Synopses & Reviews
Protect your Windows system against Internet hackersright now!
- Protect your Windows computerNOW!
- Covers Windows 2000, Me, 98, 95, and Windows XP
- Stop sharing your files with the world
- Install your own personal firewallstep by step
- Block your employer from reading your private email
- Avoid worms, Trojans, viruses, and hostile Web pages
Whether you're running Windows XP, 2000, Me, 98, or 95, if you're connected to the Internet, you're at riskespecially if you're using an "always-on" cable modem or DSL connection. Now, learn exactly how to defend yourselfeven if you know nothing about Internet security!
Windows Internet Security starts by reviewing the threats to your Windows PC: what hackers know about your computer and the Internet, and how they can use that knowledge to attack you. Then, step by step, you'll plan and implement today's most powerful defenses. Discover how to:
- Stop sharing resources you don't want to expose to the world
- Choose and implement the right "personal firewall"
- Protect your e-commerce transactions
- Avoid viruses, worms, Trojans, and hostile Web pages
- Protect your privacy and anonymity on the Web
- Cope with today's new wireless hacking attacks
- Respond and recover if you've already been hacked
- Make the most of Windows XP's new computer security features
Windows Internet Security makes security comprehensible, practical-even easy! At home or at work, it's the one indispensable security book for every Windows user and administrator.
Windows Internet Security will help you protect any Windows system against hackers - even if you know nothing about Internet security! Stop exposing your private files; install a personal firewall; protect your e-commerce transactions; avoid worms, Trojans, and hostile Web pages; protect your privacy; and more. Whether you're running XP, 2000, Me, 98, or 95, this book makes Windows security practical and easy!
About the Author
SETH FOGIE is currently Senior Security Consultant at VirusMD Corporation, where he moderates the firm's Internet Security Help forum. He served six years as a U.S. Navy Nuclear Engineer and earned his MCSE before becoming the Network Administrator for a large retail company.
DR. CYRUS PEIKARI has served as Chief Technical Officer for VirusMD Corporation since 1998. Dr. Peikari is a physician in Dallas, TX who personally has several patents pending in the computer virus field. He has also spoken at Defcon, the annual hacker security conference in Las Vegas, NV.
Table of Contents
Studying the Battleground.
1. Computer Architecture and Operating System Review.
Understanding the Internals of Your Computer. Size Matters. The Hard Drive. RAM. The Processor (CPU). Cache. The Motherboard. Bus Speed/Size. The Modem. The Network Interface Card. Serial and Parallel Ports. Summary of the Computer versus Library Analogy. The Modem in Detail. Operating Systems and Internet Security. Windows 95/98/ME. Windows NT/2000/XP. Linux. Other UNIX-Based Operating Systems and Macs. Windows CE. Summary.
2. Understanding the Internet.
A Little Byte of History. The Internet Service Provider. What Is an ISP? POPs. ISP Logging. Proxy ISPs. Web Addressing Explained. URIs. URNs. URC. URLs. Internet Protocols. http. https. ftp. Other Protocols. Breaking Down the URL. The Internet Protocol Address. Domain Name Servers. URL Abuse. Web Pages: Inside and Out. Web Servers. HTML. Scripting and Codes. Malicious Coding.
A Computer: A House. Your Computer Ports: Your Doors and Windows. Roads and Highways: The Internet. TCP/IP: An Overview. TCP/IP: Driving Rules. CEO Analogy. TCP/IP: The Gory Details. Packets. Layers. TCP/IP Handshaking. Knowing the Enemy.
4. Know Your Enemy.
The Hacker versus the Cracker. The Script Kiddie. The Phreaker. Ethical versus Unethical Hackers. Global Hackers.
5. Hacking Techniques for Unauthorized Access.
WetWare. Social Engineering. Social Spying. Garbage Collecting. Sniffing. What is Sniffing? How Does a Sniffer Work? How Hackers Use Sniffers. How Can I Block Sniffers? How to Detect a Sniffer. Spoofing and Session Hijacking. An Example of Spoofing. Buffer Overflows. Character Manipulation and Unexpected Input Exploits. The Normal Search Engine Process. The Hacked Search Engine Process. Exploiting Web Forms.
