Hacking Exposed 7, 7th Edition

Hacking Exposed 7, 7th Edition

by Stuart McClure, Joel Scambray, George Kurtz
Released July 2012
Publisher(s): McGraw-Hill
ISBN: 9780071780292

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

The latest tactics for thwarting digital attacks

“Our new reality is zero-day, APT, and state-sponsored attacks. Today, more than ever, security professionals need to get into the hacker’s mind, methods, and toolbox to successfully deter such relentless assaults. This edition brings readers abreast with the latest attack vectors and arms them for these continually evolving threats.” --Brett Wahlin, CSO, Sony Network Entertainment

“Stop taking punches--let’s change the game; it’s time for a paradigm shift in the way we secure our networks, and Hacking Exposed 7 is the playbook for bringing pain to our adversaries.” --Shawn Henry, former Executive Assistant Director, FBI

Bolster your system’s security and defeat the tools and tactics of cyber-criminals with expert advice and defense strategies from the world-renowned Hacking Exposed team. Case studies expose the hacker’s latest devious methods and illustrate field-tested remedies. Find out how to block infrastructure hacks, minimize advanced persistent threats, neutralize malicious code, secure web and database applications, and fortify UNIX networks. Hacking Exposed 7: Network Security Secrets & Solutions contains all-new visual maps and a comprehensive “countermeasures cookbook.”

  • Obstruct APTs and web-based meta-exploits
  • Defend against UNIX-based root access and buffer overflow hacks
  • Block SQL injection, spear phishing, and embedded-code attacks
  • Detect and terminate rootkits, Trojans, bots, worms, and malware
  • Lock down remote access using smartcards and hardware tokens
  • Protect 802.11 WLANs with multilayered encryption and gateways
  • Plug holes in VoIP, social networking, cloud, and Web 2.0 services
  • Learn about the latest iPhone and Android attacks and how to protect yourself

Table of contents

  1. Cover Page
  2. Hacking Exposed ™ 7: Network Security Secrets & Solutions
  3. Copyright Page
  4. Dedication
  5. Contents
  6. Foreword
  7. Acknowledgments
  8. Introduction
  9. Part I Casing the Establishment
    1. Case Study
      1. IAAAS—It’s All About Anonymity, Stupid
      2. Tor-menting the Good Guys
    2. 1 Footprinting
      1. What Is Footprinting
        1. Why Is Footprinting Necessary
      2. Internet Footprinting
        1. Step 1: Determine the Scope of Your Activities
        2. Step 2: Get Proper Authorization
        3. Step 3: Publicly Available Information
        4. Step 4: WHOIS & DNS Enumeration
        5. Step 5: DNS Interrogation
        6. Step 6: Network Reconnaissance
      3. Summary
    3. 2 Scanning
      1. Determining If the System Is Alive
        1. ARP Host Discovery
        2. ICMP Host Discovery
        3. TCP/UDP Host Discovery
      2. Determining Which Services Are Running or Listening
        1. Scan Types
        2. Identifying TCP and UDP Services Running
      3. Detecting the Operating System
        1. Making Guesses from Available Ports
        2. Active Stack Fingerprinting
        3. Passive Stack Fingerprinting
      4. Processing and Storing Scan Data
        1. Managing Scan Data with Metasploit
      5. Summary
    4. 3 Enumeration
      1. Service Fingerprinting
      2. Vulnerability Scanners
      3. Basic Banner Grabbing
      4. Enumerating Common Network Services
      5. Summary
  10. Part II Endpoint and Server Hacking
    1. Case Study: International Intrigue
    2. 4 Hacking Windows
      1. Overview
        1. What’s Not Covered
      2. Unauthenticated Attacks
        1. Authentication Spoofing Attacks
        2. Remote Unauthenticated Exploits
      3. Authenticated Attacks
        1. Privilege Escalation
        2. Extracting and Cracking Passwords
        3. Remote Control and Back Doors
        4. Port Redirection
        5. Covering Tracks
        6. General Countermeasures to Authenticated Compromise
      4. Windows Security Features
        1. Windows Firewall
        2. Automated Updates
        3. Security Center
        4. Security Policy and Group Policy
        5. Microsoft Security Essentials
        6. The Enhanced Mitigation Experience Toolkit
        7. Bitlocker and the Encrypting File System
        8. Windows Resource Protection
        9. Integrity Levels, UAC, and PMIE
        10. Data Execution Prevention (DEP)
        11. Windows Service Hardening
        12. Compiler-based Enhancements
        13. Coda: The Burden of Windows Security
      5. Summary
    3. 5 Hacking UNIX
      1. The Quest for Root
        1. A Brief Review
        2. Vulnerability Mapping
        3. Remote Access vs. Local Access
      2. Remote Access
        1. Data-driven Attacks
        2. I Want My Shell
        3. Common Types of Remote Attacks
      3. Local Access
      4. After Hacking Root
        1. Rootkit Recovery
      5. Summary
    4. 6 Cybercrime and Advanced Persistent Threats
      1. What Is an APT
        1. Operation Aurora
        2. Anonymous
        3. RBN
      2. What APTs Are NOT
      3. Examples of Popular APT Tools and Techniques
      4. Common APTs Indicators
      5. Summary
  11. Part III Infrastructure Hacking
    1. Case Study: Read It and WEP
    2. 7 Remote Connectivity and VoIP Hacking
      1. Preparing to Dial Up
      2. Wardialing
        1. Hardware
        2. Legal Issues
        3. Peripheral Costs
        4. Software
      3. Brute-Force Scripting—The Homegrown Way
        1. A Final Note About Brute-Force Scripting
      4. PBX Hacking
      5. Voicemail Hacking
      6. Virtual Private Network (VPN) Hacking
        1. Basics of IPSec VPNs
        2. Hacking the Citrix VPN Solution
      7. Voice over IP Attacks
        1. Attacking VoIP
      8. Summary
    3. 8 Wireless Hacking
      1. Background
        1. Frequencies and Channels
        2. Session Establishment
        3. Security Mechanisms
      2. Equipment
        1. Wireless Adapters
        2. Operating Systems
        3. Miscellaneous Goodies
      3. Discovery and Monitoring
        1. Finding Wireless Networks
        2. Sniffing Wireless Traffic
      4. Denial of Service Attacks
      5. Encryption Attacks
        1. WEP
      6. Authentication Attacks
        1. WPA Pre-Shared Key
        2. WPA Enterprise
      7. Summary
    4. 9 Hacking Hardware
      1. Physical Access: Getting in the Door
      2. Hacking Devices
      3. Default Configurations
        1. Owned Out of the Box
        2. Standard Passwords
        3. Bluetooth
      4. Reverse Engineering Hardware
        1. Mapping the Device
        2. Sniffing Bus Data
        3. Sniffing the Wireless Interface
        4. Firmware Reversing
        5. ICE Tools
      5. Summary
  12. Part IV Application and Data Hacking
    1. Case Study
    2. 10 Web and Database Hacking
      1. Web Server Hacking
        1. Sample Files
        2. Source Code Disclosure
        3. Canonicalization Attacks
        4. Server Extensions
        5. Buffer Overflows
        6. Denial of Service
        7. Web Server Vulnerability Scanners
      2. Web Application Hacking
        1. Finding Vulnerable Web Apps with Google (Googledorks)
        2. Web Crawling
        3. Web Application Assessment
      3. Common Web Application Vulnerabilities
      4. Database Hacking
        1. Database Discovery
        2. Database Vulnerabilities
        3. Other Considerations
      5. Summary
    3. 11 Mobile Hacking
      1. Hacking Android
        1. Android Fundamentals
        2. Hacking Your Android
        3. Hacking Other Androids
        4. Android as a Portable Hacking Platform
        5. Defending Your Android
      2. iOS
        1. Know Your iPhone
        2. How Secure Is iOS
        3. Jailbreaking: Unleash the Fury!
        4. Hacking Other iPhones: Fury Unleashed!
      3. Summary
    4. 12 Countermeasures Cookbook
      1. General Strategies
        1. (Re)move the Asset
        2. Separation of Duties
        3. Authenticate, Authorize, and Audit
        4. Layering
        5. Adaptive Enhancement
        6. Orderly Failure
        7. Policy and Training
        8. Simple, Cheap, and Easy
      2. Example Scenarios
        1. Desktop Scenarios
        2. Server Scenarios
        3. Network Scenarios
        4. Web Application and Database Scenarios
        5. Mobile Scenarios
      3. Summary
  13. Part V Appendixes
    1. A Ports
    2. B Top 10 Security Vulnerabilities
    3. C Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks Countermeasures
    4. Countermeasures
  14. Index

Product information

  • Title: Hacking Exposed 7, 7th Edition
  • Author(s): Stuart McClure, Joel Scambray, George Kurtz
  • Release date: July 2012
  • Publisher(s): McGraw-Hill
  • ISBN: 9780071780292