Ethical Hacking: Techniques, Tools, and Countermeasures, 4th Edition

Ethical Hacking: Techniques, Tools, and Countermeasures, 4th Edition

by Michael G. Solomon, Sean-Philip Oriyano
Released November 2022
Publisher(s): Jones & Bartlett Learning
ISBN: 9781284249002

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Ethical Hacking: Techniques, Tools, and Countermeasures, Fourth Edition, covers the basic strategies and tools that prepare students to engage in proactive and aggressive cyber security activities, with an increased focus on Pen testing and Red Teams. Written by subject matter experts, with numerous real-world examples, the Fourth Edition provides readers with a clear, comprehensive introduction to the many threats on the security of our cyber environments and what can be done to combat them. The text begins with an examination of the landscape, key terms, and concepts that a security professional needs to know about hackers and computer criminals who break into networks, steal information, and corrupt data. Part II provides a technical overview of hacking: how attackers target cyber resources and the methodologies they follow. Part III studies those methods that are most effective when dealing with hacking attacks, especially in an age of increased reliance on distributed devices.

Table of contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Contents
  5. Preface
  6. Acknowledgments
  7. About the Authors
  8. CHAPTER 1 Hacking: The Next Generation
    1. Profiles and Motives of Different Types of Hackers
      1. Controls
      2. The Hacker Mindset
      3. Motivations of Hackers
    2. A Look at the History of Computer Hacking
    3. Ethical Hacking and Penetration Testing
      1. The Role of Ethical Hacking
      2. Ethical Hackers and the C-I-A Triad
    4. Common Hacking Methodologies
      1. Performing a Penetration Test
    5. The Role of the Law and Ethical Standards
    6. CHAPTER SUMMARY
    7. KEY CONCEPTS AND TERMS
    8. CHAPTER 1 ASSESSMENT
  9. CHAPTER 2 Linux and Penetration Testing
    1. Linux
    2. Introducing Kali Linux
    3. Working with Linux: The Basics
      1. A Look at the Interface
      2. Basic Linux Navigation
      3. Important Linux Directories
      4. Commonly Used Commands
      5. The Basic Command Structure of Linux
      6. Wildcard Characters in Linux
    4. Live CDs/DVDs
      1. Special-Purpose Live CDs/DVDs
      2. Virtual Machines
    5. CHAPTER SUMMARY
    6. KEY CONCEPTS AND TERMS
    7. CHAPTER 2 ASSESSMENT
  10. CHAPTER 3 TCP/IP Review
    1. Exploring the OSI Reference Model
      1. The Role of Protocols
      2. Layer 1: Physical Layer
      3. Layer 2: Data Link Layer
      4. Layer 3: Network Layer
      5. Layer 4: Transport Layer
      6. Layer 5: Session Layer
      7. Layer 6: Presentation Layer
      8. Layer 7: Application Layer
      9. The Role of Encapsulation
      10. Mapping the OSI Model to Functions and Protocols
      11. OSI Model Layers and Services
    2. TCP/IP: A Layer-by-Layer Review
      1. Physical or Network Access Layer
      2. Network or Internet Layer
      3. Host-to-Host Layer
      4. Application Layer
    3. CHAPTER SUMMARY
    4. KEY CONCEPTS AND TERMS
    5. CHAPTER 3 ASSESSMENT
  11. CHAPTER 4 Cryptographic Concepts
    1. Cryptographic Basics
      1. Authentication
      2. Integrity
      3. Nonrepudiation
    2. Symmetric and Asymmetric Cryptography
    3. Cryptographic History
    4. What Is an Algorithm or Cipher?
    5. Symmetric Encryption
    6. Asymmetric Encryption
    7. Hashing
      1. Birthday Attacks
    8. Digital Signatures
    9. Public Key Infrastructure
      1. The Role of Certificate Authorities
      2. Registration Authority
      3. Certificate Revocation List
      4. Digital Certificates
      5. PKI Attacks
    10. Common Cryptographic Systems
    11. Cryptanalysis
    12. Future Forms of Cryptography
    13. CHAPTER SUMMARY
    14. KEY CONCEPTS AND TERMS
    15. CHAPTER 4 ASSESSMENT
  12. CHAPTER 5 Passive Reconnaissance
    1. The Information-Gathering Process
    2. Information on a Company Website and Available Through Social Media
    3. Discovering Financial Information
    4. Google Hacking
    5. Exploring Domain Information Leakage
      1. Manual Registrar Query
      2. Nslookup
      3. Automatic Registrar Query
      4. Whois
      5. Internet Assigned Numbers Authority
      6. Determining a Network Range
      7. Traceroute
    6. Tracking an Organization’s Employees
      1. Using Social Networks
    7. Using Basic Countermeasures
    8. CHAPTER SUMMARY
    9. KEY CONCEPTS AND TERMS
    10. CHAPTER 5 ASSESSMENT
  13. CHAPTER 6 Active Reconnaissance
    1. Determining Address Ranges of Networks
    2. Identifying Active Machines
      1. Wardialing
      2. Wardriving and Related Activities
      3. Pinging
      4. Port Scanning
    3. Active Reconnaissance Countermeasures
    4. Mapping Open Ports
      1. Nmap
      2. Free IP Scanner
      3. Angry IP Scanner
      4. Advanced IP Scanner
    5. Operating System Fingerprinting
      1. Active OS Fingerprinting
      2. Passive OS Fingerprinting
    6. Mapping the Network
      1. Analyzing the Results
    7. CHAPTER SUMMARY
    8. KEY CONCEPTS AND TERMS
    9. CHAPTER 6 ASSESSMENT
  14. CHAPTER 7 Enumeration and Exploitation
    1. Windows Basics
      1. Controlling Access
      2. Users
      3. Groups
      4. Security Identifiers
      5. Commonly Attacked and Exploited Services
    2. Enumeration
    3. Performing Enumeration Tasks
      1. NULL Session
      2. Working with nbtstat
      3. SuperScan
      4. SNScan
    4. Reporting
    5. Exploitation
    6. Password Cracking
      1. Passive Online Attacks
      2. Active Online Attacks
      3. Offline Attacks
      4. Nontechnical Attacks
      5. Using Password Cracking
    7. Privilege Escalation
      1. Active@ Password Changer
      2. Reset Windows Password
      3. Stopping Privilege Escalation
    8. Planting Backdoors
      1. Using PsTools
      2. Rootkits
    9. Covering Tracks
      1. Disabling Auditing
      2. Data Hiding
    10. CHAPTER SUMMARY
    11. KEY CONCEPTS AND TERMS
    12. CHAPTER 7 ASSESSMENT
  15. CHAPTER 8 Malware
    1. Malware
      1. Malware’s Legality
      2. Types of Malware
      3. Malware’s Targets
    2. Viruses
      1. The History of Viruses
      2. Types of Viruses
      3. Prevention Techniques
    3. Worms
      1. How Worms Work
      2. Stopping Worms
    4. Trojans
      1. Use of Trojans
      2. Targets of Trojans
      3. Known Symptoms of an Infection
      4. Detection of Trojans
      5. Distribution Methods
    5. Backdoors
    6. Covert Communication
    7. Keystroke Loggers
      1. Software
      2. Hardware
    8. Port Redirection
    9. Spyware
      1. Methods of Infection
      2. Bundling with Software
    10. Adware
    11. Scareware
    12. Ransomware
    13. CHAPTER SUMMARY
    14. KEY CONCEPTS AND TERMS
    15. CHAPTER 8 ASSESSMENT
  16. CHAPTER 9 Web and Database Attacks
    1. Attacking Web Servers
    2. Categories of Risk
    3. Vulnerabilities of Web Servers
