Book description
A new edition the most popular Hack Proofing book around!
IT professionals who want to run secure networks, or build secure software, need to know about the methods of hackers. The second edition of the best seller Hack Proofing Your Network, teaches about those topics, including: · The Politics, Laws of Security, Classes of Attack, Methodology, Diffing, Decrypting, Brute Force, Unexpected Input, Buffer Overrun, Sniffing, Session Hijacking, Spoofing, Server Holes, Client Holes, Trojans and Viruses, Reporting Security Problems, Choosing Secure Systems The central idea of this book is that it's better for you to find the holes in your network than it is for someone else to find them, someone that would use them against you. The complete, authoritative guide to protecting your Windows 2000 Network.
- Updated coverage of an international bestseller and series flagship
- Covers more methods of attack and hacker secrets
- Interest in topic continues to grow - network architects, engineers and administrators continue to scramble for security books
- Written by the former security manager for Sybase and an expert witness in the Kevin Mitnick trials
- A great addition to the bestselling "Hack Proofing..." series
- Windows 2000 sales have surpassed those of Windows NT
- Critical topic. The security of an organization's data and communications is crucial to its survival and these topics are notoriously difficult to grasp
- Unrivalled web support at www.solutions@syngress.com
Table of contents
- Cover
- Title page
- Table of Contents
- Solutions@syngress.com
- Copyright
- Acknowledgments
- Contributors
- From the First Edition
- Technical Editor and Contributor
- Foreword v 1.5
- About the Web Site
- Foreword v 1.0
- Chapter 1: How To Hack
-
Chapter 2: The Laws of Security
- Introduction
- Knowing the Laws of Security
- Client-Side Security Doesn’t Work
- You Cannot Securely Exchange Encryption Keys without a Shared Piece of Information
- Malicious Code Cannot Be 100 Percent Protected against
- Any Malicious Code Can Be Completely Morphed to Bypass Signature Detection
- Firewalls Cannot Protect You 100 Percent from Attack
- Any IDS Can Be Evaded
- Secret Cryptographic Algorithms Are Not Secure
- If a Key Is Not Required, You Do Not Have Encryption—You Have Encoding
- Passwords Cannot Be Securely Stored on the Client Unless There Is Another Password to Protect Them
- In Order for a System to Begin to Be Considered Secure, It Must Undergo an Independent Security Audit
- Security through Obscurity Does Not Work
- Summary
- Frequently Asked Questions
- Chapter 3: Classes of Attack
- Chapter 4: Methodology
- Chapter 5: Diffing
- Chapter 6: Cryptography
-
Chapter 7: Unexpected Input
- Introduction
- Understanding Why Unexpected Data Is Dangerous
- Finding Situations Involving Unexpected Data
- Using Techniques to Find and Eliminate Vulnerabilities
- Utilizing the Available Safety Features in Your Programming Language
- Using Tools to Handle Unexpected Data
- Summary
- Solutions Fast Track
- Frequently Asked Questions
- Chapter 8: Buffer Overflow
-
Chapter 9: Format Strings
- Introduction
- Understanding Format String Vulnerabilities
- Why and Where Do Format String Vulnerabilities Exist?
- How Can They Be Fixed?
- How Format String Exploits Work
- What to Overwrite
- Examining a Vulnerable Program
- Testing with a Random Format String
- Writing a Format String Exploit
- Summary
- Solutions Fast Track
- Frequently Asked Questions
- Chapter 10: Sniffing
- Chapter 11: Session Hijacking
- Chapter 12: Spoofing: Attacks on Trusted Identity
-
Chapter 13: Tunneling
- Introduction
- Strategic Constraints of Tunnel Design
- Designing End-to-End Tunneling Systems
- Open Sesame: Authentication
- Command Forwarding: Direct Execution for Scripts and Pipes
- Port Forwarding: Accessing Resources on Remote Networks
- When in Rome: Traversing the Recalcitrant Network
- Not In Denver, Not Dead: Now What?
- Summary
- Solutions Fast Track
- Frequently Asked Questions
-
Chapter 14: Hardware Hacking
- Introduction
- Understanding Hardware Hacking
- Opening the Device: Housing and Mechanical Attacks
- Analyzing the Product Internals: Electrical Circuit Attacks
- What Tools Do I Need?
- Example: Hacking the iButton Authentication Token
- Example: Hacking the NetStructure 7110 E-commerce Accelerator
- Summary
- Solutions Fast Track
- Frequently Asked Questions
- Chapter 15: Viruses, Trojan Horses, and Worms
- Chapter 16: IDS Evasion
- Chapter 17: Automated Security Review and Attack Tools
- Chapter 18: Reporting Security Problems
- Index
Product information
- Title: Hack Proofing Your Network, 2nd Edition
- Author(s):
- Release date: March 2002
- Publisher(s): Syngress
- ISBN: 9780080478166
You might also like
book
Hacking Exposed Wireless, Third Edition, 3rd Edition
Exploit and defend against the latest wireless network attacks Learn to exploit weaknesses in wireless network …
book
Tribe of Hackers Security Leaders
Tribal Knowledge from the Best in Cybersecurity Leadership The Tribe of Hackers series continues, sharing what …
book
Advanced Penetration Testing for Highly-Secured Environments - Second Edition
Employ the most advanced pentesting techniques and tools to build highly-secured systems and environments About This …
book
Security Warrior
When it comes to network security, many users and administrators are running scared, and justifiably so. …