9781931836203

Aggressive Network Self-Defense

by
  • ISBN13:

    9781931836203

  • ISBN10:

    1931836205

  • Format: Paperback
  • Copyright: 2005-02-12
  • Publisher: Elsevier Science
  • Purchase Benefits
  • Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • Get Rewarded for Ordering Your Textbooks! Enroll Now
  • eCampus.com Device Compatibility Matrix

    Click the device icon to install or view instructions

    Apple iOS | iPad, iPhone, iPod
    Android Devices | Android Tables & Phones OS 2.2 or higher | *Kindle Fire
    Windows 10 / 8 / 7 / Vista / XP
    Mac OS X | **iMac / Macbook
    Enjoy offline reading with these devices
    Apple Devices
    Android Devices
    Windows Devices
    Mac Devices
    iPad, iPhone, iPod
    Our reader is compatible
     
     
     
    Android 2.2 +
     
    Our reader is compatible
     
     
    Kindle Fire
     
    Our reader is compatible
     
     
    Windows
    10 / 8 / 7 / Vista / XP
     
     
    Our reader is compatible
     
    Mac
     
     
     
    Our reader is compatible
List Price: $54.95 Save up to $3.70
  • Buy New
    $53.58
    Add to Cart Free Shipping

    PRINT ON DEMAND: 2-4 WEEKS. THIS ITEM CANNOT BE CANCELLED OR RETURNED.

Supplemental Materials

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
  • The eBook copy of this book is not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Summary

Over the past year there has been a shift within the computer security world away from passive, reactive defense towards more aggressive, proactive countermeasures. Although such tactics are extremely controversial, many security professionals are reaching into the dark side of their tool box to identify, target, and suppress their adversaries. This book will provide a detailed analysis of the most timely and dangerous attack vectors targeted at operating systems, applications, and critical infrastructure and the cutting-edge counter-measures used to nullify the actions of an attacking, criminal hacker. *First book to demonstrate and explore controversial network strike back and countermeasure techniques. *Provides tightly guarded secrets to find out WHO is really attacking you over the internet. *Provides security professionals and forensic specialists with invaluable information for finding and prosecuting criminal hackers.

