Synopses & Reviews
The world's bestselling computer security book--fully expanded and updated"Right now you hold in your hand one of the most successful security books ever written. Rather than being a sideline participant, leverage the valuable insights Hacking Exposed 6 provides to help yourself, your company, and your country fight cyber-crime." --From the Foreword by Dave DeWalt, President and CEO, McAfee, Inc.
"For security to be successful in any company, you must ‘think evil' and be attuned to your ‘real risk'...Hacking Expose 6 defines both." --Patrick Heim, CISO, Kaiser Permanente
"The definitive resource to understanding the hacking mindset and the defenses against it." --Vince Rossi, CEO and President, St. Bernard Software
"Identity theft costs billions every year and unless you understand the threat, you will be destined to be a victim of it. Hacking Exposed 6 gives you the tools you need to prevent being a victim." --Bill Loesch, CTO, Guard ID Systems
"This book is current, comprehensive, thoughtful, backed by experience, and appropriately free of vendor-bias-prized features for any security practitioner in need of information." --Kip Boyle, CISO, PEMCO Mutual Insurance Company
"The Hacking Exposed series has become the definitive reference for security professionals from the moment it was first released, and the 6th edition maintains its place on my bookshelf," --Jeff Moss, Founder of the popular Black Hat Security Conference
Meet the formidable demands of security in today's hyperconnected world with expert guidance from the world-renowned Hacking Exposed team. Following the time-tested "attack-countermeasure" philosophy, this 10th anniversary edition has been fully overhauled to cover the latest insidious weapons in the hacker's extensive arsenal.
New and updated material:
- New chapter on hacking hardware, including lock bumping, access card cloning, RFID hacks, USB U3 exploits, and Bluetooth device hijacking
- Updated Windows attacks and countermeasures, including new Vista and Server 2008 vulnerabilities and Metasploit exploits
- The latest UNIX Trojanand rootkit techniques and dangling pointer and input validation exploits
- New wireless and RFID security tools, including multilayered encryption and gateways
- All-new tracerouting and eavesdropping techniques used to target network hardware and Cisco devices
- Updated DoS, man-in-the-middle, DNS poisoning, and buffer overflow coverage
- VPN and VoIP exploits, including Google and TFTP tricks, SIP flooding, and IPsec hacking
- Fully updated chapters on hacking the Internet user, web hacking, and securing code
Synopsis
A must-read for anyone in security
. One of the best security books available.
--Tony Bradley, CISSP, About.com
Authoritative
.Even readers of earlier editions will find critical new insight on the more modern attacks. --From the Foreword by Gene Hodges, President of McAfee
A cross between a spy novel and a tech manual. --Mark A. Kellner, Washington Times
The seminal book on white-hat hacking and countermeasures.... Should be required reading for anyone with a server or a network to secure. Bill Machrone, PC Magazine
With every edition this book keeps getting better and better. I can recommend it to anyone interested in computer security, as it will certainly give you a real-world course on the subject. Mirko Zorz, Net-security.org
The fifth edition of this world-renowned security reference offers completely up-to-date coverage of todays most devastating hacks and how to prevent them. Using the proven Hacking Exposed methodology, the book shows you, step by step, how to locate and patch system vulnerabilities and explains what you need to know to stay vigilant in todays 24x7 digital world. New and Updated Material:
- New chapter on hacking code, with contributions by Michael Howard, covering the ways flaws get introduced into software and how best to prevent them
- New Windows hacks including RPCSS (Blaster), LSASS (Sasser), and PCT (Download.ject) buffer overflow exploits
- Updated denial of service chapter with descriptions of large scale zombie attacks and practical countermeasures
- Coverage of new web hacking tools and techniques including HTTP response splitting and automated vulnerability scanners
- New content on remote connectivity including VoIP hacking
- New coverage of web and e-mail client hacking, including the latest Internet
- Explorer exploits, phishing, spyware, rootkits, and bots
- New hacks and countermeasures using Google as a reconnaissance tool
- An updated footprinting chapter that deals with changes regarding finding information from Internet databases
- Brand new case studies covering relevant and timely security attacks including Google, wireless, UNIX/Linux, and Mac OS X hacks
Stuart McClure is Senior Vice President of Risk Management Product Development at McAfee, Inc. Joel Scambray is a Senior Director of Security for Microsofts MSN. George Kurtz is Senior Vice President of Risk Management at McAfee, Inc. They are the best-selling co-authors of all four previous editions of Hacking Exposed.
Synopsis
The seminal book on white-hat hacking and countermeasures... Should be required reading for anyone with a server or a network to secure. --Bill Machrone, PC Magazine
The definitive compendium of intruder practices and tools. --Steve Steinke, Network Magazine
For almost any computer book, you can find a clone. But not this one... A one-of-a-kind study of the art of breaking in. --UNIX Review
Here is the latest edition of international best-seller, Hacking Exposed. Using real-world case studies, renowned security experts Stuart McClure, Joel Scambray, and George Kurtz show IT professionals how to protect computers and networks against the most recent security vulnerabilities. You'll find detailed examples of the latest devious break-ins and will learn how to think like a hacker in order to thwart attacks. Coverage includes: Code hacking methods and countermeasures New exploits for Windows 2003 Server, UNIX/Linux, Cisco, Apache, and Web and wireless applications Latest DDoS techniques--zombies, Blaster, MyDoom All new class of vulnerabilities--HTTP Response Splitting and much more
About the Author
Stuart McClure (Ladera Ranch, CA) is Senior Vice President of Risk Management Engineering for McAfee, where he is responsible for driving product strategy and marketing for the McAfee Foundstone family of risk mitigation and management solutions. McAfee Foundstone saves countless millions in revenue and hours annually in recovering from hacker attacks, viruses, worms, and malware. Prior to his role at McAfee, Stuart was founder, president, and chief technology officer at Foundstone, Inc., which was acquired by McAfee in October 2004.
Widely recognized for his extensive and in-depth knowledge of security products, Stuart is considered one of the industry's leading authorities in information security today. A published and acclaimed security visionary, he brings many years of technology and executive leadership to McAfee Foundstone, along with profound technical, operational, and financial experience. At Foundstone, Stuart leads both product vision and strategy, and holds operational responsibilities for all technology development, support, and implementation. During his tenure, annual revenues grew over 100 percent every year since the company's inception in 1999.
In 1999, he took the lead in authoring Hacking Exposed: Network Security Secrets and Solutions, the best-selling computer-security book ever, with over 500,000 copies sold to date. Stuart also coauthored Hacking Exposed: WIndows 2000 (McGraw-Hill/Osborne, 2001) and Web Hacking: Attacks and Defense (Addison-Wesley, 2002).
Prior to Foundstone, Stuart held a variety of leadership positions in security and IT management, with Ernst and Young's National Security Profiling Team, two years as an industry analyst with InfoWorld's Test Center, five years as director of IT with both state and local California governments, two years as owner of an IT consultancy, and two years in IT with the University of Colorado, Boulder.
Stuary holds a bachelor's degree in psychology and philosophy, with an emphasis in computer science applications, from the University of Colorado, Boulder. He later earned numerous ceritifications, including ISC2's CISSP, Novell's CNE, and Check Point's CCSE.
Joel Scambray (Woodinville, WA) is Senior Director of Security for Microsoft's MSN.
George Kurtz (Conto de Caza, CA) is Senior Vice President of Risk Managemnt for McAfee.
They are all best-selling authors of all four previous editions of Hacking Exposed. McClure and Scambray also co-authored Hacking Exposed Windows 2000 and Hacking Exposed Windows Server 2003. Scambray co-authored Hacking Exposed Web Applications and Kurtz contributed to Hacking Exposed Linux.
Table of Contents
Part I: Casing the Establishment Chapter 1. Footprinting
Chapter 2. Scanning
Chapter 3. Enumeration
Part II: System Hacking
Chapter 4. Hacking Windows
Chapter 5. Hacking Unix
Part III: Infrastructure Hacking
Chapter 6. Remote Connectivity and VoIP Hacking
Chapter 7. Network Devices
Chapter 8. Wireless Hacking
Chapter 9. Hacking Hardware
Part IV: Application and Data Hacking
Chapter 10. Hacking Code
Chapter 11. Web Hacking
Chapter 12. Hacking the Internet User
Part V: Appendixes
Appendix A. Ports
Appendix B. Top 14 Security Vulnerabilities
Appendix C. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
Index