Remember the first time someone told you about the OSI model and described the various layers? It's probably something you never forgot. This book takes that sa... » 

Remember the first time someone told you about the OSI model and described the various layers? It's probably something you never forgot. This book takes that same layered approach but applies it to network security in a new and refreshing way. It guides readers step-by-step through the stack starting with physical security and working its way up through each of the seven OSI layers.
Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer. It's called the people layer. It's included because security is not just about technology it also requires interaction with people, policy and office politics. Most books deal with security and hacking by looking at the methodology. While this approach works well in helping readers understand the steps an attacker must go through to hack a network, they sometimes fall short in helping the reader really understand the attacks. This book approaches security layer by layer. It's unique in that this is the way we would instruct a class that wants to know more about the how and why behind tools and specific vulnerabilities. After all, anyone can run a tool and call himself a script kiddie, but how many can explain the how and why behind the exploit? That's the goal of this book, to provide real, usable knowledge. Most chapters start by addressing how specific protocols should work and then examining specific attack techniques and tools. Each is tied to specific protocols and applications so that the reader can see how it is broken or subverted. Each chapter also contains a project. These projects are designed to help the reader get hands-on experience in building real security skills. These projects run the gambit from building a one-way Snort / sniffer cable to crafting packets to evade an IDS. «