- ホーム
- > 洋書
- > 英文書
- > Internet / General
Full Description
A new edition the most popular Hack Proofing book around!IT professionals who want to run secure networks, or build secure software, need to know about the methods of hackers. The second edition of the best seller Hack Proofing Your Network, teaches about those topics, including: * The Politics, Laws of Security, Classes of Attack, Methodology, Diffing, Decrypting, Brute Force, Unexpected Input, Buffer Overrun, Sniffing, Session Hijacking, Spoofing, Server Holes, Client Holes, Trojans and Viruses, Reporting Security Problems, Choosing Secure Systems The central idea of this book is that it's better for you to find the holes in your network than it is for someone else to find them, someone that would use them against you. The complete, authoritative guide to protecting your Windows 2000 Network.
Contents
Foreword v 1.5Foreword v 1.0Chapter 1 How To HackIntroductionWhat We Mean by "Hack"Why Hack?Knowing What To Expect in the Rest of This BookUnderstanding the Current Legal ClimateSummaryFrequently Asked QuestionsChapter 2 The Laws of SecurityIntroductionKnowing the Laws of SecurityClient-Side Security Doesn't WorkYou Cannot Securely Exchange Encryption Keys without a Shared Piece of InformationMalicious Code Cannot Be 100 Percent Protected againstAny Malicious Code Can Be Completely Morphed to Bypass Signature DetectionFirewalls Cannot Protect You 100 Percent from AttackSocial EngineeringAttacking Exposed ServersAttacking the Firewall DirectlyClient-Side HolesAny IDS Can Be EvadedSecret Cryptographic Algorithms Are Not SecureIf a Key Is Not Required,You Do Not Have Encryption-You Have EncodingPasswords Cannot Be Securely Stored on the Client Unless There Is Another Password to Protect ThemIn Order for a System to Begin to Be Considered Secure, It Must Undergo an Independent Security AuditSecurity through Obscurity Does Not WorkSummary Solutions Fast TrackFrequently Asked QuestionsChapter 3 Classes of AttackIntroductionIdentifying and Understanding the Classes of Attack Denial of ServiceInformation LeakageRegular File AccessMisinformationSpecial File/Database AccessRemote Arbitrary Code ExecutionElevation of PrivilegesIdentifying Methods of Testing for VulnerabilitiesProof of ConceptStandard Research TechniquesSummarySolutions Fast TrackFrequently Asked QuestionsChapter 4 MethodologyIntroductionUnderstanding Vulnerability Research MethodologiesSource Code ResearchBinary ResearchThe Importance of Source Code ReviewsSearching Error-Prone FunctionsReverse Engineering TechniquesDisassemblers, Decompilers, and DebuggersBlack Box TestingChipsSummarySolutions Fast TrackFrequently Asked QuestionsChapter 5 DiffingIntroductionWhat Is Diffing?Why Diff?Looking to the Source CodeExploring Diff ToolsUsing File-Comparison ToolsWorking with Hex EditorsUtilizing File System Monitoring ToolsFinding Other ToolsTroubleshootingProblems with Checksums and HashesProblems with Compression and EncryptionSummarySolutions Fast TrackFrequently Asked QuestionsChapter 6 CryptographyIntroductionUnderstanding Cryptography ConceptsHistoryEncryption Key TypesLearning about Standard Cryptographic AlgorithmsUnderstanding Symmetric AlgorithmsUnderstanding Asymmetric AlgorithmsUnderstanding Brute ForceBrute Force BasicsUsing Brute Force to Obtain PasswordsKnowing When Real Algorithms Are Being Used ImproperlyBad Key ExchangesHashing Pieces SeparatelyUsing a Short Password to Generate a Long KeyImproperly Stored Private or Secret KeysUnderstanding Amateur Cryptography AttemptsClassifying the CiphertextMonoalphabetic CiphersOther Ways to Hide InformationSummarySolutions Fast TrackFrequently Asked QuestionsChapter 7 Unexpected InputIntroductionUnderstanding Why Unexpected Data Is DangerousFinding Situations