      1. Improper or Poor Web Design
      2. Buffer Overflow
      3. Denial of Service Attack
      4. Distributed Denial of Service Attack
      5. Banner Information
      6. Permissions
      7. Error Messages
      8. Unnecessary Features
      9. User Accounts
    4. Structured Query Language (SQL) Injection
      1. Examining a SQL Injection Attack
    5. Vandalizing Web Servers
      1. Input Validation
      2. Cross-Site Scripting Attack
    6. Anatomy of Web Applications
      1. Insecure Logon Systems
      2. Scripting Errors
      3. Session Management Issues
      4. Encryption Weaknesses
    7. Database Vulnerabilities
      1. Types of Databases
      2. Vulnerabilities
      3. Locating Databases on the Network
      4. Database Server Password Cracking
      5. Locating Vulnerabilities in Databases
    8. Cloud Computing
    9. CHAPTER SUMMARY
    10. KEY CONCEPTS AND TERMS
    11. CHAPTER 9 ASSESSMENT
  17. CHAPTER 10 Sniffers, Session Hijacking, and Denial of Service Attacks
    1. Sniffers
      1. Passive Sniffing
      2. Active Sniffing
      3. Sniffing Tools
      4. What Can Be Sniffed?
    2. Session Hijacking
      1. Identifying an Active Session
      2. Seizing Control of a Session
      3. Session Hijacking Tools
      4. Thwarting Session Hijacking Attacks
    3. Denial of Service Attacks
      1. Types of DoS Attacks
      2. Tools for DoS Attacks
    4. Distributed Denial of Service Attacks
      1. Characteristics of DDoS Attacks
      2. Tools for DDoS Attacks
    5. Botnets and the Internet of Things
    6. CHAPTER SUMMARY
    7. KEY CONCEPTS AND TERMS
    8. CHAPTER 10 ASSESSMENT
  18. CHAPTER 11 Wireless Vulnerabilities
    1. The Importance of Wireless Security
      1. Emanations
      2. Common Support and Availability
    2. A Brief History of Wireless Technologies
      1. 802.11
      2. 802.11b
      3. 802.11a
      4. 802.11g
      5. 802.11n
      6. 802.11ac
      7. 802.11ax
      8. Other 802.11 Variants
      9. Other Wireless Technologies
    3. Working with and Securing Bluetooth
      1. Bluetooth Security
      2. Securing Bluetooth
    4. Working with Wireless LANs
      1. CSMA/CD Versus CSMA/CA
      2. Role of Access Points
      3. Service Set Identifier
      4. Association with an AP
      5. The Importance of Authentication
      6. Working with RADIUS
      7. Network Setup Options
      8. Threats to Wireless LANs
      9. Countermeasures to Wireless LAN Threats
    5. The Internet of Things
    6. Wireless Hacking Tools
      1. Homedale
      2. The inSSIDer Program
    7. Protecting Wireless Networks
      1. Default AP Security
      2. Placement
      3. Dealing with Emanations
      4. Dealing with Rogue APs
      5. Use Protection for Transmitted Data
      6. MAC Filtering
    8. CHAPTER SUMMARY
    9. KEY CONCEPTS AND TERMS
    10. CHAPTER 11 ASSESSMENT
  19. CHAPTER 12 Social Engineering
    1. What Is Social Engineering?
    2. Types of Social Engineering Attacks
      1. Phone-Based Attacks
      2. Dumpster Diving
      3. Shoulder Surfing
      4. Attacks Through Social Media
      5. Persuasion/Coercion
      6. Reverse Social Engineering
    3. Technology and Social Engineering
      1. The Browser as a Defense Against Social Engineering
      2. Other Good Practices for Safe Computing
    4. Best Practices for Passwords
      1. Know What the Web Knows About You
      2. Creating and Managing Your Passwords
      3. Invest in a Password Manager
    5. Social Engineering and Social Networking
      1. Think Before You Post
      2. Risks Associated with Social Networking
    6. Social Networking in a Corporate Setting
      1. Particular Concerns in a Corporate Setting
      2. Mixing the Personal with the Professional
      3. Facebook Security
    7. CHAPTER SUMMARY
    8. KEY CONCEPTS AND TERMS
    9. CHAPTER 12 ASSESSMENT
  20. CHAPTER 13 Defensive Techniques
    1. What Is a Security Incident?
    2. The Incident Response Process
      1. Incident Response Policies, Procedures, and Guidelines
      2. Phases of an Incident and Response
      3. Incident Response Team
      4. Incident Response Plans
      5. Business Continuity Plans
    3. Recovering Systems
      1. Recovering from a Security Incident
      2. Loss Control and Damage Assessment
      3. Business Impact Analysis
    4. Planning for Disaster and Recovery
    5. Testing and Evaluation
      1. Preparation and Staging of Testing Procedures
      2. Frequency of Tests
      3. Analysis of Test Results
    6. Evidence Handling and Administration
      1. Evidence Collection Techniques
      2. Types of Evidence
      3. Chain of Custody
      4. Computer or Device Removal
      5. Rules of Evidence
    7. Security Reporting Options and Guidelines
    8. Requirements of Regulated Industries
    9. CHAPTER SUMMARY
    10. KEY CONCEPTS AND TERMS
    11. CHAPTER 13 ASSESSMENT
  21. CHAPTER 14 Defensive Tools
    1. Defense in Depth
    2. Intrusion Detection Systems
      1. IDS Components
      2. Setting Goals for an IDS
      3. Accountability
      4. Limitations of an IDS
    3. Intrusion Prevention Systems
    4. Firewalls
      1. How Firewalls Work
      2. Firewall Methodologies
      3. Limitations of a Firewall
      4. Implementing a Firewall
      5. Authoring a Firewall Policy
    5. Honeypots and Honeynets
      1. Goals of Honeypots
      2. Legal Issues
    6. The Role of Controls
      1. Administrative Controls
      2. Technical Controls
      3. Physical Controls
    7. Security Best Practices
      1. Security Information and Event Management
      2. Sources for Guidance
    8. CHAPTER SUMMARY
    9. KEY CONCEPTS AND TERMS
    10. CHAPTER 14 ASSESSMENT
  22. CHAPTER 15 Physical Security
    1. Basic Equipment Controls
      1. Hard Drive and Mobile Device Encryption
      2. Fax Machines and Printers
      3. Voice over Internet Protocol
    2. Physical Area Controls
      1. Fences
      2. Perimeter Intrusion Detection and Assessment Systems
      3. Gates
      4. Bollards
    3. Facility Controls
      1. Doors, Mantraps, and Turnstiles
      2. Walls, Ceilings, and Floors
      3. Windows
      4. Guards and Dogs
      5. Construction
    4. Personal Safety Controls
      1. Lighting
      2. Alarms and Intrusion Detection
      3. Closed-Circuit TV and Remote Monitoring
    5. Physical Access Controls
      1. Locks
      2. Tokens and Biometrics
    6. Avoiding Common Threats to Physical Security
      1. Natural, Human, and Technical Threats
      2. Physical Keystroke Loggers and Sniffers
      3. Wireless Interception and Rogue Access Points
    7. Defense in Depth
    8. CHAPTER SUMMARY
    9. KEY CONCEPTS AND TERMS
    10. CHAPTER 15 ASSESSMENT
  23. APPENDIX A Answer Key
  24. APPENDIX B Standard Acronyms
  25. Glossary of Key Terms
  26. References
  27. Index

Product information

  • Title: Ethical Hacking: Techniques, Tools, and Countermeasures, 4th Edition
  • Author(s): Michael G. Solomon, Sean-Philip Oriyano
  • Release date: November 2022
  • Publisher(s): Jones & Bartlett Learning
  • ISBN: 9781284249002