Table of Contents

Foreword xxix
Part I Fictionalized Cases of Network Strike-Back, Self-Defense, and Revenge
PDA Perils: Revenge from the Palm of Your Hand
1(56)
The Attacker
2(1)
The Administrator
3(1)
The Infection
3(1)
The Detection
4(2)
Windows Mobile Forensics
6(5)
ARM Assembly Tutorial
11(4)
ARM Registers
11(1)
Opcodes
12(1)
CMP
12(1)
MOV
12(1)
B
13(1)
LDR/STR
14(1)
Code Tracking
15(8)
Verification with a Debugger
19(3)
Finding the Keylogger
22(1)
The Plan
23(3)
Phase One Overview
24(1)
Phase Two Overview
25(1)
Creating Trojanbob.exe
26(16)
Adding Code
26(2)
Understanding the CreateFile Function
28(5)
Turning Bobsvr.exe into Trojanbob.exe
33(4)
The Alert
37(2)
File Type Test
39(1)
LSL: Logical Shift Left
39(1)
Creating an Import Subroutine
40(1)
Emulating an Import Subroutine
40(2)
The Polymorphic Infector Trojan
42(10)
Adding the Virus Component
43(1)
Adding the Copy Routine
44(1)
Mating Viruses and Trojans
44(5)
Redirecting Suspicion with Calc.exe
49(1)
Polymorphic Updates
50(2)
Attacking the Attacker
52(1)
The Attacker, Part II
53(2)
Joe Strikes Back
53(1)
The Reverse Attack
54(1)
Karma
54(1)
Just Joe: 10 Weeks Later
55(2)
The Case of a WLAN Attacker: In the Booth
57(28)
The Interview
58(1)
I Just Needed a Job
59(1)
An Unsuccessful Attempt
60(3)
A Workable Plan
63(4)
Becoming the Man in the Middle
67(3)
Collecting the Credit Card Information
70(2)
Routing the User to the Internet
72(1)
The Crime Begins
73(1)
The Interrogation Ends
74(1)
The Overzealous Administrator
75(1)
The Hunt Begins
76(4)
Escalating Privilege
80(2)
Opening a Backdoor
82(1)
The Aftermath---It All Goes Wrong
83(2)
MD5: Exploiting the Generous
85(18)
Gravity and Gravitas
86(1)
c0J0nes
86(1)
J'Accuse
87(2)
Dependency Checking
89(1)
The Plan
90(2)
Nmap Sweeps and Cache Snoops
92(1)
Snooping the DNS Caches
93(1)
Port Knocking
94(2)
Exposing the Intruder
96(2)
Smokescreen
98(3)
Struck
101(2)
A VPN Victim's Story: Jack's Smirking Revenge
103(44)
Busted
104(1)
Tyler and the Handler
104(2)
The Job
105(1)
Jump-Boxing
106(5)
Tyler's Arsenal
106(5)
Tyler Attacks!
111(5)
Squeaking Right Past Squid
112(4)
I Am Jack's Inflamed Sense of Rejection
116(1)
Jack Goes Digging
117(6)
Tracking Logs
117(3)
Launching a Sniffer
120(2)
Hunting with a Honeypot
122(1)
Following the Attacker's Trail
123(5)
Programmer's Delight
126(2)
Jack Plans His Revenge
128(9)
Assembling a Strike-Back Exploit
131(6)
I Am Jack's Smirking Revenge
137(5)
The Interrogation
142(3)
Return on Investment
145(2)
Network Protection: Cyber-Attacks Meet Physical Response
147(32)
Becoming a Lab Admin
148(1)
Something Doesn't Smell Right
149(4)
Continuing Problems
153(1)
The Investigation
154(4)
More Problems
158(6)
Hardware Findings
164(1)
On the Offensive
165(5)
Putting It Together
170(3)
Installing the Keylogger and Waiting
173(2)
Time for Revenge
175(4)
Network Insecurity: Taking Patch Management to the Masses
179(34)
Eric the Read
180(1)
Feeding the Addiction
181(3)
Intruder in the Light
184(8)
Watching the Watcher
192(4)
Violation
196(2)
Striking Back
198(13)
Confusion
211(1)
Dull No More
211(2)
The Fight for the Primulus Network: Yaseen vs Nathan
213(40)
Yaseen's Recruitment
214(2)
Nathan's Recruitment
216(1)
Nathan's Environment
217(1)
Nathan Gathers Intelligence
218(3)
The Game Begins
221(3)
Nathan Enters Primulus' Zone
224(4)
Yaseen's Trace-Route Trickery and Vitality Scans
228(5)
Nathan's Ping Sweep
233(5)
Yaseen Messages Nathan
238(1)
Nathan Responds
239(2)
Yaseen's Mild Panic
241(1)
The Battle
242(5)
Yaseen's Final Touches
247(1)
Nailing Vito
248(3)
Epilogue
251(1)
Related Links
252(1)
Undermining the Network: A Breach of Trust
253(32)
Mr. Torrence's Virus
254(6)
The Auditors
260(4)
The Anomaly
264(10)
The Hunt
274(11)
Strike Back
277(6)
Epilogue
283(2)