Involving Unexpected DataLocal Applications and UtilitiesHTTP/HTMLUnexpected Data in SQL QueriesApplication AuthenticationDisguising the ObviousUsing Techniques to Find and Eliminate VulnerabilitiesBlack-Box TestingUse the SourceUntaint Data by Filtering ItEscaping Characters Is Not Always EnoughPerlCold Fusion/Cold Fusion Markup Language (CFML)ASPPHPProtecting Your SQL QueriesSilently Removing versus Alerting on Bad DataInvalid Input FunctionToken SubstitutionUtilizing the Available Safety Features in Your Programming LanguagePerlPHPColdFusion/ColdFusion Markup LanguageASPMySQLUsing Tools to Handle Unexpected DataWeb SleuthCGIAuditRATSFlawfinderRetinaHailstormPuddingSummarySolutions Fast TrackFrequently Asked QuestionsChapter 8 Buffer OverflowIntroductionUnderstanding the StackThe Stack DumpOddities and the StackUnderstanding the Stack FrameIntroduction to the Stack FramePassing Arguments to a Function: A Sample ProgramStack Frames and Calling SyntaxesLearning about Buffer OverflowsA Simple Uncontrolled Overflow: A Sample ProgramCreating Your First OverflowCreating a Program with an Exploitable OverflowPerforming the ExploitLearning Advanced Overflow Techniques Stack Based Function Pointer OverwriteHeap OverflowsAdvanced Payload DesignUsing What You Already HaveSummarySolutions Fast TrackFrequently Asked QuestionsChapter 9 Format StringsIntroductionUnderstanding Format String VulnerabilitiesWhy and Where Do Format String Vulnerabilities Exist?How Can They Be Fixed?How Format String Vulnerabilities Are ExploitedHow Format String Exploits WorkWhat to OverwriteExamining a Vulnerable ProgramTesting with a Random Format StringWriting a Format String ExploitSummarySolutions Fast TrackFrequently Asked QuestionsChapter 10 SniffingIntroductionWhat Is Sniffing?How Does It Work?What to Sniff?Obtaining Authentication InformationCapturing Other Network TrafficPopular Sniffing SoftwareEtherealNetwork Associates Sniffer ProNT Network MonitorWildPacketsTCPDumpdsniffEttercapEsniff.cSniffitCarnivoreAdditional ResourcesAdvanced Sniffing TechniquesMan-in-the-Middle (MITM) AttacksCrackingSwitch TricksRouting GamesExploring Operating System APIsLinuxBSDlibpcapWindowsTaking Protective MeasuresProviding EncryptionSecure Sockets Layers (SSL)PGP and S/MIMESwitchingEmploying Detection TechniquesLocal DetectionNetwork DetectionSummarySolutions Fast TrackFrequently Asked QuestionsChapter 11 Session HijackingIntroductionUnderstanding Session HijackingTCP Session HijackingTCP Session Hijacking with Packet BlockingUDP HijackingExamining the Available ToolsJuggernautHuntEttercapSMBRelayStorm WatchersPlaying MITM for Encrypted CommunicationsMan-in-the-Middle AttacksDsniffOther HijackingSummarySolutions Fast TrackFrequently Asked QuestionsChapter 12 Spoofing: Attacks on Trusted IdentityIntroductionWhat It Means to SpoofSpoofing Is Identity ForgerySpoofing Is an Active Attack against Identity Checking ProceduresSpoofing Is Possible at All Layers of CommunicationSpoofing Is Always IntentionalSpoofing Is Not the Same Thing as BetrayalSpoofing Is Not Necessarily MaliciousSpoofing Is Nothing NewBackground TheoryThe Importance of IdentityThe Evolution of TrustAsymmetric Signatures between Human BeingsEstablishing Identity within Computer NetworksReturn to SenderIn the Beginning,There Was... a TransmissionCapability ChallengesConfiguration Methodologies: Building a Trusted Capability IndexDesktop SpoofsThe Plague of Auto-Updating ApplicationsImpacts of SpoofsSubtle Spoofs and Economic SabotageDown and Dirty: Engineering Spoofing SystemsSpitting into the Wind: Building a Skeleton Router in UserspaceBring Out the Halon: Spoofing Connectivity Through Asymmetric FirewallsSummarySolution Fast TrackFrequently Asked QuestionsChapter 13 TunnelingIntroductionStrategic