Chapter Opener Photo

© -strizh-/Shutterstock, Inc.

Contents

Preface

Acknowledgments

About the Authors

CHAPTER 1     Hacking: The Next Generation

Profiles and Motives of Different Types of Hackers

Controls

The Hacker Mindset

Motivation

A Look at the History of Computer Hacking

Ethical Hacking and Penetration Testing

The Role of Ethical Hacking

Ethical Hackers and the C-I-A Triad

Common Hacking Methodologies

Performing a Penetration Test

The Role of the Law and Ethical Standards

CHAPTER 2     TCP/IP Review

Exploring the OSI Reference Model

The Role of Protocols

Layer 1: Physical Layer

Layer 2: Data Link Layer

Layer 3: Network Layer

Layer 4: Transport Layer

Layer 5: Session Layer

Layer 6: Presentation Layer

Layer 7: Application Layer

Mapping the OSI Model to Functions and Protocols

TCP/IP: A Layer-by-Layer Review

Physical or Network Access Layer

Network or Internet Layer

Host-to-Host Layer

Application Layer

CHAPTER 3     Cryptographic Concepts

Cryptographic Basics

Authentication

Integrity

Nonrepudiation

Symmetric and Asymmetric Cryptography

Cryptographic History

What Is an Algorithm or Cipher?

Symmetric Encryption

Asymmetric Encryption

Digital Signatures

Purpose of Public Key Infrastructure

The Role of Certificate Authorities (CAs)

PKI Attacks

Hashing

Common Cryptographic Systems

Cryptanalysis

Future Forms of Cryptography

CHAPTER 4     Physical Security

Basic Equipment Controls

Hard Drive and Mobile Device Encryption

Fax Machines and Printers

Voice over IP (VoIP)

Physical Area Controls

Fences

Perimeter Intrusion Detection and Assessment System (PIDAS)

Gates

Bollards

Facility Controls

Doors, Mantraps, and Turnstiles

Walls, Ceilings, and Floors

Windows

Guards and Dogs

Construction

Personal Safety Controls

Lighting

Alarms and Intrusion Detection

Closed-Circuit TV (CCTV)/Remote Monitoring

Physical Access Controls

Locks

Lock Picking

Tokens and Biometrics

Avoiding Common Threats to Physical Security

Natural, Human, and Technical Threats

Physical Keystroke Loggers and Sniffers

Wireless Interception and Rogue Access Points

Defense in Depth

CHAPTER 5     Footprinting Tools and Techniques

The Information-Gathering Process

The Information on a Company Website

Discovering Financial Information

Google Hacking

Exploring Domain Information Leakage

Manual Registrar Query

Automatic Registrar Query

Whois

Nslookup

Internet Assigned Numbers Authority (IANA)

Determining a Network Range

Tracking an Organization’s Employees

Exploiting Insecure Applications

Using Social Networks

Using Basic Countermeasures

CHAPTER 6     Port Scanning

Determining the Network Range

Identifying Active Machines

Wardialing

Wardriving and Related Activities

Pinging

Port Scanning

Mapping Open Ports

Nmap

SuperScan

Scanrand

THC-Amap

OS Fingerprinting

Active OS Fingerprinting

Passive OS Fingerprinting

Mapping the Network

Analyzing the Results

CHAPTER 7     Enumeration and Computer System Hacking

Windows Basics

Controlling Access

Users

Groups

Security Identifiers

Commonly Attacked and Exploited Services

Enumeration

How to Perform Enumeration Tasks

NULL Session

Working with nbtstat

SuperScan

Angry IP Scanner

SNScan

System Hacking

Types of Password Cracking

Passive Online Attacks

Active Online Attacks

Offline Attacks

Nontechnical Attacks

Using Password Cracking

Privilege Escalation

Planting Backdoors

Using PsTools

Rootkits

Covering Tracks

Disabling Auditing

Data Hiding

CHAPTER 8     Wireless Vulnerabilities

The Importance of Wireless Security

Emanations

Common Support and Availability

A Brief History of Wireless Technologies

802.11

802.11b

802.11a

802.11g

802.11n

802.11ac

Other 802.11 Variants

Other Wireless Technologies

Working with and Securing Bluetooth

Bluetooth Security

Working with Wireless LANs

CSMA/CD Versus CSMA/CA

Role of APs

Service Set Identifier (SSID)

Association with an AP

The Importance of Authentication

Working with RADIUS

Network Setup Options

Threats to Wireless LANs

Wardriving

Misconfigured Security Settings

Unsecured Connections

Rogue APs

Promiscuous Clients

Wireless Network Viruses

Countermeasures

Internet of Things (IoT)

