Note: Supplemental materials are not guaranteed with Rental or Used book purchases.
Purchase Benefits
What is included with this book?
Introduction | p. xvii |
Methods for Running BackTrack Linux | p. xxiii |
Ethical Hacking Overview | p. 1 |
Introduction to Ethical Hacking | p. 2 |
The Role of Security and Penetration Testers | p. 2 |
Penetration-Testing Methodologies | p. 4 |
Certification Programs for Network Security Personnel | p. 6 |
What You Can Do Legally | p. 10 |
Laws of the Land | p. 11 |
Is Port Scanning Legal? | p. 13 |
Federal Laws | p. 15 |
What You Cannot Do Legally | p. 17 |
Get It in Writing | p. 17 |
Ethical Hacking in a Nutshell | p. 18 |
Chapter Summary | p. 19 |
TCP/IP Concepts Review | p. 21 |
Overview of TCP/IP | p. 22 |
The Application Layer | p. 22 |
The Transport Layer | p. 24 |
The Internet Layer | p. 34 |
IP Addressing | p. 34 |
Planning IP Address Assignments | p. 37 |
IPv6 Addressing | p. 38 |
Overview of Numbering Systems | p. 39 |
Reviewing the Binary Numbering System | p. 39 |
Reviewing the Octal Numbering System | p. 42 |
Reviewing the Hexadecimal Numbering System | p. 43 |
Chapter Summary | p. 44 |
Network and Computer Attacks | p. 47 |
Malicious Software (Malware) | p. 48 |
Viruses | p. 48 |
Macro Viruses | p. 54 |
Worms | p. 56 |
Trojan Programs | p. 57 |
Spyware | p. 58 |
Adware | p. 60 |
Protecting Against Malware Attacks | p. 60 |
Educating Your Users | p. 61 |
Intruder Attacks on Networks and Computers | p. 62 |
Denial-of-Service Attacks | p. 63 |
Distributed Denial-of-Service Attacks | p. 63 |
Buffer Overflow Attacks | p. 64 |
Ping of Death Attacks | p. 66 |
Session Hijacking | p. 66 |
Addressing Physical Security | p. 67 |
Keyloggers | p. 67 |
Behind Locked Doors | p. 69 |
Chapter Summary | p. 70 |
Footprinting and Social Engineering | p. 73 |
Using Web Tools for Footprinting | p. 73 |
Conducting Competitive Intelligence | p. 76 |
Analyzing a Company's Web Site | p. 77 |
Using Other Footprinting Tools | p. 79 |
Using E-mail Addresses | p. 81 |
Using HTTP Basics | p. 82 |
Other Methods of Gathering Information | p. 86 |
Using Domain Name System Zone Transfers | p. 88 |
Introduction to Social Engineering | p. 90 |
The Art of Shoulder Surfing | p. 93 |
The Art of Dumpster Diving | p. 96 |
The Art of Piggybacking | p. 97 |
Phishing | p. 98 |
Chapter Summary | p. 100 |
Port Scanning | p. 101 |
Introduction to Port Scanning | p. 102 |
Types of Port Scans | p. 103 |
Using Port-Scanning Tools | p. 105 |
Nmap | p. 105 |
Unicornscan | p. 106 |
Nessus and OpenVAS | p. 107 |
Conducting Ping Sweeps | p. 108 |
Fping | p. 109 |
Hping | p. 109 |
Crafting IP Packets | p. 110 |
Understanding Scripting | p. 112 |
Scripting Basics | p. 112 |
Chapter Summary | p. 115 |
Enumeration | p. 117 |
Introduction to Enumeration | p. 118 |
Enumerating Windows Operating Systems | p. 118 |
NetBIOS Basics | p. 118 |
NetBIOS Enumeration Tools | p. 124 |
Additional Enumeration Tools | p. 125 |
Enumerating the NetWare Operating System | p. 133 |
NetWare Enumeration Tools | p. 134 |
Enumerating the *nix Operating System | p. 139 |
UNIX Enumeration | p. 140 |
Chapter Summary | p. 143 |
Programming for Security Professionals | p. 145 |
Introduction to Computer Programming | p. 146 |
Programming Fundamentals | p. 146 |
Learning the C Language | p. 150 |
Anatomy of a C Program | p. 151 |
Understanding HTML Basics | p. 159 |
Creating a Web Page with HTML | p. 160 |
Understanding Perl | p. 163 |
Background on Perl | p. 163 |
Understanding the Basics of Perl | p. 166 |
Understanding the BLT of Perl | p. 168 |
Understanding Object-Oriented Programming Concepts | p. 172 |
Components of Object-Oriented Programming | p. 172 |
An Overview of Ruby | p. 177 |
Chapter Summary | p. 179 |
Desktop and Server OS Vulnerabilities | p. 181 |
Windows OS Vulnerabilities | p. 181 |
Windows File Systems | p. 183 |
Remote Procedure Call | p. 184 |
NetBIOS | p. 185 |
Server Message Block | p. 186 |
Common Internet File System | p. 186 |
Null Sessions | p. 188 |
Web Services | p. 188 |
SQL Server | p. 188 |
Buffer Overflows | p. 189 |
Passwords and Authentication | p. 189 |
Tools for Identifying Vulnerabilities in Windows | p. 191 |
Built-in Windows Tools | p. 191 |
Best Practices for Hardening Windows Systems | p. 196 |
Patching Systems | p. 197 |
Antivirus Solutions | p. 198 |
Enable Logging and Review Logs Regularly | p. 198 |
Disable Unused Services and Filtering Ports | p. 198 |
Other Security Best Practices | p. 199 |
Linux OS Vulnerabilities | p. 200 |
Samba | p. 201 |
Tools for Identifying Linux Vulnerabilities | p. 202 |
More Countermeasures Against Linux Attacks | p. 208 |
Chapter Summary | p. 210 |
Embedded Operating Systems: The Hidden Threat | p. 213 |
Introduction to Embedded Operating Systems | p. 214 |
Windows and Other Embedded Operating Systems | p. 216 |
Other Proprietary Embedded OSs | p. 218 |
*Nix Embedded OSs | p. 220 |
Vulnerabilities of Embedded OSs | p. 222 |
Embedded OSs Are Everywhere | p. 224 |
Embedded OSs Are Networked | p. 224 |
Embedded OSs Are Difficult to Patch | p. 225 |
Embedded OSs Are in Networking Devices | p. 226 |
Embedded OSs Are in Network Peripherals | p. 227 |
Supervisory Control and Data Acquisition Systems | p. 230 |
Cell Phones, Smartphones, and PDAs | p. 230 |
Rootkits | p. 231 |
Best Practices for Protecting Embedded OSs | p. 232 |
Chapter Summary | p. 233 |
Hacking Web Servers | p. 235 |
Understanding Web Applications | p. 236 |
Web Application Components | p. 236 |
Using Scripting Languages | p. 245 |
Connecting to Databases | p. 250 |
Understanding Web Application Vulnerabilities | p. 252 |
Application Vulnerabilities and Countermeasures | p. 253 |
Assessing Web Applications | p. 258 |
Tools for Web Attackers and Security Testers | p. 265 |
Web Tools | p. 265 |
Chapter Summary | p. 271 |
Hacking Wireless Networks | p. 273 |
Understanding Wireless Technology | p. 273 |
Components of a Wireless Network | p. 274 |
Understanding Wireless Network Standards | p. 282 |
The 802.11 Standard | p. 282 |
An Overview of Wireless Technologies | p. 285 |
Additional IEEE 802.11 Projects | p. 286 |
Understanding Authentication | p. 288 |
The 802.1X Standard | p. 288 |
Understanding Wardriving | p. 293 |
How It Works | p. 293 |
Understanding Wireless Hacking | p. 297 |
Tools of the Trade | p. 297 |
Countermeasures for Wireless Attacks | p. 298 |
Chapter Summary | p. 300 |
Cryptography | p. 303 |
Understanding Cryptography Basics | p. 303 |
History of Cryptography | p. 304 |
Understanding Symmetric and Asymmetric Algorithms | p. 305 |
Symmetric Algorithms | p. 307 |
Asymmetric Algorithms | p. 311 |
Digital Signatures | p. 313 |
Sensitive Data Encryption | p. 315 |
Hashing Algorithms | p. 315 |
Understanding Public Key Infrastructure | p. 317 |
Components of PKI | p. 317 |
Understanding Cryptography Attacks | p. 322 |
Birthday Attack | p. 323 |
Mathematical Attacks | p. 323 |
Brute-Force Attack | p. 324 |
Man-in-the-Middle Attack | p. 324 |
Dictionary Attack | p. 325 |
Replay Attack | p. 325 |
Understanding Password Cracking | p. 326 |
Chapter Summary | p. 329 |
Network Protection Systems | p. 331 |
Understanding Routers | p. 331 |
Understanding Routing Protocols | p. 332 |
Understanding Basic Hardware Routers | p. 333 |
Understanding Access Control Lists | p. 339 |
Understanding Firewalls | p. 340 |
Understanding Firewall Technology | p. 341 |
Implementing a Firewall | p. 344 |
Understanding the Cisco Adaptive Security Appliance Firewall | p. 345 |
Using Configuration and Risk Analysis Tools for Firewalls and Routers | p. 348 |
Understanding Intrusion Detection and Prevention Systems | p. 349 |
Network-Based and Host-Based IDSs and IPSs | p. 350 |
Web Filtering | p. 351 |
Security Incident Response Teams | p. 352 |
Understanding Honeypots | p. 352 |
How Honeypots Work | p. 353 |
Chapter Summary | p. 355 |
Legal Resources | p. 359 |
Resources | p. 375 |
Virtualization and Ethical Hacking | p. 387 |
Virtualization and Security Testing | p. 387 |
Virtualization Vulnerabilities | p. 388 |
Installing and Using Virtualization Software | p. 389 |
Overview of VMware Server | p. 391 |
Downloading and Installing VMware Server | p. 392 |
Creating a Virtual Machine and Installing a Guest OS | p. 393 |
Configuring Networking Options | p. 400 |
Configuring Hardware Options | p. 401 |
Installing VMware Tools | p. 402 |
Glossary | p. 405 |
Index | p. 421 |
Table of Contents provided by Ingram. All Rights Reserved. |
The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.