O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Stealing The Network

Book Description

Stealing the Network: How to Own the Box is NOT intended to be a "install, configure, update, troubleshoot, and defend book." It is also NOT another one of the countless Hacker books out there. So, what IS it? It is an edgy, provocative, attack-oriented series of chapters written in a first hand, conversational style. World-renowned network security personalities present a series of 25 to 30 page chapters written from the point of an attacker who is gaining access to a particular system. This book portrays the "street fighting" tactics used to attack networks and systems.
  • Not just another "hacker" book, it plays on "edgy" market success of Steal this Computer Book with first hand, eyewitness accounts
  • A highly provocative expose of advanced security exploits
  • Written by some of the most high profile "White Hats", "Black Hats" and "Gray Hats"
  • Gives readers a "first ever" look inside some of the most notorious network intrusions

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Acknowledgments
  5. Contributors
  6. Technical Editor
  7. Foreword
  8. Table of Contents
  9. Chapter 1: Hide and Sneak
    1. Tools
    2. The Scan
    3. Stupid Cisco Tricks
    4. The Computer Is the Computer, Mr. McNealy
    5. The Web, the Web … It’s Always the Web
    6. Kiss, or Keep It Simple, Stupid
    7. The Jackpot
    8. With Customers Like Me …
  10. Chapter 2: The Worm Turns
    1. Mr. Worm
    2. You Can Get It If You Really Want
    3. No Life ’til Leather
    4. It’s Pouring, It’s Raining
    5. I Live My Life Like There’s No Tomorrow
    6. It’s Like Broken Glass; You Get Cut before You See It
    7. If You Like to Gamble
    8. Mumble, Mumble, Mumble
  11. Chapter 3: Just Another Day at the Office
    1. Setup
    2. Welcoming Committee
    3. Low-Hanging Fruit
    4. In the Palm of My Hand
    5. Feeling Good in the Network Neighborhood
    6. What’s That Smell?
    7. Working from Home
    8. Diner
    9. The Only Way Out
    10. Epilogue
    11. References
  12. Chapter 4: h3X’s Adventures in Networkland
    1. Halfway Around the Globe at bszh.edu
    2. Exploring the Prey
    3. D-Day
    4. Trainees First
    5. Secret Service(s)
    6. Discovery
    7. The Girl Is Back in the House
    8. Aftermath
  13. Chapter 5: The Thief No One Saw
    1. The Tip-off
    2. Studying the Prey
    3. The DNS Giveaway
    4. Time to Get My Hands Dirty
    5. Getting Inside the VPN
    6. Finding the Software
    7. Looking Around
    8. Conclusion
  14. Chapter 6: Flying the Friendly Skies
    1. References
  15. Chapter 7: dis-card
    1. 0-Days
    2. Reverse-Engineering People
    3. Information
  16. Chapter 8: Social (In)Security
    1. Recon
    2. Jacques Cousteau and 20,000 Leagues in the Dumpster
    3. Fun with Human Resources
    4. Shoulder Surfing
    5. Success, or You Can Teach an Old Badge New Tricks
    6. Business as Usual?
  17. Chapter 9: BabelNet
    1. Hello Navi
    2. Mirror, Mirror on the Wall
    3. Polyglot
    4. When Good Packets Go Bad
    5. Authorspeak: Paketto Borne
    6. And They Say We’re Social Creatures
    7. Knock, Knock
    8. Who’s There?
    9. Scanrand
    10. Scanrand Who?
    11. Scanrand U
    12. Back to Our Regularly Scheduled Hackery
  18. Chapter 10: The Art of Tracking
    1. Tuesday
    2. Wednesday
    3. Thursday
    4. Friday
    5. Monday
  19. Appendix: The Laws of Security
    1. Introduction
    2. Knowing the Laws of Security
    3. Client-Side Security Doesn’t Work
    4. You Cannot Securely Exchange Encryption Keys without a Shared Piece of Information
    5. Malicious Code Cannot Be 100 Percent Protected against
    6. Any Malicious Code Can Be Completely Morphed to Bypass Signature Detection
    7. Firewalls Cannot Protect You 100 Percent from Attack
    8. Any IDS Can Be Evaded
    9. Secret Cryptographic Algorithms Are Not Secure
    10. If a Key Is Not Required, You Do Not Have Encryption—You Have Encoding
    11. Passwords Cannot Be Securely Stored on the Client Unless There Is Another Password to Protect Them
    12. In Order for a System to Begin to Be Considered Secure, It Must Undergo an Independent Security Audit
    13. Security through Obscurity Does Not Work
    14. Summary
    15. Solutions Fast Track
    16. Frequently Asked Questions
  20. Instructions for Online Access