did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9781598631630

Network Security: A Hacker's Perspective

by
  • ISBN13:

    9781598631630

  • ISBN10:

    1598631632

  • Edition: 2nd
  • Format: Paperback
  • Copyright: 2006-05-10
  • Publisher: Cengage Learning PTR
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $49.99

Summary

Virtually every organization is reliant on its computer system, and when hackers infiltrate, the consequences can be grave-halts in productivity, sensitive information stolen, assets at risk. Network Security: A Hacker's Perspective, Second Edition will help you step into the minds of computer criminals so that you can predict their moves and stop them before they strike. Written for anyone with some networking experience, this completely updated edition of the bestseller covers the most serious network-related security threats, vulnerabilities, and loopholes related to most major platforms, including Windows, UNIX, and Novell. Using a hands-on approach and numerous real-life case studies, the book identifies the tools, techniques, and methods that criminals use to break into networks for espionage and malicious purposes, with tips for prevention, as well as countermeasures you can take in the event the hackers strike first. In addition to providing information on the significant advancements in the field of security, attacks, and network reconnaissance, this latest edition provides a completely new section on input validation attacks, password cracking, buffer overflows, Trojan attacks, and much, much more. A companion Web site offers all the tools, scripts, and code discussed in the book.

Table of Contents

Introduction xvi
Preparing the Attack
1(98)
Case Studies
3(1)
Beijing, China
3(1)
Tokyo, Japan
3(1)
IP Addresses
3(11)
The Various Forms of IP Addresses
6(1)
Converting a DNS IP Address into a Normal IP Address
7(1)
Converting a Normal IP Address into Its DWORD Equivalent
8(3)
Converting a Normal IP Address into Its Binary and Octal Equivalents
11(2)
Converting a Normal IP Address into Its Hexadecimal Equivalent
13(1)
Subnet Addressing
14(4)
Netmask Values
15(3)
Subnet Mask Explained
18(3)
Port Numbers
21(2)
Well-Known Port Numbers
22(1)
Registered Port Numbers
22(1)
Dynamic/Private Port Numbers
23(1)
Enumerating Remote Systems
23(5)
Enumeration Through Instant Messaging Software
24(1)
ICQ
24(1)
Other Instant Messengers
25(2)
Countermeasures
27(1)
Enumeration Through Web Sites
28(13)
HTTP
35(3)
Countermeasures
38(1)
Fadia's Hot Picks for Popular Anonymous Surfing Proxy Servers
39(2)
Enumeration Through E-mail Headers
41(3)
Countermeasures
44(1)
Enumeration Through Internet Relay Chat (IRC)
44(3)
The WHOIS Command
45(1)
Using Netstat
45(1)
Countermeasures
46(1)
Netstat Made Easy
47(8)
netstat -a
49(2)
netstat -n
51(1)
netstat -p
52(1)
netstat -e
53(1)
netstat -r
54(1)
Hiding Your IP Address
55(1)
Network Address Translation (NAT) Networks
56(3)
Proxy Servers
59(8)
Wingate
60(1)
Locating Open Wingates
61(1)
The Telnet Proxy Server (Port 23)
61(2)
The SOCKS Server (Port 1080) and IRC Server (Port 6667)
63(1)
Countermeasures
63(1)
Squid
63(1)
Using Squid with a Transparent Proxy
63(3)
Fadia's Hot Picks for Proxy Servers
66(1)
Countermeasures
66(1)
Tracing an IP Address
67(19)
Manual Trial and Error Method
68(2)
Reverse DNS Lookup
70(1)
NS Lookup
71(2)
Pros and Cons
73(1)
Fadia's Hot Picks for Popular Reverse DNS Lookup Tools
74(1)
WHOIS Queries
75(5)
Pros and Cons
80(1)
Countermeasures
80(1)
Traceroute
81(2)
Pros and Cons
83(1)
Countermeasures
83(1)
Visual Tracing Tools
83(1)
Fadia's Hot Picks for Popular E-mail Threats Tools
84(2)
Firewalls
86(13)
Bypassing Firewalls
88(1)
Raw Fun with Case Studies
89(1)
Case Study 1
89(1)
Ping
89(1)
Traceroute
90(1)
Reverse DNS Lookup
91(1)
WHOIS
91(1)
VisualRoute
92(1)
Case Study 2
92(1)
Ping
93(1)
Traceroute
94(1)
Reverse DNS Lookup
94(1)
WHOIS
94(1)
Visual Route
95(1)
Case Study 3
96(1)
Ping
96(1)
Traceroute
97(2)
Gathering Information for the Attack
99(124)
Network Reconnaissance
