Hackers Beware: The Ultimate Guide to Network Security
| Date: 06 May 2011, 20:23
|
In Hackers Beware, Eric Cole succeeds in explaining how hackers break into computers, steal information, and deny services to machines' legitimate users. An intended side effect of his documentary efforts is a feeling for how network-connected computers should be configured for maximum resistance to attack. Cole, who works with the attack-monitoring SANS Institute as an instructor and security consultant, conveys to his readers specific knowledge of offensive and defensive weaponry as well as general familiarity with attack strategies and good security practices. Hackers Beware is a good primer and really earns its price by going into enough detail to enable readers to actually do something to make their resources safer. It also enables its readers to understand more specialized security texts, including Stephen Northcutt's fine Intrusion Signatures and Analysis.
Cole's didactic style is largely conversational, embracing the fact that most computer exploits can be conveyed as stories about what hackers want and the steps they take to achieve their goals. He punctuates his prose passages with line drawings that clarify what gets passed among the machines involved in an attack, and pauses frequently to show programs' user interfaces and passages from their logs. Cole explains all the jargon he uses--a characteristic that alone distinguishes this book from many of its competitors. --David Wall
Topics covered: What motivates black-hat hackers, and the technical means they use to go about satisfying their ambitions. General attack strategies--spoofing, password cracking, social engineering, and buffer overflows, among others--are explained, and the tools used to carry them out are catalogued. The same goes for defensive tools and practices.
-Alan Paller, Director of Research, The SANS Institute
The depth of Eric's understanding is obvious and his extraordinary teaching style comes right through to the reader.
About the Author
About the Technical Reviewers
Acknowledgments
Tell Us What You Think
Introduction
1. Introduction
The Golden Age of Hacking
How Bad Is the Problem?
What Are Companies Doing?
What Should Companies Be Doing?
Defense in Depth
Purpose of This Book
Legal Stuff
What's Covered In This Book
Summary
2. How and Why Hackers Do It
What Is an Exploit?
The Attacker's Process
The Types of Attacks
Categories of Exploits
Routes Attackers Use to Get In
Goals Attackers Try to Achieve
Summary
3. Information Gathering
Steps for Gathering Information
Information Gathering Summary
Red Teaming
Summary
4. Spoofing
Why Spoof?
Types of Spoofing
Summary
5. Session Hijacking
Spoofing versus Hijacking
Types of Session Hijacking
TCP/IP Concepts
Detailed Description of Session Hijacking
ACK Storms
Programs That Perform Hijacking
Dangers Posed by Hijacking
Protecting Against Session Hijacking
Summary
6. Denial of Service Attacks
What Is a Denial of Service Attack?
What Is a Distributed Denial of Service Attack?
Why Are They Difficult to Protect Against?
Types of Denial of Service Attacks
Tools for Running DOS Attacks
Tools for Running DDOS Attacks
Preventing Denial of Service Attacks
Preventing Distributed Denial of Service Attacks
Summary
7. Buffer Overflow Attacks
What Is a Buffer Overflow?
How Do Buffer Overflows Work?
Types of Buffer Overflow Attacks
Why Are So Many Programs Vulnerable?
Sample Buffer Overflow
Protecting Our Sample Application
Ten Buffer Overflow Attacks
Protection Against Buffer Overflow Attacks
Summary
8. Password Security
Typical Attack
The Current State of Passwords
History of Passwords
Future of Passwords
Password Management
Password Attacks
Summary
9. Microsoft NT Password Crackers
Where Are Passwords Stored in NT?
How Does NT Encrypt Passwords?
All Passwords Can Be Cracked (NT Just Makes It Easier)
NT Password-Cracking Programs
Comparison
Extracting Password Hashes
PassWord: www.freebookspot.com
|
DISCLAIMER:
This site does not store Hackers Beware: The Ultimate Guide to Network Security on its server. We only index and link to Hackers Beware: The Ultimate Guide to Network Security provided by other sites. Please contact the content providers to delete Hackers Beware: The Ultimate Guide to Network Security if any and email us, we'll remove relevant links or contents immediately.
Comments (0)
All