Part II The Technologies and Concepts Behind Network Strike Back
285(88)
ADAM: Active Defense Algorithm and Model
287(26)
Abstract
288(1)
Introduction
288(1)
Active Defense
289(5)
Planning
291(1)
Active Defense Policy
291(1)
Escalation Ladder
292(1)
Detection
292(1)
Evaluation
292(1)
Decision
293(1)
Action
293(1)
Analysis
293(1)
Escalation
294(1)
Maintenance
294(1)
Goals and Assumptions
294(2)
Goals
294(1)
Assumptions
295(1)
Escalation Stages
296(1)
An Active Defense Algorithm and Model (ADAM)
297(7)
Asset Evaluation
297(1)
Scoring Chart
298(1)
Asset Identification
299(1)
Threat Identification
300(1)
Risk Identification
301(1)
Action Evaluation
302(1)
Action Identification and Classification
302(1)
Utility Modifiers
303(1)
Risk Identification
304(1)
Escalation Ladder
304(2)
Ladder Creation
305(1)
Algorithm
306(1)
Contingency Plan
307(1)
Analysis
307(2)
Generalizable
307(1)
Useful
307(1)
Expandable
308(1)
Mitigate Legal Risk
308(1)
Mitigate Ethical Risk
308(1)
Minimize Unintended Consequence
308(1)
Consistent
309(1)
Thorough
309(1)
Automated
309(1)
Conclusion
309(1)
Acknowledgments
310(1)
Notes
310(1)
References
311(2)
Defending Your Right to Defend
313(10)
Introduction
314(1)
Mission Statement
315(1)
The Technology: Identifying the Attack
315(2)
The Technology: Neutralizing the Attack
317(1)
Method One (NC #1): Instantiate Named Mutex
318(1)
Method Two (NC #2): IPSec Rule Injection
319(1)
Post-Neutralization
319(1)
The Standards Body
320(1)
Conclusion
321(2)
MD5 to Be Considered Harmful Someday
323(16)
Abstract
324(1)
Introduction
324(1)
MD5 How-To
325(1)
The Discovery: Joux and Wang's Multicollision Attack
325(1)
Extending the Attack
326(1)
Stripwire
326(3)
Demo
327(2)
Caveats
329(2)
Digital Signatures and DRM
331(1)
Multicollisions Unleashed
332(1)
HMAC
332(2)
Strikeback: Traitor Tracing
334(3)
MP3
334(1)
Executables
335(2)
Conclusions
337(1)
References
337(2)
When the Tables Turn: Passive Strike-Back
339(34)
Introduction
340(1)
Analogies for Passive Strike-Back
340(2)
Analogies from Nature
341(1)
Analogies from Warfare
341(1)
Analogies from Ideology
342(1)
A Cross Section of a Typical Attack
342(3)
Reconnaissance and Footprinting
343(1)
Network Mapping
343(1)
Host Mapping
343(1)
Vulnerability Discovery
344(1)
Vulnerability Exploitation
344(1)
Web Application Hacking
344(1)
Observable Trends in ``Hacking''
345(2)
People Are Lazy
345(1)
You're Only As Good As Your Toolbox?
345(1)
A Mechanics Car Is Often Broken
346(1)
Hacking Is Really Just Data Analysis
346(1)
Summary
346(1)
Why We Control the Hacker
347(1)
There Are No Rules
347(2)
We Own the Information
348(1)
Summary
348(1)
Introducing Passive Strike-Back
349(3)
Strike-Back at Different Levels
349(1)
Types of Strike-Back
350(1)
Strike-Back That Stops Individual Attacks
350(1)
Strike-Back That Creates Noise and Confusion
350(1)
Strike-Back That Attacks a Specific Tool
350(1)
Strike-Back That Attacks that Attacker's Host or Network
351(1)
Identifying Malicious Activity
351(1)
Summary
352(1)
Examples
352(19)
Striking Back at Footprinting
352(1)
Attack Tools
352(1)
Strike-Back Strategy
353(1)
Strike-Back Tools
353(1)
Strike-Back in Action
354(1)
Striking Back at Network Reconnaissance
355(1)
Attack Tools
355(1)
Strike-Back Strategy
355(1)
Strike-Back Tools
355(1)
Strike-Back in Action
356(1)
Striking Back at Vulnerability Scanners
357(1)
Attack Tools
357(1)
Strike-Back Strategy
357(1)
Strike-Back Tools
358(1)
Strike-Back in Action
359(2)
Striking Back at Exploit Code
361(1)
Attack Tools
361(1)
Strike-Back Strategy
361(1)
Strike-Back Tools
362(1)
Strike-Back in Action
362(2)
Striking Back Web Application Scanners
364(1)
Attack Tools
365(1)
Strike-Back Strategy
365(1)
Strike-Back Tools
365(1)
Strike-Back in Action
365(5)
Summary
370(1)
Conclusion
371(2)
Index 373

Rewards Program

Write a Review