Name: Hacking exposed, The seminal book on white-hat hacking and cou
Brand: McGraw Hill
SKU: 9780072227420
Price: 99.99 USD
Availability: InStock
Rating: 4 (2 reviews)

Foreword xv

Acknowledgments xix

Introduction xxi

Part I Casing the Establishment

Case Study: Network Security Monitoring 2

1 Footprinting 9

What Is Footprinting? 10

Internet Footprinting 11

Step 1 Determine the Scope of Your Activities 12

Step 2 Network Enumeration 16

Step 3 DNS Interrogation 25

Step 4 Network Reconnaissance 29

Summary 33

2 Scanning 35

Determining If the System Is Alive 36

Determining Which Services Are Running or Listening 44

Scan Types 44

Identifying TCP and UDP Services Running 46

Windows-Based Port Scanners 52

Port Scanning Breakdown 57

Detecting the Operating System 60

Active Stack Fingerprinting 61

Passive Stack Fingerprinting 64

The Whole Enchilada: Automated Discovery Tools 66

Summary 68

3 Enumeration 69

Basic Banner Grabbing 71

Enumerating Common Network Services 73

Summary 123

Part II System Hacking

Case Study: The Perils of Pen-Testing 126

4 Hacking Windows 95/98 and Me 129

Windows 9x Remote Exploits 131

Direct Connection to Windows 9x Shared Resources 131

Windows 9x Backdoor Servers and Trojans 137

Known Server Application Vulnerabilities 142

Windows 9x Local Exploits 143

Windows Millennium Edition (Me) 150

Windows Me Remote Attacks 150

Windows Me Local Attacks 150

Summary 152

5 Hacking the Windows NT Family 153

Overview 155

What's Not Covered 156

Unauthenticated Attacks 156

Server Message Block (SMB) Attacks 156

IIS Attacks 175

Authenticated Attacks 185

Privilege Escalation 185

Pilfering 190

Remote Control and Back Doors 200

Port Redirection 204

General Countermeasures to Authenticated Compromise 206

Covering Tracks 210

NT Family Security Features 212

Keeping Up with Patches 212

Group Policy 213

IPSec 215

runas 216

NET Framework 217

Internet Connection Firewall 217

The Encrypting File System (EFS) 217

A Note on Raw Sockets and Other Unsubstantiated Claims 218

Summary 219

6 Novell NetWare Hacking 221

Attaching but Not Touching 223

Enumerating Bindery and Trees 224

Opening the Unlocked Doors 231

Authenticated Enumeration 233

Gaining Admin 238

Application Vulnerabilities 241

Spoofing Attacks (Pandora) 248

Once You Have Admin on a Server 251

Owning the NDS Files 253

Log Doctoring 259

Console Logs 260

Summary 263

7 Hacking UNIX 265

The Quest for Root 266

A Brief Review 266

Vulnerability Mapping 267

Remote Access vs. Local Access 267

Remote Access 268

Data Driven Attacks 272

I Want My Shell 279

Common Types of Remote Attacks 283

Local Access 307

After Hacking Root 321

Rootkits 322

Rootkit Recovery 333

Summary 334

Part III Network Hacking

Case Study: Tunneling Out of Firewalls 338

8 Dial-Up, PBX, Voicemail, and VPN Hacking 341

Preparing to Dial Up 342

War-Dialing 344

Hardware 344

Legal Issues 345

Peripheral Costs 346

Software 346

Brute-Force Scripting--The Home-Grown Way 362

PBX Hacking 374

Voicemail Hacking 378

Virtual Private Network (VPN) Hacking 383

Summary 388

9 Network Devices 391

Discovery 392

Detection 392

Autonomous System Lookup 396

Normal Traceroute 396

Traceroute with ASN Information 397

show ip bgp 397

Public Newsgroups 398

Service Detection 399

Network Vulnerability 405

OSI Layer 1 406

OSI Layer 2 406

Detecting Layer 2 Media 406

Switch Sniffing 408

OSI Layer 3 416

Dsniff 418

Misconfigurations 420

Route Protocol Hacking 427

Summary 437

10 Wireless Hacking 439

Wireless Footprinting 440

Equipment 441

