Hacking Exposed ^{2nd Ed.}

In today's round-the-clock, hyper-connected, all-digital economy, computer security is everyone's business. Hacking Exposed, Network Security Secrets & Solutions, Second Edition, brings even more in-depth insight into how hackers infiltrate e-business and how they can be stopped. Security insiders Joel Scambray, Stuart McClure, and George Kurtz present more than 220 all-new pages of technical detail and case studies in an easy-to-follow style. The world of Internet security moves even faster than the digital economy, and all of the brand-new tools and techniques that have surfaced since the publication of the best-selling first edition are covered here. Use the real-world countermeasures in this one-of-a-kind volume to plug the holes in your network today — before they end up in the headlines tomorrow.

• Part I: Casing the Establishment
• Case Study: Target Acquisition
1. Footprinting
• What Is Footprinting?
• Why Is Footprinting Necessary?
• Internet Footprinting
• Step 1. Determine the Scope of Your Activities
• Step 2. Network Enumeration
• Step 3. DNS Interrogation
• Step 4. Network Reconnaissance
• Summary
2. Scanning
• Scan Types
• Identifying TCP and UDP Services Running
• Windows-Based Port Scanners
• Port Scanning Breakdown
• Active Stack Fingerprinting
• Passive Stack Fingerprinting
• The Whole Enchilada: Automated Discovery Tools
• Summary
3. Enumeration
• Windows NT/2000 Enumeration
• NT/2000 Network Resource Enumeration
• NT/2000 User and Group Enumeration
• NT/2000 Applications and Banner Enumeration
• Let Your Scripts Do the Walking
• Novell Enumeration
• Browsing the Network Neighborhood
• UNIX Enumeration
• Summary
• Part II: System Hacking
• Case Study: Know Your Enemy
4. Hacking Windows 95/98 and ME
• Win 9x Remote Exploits
• Direct Connection to Win 9x Shared Resources
• Win 9x Backdoor Servers and Trojans
• Known Server Application Vulnerabilities
• Win 9x Denial of Service
• Win 9x Local Exploits
• Windows Millennium Edition (ME)
• Summary
5. Hacking Windows NT
• Overview
• Where We're Headed
• What About Windows 2000?
• The Quest for Administrator
• Remote Exploits: Denial of Service and Buffer Overflows
• Privilege Escalation
• Consolidation of Power
• Exploiting Trust
• Sniffers
• Remote Control and Back Doors
• Port Redirection
• General Countermeasures to Privileged Compromise
• Rootkit: The Ultimate Compromise
• Covering Tracks
• Disabling Auditing
• Clearing the Event Log
• Hiding Files
• Summary
6. Hacking Windows 2000
• Footprinting
• Scanning
• Enumeration
• Penetration
• NetBIOS-SMB Password Guessing
• Eavesdropping on Password Hashes
• Attacks Against IIS 5
• Remote Buffer Overflows
• Denial of Service
• Privilege Escalation
• Pilfering
• Grabbing the Win 2000 Password Hashes
• The Encrypting File System (EFS)
• Exploiting Trust
• Covering Tracks
• Disabling Auditing
• Clearing the Event Log
• Hiding Files
• Back Doors
• Startup Manipulation
• Remote Control
• Keystroke Loggers
• General Countermeasures: New Windows Security Tools
• Group Policy
• runas
• Summary
7. Novell NetWare Hacking
• Attaching but Not Touching
• Enumerate Bindery and Trees
• Opening the Unlocked Doors
• Authenticated Enumeration
• Gaining Admin
• Application Vulnerabilities
• Spoofing Attacks (Pandora)
• Once You Have Admin on a Server
• Owning the NDS Files
• Log Doctoring
• Console Logs
• Further Resources
• Web Sites (ftp://ftp.novell.com/pub/updates/nw/nw411/)
• Usenet Groups
• Summary
8. Hacking UNIX
• The Quest for Root
• A Brief Review
• Vulnerability Mapping
• Remote Access Versus Local Access
• Remote Access
• Data Driven Attacks
• I Want My Shell
• Common Types of Remote Attacks
• Local Access
• After Hacking Root
• Trojans
• Rootkit Recovery
• Summary
• Part III: Network Hacking
• Case Study: Sweat the Small Stuff!
9. Dial-Up, PBX, Voicemail, and VPN Hacking
• Wardialing
• Hardware
• Legal Issues
• Peripheral Costs
• Software
• A Final Note
• PBX Hacking
• Virtual Private Network (VPN) Hacking
• Summary
10. Network Devices
• Discovery
• Detection
• SNMP
• Back Doors
• Default Accounts
• Lower the Gates (Vulnerabilities)
• Shared Versus Switched
• Detecting the Media You're On
• Passwords on a Silver Platter: Dsniff
• Sniffing on a Network Switch
• snmpsniff
• Summary
11. Firewalls
• Firewall Landscape
• Firewall Identification
• Advanced Firewall Discovery
• Scanning Through Firewalls
• Packet Filtering
• Application Proxy Vulnerabilities
• WinGate Vulnerabilities
• Summary
12. Denial of Service (DoS) Attacks
• Motivation of DoS Attackers
• Types of DoS Attacks
• Bandwidth Consumption
• Resource Starvation
• Programming Flaws
• Routing and DNS Attacks
• Generic DoS Attacks
• Sites Under Attack
• UNIX and Windows NT DoS
• Remote DoS Attacks
• Distributed Denial of Service Attacks
• Local DoS Attacks
• Summary
• Part IV: Software Hacking
• Case Study: Using All the Dirty Tricks to Get In
13. Remote Control Insecurities
• Discovering Remote Control Software
• Connecting
• Weaknesses
• Revealed Passwords
• Uploading Profiles
• What Software Package Is the Best in Terms of Security?
• pcAnywhere
• ReachOut
• Remotely Anywhere
• Remotely Possible/ControlIT
• Timbuktu
• Virtual Network Computing (VNC)
• Citrix
• Summary
14. Advanced Techniques
• Session Hijacking
• Back Doors
• Trojans
• Subverting the System Environment: Rootkits and Imaging Tools
• Social Engineering
• Summary
15. Web Hacking
• Web Pilfering
• Finding Well-Known Vulnerabilities
• Automated Scripts, for All Those "Script Kiddies"
• Automated Applications
• Script Inadequacies: Input Validation Attacks
• Active Server Pages (ASP) Vulnerabilities
• Buffer Overflows
• Poor Web Design
• Summary
16. Hacking the Internet User
• Malicious Mobile Code
• Microsoft ActiveX
• Java Security Holes
• Beware the Cookie Monster
• Internet Explorer HTML Frame Vulnerabilities
• SSL Fraud
• Email Hacking
• Mail Hacking 101
• Executing Arbitrary Code Through Email
• Outlook Address Book Worms
• File Attachment Attacks
• IRC Hacking
• Napster Hacking with Wrapster
• Global Countermeasures to Internet User Hacking
• Keep Antivirus Signatures Updated
• Guarding the Gateways
• Summary
• Part V: Appendixes
1. Ports
2. Top 14 Security Vulnerabilities
3. About the Companion Web Site
• Novell
• UNIX
• Windows NT
• Wordlists and Dictionaries
• Wardialing
• Enumeration Scripts

Everyone should have a copy in the bookshelf.