Security Warrior | O'Reilly Media

Tell a friend

Security Warrior By Cyrus Peikari, Anton Chuvakin
January 2004
Pages: 552

| Table of Contents | Index | Sample Chapter | Colophon

Software Cracking
1. Chapter 1 Assembly Language
  1. Registers
  2. ASM Opcodes
  3. References
2. Chapter 2 Windows Reverse Engineering
  1. History of RCE
  2. Reversing Tools
  3. Reverse Engineering Examples
  4. References
3. Chapter 3 Linux Reverse Engineering
  1. Basic Tools and Techniques
  2. A Good Disassembly
  3. Problem Areas
  4. Writing New Tools
  5. References
4. Chapter 4 Windows CE Reverse Engineering
  1. Windows CE Architecture
  2. CE Reverse Engineering Fundamentals
  3. Practical CE Reverse Engineering
  4. Reverse Engineering serial.exe
  5. References
5. Chapter 5 Overflow Attacks
  1. Buffer Overflows
  2. Understanding Buffers
  3. Smashing the Stack
  4. Heap Overflows
  5. Preventing Buffer Overflows
  6. A Live Challenge
  7. References
Network Stalking
1. Chapter 6 TCP/IP Analysis
  1. A Brief History of TCP/IP
  2. Encapsulation
  3. TCP
  4. IP
  5. UDP
  6. ICMP
  7. ARP
  8. RARP
  9. BOOTP
  10. DHCP
  11. TCP/IP Handshaking
  12. Covert Channels
  13. IPv6
  14. Ethereal
  15. Packet Analysis
  16. Fragmentation
  17. References
2. Chapter 7 Social Engineering
  1. Background
  2. Performing the Attacks
  3. Advanced Social Engineering
  4. References
3. Chapter 8 Reconnaissance
  1. Online Reconnaissance
  2. Conclusion
  3. References
4. Chapter 9 OS Fingerprinting
  1. Telnet Session Negotiation
  2. TCP Stack Fingerprinting
  3. Special-Purpose Tools
  4. Passive Fingerprinting
  5. Fuzzy Operating System Fingerprinting
  6. TCP/IP Timeout Detection
  7. References
5. Chapter 10 Hiding the Tracks
  1. From Whom Are You Hiding?
  2. Postattack Cleanup
  3. Forensic Tracks
  4. Maintaining Covert Access
  5. References
Platform Attacks
1. Chapter 11 Unix Defense
  1. Unix Passwords
  2. File Permissions
  3. System Logging
  4. Network Access in Unix
  5. Unix Hardening
  6. Unix Network Defense
  7. References
2. Chapter 12 Unix Attacks
  1. Local Attacks
  2. Remote Attacks
  3. Unix Denial-of-Service Attacks
  4. References
3. Chapter 13 Windows Client Attacks
  1. Denial-of-Service Attacks
  2. Remote Attacks
  3. Remote Desktop/Remote Assistance
  4. References
4. Chapter 14 Windows Server Attacks
  1. Release History
  2. Kerberos Authentication Attacks
  3. Kerberos Authentication Review
  4. Defeating Buffer Overflow Prevention
  5. Active Directory Weaknesses
  6. Hacking PKI
  7. Smart Card Hacking
  8. Encrypting File System Changes
  9. Third-Party Encryption
  10. References
5. Chapter 15 SOAP XML Web Services Security
  1. XML Encryption
  2. XML Signatures
  3. Reference
6. Chapter 16 SQL Injection
  1. Introduction to SQL
  2. SQL Injection Attacks
  3. SQL Injection Defenses
  4. PHP-Nuke Examples
  5. References
7. Chapter 17 Wireless Security
  1. Reducing Signal Drift
  2. Problems with WEP
  3. Cracking WEP
  4. Practical WEP Cracking
  5. VPNs
  6. TKIP
  7. SSL
  8. Airborne Viruses
  9. References
Advanced Defense
1. Chapter 18 Audit Trail Analysis
  1. Log Analysis Basics
  2. Log Examples
  3. Logging States
  4. When to Look at the Logs
  5. Log Overflow and Aggregation
  6. Challenge of Log Analysis
  7. Security Information Management
  8. Global Log Aggregation
  9. References
2. Chapter 19 Intrusion Detection Systems
  1. IDS Examples
  2. Bayesian Analysis
  3. Hacking Through IDSs
  4. The Future of IDSs
  5. Snort IDS Case Study
  6. IDS Deployment Issues
  7. References
3. Chapter 20 Honeypots
  1. Motivation
  2. Building the Infrastructure
  3. Capturing Attacks
  4. References
4. Chapter 21 Incident Response
  1. Case Study: Worm Mayhem
  2. Definitions
  3. Incident Response Framework
  4. Small Networks
  5. Medium-Sized Networks
  6. Large Networks
  7. References
5. Chapter 22 Forensics and Antiforensics
  1. Hardware Review
  2. Information Detritus
  3. Forensics Tools
  4. Bootable Forensics CD-ROMs
  5. Evidence Eliminator
  6. Forensics Case Study: FTP Attack
  7. References
Appendix
1. Appendix A Useful SoftICE Commands and Breakpoints
  1. SoftICE Commands
  2. Breakpoints

Colophon

Return to Security Warrior

Table of Contents

Software Cracking

Chapter 1 Assembly Language

Chapter 2 Windows Reverse Engineering

Chapter 3 Linux Reverse Engineering

Chapter 4 Windows CE Reverse Engineering

Chapter 5 Overflow Attacks

Network Stalking

Chapter 6 TCP/IP Analysis

Chapter 7 Social Engineering

Chapter 8 Reconnaissance

Chapter 9 OS Fingerprinting

Chapter 10 Hiding the Tracks

Platform Attacks

Chapter 11 Unix Defense

Chapter 12 Unix Attacks

Chapter 13 Windows Client Attacks

Chapter 14 Windows Server Attacks

Chapter 15 SOAP XML Web Services Security

Chapter 16 SQL Injection

Chapter 17 Wireless Security

Advanced Defense

Chapter 18 Audit Trail Analysis

Chapter 19 Intrusion Detection Systems

Chapter 20 Honeypots

Chapter 21 Incident Response

Chapter 22 Forensics and Antiforensics

Appendix

Appendix A Useful SoftICE Commands and Breakpoints

Colophon