O’Reilly news

"Network Security Hacks": An Arsenal of Useful Techniques for Network Defense

May 14, 2004

Sebastopol, CA--Villains and rogues have a way of snaring our attention. Perhaps it's our romantic conceptions of a life lived outside of the law. Consider "black hat" hackers. It's easy to imbue these characters with Robin Hood-like qualities--clever, daring, and always one step ahead of an authoritarian establishment. We forget that their intent is malicious. That is, we forget until it's directed toward us. Then, we see how pointless and devastating the damage they wreak can be. The unsung heroes are those who quietly protect our networks and data from intruders. It's an endless and demanding task, not necessarily filled with high drama, but one on which everyone who uses a computer or the Internet relies. Network Security Hacks (O'Reilly, US $24.95) by Andrew Lockhart was written for these individuals, and it offers a wealth of useful techniques to make their job of detecting and dealing with intruders easier.

"The difference between 'white hat' and 'black hat' hackers isn't the tools or the techniques they use (or even the color of their hats), but their intent," explains Lockhart. "The difference is subtle but important. White hat hackers find that building secure systems presents an interesting challenge, and their security can be tested only through a thorough knowledge of how to subvert such systems. Black hat hackers--more appropriately called 'crackers'--pursue precisely the same knowledge, but without regard for the people who built the systems or the servers they attack."

Every day system crackers take advantage of vulnerable computers, turning them into spam relays or participants in distributed denial-of-service attacks, or using them to hide other unsavory activities. Network Security Hacks presents 100 industrial-strength techniques that network and system administrators can use to make sure their networks are not targets of opportunity. Loaded with concise but powerful examples of applied encryption, intrusion detection, logging, trending, and incident response, this compendium of security hacks doesn't just cover securing TCP/IP-based services, but also provides intelligent host-based security techniques.

Readers will learn how to detect the presence (and track every keystroke) of network intruders, methods for protecting their networks and data using strong encryption, and even techniques for laying traps for would-be system crackers. The book presents important security tools, as well as clever methods for using them to reveal timely and useful information about what is happening on your network. Readers will learn how to:

  • Monitor their network and services with advanced Intrusion Detection Systems (IDS) such as Snort and Spade
  • Protect email and other critical services using strong encryption
  • Block network scanners that detect operating system identity, and even fool them into thinking you are running another OS entirely
  • Securely connect two remote sites over the Internet using a number of strong VPN solutions (including IPSec, OpenVPN, PPTP, Vtun, and even SSH)
  • Set up virtual networks (honeypots) that appear vulnerable to attack, in order to divert and confuse attackers
  • Harden your Linux, BSD, and Windows hosts against attack
  • Detect, respond to, and recover from inevitable system compromises
  • Written for the intermediate to advanced network administrator, Network Security Hacks divulges practical, ingenious solutions to real-world networking problems. Using just one of these hacks will give readers an edge in the battle for network security. The other ninety-nine make this book absolutely invaluable.

    Additional Resources:

    Network Security Hacks
    Andrew Lockhart
    ISBN 0-596-00643-8, 298 pages, $24.95 US, $36.95 CA
    1-800-998-9938; 1-707-827-7000

    About O’Reilly

    O’Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O’Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying “faint signals” from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.

    Email a link to this press release