Hack Proofing Your Network. Edition No. 2

  • ID: 1762290
  • Book
  • 704 Pages
  • Elsevier Science and Technology
1 of 4
A new edition the most popular Hack Proofing book around!

IT professionals who want to run secure networks, or build secure software, need to know about the methods of hackers. The second edition of the best seller Hack Proofing Your Network, teaches about those topics, including: - The Politics, Laws of Security, Classes of Attack, Methodology, Diffing, Decrypting, Brute Force, Unexpected Input, Buffer Overrun, Sniffing, Session Hijacking, Spoofing, Server Holes, Client Holes, Trojans and Viruses, Reporting Security Problems, Choosing Secure Systems The central idea of this book is that it's better for you to find the holes in your network than it is for someone else to find them, someone that would use them against you. The complete, authoritative guide to protecting your Windows 2000 Network.

- Updated coverage of an international bestseller and series flagship- Covers more methods of attack and hacker secrets- Interest in topic continues to grow - network architects, engineers and administrators continue to scramble for security books- Written by the former security manager for Sybase and an expert witness in the Kevin Mitnick trials- A great addition to the bestselling "Hack Proofing..." series- Windows 2000 sales have surpassed those of Windows NT- Critical topic. The security of an organization's data and communications is crucial to its survival and these topics are notoriously difficult to grasp- Unrivalled web support at [external URL]
Note: Product cover images may vary from those shown
2 of 4
Foreword v 1.5

Foreword v 1.0


Chapter 1 How To Hack


Introduction


What We Mean by "Hack”


Why Hack?


Knowing What To Expect in the Rest of This Book


Understanding the Current Legal Climate


Summary


Frequently Asked Questions


Chapter 2 The Laws of Security


Introduction


Knowing the Laws of Security


Client-Side Security Doesn't Work


You Cannot Securely Exchange Encryption Keys without a Shared Piece of Information


Malicious Code Cannot Be 100 Percent Protected against


Any Malicious Code Can Be Completely Morphed to Bypass Signature Detection


Firewalls Cannot Protect You 100 Percent from Attack


Social Engineering


Attacking Exposed Servers


Attacking the Firewall Directly


Client-Side Holes


Any IDS Can Be Evaded


Secret Cryptographic Algorithms Are Not Secure


If a Key Is Not Required,You Do Not Have Encryption-You Have Encoding


Passwords Cannot Be Securely Stored on the Client Unless There Is Another Password to Protect Them


In Order for a System to Begin to Be Considered Secure, It Must Undergo an Independent Security Audit


Security through Obscurity Does Not Work


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 3 Classes of Attack


Introduction


Identifying and Understanding the Classes of Attack


Denial of Service


Information Leakage


Regular File Access


Misinformation


Special File/Database Access


Remote Arbitrary Code Execution


Elevation of Privileges


Identifying Methods of Testing for Vulnerabilities


Proof of Concept


Standard Research Techniques


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 4 Methodology


Introduction


Understanding Vulnerability Research Methodologies


Source Code Research


Binary Research


The Importance of Source Code Reviews


Searching Error-Prone Functions


Reverse Engineering Techniques


Disassemblers, Decompilers, and Debuggers


Black Box Testing


Chips


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 5 Diffing


Introduction


What Is Diffing?


Why Diff?


Looking to the Source Code


Exploring Diff Tools


Using File-Comparison Tools


Working with Hex Editors


Utilizing File System Monitoring Tools


Finding Other Tools


Troubleshooting


Problems with Checksums and Hashes


Problems with Compression and Encryption


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 6 Cryptography


Introduction


Understanding Cryptography Concepts


History


Encryption Key Types


Learning about Standard Cryptographic Algorithms


Understanding Symmetric Algorithms


Understanding Asymmetric Algorithms


Understanding Brute Force


Brute Force Basics


Using Brute Force to Obtain Passwords


Knowing When Real Algorithms Are Being Used Improperly


Bad Key Exchanges


Hashing Pieces Separately


Using a Short Password to Generate a Long Key


Improperly Stored Private or Secret Keys


Understanding Amateur Cryptography Attempts


Classifying the Ciphertext


Monoalphabetic Ciphers


Other Ways to Hide Information


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 7 Unexpected Input


Introduction


Understanding Why Unexpected Data Is Dangerous


Finding Situations Involving Unexpected Data


Local Applications and Utilities


HTTP/HTML


Unexpected Data in SQL Queries


Application Authentication


Disguising the Obvious


Using Techniques to Find and Eliminate Vulnerabilities


Black-Box Testing


Use the Source


Untaint Data by Filtering It


Escaping Characters Is Not Always Enough


Perl


Cold Fusion/Cold Fusion Markup Language (CFML)


