+612 9045 4394
 
CHECKOUT
Hacking Exposed : Network Security Secrets and Solutions - Stuart McClure

Hacking Exposed

Network Security Secrets and Solutions

Paperback

Published: 3rd October 2000
Ships: 7 to 10 business days
7 to 10 business days
RRP $88.00
$67.25
24%
OFF

The #1 security book on the market just got better! The authors of the first three editions come together to cover the latest hacks and countermeasures. All new coverage of firewalls & wireless content, databases, .NET Server, web services, & more. PLUS, a brand new CD with video of the authors performing their popular one hour training course --- "Hacking Exposed Live!"

Forewordp. xvii
Acknowledgmentsp. xxi
Introductionp. xxiii
Casing the Establishment
Case Study: Target Acquisitionp. 2
Footprintingp. 5
What Is Footprinting?p. 6
Why Is Footprinting Necessary?p. 6
Internet Footprintingp. 6
Determine the Scope of Your Activitiesp. 8
Network Enumerationp. 13
DNS Interrogationp. 22
Network Reconnaissancep. 27
Summaryp. 31
Scanningp. 33
Scan Typesp. 44
Identifying TCP and UDP Services Runningp. 46
Windows-Based Port Scannersp. 51
Port Scanning Breakdownp. 57
Active Stack Fingerprintingp. 61
Passive Stack Fingerprintingp. 65
The Whole Enchilada: Automated Discovery Toolsp. 67
Summaryp. 68
Enumerationp. 71
Windows NT/2000 Enumerationp. 72
NT/2000 Network Resource Enumerationp. 76
NT/2000 User and Group Enumerationp. 87
NT/2000 Applications and Banner Enumerationp. 95
Let Your Scripts Do the Walkingp. 99
Novell Enumerationp. 100
Browsing the Network Neighborhoodp. 100
UNIX Enumerationp. 106
Summaryp. 113
System Hacking
Case Study: Know Your Enemyp. 116
Hacking Windows 95/98 and MEp. 117
Win 9x Remote Exploitsp. 118
Direct Connection to Win 9x Shared Resourcesp. 119
Win 9x Backdoor Servers and Trojansp. 124
Known Server Application Vulnerabilitiesp. 129
Win 9x Denial of Servicep. 130
Win 9x Local Exploitsp. 130
Windows Millennium Edition (ME)p. 137
Summaryp. 138
Hacking Windows NTp. 141
Overviewp. 143
Where We're Headedp. 143
What About Windows 2000?p. 143
The Quest for Administratorp. 144
Remote Exploits: Denial of Service and Buffer Overflowsp. 160
Privilege Escalationp. 164
Consolidation of Powerp. 174
Exploiting Trustp. 185
Sniffersp. 190
Remote Control and Back Doorsp. 194
Port Redirectionp. 203
General Countermeasures to Privileged Compromisep. 207
Rootkit: The Ultimate Compromisep. 211
Covering Tracksp. 214
Disabling Auditingp. 214
Clearing the Event Logp. 214
Hiding Filesp. 215
Summaryp. 216
Hacking Windows 2000p. 219
Footprintingp. 221
Scanningp. 221
Enumerationp. 226
Penetrationp. 229
NetBIOS-SMB Password Guessingp. 229
Eavesdropping on Password Hashesp. 229
Attacks Against IIS 5p. 229
Remote Buffer Overflowsp. 233
Denial of Servicep. 233
Privilege Escalationp. 238
Pilferingp. 241
Grabbing the Win 2000 Password Hashesp. 241
The Encrypting File System (EFS)p. 246
Exploiting Trustp. 249
Covering Tracksp. 251
Disabling Auditingp. 251
Clearing the Event Logp. 252
Hiding Filesp. 252
Back Doorsp. 252
Startup Manipulationp. 252
Remote Controlp. 255
Keystroke Loggersp. 257
General Countermeasures: New Windows Security Toolsp. 257
Group Policyp. 257
Runasp. 260
Summaryp. 261
Novell NetWare Hackingp. 265
Attaching but Not Touchingp. 267
Enumerate Bindery and Treesp. 268
Opening the Unlocked Doorsp. 275
Authenticated Enumerationp. 277
Gaining Adminp. 282
Application Vulnerabilitiesp. 285
Spoofing Attacks (Pandora)p. 287
Once You Have Admin on a Serverp. 290
Owning the NDS Filesp. 292
Log Doctoringp. 298
Console Logsp. 299
Further Resourcesp. 302
Web Sites (ftp://ftp.novell.com/pub/updates/nw/nw411/)p. 302
Usenet Groupsp. 303
Summaryp. 303
Hacking UNIXp. 305
The Quest for Rootp. 306
A Brief Reviewp. 306
Vulnerability Mappingp. 307
Remote Access Versus Local Accessp. 307
Remote Accessp. 308
Data Driven Attacksp. 312
I Want My Shellp. 317
Common Types of Remote Attacksp. 322
Local Accessp. 339
After Hacking Rootp. 357
Trojansp. 358
Rootkit Recoveryp. 369
Summaryp. 370
Network Hacking
Case Study: Sweat the Small Stuff!p. 374
Dial-Up, PBX, Voicemail, and VPN Hackingp. 377
Wardialingp. 380
Hardwarep. 380
Legal Issuesp. 381
Peripheral Costsp. 382
Softwarep. 382
A Final Notep. 403
PBX Hackingp. 405
Virtual Private Network (VPN) Hackingp. 415
Summaryp. 419
Network Devicesp. 421
Discoveryp. 422
Detectionp. 422
SNMPp. 429
Back Doorsp. 433
Default Accountsp. 433
Lower the Gates (Vulnerabilities)p. 437
Shared Versus Switchedp. 443
Detecting the Media You're Onp. 444
Passwords on a Silver Platter: Dsniffp. 445
Sniffing on a Network Switchp. 448
snmpsniffp. 452
Summaryp. 457
Firewallsp. 459
Firewall Landscapep. 460
Firewall Identificationp. 460
Advanced Firewall Discoveryp. 465
Scanning Through Firewallsp. 469
Packet Filteringp. 473
Application Proxy Vulnerabilitiesp. 477
WinGate Vulnerabilitiesp. 479
Summaryp. 481
Denial of Service (DoS) Attacksp. 483
Motivation of DoS Attackersp. 484
Types of DoS Attacksp. 485
Bandwidth Consumptionp. 485
Resource Starvationp. 486
Programming Flawsp. 486
Routing and DNS Attacksp. 487
Generic DoS Attacksp. 488
Sites Under Attackp. 491
UNIX and Windows NT DoSp. 494
Remote DoS Attacksp. 495
Distributed Denial of Service Attacksp. 499
Local DoS Attacksp. 504
Summaryp. 506
Software Hacking
Case Study: Using All the Dirty Tricks to Get Inp. 508
Remote Control Insecuritiesp. 511
Discovering Remote Control Softwarep. 512
Connectingp. 513
Weaknessesp. 514
Revealed Passwordsp. 516
Uploading Profilesp. 517
What Software Package Is the Best in Terms of Security?p. 521
pcAnywherep. 521
ReachOutp. 521
Remotely Anywherep. 521
Remotely Possible/ControlITp. 523
Timbuktup. 523
Virtual Network Computing (VNC)p. 523
Citrixp. 526
Summaryp. 527
Advanced Techniquesp. 529
Session Hijackingp. 530
Back Doorsp. 533
Trojansp. 555
Subverting the System Environment: Rootkits and Imaging Toolsp. 558
Social Engineeringp. 561
Summaryp. 563
Web Hackingp. 565
Web Pilferingp. 566
Finding Well-Known Vulnerabilitiesp. 570
Automated Scripts, for All Those "Script Kiddies"p. 570
Automated Applicationsp. 572
Script Inadequacies: Input Validation Attacksp. 573
Active Server Pages (ASP) Vulnerabilitiesp. 582
Buffer Overflowsp. 590
Poor Web Designp. 598
Summaryp. 600
Hacking the Internet Userp. 601
Malicious Mobile Codep. 603
Microsoft ActiveXp. 603
Java Security Holesp. 614
Beware the Cookie Monsterp. 618
Internet Explorer HTML Frame Vulnerabilitiesp. 621
SSL Fraudp. 623
Email Hackingp. 626
Mail Hacking 101p. 626
Executing Arbitrary Code Through Emailp. 629
Outlook Address Book Wormsp. 637
File Attachment Attacksp. 639
IRC Hackingp. 647
Napster Hacking with Wrapsterp. 649
Global Countermeasures to Internet User Hackingp. 650
Keep Antivirus Signatures Updatedp. 650
Guarding the Gatewaysp. 651
Summaryp. 652
Appendixes
Portsp. 657
Top 14 Security Vulnerabilitiesp. 661
About the Companion Web Sitep. 663
Novellp. 664
UNIXp. 665
Windows NTp. 665
Wordlists and Dictionariesp. 666
Wardialingp. 666
Enumeration Scriptsp. 666
Indexp. 667
Table of Contents provided by Syndetics. All Rights Reserved.

ISBN: 9780072127485
ISBN-10: 0072127481
Series: Hacking Exposed
Audience: Professional
Format: Paperback
Language: English
Number Of Pages: 736
Published: 3rd October 2000
Publisher: McGraw-Hill Education - Europe
Country of Publication: US
Dimensions (cm): 23.5 x 19.1  x 3.7
Weight (kg): 1.24
Edition Number: 2
Edition Type: Revised