Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2nd Edition
©2006 |Pearson |
©2006 |Pearson |
For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security experts Ed Skoudis and Tom Liston have thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks.
Major revision to the best-selling, step-by-step guide to defending against hacker intrusions--more than 45% new material.
° Contains more than 45% new material including coverage devoted to the steps of scanning, gaining and maintaining access, and preventing detection
° All new scenarios in the anatomy of an attack chapter and tools to battle them
° Author is a huge name in security. The first edition is touted as "outstanding" and the "best of its kind"
Important features of this new edition include
(NOTE: Each chapter concludes with Summary).
About the Authors.
The Computer World and the Golden Age of Hacking.
Why This Book?
The Threat: Never Underestimate Your Adversary.
A Note on Terminology and Iconography.
Caveat: These Tools Could Hurt You.
Organization of Rest of the Book.
2. Networking Overview: Pretty Much Everything You Need to Know About Networking to Follow the Rest of This Book.
The OSI Reference Model and Protocol Layering.
How Does TCP/IP Fit In?
Transmission Control Protocol (TCP).
User Datagram Protocol (UDP).
Internet Protocol (IP) and Internet Control Message Protocol (ICMP).
Other Network-Level Issues.
Don’t Forget About the Data Link and Physical Layers!
Security Solutions for the Internet.
3. Linux and UNIX Overview: Pretty Much Everything You Need to Know About Linux and UNIX to Follow the Rest of This Book.
Accounts and Groups.
Linux and UNIX Permissions.
Linux and UNIX Trust Relationships.
Common Linux and UNIX Network Services.
4. Windows NT/000/XP/00 Overview: Pretty Much Everything You Need to Know About Windows to Follow the Rest of This Book.
A Brief History of Time.
The Underlying Windows Operating System Architecture.
How Windows Password Representations Are Derived.
From Service Packs and Hotfixes to Windows Update and Beyond.
Accounts and Groups.
Object Access Control and Permissions.
Windows 2000 and Beyond: Welcome to the New Millennium.
5. Phase 1: Reconnaissance.
Low-Technology Reconnaissance: Social Engineering, Caller ID Spoofing, Physical Break-In, and Dumpster Diving.
Search the Fine Web (STFW).
Who is Databases: Treasure Chests of Information.
The Domain Name System.
General-Purpose Reconnaissance Tools.
6. Phase 2: Scanning.
War Driving: Finding Wireless Access Points.
War Dialing: Looking for Modems in All the Right Places.
Determining Open Ports Using Port Scanners.
Intrusion Detection System and Intrusion Prevention System Evasion.
7. Phase 3: Gaining Access Using Application and Operating System Attacks.
Script Kiddie Exploit Trolling.
Pragmatism for More Sophisticated Attackers.
Buffer Overflow Exploits.
Web Application Attacks.
Exploiting Browser Flaws.
8. Phase 4: Gaining Access Using Network Attacks.
IP Address Spoofing.
Netcat: A General-Purpose Network Tool.
9. Phase 3: Denial-of-Service Attacks.
Locally Stopping Services.
Locally Exhausting Resources.
Remotely Stopping Services.
Remotely Exhausting Resources.
10. Phase 4: Maintaining Access: Trojans, Backdoors, and Rootkits ... Oh My!
The Devious Duo: Backdoors Melded into Trojan Horses.
Nasty: Application-Level Trojan Horse Backdoor Tools.
Also Nasty: The Rise of the Bots.
Additional Nastiness: Spyware Everywhere!
Defenses Against Application-Level Trojan Horse Backdoors, Bots, and Spyware.
Even Nastier: User-Mode Rootkits.
Defending Against User-Mode Rootkits.
Nastiest: Kernel-Mode Rootkits.
Defending Against Kernel-Mode Rootkits.
11. Phase 5: Covering Tracks and Hiding.
Hiding Evidence by Altering Event Logs.
Defenses Against Log and Accounting File Attacks.
Creating Difficult-to-Find Files and Directories.
Hiding Evidence on the Network: Covert Channels.
Defenses Against Covert Channels.
12. Putting It All Together: Anatomy of an Attack.
Scenario 1: Crouching Wi-Fi, Hidden Dragon.
Scenario 2: Death of a Telecommuter.
Scenario 3: The Manchurian Contractor.
13. The Future, References, and Conclusions.
Where Are We Heading?
Keeping Up to Speed.
Final Thoughts ... Live Long and Prosper.
Pearson offers affordable and accessible purchase options to meet the needs of your students. Connect with us to learn more.
K12 Educators: Contact your Savvas Learning Company Account General Manager for purchase options. Instant Access ISBNs are for individuals purchasing with credit cards or PayPal.
Savvas Learning Company is a trademark of Savvas Learning Company LLC.
Ed Skoudis is a founder and senior security consultant for the Washington, D.C.-based network security consultancy, Intelguardians Network Intelligence, LLC. His expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues. He has performed numerous security assessments, designed information security governance and operations teams for Fortune 500 companies, and responded to computer attacks for clients in financial, high technology, health care, and other industries. Ed has demonstrated hacker techniques for the U.S. Senate and is a frequent speaker on issues associated with hacker tools and defenses. He was also awarded 2004 and 2005 Microsoft MVP awards for Windows Server Security and is an alumnus of the Honeynet Project. Prior to Intelguardians, Ed served as a security consultant with International Network Services (INS), Predictive Systems, Global Integrity, SAIC, and Bell Communications Research (Bellcore).
Tom Liston is a senior analyst for the Washington, D.C.-based network security consultancy, Intelguardians Network Intelligence, LLC. He is the author of the popular open source network tarpit, LaBrea, for which he was a finalist for eWeek and PC Magazine’s Innovations In Infrastructure (i3) award in 2002. He is one of the handlers at the SANS Institute’s Internet Storm Center, where he deals daily with cutting edge security issues and authors a popular series of articles under the title “Follow the Bouncing Malware.” Mr. Liston resides in the teeming metropolis of Johnsburg, Illinois, and has four beautiful children (who demanded to be mentioned): Mary, Maggie, Erin, and Victoria.
We're sorry! We don't recognize your username or password. Please try again.
The work is protected by local and international copyright laws and is provided solely for the use of instructors in teaching their courses and assessing student learning.
You have successfully signed out and will be required to sign back in should you need to download more resources.