Book Review: Kali Linux Network Scanning Cookbook

Everything you ever wanted to know about scanning (and then some)!

Kali Linux Network Scanning

Security Guru and trainer Justin Hutchens has recently released an exceptional book on network scanning with Kali Linux. The book starts out with the very basics of network scanning and progresses through stages to more advanced scans and even exploitation.

All the basics are present, like using Nmap, ARPing, Scapy and other tools to perform varied levels of discovery, port scanning and fingerprinting.  You are then masterfully shown how to greatly expand the capabilities and functions of these tools by using scripting.

But it doesn’t stop there, you then move on to using scanning tools and Burp Suite to perform Denial of Service attacks, SQL injection and Metasploit attacks. Because really what is a scanning book without including offensive attacks?  🙂

The book is easy to read and follow using step-by-step instructions and screen views. It is setup in sections (called “Recipes”) so that if you want to know how to perform Layer 4 discovery using Scapy or DoS attacks with Nmap, you just go directly to that particular section.

I have worked with Justin on a couple projects and he is one of the most talented security teachers and authors that I have ever met. He covers material in this book that I have never seen covered anywhere else. If you have any interest in network scanning or want to learn a lot more about it, get this book!

Available at Packt Publishing and

*** UPDATE *** Original print quality issues have been rectified according to the publisher.


iPad or Kindle Fire, and Other Last Minute Geek Gift Ideas

You’ve got a week until Christmas and you still haven’t gotten a gift for the geek in your life?? No worries, we have got you covered. The biggest question this year is “Should I get an iPad 2 or a Kindle Fire?

I am surprised at the confusion over this. As you really aren’t comparing apples to apples, no pun intended. So which one is right for you?

Kindle Fire

The Kindle Fire is a great Book Reader that can browse the internet and play video games. I found the 7″ screen to be vibrant and clear and game playing was rather enjoyable.

If you used one of Kindle’s older readers, this will really be an update for you. The ability to surf the web (Wi-Fi only) is an added bonus.

There have been a lot of complaints about the location of the power button (and users inadvertently hitting it), the unfriendly volume buttons, and many users have complained of the Kindle Fire running very slow and chuggy when in use.

But the price tag of $199 is a lot better than the iPad2 that starts at $499.

iPad 2

The difference? The iPad is a fully functional Tablet PC. The amazing 9.7″ screen is stunning. Tons of apps and games. Video plays smoothly and flawlessly.

You can connect to the internet via Wi-Fi or 3G, it has built in GPS, probably the best mobile operating system and comes sporting two video cameras.

Which one to pick? I always tell people to figure out how much you can afford to spend and then get the best you can get. If you have about $200, and are really into reading Kindle books, then by all means get the Kindle Fire. If you can afford the $499+ for an iPad, then by all means, get the iPad, you will not regret it.

The iPad2 is the best tablet you can get today. Something that more closely compares to the iPad2 is the Samsung Galaxy Tab. It really gives the iPad2 a run for the money in several categories.

How about some other good last minute holiday gifts for the geek in your life?

Here are some great books:

Have a Merry Christmas and a Happy New Year!

New Book “Surviving Cyberwar”

Richard Stiennon posted an overview of his new book “Surviving Cyberwar” on Infosec Island today. Here is an excerpt from his post:

On August 8, 2008 Russia sent tanks across the border into South Ossetia while there were simultaneous attacks on Georgian networks and I decided to write Surviving Cyberwar. I picked narrative non-fiction because I have already written over 300,000 words here on on threatchaos in essentially that manner and I wanted to write a book that would have broad appeal.

I also decided not to water down the technical aspects. I would not shy away from technical concepts but would explain them in a way that any regular reader of the New York Times, Wall Street Journal, or this blog could pick up. I also sought to tell the stories of the people involved in conducting cyber research and defense…

… You will not find any scenarios of doom in Surviving Cyberwar. They are not needed. Militaries around the world are re-organizing around cyber-units, policy makers are engaging in international summits to discuss the threats and what to do about them. Congress is contemplating over 40 separate bills addressing cyber security issues. Someone from the security industry had to write a book about cyberwar. I did.

Richard Stiennon’s book is available on

Security Book Preview: The Tao of Network Security Monitoring

“The Tao of Network Security Monitoring, Beyond Intrusion Detection” – By Richard Bejtlich

I don’t normally do this, but I am making an exception for this book.  This is not a full review, but just a preview. I have not finished reading this book, but thought it to be good enough to give you a heads up.

The author, Richard Bejtlich, is the Director of Incident Response at GE, author of the TaoSecurity Blog, and the instructor of the TCP/IP Weapons School. He is also a Harvard graduate and was an Air Force Captain responsible for supervising the Air Force Computer Emergency Response Team (AFCERT).

Okay, first off, if you are new to the computer security field, you may want to skip this book for now. This is not an entry level book. But if you are familiar with Linux, Intrusion Detection Systems and the TCP/IP protocol, this book is for you.

The book starts out with a scenario; you are the head of network security for a large corporation. Strange pop ups are showing up on workstations. Trouble tickets are coming in reporting an abnormal amount of traffic through your border router. Your intrusion detection sensors are all going off and you are notified that an ecommerce site is being attacked by your network.

Bejtlich then asks the 64 Million dollar question, “Now What?”

Bejtlich’s philosophy on network security is that it is not a matter of if you will be attacked, and compromised, but to already have network system monitoring practices in place to deal with these intrusions. He bases this philosophy on Dorothy Denning and Peter Neumann’s report “Requirements and Model for IDES – A Real-Time Intrusion-Detection Expert System”:

  1. Most existing systems have security flaws that render them susceptible to intrusions, penetrations, and other forms of abuse. Finding and fixing all these deficiencies is not feasible for technical and economic reasons.
  2. Existing systems with known flaws are not easily replaced by systems that are more secure – mainly because the systems have attractive features that are missing in the more secure systems, or else they cannot be replaced for economic reasons.
  3. Developing systems that are absolutely secure is extremely difficult, if not generally impossible.
  4. Even the most secure systems are vulnerable to abuses by insiders who misuse their privileges.

Wow, how true that is, and the amazing thing about this report is that it was written in 1985!

Excellent book, as I mentioned before, I have not finished it yet (It’s about 800 Pages!), but so far it has been very good. I have to admit early on that I almost put the book down and walked away, sometimes it seemed a little heady and philosophical (did I mention he was a Harvard grad?), but as I progressed and saw how Bejtlich pulled the information together, I saw the method in the madness and could see the writing for what it truly is, brilliant.

“The Tao of Network Security Monitoring, Beyond Intrusion Detection” available at