20:58 PM »
found the ebook version out there for 23 bucks might pick it up myself. www.pucktpub.com I believe the site is called.
Logged
CCENT, A+, Network+, Security+
WCNA
Full Member
***
Offline Offline

Posts: 182



View Profile
« Reply #5 on: June 26, 2011, 05:55:40 PM »
Yes, it is at the same place (packtpub) as Vivek's book will be.

http://www.packtpub.com/backtrack-4-assuring-security-penetration-testing/book
« Last Edit: June 27, 2011, 08:20:23 PM by WCNA » Logged
ISC2 Associate, WCNA, CWNA, OSCP, Network+
El33tsamurai
Full Member
***
Offline Offline

Posts: 180


View Profile
« Reply #6 on: June 26, 2011, 06:30:39 PM »
Thanks, always better to get an ebook not wasting any trees :-D.
Logged
CCENT, A+, Network+, Security+
Dark_Knight
Full Member
***
Offline Offline

Posts: 215


View Profile WWW
« Reply #7 on: July 02, 2011, 09:09:59 PM »
Hmmmmm.......here's another take
http://www.mcgrewsecurity.com/2011/07/02/book-review-backtrack-4-assuring-security-by-penetration-testing/
Logged
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
Jhaddix
Sr. Member
****
Offline Offline

Posts: 317



View Profile WWW
« Reply #8 on: July 05, 2011, 09:03:00 PM »
Wesley is awesome, and i respect his opinion =)

If you read carefully we actually have the same ideas about the book but draw different conclusions.

I see it as the only up to date reference atm, and being so cheap, for anyone who wants to get into pentesting or has no idea about backtrack, it is a great resource.

Comparing it to WAHH by content is unfair b/c WAHH is all webapp. if the comparison is one of quality, sure WAHH wins hands down...

Imo it's either BASPT, an outdated book,  a $300 course from offsec ,or googling everything yourself.

Anyways, it's always good to have multiple viewpoints!
Logged
GSEC, GPEN, GWAPT, ECPPT, WAHHlive, LSOAdvancedPenTester

http://www.securityaegis.com
http://www.pentesterscripting.com
http://code.google.com/p/pentest-bookmarks/
wesleymcgrew
Newbie
*
Offline Offline

Posts: 1


View Profile
« Reply #9 on: July 06, 2011, 08:24:21 AM »
Thanks for the kind words!

To clarify, the comparison to Web Application Hacker's Handbook is primarily one of quality as something that intends to teach the reader something. The prose around the technical material is much better-written as well, which is the worst failing of this Backtrack book.

In my work, I interact with a lot of students that are beginning to take an interest in penetration testing, and I rarely if ever recommend books that are primarily references to commands. In the case of Backtrack, I'd rather show them how to pull up the individual tools' documentation for that kind of information.

What I do recommend to beginners are "subject area" books, which take a more in-depth look at a certain topic/technique/specialization. My default recommendation for this is Web Application Hacker's Handbook, since it's very easy for a beginner to get into breaking web apps. If they're coming in with the appropriate background and are interested in it, I may steer them towards Hacking: The Art of Exploitation 2nd Edition or Reversing: Secrets of Reverse Engineering instead.
Logged
Jamie.R
Hero Member
*****
Offline Offline

Posts: 626



View Profile WWW
« Reply #10 on: July 06, 2011, 05:08:24 PM »
I agree with wesleymcgrew I read this book and as someone knew to Pen testing I didn't find it that great.

It didn't go into any real details and it seem to miss a lot stuff out like wireless there was no mention of any of the wireless tools.

I personally felt that it didn't teach me anything I could not find out from the man pages
Logged
OSWP | eCPPT | HackingDojo Nidan
www.jamierougive.co.uk
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.338 seconds with 20 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.