Wireless Scanning and Enumeration 455

Wireless Sniffers 456

Wireless Monitoring Tools 458

MAC Access Control 467

Gaining Access (Hacking 802.11) 468

MAC Access Control 470

Attacks Against the WEP Algorithm 471

Securing WEP 473

Tools That Exploit WEP Weaknesses 473

Denial of Service (DoS) Attacks 477

An 802.1x Overview 477

Summary 479

11 Firewalls 481

Firewall Landscape 482

Firewall Identification 483

Advanced Firewall Discovery 487

Scanning Through Firewalls 490

Packet Filtering 494

Application Proxy Vulnerabilities 498

WinGate Vulnerabilities 500

Summary 502

12 Denial of Service (DoS) Attacks 503

Motivation of DoS Attackers 504

Types of DoS Attacks 505

Bandwidth Consumption 505

Resource Starvation 506

Programming Flaws 506

Routing and DNS Attacks 507

Generic DoS Attacks 508

Sites Under Attack 510

UNIX and Windows DoS 514

Remote DoS Attacks 514

Distributed Denial of Service Attacks 518

Local DoS Attacks 524

Summary 525

Part IV Software Hacking

Case Study: You Say Goodbye, I Say Hello 528

13 Remote Control Insecurities 529

Discovering Remote Control Software 530

Connecting 531

Weaknesses 532

Virtual Network Computing (VNC) 539

Microsoft Terminal Server and Citrix ICA 543

Server 544

Clients 544

Data Transmission 544

Finding Targets 544

Attacking Terminal Server 547

Additional Security Considerations 551

Resources 552

Summary 553

14 Advanced Techniques 555

Session Hijacking 556

Back Doors 558

Trojans 580

Cryptography 583

Terminology 583

Classes of Attacks 583

Secure Shell (SSH) Attacks 584

Subverting the System Environment: Rootkits and Imaging Tools 586

Social Engineering 589

Summary 591

15 Web Hacking 593

Web Server Hacking 594

Source Code Disclosure 595

Canonicalization Attacks 597

WebDAV Vulnerabilities 597

Buffer Overflows 600

ColdFusion Vulnerabilities 609

Web Server Vulnerability Scanners 611

Web Application Hacking 612

Finding Vulnerable Web Apps with Google 613

Web Crawling 614

Web Application Assessment 615

Common Web Application Vulnerabilities 623

Summary 629

16 Hacking the Internet User 631

Malicious Mobile Code 633

Microsoft ActiveX 633

Java Security Holes 645

Beware the Cookie Monster 649

Internet Explorer HTML Frame Vulnerabilities 654

SSL Fraud 656

E-mail Hacking 659

Mail Hacking 101 659

Executing Arbitrary Code Through E-Mail 662

Outlook Address Book Worms 676

File Attachment Attacks 679

Writing Attachments to Disk Without User Intervention 682

Invoking Outbound Client Connections 687

IRC Hacking 690

Global Countermeasures to Internet User Hacking 692

Summary 693

Part V Appendixes

A Ports 697

B Top 14 Security Vulnerabilities 703

Index 705

Title: Hacking exposed

Manufacturer:

McGraw Hill

Item Number: 9780072227420

Number: 4

Product Description: Hacking exposed

Universal Product Code (UPC): 9780072227420

WonderClub Stock Keeping Unit (WSKU): 9780072227420

Rating: 4/5 based on 2 Reviews

Image Location: https://wonderclub.com/images/covers/74/20/9780072227420.jpg

Category: Media >> Books

Weight: 0.200 kg (0.44 lbs)

Width: 7.360 cm (2.90 inches)

Heigh : 9.180 cm (3.61 inches)

Depth: 1.640 cm (0.65 inches)

Date Added: August 25, 2020, Added By: Ross

Date Last Edited: August 25, 2020, Edited By: Ross

Price	Condition	Delivery	Seller	Action
$99.99	Digital	Arrives between Apr 23 - May 23 Login to your account for a direct download. Some files are emailed from Dropbox. Continent $0.00 - World $0.00	WonderClub (9295 total ratings)

Question Concerning Hacking exposed

Ask a Question about Hacking exposed

No Question found!