6. Hacking Techniques for Attacks.
SYN Flooding. Smurf Attacks. System Overloads. DNS Spoofing.
7. Walk-Through of a Hacker Attack.
The Goal Stage. Walk-Through of a Hack. Information Gathering. Planning. Execution. Clean Up. Planning the Defense.
8. Building Your Defense Strategy.
Fortifying Your Defenses. Virus/Trojan Protection. Virus Scanners. Trojan Scanners. Firewalls. Hardware Firewalls. Software Firewalls. Hardware/Software Combination Firewalls. Which Firewall is Best for You? Restricting Access by IP. Restricting Access by Port (Service). Restricting Access by Protocol. Restricting Access by Keyword. Restricting Access by Application. Encryption. Encryption Details. Symmetric Encryption. Asymmetric Encryption. Putting Different Types of Encryption to the Test. Origin Verification. Secure Sockets Layer. Virtual Private Network. Disadvantages of Encryption. What Encryption Does Not Do. Recovery. Summary.
9. Personal Firewalls and Intrusion Detection Systems.
Do Personal Firewalls Really Work? The Fallacy of “Laying Low”. Why Do I Need a Personal Firewall? McAfee Personal Firewall. Norton Personal Firewall. BlackICE Defender. ZoneAlarm. Intrusion Detection Systems. Honeypots.
10. Stop Sharing Your Computer.
Network Shares. Password-Protecting Shares on Windows 95/98/ME. Removing Shares on Windows 95/98/ME. Removing Shares on Windows NT/2000/XP.
11. E-Commerce Security Overview.
Thwarting E-Criminals. Who is the Real Criminal? Stolen Goods Online. Secure Transactions.
12. Mastering Network Tools
MS-DOS. NETSTAT. Ping. TRACERT. NBTSTAT. NETVIEW. NET USE. Password Crackers.
13. Viruses, Worms, and Trojan Horses.
Viruses. A Virus Defined. MBR Virus. Macro Virus. File Infectors. Combination Viruses. Worms. Virus and Worm Prevention. I've Been Infected! Now What? Trojans. How a Trojan Works. The Backdoor Blues. Detecting and Removing Trojans. Hostile Web Pages and Scripting.
14. Malicious Code.
Programming Languages. Low-Level Languages. High-Level Languages. Scripting Languages. Programming Concepts. Program Parts. Malicious Client-Side Scripting. Denial of Service Scripts. Intrusive Access Scripts. Malicious Server-Side Scripting. PHP. ASP. Perl. The Virus/Worm. An Example of Viral Code. Moving With Stealth.
15. Privacy and Anonymity.
Cookies. Cookie #1. Cookie #2. Cookie #3. Unpleasant Cookies. Cookie #1. Cookie #2. Controlling Those Cookies. Your Online Identity. Registration Requests and Unique IDs. Online Identification. Hardware IDs. Spyware in the Workplace. Chat Programs. Proxies and Anonymity. Browser Caching.
16. Big Brother is Watching You.
Email Spying. Keeping Your Email Private. Web Page Monitoring. Defeating Corporate Web Filters. Chat Program Monitoring. Keep Your Chats Private. Spyware. Spying on the Employee. Spying on the Consumer. Spying on the Family. Government Spyware. Commentary: Ethics and Privacy. Future Trends.
17. Windows XP: New Security Features.
The Microsoft Internet Connection Firewall. Windows XP Wireless Security. 802.1x—Port-Based Network Access Control. New Windows XP Wireless Features. Microsoft's XP Hacker Test. Test Site Description. File Encryption and User Control.
18. Future Security Threats.
Mobile Computing. Wireless Network Hacking. Automated Hacking. Advanced Topics.
19. Registry Editing.
Introduction to Registry Editing. Purpose of the Registry. Parts of the Registry. Using the Registry. Backing Up the Registry. Restoring the Registry. Manipulating Registry Keys.
20. Disaster Recovery.
Creating a Boot Disk. Down but Not Out (Computer is Infected, but Still Functioning). Down and Out (Computer is Inoperable). Using FDISK/Format.
Appendix A: Common Trojan Ports.
Appendix B: Annotated Bibliography.
On the Web. Books. Internet Search. Hacking/Security Conferences.