101(8)
Ping Sweeping
101(1)
Fadia's Hot Picks for Ping Sweeping Tools
102(3)
Detecting a Ping Sweep
105(2)
Countermeasures
107(1)
Fadia's Hot Picks for Countering Ping Sweeping
108(1)
Traceroute
109(13)
Types of Traceroute Tools
112(1)
Text-Based Traceroute Tools
112(1)
Visual Traceroute
113(1)
3D Traceroute
114(1)
Network Reconnaissance with Traceroute
115(1)
Determining Geographic Information
115(1)
Determining Network Topography
116(1)
Detecting Firewalls
117(1)
Operating System (OS) Detection
118(2)
Traceroute Countermeasures
120(2)
Port Scanning
122(36)
Scanning TCP Ports
122(2)
TCP Port Scanning: Different Techniques
124(1)
TCP Connect Scanning
125(6)
TCP SYN Scanning (Half-Open Scanning)
131(6)
SYN/ACK Scanning
137(1)
TCP/FIN Scanning
138(1)
TCP NULL Scanning
139(1)
TCP Xmas Tree Scanning (Christmas Tree Scanning)
140(1)
Port Scanning UDP Ports
140(1)
Detecting UDP Port Scanning
141(1)
Coding Your Own UDP Port Scanner
141(1)
FTP Bounce Port Scanning
142(1)
Coding Your Own FTP Bounce Attack Port Scanner
142(3)
Fadia's Hot Picks for Port-Scanning Tools
145(9)
Raw Fun with Case Studies
154(3)
General Countermeasures Against Port Scanning
157(1)
Fadia's Hot Picks for Port Scanning Countermeasures
157(1)
Daemon-Banner Grabbing and Port Enumeration
158(18)
Probing the FTP Service, Port 21
159(4)
Countermeasures
163(1)
Raw Fun with Case Studies
163(1)
Probing the SMTP Service, Port 25
164(2)
Countermeasures
166(1)
Raw Fun with Case Studies
167(1)
Probing the Finger Service, Port 79
167(1)
Countermeasures
167(1)
Probing the HTTP Service, Port 80
168(3)
Fadia's Hot Picks for HTTP Probing Tools
171(3)
Countermeasures
174(1)
Raw Fun with Case Studies
174(1)
Probing the Identification Protocol on Port 113
175(1)
Countermeasures
176(1)
Probing the Microsoft RPC Endpoint Mapper on Port 135
176(1)
Countermeasures
176(1)
Overall Countermeasures and Recommendations
176(1)
ICMP Scanning
176(15)
Different Types of Scanning Methods
177(2)
ICMP Scanning: Working
179(1)
Ping Probes
180(2)
Timestamp Scanning
182(2)
Subnet Address Scanning
184(2)
OS Detection
186(1)
ICMP Error Message Quoting
187(1)
ICMP Error Message Quenching
187(1)
ICMP Error Message Echo Integrity
187(1)
Advanced OS Detection
187(3)
Firewall Enumeration
190(1)
Detecting Filtering Devices
190(1)
Detecting Firewalls
190(1)
OS Detection
191(10)
Active Fingerprinting OS Detection
192(2)
Fadia's Hot Picks for Active Fingerprinting OS Detection
194(1)
Passive Fingerprinting OS Detection
195(3)
Raw Fun with Case Studies
198(1)
Countermeasures
199(2)
Sniffing
201(9)
Fadia's Hot_Picks for Sniffers and Detection
203(1)
Protocol Analysis: Studying and Analyzing Sniffed Packets
204(1)
The MAC Address Part
204(1)
The IP Header Part
205(1)
The TCP Header Part
206(1)
Coding Your Own Sniffer in C
207(2)
Countermeasures
209(1)
Getting Information about a Remote System's Routing Tables
210(9)
UNIX Routing Tables
211(1)
Understanding the Structure of a UNIX Routing Table
212(2)
Dissecting a UNIX Routing Table Line by Line
214(2)
Windows Routing Tables
216(1)
Understanding the Structure of a Windows Routing Table
216(2)
Dissecting a Windows Routing Table Line by Line
218(1)
Probing Routers
219(4)
Executing the Attack
223(104)
DOS Attacks
224(28)
Ping of Death
225(1)
Countermeasures
226(1)
Teardrop Attacks
226(1)
Countermeasures
227(1)
SYN-Flood Attacks
227(1)
How It Works
227(2)
Detecting a SYN-Flood Attack
229(1)
Countermeasures
230(1)
Land Attacks
230(1)
Countermeasures
231(1)
Smurf Attacks
231(1)
Countermeasures
231(1)
UDP-Flood Attacks
231(1)
Countermeasures
232(1)
Distributed DOS Attacks
232(1)
How DDOS Attacks Work
233(1)
Distributed DOS Tools
234(5)
Modem-Disconnect Attacks
239(12)
Countermeasures
251(1)
IP Spoofing Attacks
252(12)
IP Spoofing: How It Works
253(1)
Problems with IP Spoofing
254(1)
Blind Attack
255(1)
Conditional Attack
255(1)
Networking Basics Involved in IP Spoofing
255(1)
Sequence Numbers
255(4)
Trust Relationships
259(1)
Spoofing Your IP Address to Exploit Trust Relationships
260(1)
Detecting a Trusted System