Read Reviews for Hacking exposed Write review

Vincent Madrigal

reviewed Hacking exposed on May 17, 2013

Hacking exposed

Not a hacking how to per se but more like a really good resource for securing your network. Some people object to titles like this one because they naively and mistakenly believe it helps the bad guys. But in reality, without knowing black hat techniques there is no possible way that you can secure your network. Period. The authors do an outstand job of walking the uninformed reader through the process of the hack from initial surveillance up to and including the attack. Highly recommend this book if you have even a slight interest in learning the how's of hacking.

Hacking exposed Book

Book Categories

Authors

McGraw Hill

Question Concerning Hacking exposed

Read Reviews for Hacking exposed Write review

Login

Complaints

Blog

Games

Digital Media

Souls

Obituary

Contact Us

FAQ

You must be logged in to add to Wishlist

This item is in your Wish List

This item is in your Collection

This Item is in Your Inventory

You must be logged in to review the products

	Foreword	xv
	Acknowledgments	xix
	Introduction	xxi
Part I	Casing the Establishment
	Case Study: Network Security Monitoring	2
1	Footprinting	9
	What Is Footprinting?	10
	Internet Footprinting	11
Step 1	Determine the Scope of Your Activities	12
Step 2	Network Enumeration	16
Step 3	DNS Interrogation	25
Step 4	Network Reconnaissance	29
	Summary	33
2	Scanning	35
	Determining If the System Is Alive	36
	Determining Which Services Are Running or Listening	44
	Scan Types	44
	Identifying TCP and UDP Services Running	46
	Windows-Based Port Scanners	52
	Port Scanning Breakdown	57
	Detecting the Operating System	60
	Active Stack Fingerprinting	61
	Passive Stack Fingerprinting	64
	The Whole Enchilada: Automated Discovery Tools	66
	Summary	68
3	Enumeration	69
	Basic Banner Grabbing	71
	Enumerating Common Network Services	73
	Summary	123
Part II	System Hacking
	Case Study: The Perils of Pen-Testing	126
4	Hacking Windows 95/98 and Me	129
	Windows 9x Remote Exploits	131
	Direct Connection to Windows 9x Shared Resources	131
	Windows 9x Backdoor Servers and Trojans	137
	Known Server Application Vulnerabilities	142
	Windows 9x Local Exploits	143
	Windows Millennium Edition (Me)	150
	Windows Me Remote Attacks	150
	Windows Me Local Attacks	150
	Summary	152
5	Hacking the Windows NT Family	153
	Overview	155
	What's Not Covered	156
	Unauthenticated Attacks	156
	Server Message Block (SMB) Attacks	156
	IIS Attacks	175
	Authenticated Attacks	185
	Privilege Escalation	185
	Pilfering	190
	Remote Control and Back Doors	200
	Port Redirection	204
	General Countermeasures to Authenticated Compromise	206
	Covering Tracks	210
	NT Family Security Features	212
	Keeping Up with Patches	212
	Group Policy	213
	IPSec	215
	runas	216
	NET Framework	217
	Internet Connection Firewall	217
	The Encrypting File System (EFS)	217
	A Note on Raw Sockets and Other Unsubstantiated Claims	218
	Summary	219
6	Novell NetWare Hacking	221
	Attaching but Not Touching	223
	Enumerating Bindery and Trees	224
	Opening the Unlocked Doors	231
	Authenticated Enumeration	233
	Gaining Admin	238
	Application Vulnerabilities	241
	Spoofing Attacks (Pandora)	248
	Once You Have Admin on a Server	251
	Owning the NDS Files	253
	Log Doctoring	259
	Console Logs	260
	Summary	263
7	Hacking UNIX	265
	The Quest for Root	266
	A Brief Review	266
	Vulnerability Mapping	267
	Remote Access vs. Local Access	267
	Remote Access	268
	Data Driven Attacks	272
	I Want My Shell	279
	Common Types of Remote Attacks	283
	Local Access	307
