Home > Store

SANS GIAC Certification: Security Essentials Toolkit (GSEC)

SANS GIAC Certification: Security Essentials Toolkit (GSEC)

eBook (Adobe DRM)

  • Your Price: $35.19
  • List Price: $43.99
  • About Adobe DRM eBooks
  • This eBook requires the free Adobe® Digital Editions software.

    Before downloading this DRM-encrypted PDF, be sure to:

    • Install the free Adobe Digital Editions software on your machine. Adobe Digital Editions only works on Macintosh and Windows, and requires the Adobe Flash Player. Please see the official system requirements.
    • Authorize your copy of Adobe Digital Editions using your Adobe ID (select AdobeID as the eBook vendor). If you don't already have an Adobe ID, you can create one here.

Also available in other formats.

Register your product to gain access to bonus material or receive a coupon.


  • Copyright 2002
  • Edition: 1st
  • eBook (Adobe DRM)
  • ISBN-10: 0-7686-5495-5
  • ISBN-13: 978-0-7686-5495-0

Master the tools of the network security trade with the official book from SANS Press! You need more than a hammer to build a house, and you need more than one tool to secure your network. Security Essentials Toolkit covers the critical tools that you need to secure your site, showing you why, when, and how to use them. Based on the SANS Institute's renowned Global Information Assurance Certification (GIAC) program, this book takes a workbook-style approach that gives you hands-on experience and teaches you how to install, configure, and run the best security tools of the trade.

Sample Content

Table of Contents


Who Should Read This Book. What's in This Book. Conventions Used in This Book.

1. Security Overview.

Introduction to Security Tools. Exercise 1: Configuring Your System.


2. Trojans.

Exercise 1: Trust Relationships. Exercise 2: Trojan Software NetBus. Exercise 3: Trojan Software SubSeven.

3. Host-Based Intrusion Detection.

Exercise 1: TCP Wrappers. Exercise 2: xinetd. Exercise 3: Tripwire. Exercise 4: Swatch. Exercise 5: PortSentry. Exercise 6: Auditing Your System.

4. Network-Based Intrusion Detection.

Exercise 1: Sniffing with tcpdump. Exercise 2: Nuking a System. Exercise 3: Snort.

5. Firewalls.

Exercise 1: Personal Firewalls and ZoneAlarm. Exercise 2: Tiny Firewall. Exercise 3: ipchains.

6. Scanning Tools.

Exercise 1: Scanning with Nmap. Exercise 2: Scanning with SuperScan. Exercise 3: Vulnerability Scanning with Nessus. Exercise 4: Legion. Exercise 5: hping2.


7. Understanding Exploits.

Exercise 1: Null Session Exploits. Exercise 2: Extracting Information with DumpSec.

8. Security Policy.

Exercise 1: Developing a Security Policy.

9. Password Cracking.

Exercise 1: John the Ripper. Exercise 2: L0pht Crack (LC3).

10. Forensic Backups.

Exercise 1: Disk Imaging with Ghost. Exercise 2: Forensics with dd.

11. Denial of Service and Deception Attacks.

Exercise 1: Denial of Service with TFN2K. Exercise 2: Deception with Fragrouter.

12. Web Security.

Exercise 1: Web Security with BlackWidow. Exercise 2: Web Security with WebSleuth. Exercise 3: Finding Web Vulnerabilities with Whisker.


13. Network Design.

Exercise 1: Cisco ConfigMaker.

14. Base Conversions, IP Addressing, and Subnetting.

Exercise 1: Binary Conversion. Exercise 2: Subnetting.

15. Network Security Tools.

Exercise 1: Router ACLs. Exercise 2: Scanning Hosts with Ping War. Exercise 3: Analysis with Ethereal.


16. Secure Communications.

Exercise 1: PGP. Exercise 2: Steganography with JPHS. Exercise 3: Steganography with S-Tools.


17. Windows Security.

Exercise 1: Security Configuration and Analysis. Exercise 2: Startup Cop. Exercise 3: Hfnetchk. Exercise 4: MPSA. Exercise 5: How to Baseline and Audit Your System. Exercise 6: Backups. Exercise 7: IIS Lockdown. Exercise 8: Socket80.


18. Unix.

Exercise 1: The Unix File System. Exercise 2: Sudo. Exercise 3: Unix Permissions. Exercise 4: Unix Network Commands. Exercise 5: Log Files. Exercise 6: tar.

19. Summary.


Submit Errata

More Information

Unlimited one-month access with your purchase
Free Safari Membership