Constraints of Tunnel DesignPrivacy: "Where Is My Traffic Going?"Routability: "Where Can This Go Through?"Deployability: "How Painful Is This to Get Up and Running?"Flexibility: "What Can We Use This for,Anyway?"Quality: "How Painful Will This System Be to Maintain?"Designing End-to-End Tunneling SystemsDrilling Tunnels Using SSHOpen Sesame: AuthenticationBasic Access: Authentication by PasswordTransparent Access: Authentication by Private KeyCommand Forwarding: Direct Execution for Scripts and PipesPort Forwarding: Accessing Resources on Remote NetworksLocal Port ForwardsDynamic Port ForwardsRemote Port ForwardsWhen in Rome:Traversing the Recalcitrant NetworkCrossing the Bridge: Accessing Proxies through ProxyCommandsNo Habla HTTP? Permuting thy TrafficShow Your Badge: Restricted Bastion AuthenticationBringing the Mountain: Exporting SSHD AccessEchoes in a Foreign Tongue: Cross-Connecting Mutually Firewalled HostsNot In Denver, Not Dead: Now What?Standard File Transfer over SSHIncremental File Transfer over SSHCD Burning over SSHAcoustic Tubing: Audio Distribution over TCP and SSHSummarySolutions Fast TrackFrequently Asked QuestionsChapter 14 Hardware HackingIntroductionUnderstanding Hardware HackingOpening the Device: Housing and Mechanical AttacksTypes of Tamper MechanismsExternal InterfacesProtocol AnalysisElectromagnetic Interference and Electrostatic DischargeAnalyzing the Product Internals: Electrical Circuit AttacksReverse-engineering the DeviceBasic Techniques: Common AttacksAdvanced Techniques: Epoxy Removal and IC DeliddingCryptanalysis and Obfuscation MethodsWhat Tools Do I Need?Starter KitAdvanced KitExample: Hacking the iButton Authentication TokenExperimenting with the DeviceReverse-engineering the "Random" ResponseExample: Hacking the NetStructure 7110 E-commerce AcceleratorOpening the DeviceRetrieving the FilesystemReverse-engineering the Password GeneratorSummarySolutions Fast TrackFrequently Asked QuestionsChapter 15 Viruses, Trojan Horses, and WormsIntroductionHow Do Viruses,Trojans Horses, and Worms Differ?VirusesWormsMacro VirusTrojan HorsesHoaxesAnatomy of a VirusPropagationPayloadOther Tricks of the TradeDealing with Cross-platform IssuesJavaMacro VirusesRecompilationShockwave FlashProof that We Need to WorryThe Morris WormADMw0rmMelissa and I Love YouSadmind WormCode Red WormsNimda WormCreating Your Own MalwareNew Delivery MethodsFaster Propagation MethodsOther Thoughts on Creating New MalwareHow to Secure Against Malicious SoftwareAnti-Virus SoftwareUpdates and PatchesWeb Browser SecurityAnti-Virus ResearchSummarySolutions Fast TrackFrequently Asked QuestionsChapter 16 IDS EvasionIntroductionUnderstanding How Signature-Based IDSs WorkJudging False Positives and NegativesAlert FloodingUsing Packet Level EvasionIP OptionsIP FragmentationTCP HeaderTCP SynchronizationUsing Fragrouter and CongestantCountermeasuresUsing Application Protocol Level EvasionSecurity as an AfterthoughtEvading a MatchWeb Attack TechniquesCountermeasuresUsing Code Morphing EvasionSummarySolutions Fast TrackFrequently Asked QuestionsChapter 17 Automated Security Review and Attack ToolsIntroductionLearning about Automated ToolsExploring the Commercial ToolsExploring the Free ToolsUsing Automated Tools for Penetration TestingTesting with the Commercial ToolsTesting the Free ToolsKnowing When Tools Are Not EnoughThe New Face of Vulnerability TestingSummarySolutions Fast TrackFrequently Asked QuestionsChapter 18 Reporting Security ProblemsIntroductionUnderstanding Why Security Problems Need to Be ReportedFull DisclosureDetermining When and to Whom to Report the ProblemWhom to Report Security Problems to?Deciding How Much Detail to PublishPublishing Exploit CodeProblemsSummarySolutions Fast TrackFrequently Asked QuestionsIndex