	After Hacking Root	321
	Rootkits	322
	Rootkit Recovery	333
	Summary	334
Part III	Network Hacking
	Case Study: Tunneling Out of Firewalls	338
8	Dial-Up, PBX, Voicemail, and VPN Hacking	341
	Preparing to Dial Up	342
	War-Dialing	344
	Hardware	344
	Legal Issues	345
	Peripheral Costs	346
	Software	346
	Brute-Force Scripting--The Home-Grown Way	362
	PBX Hacking	374
	Voicemail Hacking	378
	Virtual Private Network (VPN) Hacking	383
	Summary	388
9	Network Devices	391
	Discovery	392
	Detection	392
	Autonomous System Lookup	396
	Normal Traceroute	396
	Traceroute with ASN Information	397
	show ip bgp	397
	Public Newsgroups	398
	Service Detection	399
	Network Vulnerability	405
	OSI Layer 1	406
	OSI Layer 2	406
	Detecting Layer 2 Media	406
	Switch Sniffing	408
	OSI Layer 3	416
	Dsniff	418
	Misconfigurations	420
	Route Protocol Hacking	427
	Summary	437
10	Wireless Hacking	439
	Wireless Footprinting	440
	Equipment	441
	Wireless Scanning and Enumeration	455
	Wireless Sniffers	456
	Wireless Monitoring Tools	458
	MAC Access Control	467
	Gaining Access (Hacking 802.11)	468
	MAC Access Control	470
	Attacks Against the WEP Algorithm	471
	Securing WEP	473
	Tools That Exploit WEP Weaknesses	473
	Denial of Service (DoS) Attacks	477
	An 802.1x Overview	477
	Summary	479
11	Firewalls	481
	Firewall Landscape	482
	Firewall Identification	483
	Advanced Firewall Discovery	487
	Scanning Through Firewalls	490
	Packet Filtering	494
	Application Proxy Vulnerabilities	498
	WinGate Vulnerabilities	500
	Summary	502
12	Denial of Service (DoS) Attacks	503
	Motivation of DoS Attackers	504
	Types of DoS Attacks	505
	Bandwidth Consumption	505
	Resource Starvation	506
	Programming Flaws	506
	Routing and DNS Attacks	507
	Generic DoS Attacks	508
	Sites Under Attack	510
	UNIX and Windows DoS	514
	Remote DoS Attacks	514
	Distributed Denial of Service Attacks	518
	Local DoS Attacks	524
	Summary	525
Part IV	Software Hacking
	Case Study: You Say Goodbye, I Say Hello	528
13	Remote Control Insecurities	529
	Discovering Remote Control Software	530
	Connecting	531
	Weaknesses	532
	Virtual Network Computing (VNC)	539
	Microsoft Terminal Server and Citrix ICA	543
	Server	544
	Clients	544
	Data Transmission	544
	Finding Targets	544
	Attacking Terminal Server	547
	Additional Security Considerations	551
	Resources	552
	Summary	553
14	Advanced Techniques	555
	Session Hijacking	556
	Back Doors	558
	Trojans	580
	Cryptography	583
	Terminology	583
	Classes of Attacks	583
	Secure Shell (SSH) Attacks	584
	Subverting the System Environment: Rootkits and Imaging Tools	586
	Social Engineering	589
	Summary	591
15	Web Hacking	593
	Web Server Hacking	594
	Source Code Disclosure	595
	Canonicalization Attacks	597
	WebDAV Vulnerabilities	597
	Buffer Overflows	600
	ColdFusion Vulnerabilities	609
	Web Server Vulnerability Scanners	611
	Web Application Hacking	612
	Finding Vulnerable Web Apps with Google	613
	Web Crawling	614
	Web Application Assessment	615
	Common Web Application Vulnerabilities	623
	Summary	629
16	Hacking the Internet User	631
	Malicious Mobile Code	633
	Microsoft ActiveX	633
	Java Security Holes	645
	Beware the Cookie Monster	649
	Internet Explorer HTML Frame Vulnerabilities	654
	SSL Fraud	656
	E-mail Hacking	659
	Mail Hacking 101	659
	Executing Arbitrary Code Through E-Mail	662
	Outlook Address Book Worms	676
	File Attachment Attacks	679
	Writing Attachments to Disk Without User Intervention	682
	Invoking Outbound Client Connections	687
	IRC Hacking	690
	Global Countermeasures to Internet User Hacking	692
	Summary	693
Part V	Appendixes
A	Ports	697
B	Top 14 Security Vulnerabilities	703
	Index	705