260(1)
Disabling the Trusted System
261(1)
Getting the ISN and Predicting Sequence Numbers
261(1)
Launching the Actual Attack
262(1)
Returning the Trusted System to Normal
263(1)
Countermeasures
263(1)
TCP Wrappers
264(4)
What Are TCP Wrappers?
264(2)
Configuring TCP Wrappers
266(1)
The Not-So-Secure Service-Providing System
267(1)
The Secure No-Service-Providing System
268(1)
Password Cracking Attacks
268(8)
Types of Password Cracking Attacks
269(1)
Password Guessing
269(1)
Default Passwords
270(1)
Dictionary-Based Attacks
270(1)
Brute Force Password Attacks
271(1)
Cracking Application Passwords
271(1)
Cracking Windows NT Passwords
272(1)
Getting the SAM from the Backup Directory
273(1)
Obtaining the SAM via Another Operating System
274(1)
Extracting Hashes from the SAM Hive
275(1)
Windows Attacks
276(1)
UNIX Attacks
277(7)
Getting Root on a Linux Machine
277(1)
Method 1
277(1)
Method 2
278(1)
Method 3
279(1)
Changing the Existing Password
279(1)
Countermeasures
279(1)
Cracking UNIX Passwords
280(4)
Trojan Attacks
284(6)
Using Trojans for Spying Purposes
286(2)
Detecting Trojans
288(1)
Suspicious Open Ports
288(1)
Monitoring Outgoing Traffic
288(1)
Detection Tools
288(1)
Startup Files
288(1)
Countermeasures
289(1)
Keylogger Attacks
290(5)
How Keyloggers Work
290(1)
Countermeasures
291(1)
Securing Systems
291(1)
Securing a Standalone Home System
291(1)
Securing a Server
292(3)
Input Validation Attacks
295(11)
The Art of Input Validation Attacks
296(1)
Input Validation Dangers
297(1)
Case Studies of Input Validation Loopholes
298(1)
Hotmail.com
298(1)
Apache Web Server
299(1)
MailMachine.cgi
300(1)
SQL Injection Attacks
300(1)
Accessing Secret Records
301(2)
Bypassing Security Features
303(2)
Fadia's Hot Pick for Popular Input Validation Attack Tools
305(1)
Countermeasures
305(1)
Buffer Overflow Attacks
306(11)
How Buffer Overflows Work
306(1)
Types of Buffer Overflows
307(1)
Stack Overflows
307(3)
Format String Overflows
310(2)
Heap Overflows
312(1)
Integer Overflows
312(1)
More Examples of Buffer Overflows
313(1)
Basic Programming Errors
313(1)
Oversized Message Header MSN Buffer Overflow
314(1)
Format String Bug in wu-ftpd 2.6.0
315(1)
Countermeasures
315(1)
Secure Coding
315(1)
Preventing Execution of Malicious Codes
316(1)
Array Bounds Checking
316(1)
Patches
316(1)
SmashGuard
316(1)
Address Obfuscation
317(1)
Log File Hacking
317(10)
Removing Footprints from a UNIX System
317(1)
The Syslog Daemon and the syslog.conf File
317(3)
Removing Traces from the /etc/utmp File
320(2)
Removing Traces from the /var/adm/wtmp and /var/adm/lastlogin Files
322(2)
Removing Traces from the /var/secure,/var/Messages, and /var/xferno Files
324(1)
Countermeasures
324(3)
Secure Protocols, Encryption Algorithms, and File Security
327(48)
Secure Sockets Layer (SSL) Torn Apart
328(6)
Determining Whether Your Connection Is Secure
329(1)
SSL: How It Works
330(3)
Countermeasures
333(1)
Kerberos Torn Apart
334(8)
Kerberos: How It Works
336(2)
Sample Kerberos TGS Session
338(1)
Detecting Kerberos
339(3)
Encryption Algorithms Torn Apart
342(20)
The RSA Encryption Algorithm
344(2)
The Blowfish Encryption Algorithm
346(1)
Fadia's Hot Picks for Blowfish
347(1)
Data Encryption Standard (DES) Algorithm
347(1)
Using the DES Algorithm for Encryption
348(5)
Decrypting the DES Algorithm
353(1)
Fadia's Hot Picks for DES
354(1)
The RC4 Cipher
354(4)
Fadia's Hot Picks for RC4
358(1)
The MD5 Hash Algorithm
359(2)
Fadia's Hot Picks for MD5
361(1)
XOR
361(1)
Base64 Encoding Torn Apart
362(8)
Base64 Encoding: How It Works
363(3)
Decoding Base64 Encoding
366(3)
Fadia's Hot Picks for Base64 Encoding
369(1)
Securing Files on Your Hard Disk
370(5)
Windows Policy Editor
370(1)
File-Security Software
371(1)
Encryption for Masses (E4M)
372(1)
Securing Data by Encrypting NTFS Partitions
372(3)
Appendix A Well-Known Port Numbers 375(4)
Appendix B Country Codes 379(6)
Appendix C Trojan Port Numbers 385(8)
Appendix D Protocol Numbers List 393(4)
Index 397

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program