Wireless Hacking Tools

NetStumbler

The inSSIDer Program

Protecting Wireless Networks

Default AP Security

Placement

Dealing with Emanations

Dealing with Rogue APs

Use Protection for Transmitted Data

MAC Filtering

CHAPTER 9     Web and Database Attacks

Attacking Web Servers

Categories of Risk

Vulnerabilities of Web Servers

Improper or Poor Web Design

Buffer Overflow

Denial of Service (DoS) Attack

Distributed Denial of Service (DDoS) Attack

Banner Information

Permissions

Error Messages

Unnecessary Features

User Accounts

Structured Query Language (SQL) Injections

Examining a SQL Injection

Vandalizing Web Servers

Input Validation

Cross-Site Scripting (XSS) Attack

Anatomy of Web Applications

Insecure Logon Systems

Scripting Errors

Session Management Issues

Encryption Weaknesses

Database Vulnerabilities

Database Types

Vulnerabilities

Locating Databases on the Network

Database Server Password Cracking

Locating Vulnerabilities in Databases

Out of Sight, Out of Mind

Cloud Computing

CHAPTER 10   Malware

Malware

Malware’s Legality

Types of Malware

Malware’s Targets

Viruses and How They Function

Viruses: A History

Types of Viruses

Prevention Techniques

Worms and How They Function

How Worms Work

Stopping Worms

The Power of Education

Antivirus and Firewalls

Significance of Trojans

Methods to Get Trojans onto a System

Targets of Trojans

Known Symptoms of an Infection

Detection of Trojans and Viruses

Vulnerability Scanners

Antivirus/Anti-Malware

Trojan Tools

Distribution Methods

Using Wrappers to Install Trojans

Trojan Construction Kits

Backdoors

Covert Communication

The Role of Keystroke Loggers

Software

Port Redirection

Spyware

Methods of Infection

Bundling with Software

Adware

Scareware

Ransomware

CHAPTER 11   Sniffers, Session Hijacking, and Denial of Service Attacks

Sniffers

Passive Sniffing

Active Sniffing

Sniffing Tools

What Can Be Sniffed?

Session Hijacking

Identifying an Active Session

Seizing Control of a Session

Session Hijacking Tools

Thwarting Session Hijacking Attacks

Denial of Service (DoS) Attacks

Categories of DoS Attacks

Tools for DoS Attacks

Distributed Denial of Service (DDoS) Attacks

Some Characteristics of DDoS Attacks

Tools for DDoS Attacks

Botnets and the Internet of Things (IoT)

CHAPTER 12   Linux and Penetration Testing

Linux

Introducing Kali Linux

Some of the Basics of Working with Linux

A Look at the Interface

Basic Linux Navigation

Important Linux Directories

Commonly Used Commands

The Basic Command Structure of Linux

Live CDs

Special-Purpose Live CDs/DVDs

Virtual Machines

CHAPTER 13   Social Engineering

What Is Social Engineering?

Types of Social Engineering Attacks

Phone-Based Attacks

Dumpster Diving

Shoulder Surfing

Attacks Through Social Media

Persuasion/Coercion

Reverse Social Engineering

Technology and Social Engineering

Your Browser as a Defense Against Social Engineering

Other Good Practices for Safe Computing

Best Practices for Passwords

Know What the Web Knows About You

Creating and Managing Your Passwords

Invest in a Password Manager

Social Engineering and Social Networking

Questions to Ask Before You Post

An Overview of the Risks in Social Networking

Social Networking in a Corporate Setting

Particular Concerns in a Corporate Setting

Facebook Security

CHAPTER 14   Incident Response

What Is a Security Incident?

The Incident Response Process

Incident Response Policies, Procedures, and Guidelines

Phases of an Incident and Response

Incident Response Team

Incident Response Plans

The Role of Business Continuity Plans

Recovering Systems

Business Impact Analysis

Planning for Disaster and Recovery

Testing and Evaluation

Preparation and Staging of Testing Procedures

Frequency of Tests

Analysis of Test Results

Evidence Handling and Administration

Evidence Collection Techniques

Security Reporting Options and Guidelines

Requirements of Regulated Industries

CHAPTER 15   Defensive Technologies

Defense in Depth

Intrusion Detection Systems

IDS Components

Components of a NIDS

Components of a HIDS

Setting Goals

Accountability

Limitations of an IDS

Investigation of an Event

Analysis of Information Collected

Intrusion Prevention Systems

The Purpose of Firewalls

How Firewalls Work

Firewall Methodologies

Limitations of a Firewall

Implementing a Firewall

Authoring a Firewall Policy

Honeypots/Honeynets

Goals of Honeypots

Legal Issues

The Role of Controls

Administrative Controls

Technical Controls

Physical Controls

Security Best Practices

Security Information and Event Management (SIEM)

Sources for Guidance

APPENDIX A      Answer Key

APPENDIX B      Standard Acronyms

Glossary of Key Terms

References

Index

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.135.207.129