ASP


PHP


Protecting Your SQL Queries


Silently Removing versus Alerting on Bad Data


Invalid Input Function


Token Substitution


Utilizing the Available Safety Features in Your Programming Language


Perl


PHP


ColdFusion/ColdFusion Markup Language


ASP


MySQL


Using Tools to Handle Unexpected Data


Web Sleuth


CGIAudit


RATS


Flawfinder


Retina


Hailstorm


Pudding


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 8 Buffer Overflow


Introduction


Understanding the Stack


The Stack Dump


Oddities and the Stack


Understanding the Stack Frame


Introduction to the Stack Frame


Passing Arguments to a Function: A Sample Program


Stack Frames and Calling Syntaxes


Learning about Buffer Overflows


A Simple Uncontrolled Overflow: A Sample Program


Creating Your First Overflow


Creating a Program with an Exploitable Overflow


Performing the Exploit


Learning Advanced Overflow Techniques


Stack Based Function Pointer Overwrite


Heap Overflows


Advanced Payload Design


Using What You Already Have


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 9 Format Strings


Introduction


Understanding Format String Vulnerabilities


Why and Where Do Format String Vulnerabilities Exist?


How Can They Be Fixed?


How Format String Vulnerabilities Are Exploited


How Format String Exploits Work


What to Overwrite


Examining a Vulnerable Program


Testing with a Random Format String


Writing a Format String Exploit


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 10 Sniffing


Introduction


What Is Sniffing?


How Does It Work?


What to Sniff?


Obtaining Authentication Information


Capturing Other Network Traffic


Popular Sniffing Software


Ethereal


Network Associates Sniffer Pro


NT Network Monitor


WildPackets


TCPDump


dsniff


Ettercap


Esniff.c


Sniffit


Carnivore


Additional Resources


Advanced Sniffing Techniques


Man-in-the-Middle (MITM) Attacks


Cracking


Switch Tricks


Routing Games


Exploring Operating System APIs


Linux


BSD


libpcap


Windows


Taking Protective Measures


Providing Encryption


Secure Sockets Layers (SSL)


PGP and S/MIME


Switching


Employing Detection Techniques


Local Detection


Network Detection


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 11 Session Hijacking


Introduction


Understanding Session Hijacking


TCP Session Hijacking


TCP Session Hijacking with Packet Blocking


UDP Hijacking


Examining the Available Tools


Juggernaut


Hunt


Ettercap


SMBRelay


Storm Watchers


Playing MITM for Encrypted Communications


Man-in-the-Middle Attacks


Dsniff


Other Hijacking


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 12 Spoofing: Attacks on Trusted Identity


Introduction


What It Means to Spoof


Spoofing Is Identity Forgery


Spoofing Is an Active Attack against Identity Checking Procedures


Spoofing Is Possible at All Layers of Communication


Spoofing Is Always Intentional


Spoofing Is Not the Same Thing as Betrayal


Spoofing Is Not Necessarily Malicious


Spoofing Is Nothing New


Background Theory


The Importance of Identity


The Evolution of Trust


Asymmetric Signatures between Human Beings


Establishing Identity within Computer Networks


Return to Sender


In the Beginning,There Was. a Transmission


Capability Challenges


Configuration Methodologies: Building a Trusted Capability Index


Desktop Spoofs


The Plague of Auto-Updating Applications


Impacts of Spoofs


Subtle Spoofs and Economic Sabotage


Down and Dirty: Engineering Spoofing Systems


Spitting into the Wind: Building a Skeleton Router in Userspace


Bring Out the Halon: Spoofing Connectivity Through Asymmetric Firewalls


Summary


Solution Fast Track


Frequently Asked Questions


Chapter 13 Tunneling


Introduction


Strategic Constraints of Tunnel Design


Privacy: "Where Is My Traffic Going?”


Routability: "Where Can This Go Through?”


Deployability: "How Painful Is This to Get Up and Running?”


Flexibility: "What Can We Use This for,Anyway?”


Quality: "How Painful Will This System Be to Maintain?”


Designing End-to-End Tunneling Systems


Drilling Tunnels Using SSH


Open Sesame: Authentication


Basic Access: Authentication by Password


Transparent Access: Authentication by Private Key


Command Forwarding: Direct Execution for Scripts and Pipes


Port Forwarding: Accessing Resources on Remote Networks


Local Port Forwards


Dynamic Port Forwards


Remote Port Forwards


When in Rome:Traversing the Recalcitrant Network


Crossing the Bridge: Accessing Proxies through ProxyCommands


No Habla HTTP? Permuting thy Traffic


Show Your Badge: Restricted Bastion Authentication


Bringing the Mountain: Exporting SSHD Access


Echoes in a Foreign Tongue: Cross-Connecting Mutually Firewalled Hosts


Not In Denver, Not Dead: Now What?


Standard File Transfer over SSH


Incremental File Transfer over SSH


CD Burning over SSH


Acoustic Tubing: Audio Distribution over TCP and SSH


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 14 Hardware Hacking


Introduction


Understanding Hardware Hacking


Opening the Device: Housing and Mechanical Attacks


Types of Tamper Mechanisms


External Interfaces


Protocol Analysis


Electromagnetic Interference and Electrostatic Discharge


Analyzing the Product Internals: Electrical Circuit Attacks


Reverse-engineering the Device


Basic Techniques: Common Attacks


Advanced Techniques: Epoxy Removal and IC Delidding


Cryptanalysis and Obfuscation Methods


What Tools Do I Need?


Starter Kit


Advanced Kit


Example: Hacking the iButton Authentication Token


Experimenting with the Device


Reverse-engineering the "Random” Response


Example: Hacking the NetStructure 7110 E-commerce Accelerator


Opening the Device


Retrieving the Filesystem


Reverse-engineering the Password Generator


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 15 Viruses, Trojan Horses, and Worms


Introduction


How Do Viruses,Trojans Horses, and Worms Differ?


Viruses


Worms


Macro Virus


Trojan Horses


Hoaxes


Anatomy of a Virus


Propagation


Payload


Other Tricks of the Trade


Dealing with Cross-platform Issues


Java


Macro Viruses


Recompilation


Shockwave Flash


Proof that We Need to Worry


The Morris Worm


ADMw0rm


Melissa and I Love You


Sadmind Worm


Code Red Worms


Nimda Worm


Creating Your Own Malware


New Delivery Methods


Faster Propagation Methods


Other Thoughts on Creating New Malware


How to Secure Against Malicious Software


Anti-Virus Software


Updates and Patches


Web Browser Security


Anti-Virus Research


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 16 IDS Evasion


Introduction


Understanding How Signature-Based IDSs Work


Judging False Positives and Negatives


Alert Flooding


Using Packet Level Evasion


IP Options


IP Fragmentation


TCP Header


TCP Synchronization


Using Fragrouter and Congestant


Countermeasures


Using Application Protocol Level Evasion


Security as an Afterthought


Evading a Match


Web Attack Techniques


Countermeasures


Using Code Morphing Evasion


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 17 Automated Security Review and Attack Tools


Introduction


Learning about Automated Tools


Exploring the Commercial Tools


Exploring the Free Tools


Using Automated Tools for Penetration Testing


Testing with the Commercial Tools


Testing the Free Tools


Knowing When Tools Are Not Enough


The New Face of Vulnerability Testing


Summary


Solutions Fast Track


Frequently Asked Questions


Chapter 18 Reporting Security Problems


Introduction


Understanding Why Security Problems Need to Be Reported


Full Disclosure


Determining When and to Whom to Report the Problem


Whom to Report Security Problems to?


Deciding How Much Detail to Publish


Publishing Exploit Code


Problems


Summary


Solutions Fast Track


Frequently Asked Questions


Index


Note: Product cover images may vary from those shown
3 of 4

Loading
LOADING...

4 of 4
Syngress
Note: Product cover images may vary from those shown
5 of 4
Note: Product cover images may vary from those shown
Adroll
adroll