Home Page Icon
Home Page
Table of Contents for
Cover
Close
Cover
by Syngress
Hack Proofing Your Network, 2nd Edition
Cover
Title page
Table of Contents
[email protected]
Copyright
Acknowledgments
Contributors
From the First Edition
Technical Editor and Contributor
Foreword v 1.5
About the Web Site
Foreword v 1.0
Chapter 1: How To Hack
Introduction
What We Mean by “Hack”
Knowing What To Expect in the Rest of This Book
Understanding the Current Legal Climate
Summary
Frequently Asked Questions
Chapter 2: The Laws of Security
Introduction
Knowing the Laws of Security
Client-Side Security Doesn’t Work
You Cannot Securely Exchange Encryption Keys without a Shared Piece of Information
Malicious Code Cannot Be 100 Percent Protected against
Any Malicious Code Can Be Completely Morphed to Bypass Signature Detection
Firewalls Cannot Protect You 100 Percent from Attack
Any IDS Can Be Evaded
Secret Cryptographic Algorithms Are Not Secure
If a Key Is Not Required, You Do Not Have Encryption—You Have Encoding
Passwords Cannot Be Securely Stored on the Client Unless There Is Another Password to Protect Them
In Order for a System to Begin to Be Considered Secure, It Must Undergo an Independent Security Audit
Security through Obscurity Does Not Work
Summary
Frequently Asked Questions
Chapter 3: Classes of Attack
Introduction
Identifying and Understanding the Classes of Attack
Identifying Methods of Testing for Vulnerabilities
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 4: Methodology
Introduction
Understanding Vulnerability Research Methodologies
The Importance of Source Code Reviews
Reverse Engineering Techniques
Black Box Testing
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 5: Diffing
Introduction
What Is Diffing?
Exploring Diff Tools
Troubleshooting
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 6: Cryptography
Introduction
Understanding Cryptography Concepts
Learning about Standard Cryptographic Algorithms
Understanding Brute Force
Knowing When Real Algorithms Are Being Used Improperly
Understanding Amateur Cryptography Attempts
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 7: Unexpected Input
Introduction
Understanding Why Unexpected Data Is Dangerous
Finding Situations Involving Unexpected Data
Using Techniques to Find and Eliminate Vulnerabilities
Utilizing the Available Safety Features in Your Programming Language
Using Tools to Handle Unexpected Data
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 8: Buffer Overflow
Introduction
Understanding the Stack
Understanding the Stack Frame
Learning about Buffer Overflows
Creating Your First Overflow
Learning Advanced Overflow Techniques
Advanced Payload Design
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 9: Format Strings
Introduction
Understanding Format String Vulnerabilities
Why and Where Do Format String Vulnerabilities Exist?
How Can They Be Fixed?
How Format String Exploits Work
What to Overwrite
Examining a Vulnerable Program
Testing with a Random Format String
Writing a Format String Exploit
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 10: Sniffing
Introduction
What Is Sniffing?
What to Sniff?
Popular Sniffing Software
Advanced Sniffing Techniques
Exploring Operating System APIs
Taking Protective Measures
Employing Detection Techniques
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 11: Session Hijacking
Introduction
Understanding Session Hijacking
Examining the Available Tools
Playing MITM for Encrypted Communications
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 12: Spoofing: Attacks on Trusted Identity
Introduction
What It Means to Spoof
Background Theory
The Evolution of Trust
Establishing Identity within Computer Networks
Capability Challenges
Desktop Spoofs
Impacts of Spoofs
Down and Dirty: Engineering Spoofing Systems
Summary
Solution Fast Track
Frequently Asked Questions
Chapter 13: Tunneling
Introduction
Strategic Constraints of Tunnel Design
Designing End-to-End Tunneling Systems
Open Sesame: Authentication
Command Forwarding: Direct Execution for Scripts and Pipes
Port Forwarding: Accessing Resources on Remote Networks
When in Rome: Traversing the Recalcitrant Network
Not In Denver, Not Dead: Now What?
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 14: Hardware Hacking
Introduction
Understanding Hardware Hacking
Opening the Device: Housing and Mechanical Attacks
Analyzing the Product Internals: Electrical Circuit Attacks
What Tools Do I Need?
Example: Hacking the iButton Authentication Token
Example: Hacking the NetStructure 7110 E-commerce Accelerator
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 15: Viruses, Trojan Horses, and Worms
Introduction
How Do Viruses, Trojans Horses, and Worms Differ?
Anatomy of a Virus
Dealing with Cross-platform Issues
Proof that We Need to Worry
Creating Your Own Malware
How to Secure Against Malicious Software
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 16: IDS Evasion
Introduction
Understanding How Signature-Based IDSs Work
Using Packet Level Evasion
Using Application Protocol Level Evasion
Using Code Morphing Evasion
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 17: Automated Security Review and Attack Tools
Introduction
Learning about Automated Tools
Using Automated Tools for Penetration Testing
Knowing When Tools Are Not Enough
Summary
Solutions Fast Track
Frequently Asked Questions
Chapter 18: Reporting Security Problems
Introduction
Understanding Why Security Problems Need to Be Reported
Determining When and to Whom to Report the Problem
Deciding How Much Detail to Publish
Summary
Solutions Fast Track
Frequently Asked Questions
Index
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Title page
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset