Sold Out
Book Categories |
Foreword | xv | |
Acknowledgments | xix | |
Introduction | xxi | |
Part I | Casing the Establishment | |
Case Study: Network Security Monitoring | 2 | |
1 | Footprinting | 9 |
What Is Footprinting? | 10 | |
Internet Footprinting | 11 | |
Step 1 | Determine the Scope of Your Activities | 12 |
Step 2 | Network Enumeration | 16 |
Step 3 | DNS Interrogation | 25 |
Step 4 | Network Reconnaissance | 29 |
Summary | 33 | |
2 | Scanning | 35 |
Determining If the System Is Alive | 36 | |
Determining Which Services Are Running or Listening | 44 | |
Scan Types | 44 | |
Identifying TCP and UDP Services Running | 46 | |
Windows-Based Port Scanners | 52 | |
Port Scanning Breakdown | 57 | |
Detecting the Operating System | 60 | |
Active Stack Fingerprinting | 61 | |
Passive Stack Fingerprinting | 64 | |
The Whole Enchilada: Automated Discovery Tools | 66 | |
Summary | 68 | |
3 | Enumeration | 69 |
Basic Banner Grabbing | 71 | |
Enumerating Common Network Services | 73 | |
Summary | 123 | |
Part II | System Hacking | |
Case Study: The Perils of Pen-Testing | 126 | |
4 | Hacking Windows 95/98 and Me | 129 |
Windows 9x Remote Exploits | 131 | |
Direct Connection to Windows 9x Shared Resources | 131 | |
Windows 9x Backdoor Servers and Trojans | 137 | |
Known Server Application Vulnerabilities | 142 | |
Windows 9x Local Exploits | 143 | |
Windows Millennium Edition (Me) | 150 | |
Windows Me Remote Attacks | 150 | |
Windows Me Local Attacks | 150 | |
Summary | 152 | |
5 | Hacking the Windows NT Family | 153 |
Overview | 155 | |
What's Not Covered | 156 | |
Unauthenticated Attacks | 156 | |
Server Message Block (SMB) Attacks | 156 | |
IIS Attacks | 175 | |
Authenticated Attacks | 185 | |
Privilege Escalation | 185 | |
Pilfering | 190 | |
Remote Control and Back Doors | 200 | |
Port Redirection | 204 | |
General Countermeasures to Authenticated Compromise | 206 | |
Covering Tracks | 210 | |
NT Family Security Features | 212 | |
Keeping Up with Patches | 212 | |
Group Policy | 213 | |
IPSec | 215 | |
runas | 216 | |
NET Framework | 217 | |
Internet Connection Firewall | 217 | |
The Encrypting File System (EFS) | 217 | |
A Note on Raw Sockets and Other Unsubstantiated Claims | 218 | |
Summary | 219 | |
6 | Novell NetWare Hacking | 221 |
Attaching but Not Touching | 223 | |
Enumerating Bindery and Trees | 224 | |
Opening the Unlocked Doors | 231 | |
Authenticated Enumeration | 233 | |
Gaining Admin | 238 | |
Application Vulnerabilities | 241 | |
Spoofing Attacks (Pandora) | 248 | |
Once You Have Admin on a Server | 251 | |
Owning the NDS Files | 253 | |
Log Doctoring | 259 | |
Console Logs | 260 | |
Summary | 263 | |
7 | Hacking UNIX | 265 |
The Quest for Root | 266 | |
A Brief Review | 266 | |
Vulnerability Mapping | 267 | |
Remote Access vs. Local Access | 267 | |
Remote Access | 268 | |
Data Driven Attacks | 272 | |
I Want My Shell | 279 | |
Common Types of Remote Attacks | 283 | |
Local Access | 307 | |
After Hacking Root | 321 | |
Rootkits | 322 | |
Rootkit Recovery | 333 | |
Summary | 334 | |
Part III | Network Hacking | |
Case Study: Tunneling Out of Firewalls | 338 | |
8 | Dial-Up, PBX, Voicemail, and VPN Hacking | 341 |
Preparing to Dial Up | 342 | |
War-Dialing | 344 | |
Hardware | 344 | |
Legal Issues | 345 | |
Peripheral Costs | 346 | |
Software | 346 | |
Brute-Force Scripting--The Home-Grown Way | 362 | |
PBX Hacking | 374 | |
Voicemail Hacking | 378 | |
Virtual Private Network (VPN) Hacking | 383 | |
Summary | 388 | |
9 | Network Devices | 391 |
Discovery | 392 | |
Detection | 392 | |
Autonomous System Lookup | 396 | |
Normal Traceroute | 396 | |
Traceroute with ASN Information | 397 | |
show ip bgp | 397 | |
Public Newsgroups | 398 | |
Service Detection | 399 | |
Network Vulnerability | 405 | |
OSI Layer 1 | 406 | |
OSI Layer 2 | 406 | |
Detecting Layer 2 Media | 406 | |
Switch Sniffing | 408 | |
OSI Layer 3 | 416 | |
Dsniff | 418 | |
Misconfigurations | 420 | |
Route Protocol Hacking | 427 | |
Summary | 437 | |
10 | Wireless Hacking | 439 |
Wireless Footprinting | 440 | |
Equipment | 441 | |
Wireless Scanning and Enumeration | 455 | |
Wireless Sniffers | 456 | |
Wireless Monitoring Tools | 458 | |
MAC Access Control | 467 | |
Gaining Access (Hacking 802.11) | 468 | |
MAC Access Control | 470 | |
Attacks Against the WEP Algorithm | 471 | |
Securing WEP | 473 | |
Tools That Exploit WEP Weaknesses | 473 | |
Denial of Service (DoS) Attacks | 477 | |
An 802.1x Overview | 477 | |
Summary | 479 | |
11 | Firewalls | 481 |
Firewall Landscape | 482 | |
Firewall Identification | 483 | |
Advanced Firewall Discovery | 487 | |
Scanning Through Firewalls | 490 | |
Packet Filtering | 494 | |
Application Proxy Vulnerabilities | 498 | |
WinGate Vulnerabilities | 500 | |
Summary | 502 | |
12 | Denial of Service (DoS) Attacks | 503 |
Motivation of DoS Attackers | 504 | |
Types of DoS Attacks | 505 | |
Bandwidth Consumption | 505 | |
Resource Starvation | 506 | |
Programming Flaws | 506 | |
Routing and DNS Attacks | 507 | |
Generic DoS Attacks | 508 | |
Sites Under Attack | 510 | |
UNIX and Windows DoS | 514 | |
Remote DoS Attacks | 514 | |
Distributed Denial of Service Attacks | 518 | |
Local DoS Attacks | 524 | |
Summary | 525 | |
Part IV | Software Hacking | |
Case Study: You Say Goodbye, I Say Hello | 528 | |
13 | Remote Control Insecurities | 529 |
Discovering Remote Control Software | 530 | |
Connecting | 531 | |
Weaknesses | 532 | |
Virtual Network Computing (VNC) | 539 | |
Microsoft Terminal Server and Citrix ICA | 543 | |
Server | 544 | |
Clients | 544 | |
Data Transmission | 544 | |
Finding Targets | 544 | |
Attacking Terminal Server | 547 | |
Additional Security Considerations | 551 | |
Resources | 552 | |
Summary | 553 | |
14 | Advanced Techniques | 555 |
Session Hijacking | 556 | |
Back Doors | 558 | |
Trojans | 580 | |
Cryptography | 583 | |
Terminology | 583 | |
Classes of Attacks | 583 | |
Secure Shell (SSH) Attacks | 584 | |
Subverting the System Environment: Rootkits and Imaging Tools | 586 | |
Social Engineering | 589 | |
Summary | 591 | |
15 | Web Hacking | 593 |
Web Server Hacking | 594 | |
Source Code Disclosure | 595 | |
Canonicalization Attacks | 597 | |
WebDAV Vulnerabilities | 597 | |
Buffer Overflows | 600 | |
ColdFusion Vulnerabilities | 609 | |
Web Server Vulnerability Scanners | 611 | |
Web Application Hacking | 612 | |
Finding Vulnerable Web Apps with Google | 613 | |
Web Crawling | 614 | |
Web Application Assessment | 615 | |
Common Web Application Vulnerabilities | 623 | |
Summary | 629 | |
16 | Hacking the Internet User | 631 |
Malicious Mobile Code | 633 | |
Microsoft ActiveX | 633 | |
Java Security Holes | 645 | |
Beware the Cookie Monster | 649 | |
Internet Explorer HTML Frame Vulnerabilities | 654 | |
SSL Fraud | 656 | |
E-mail Hacking | 659 | |
Mail Hacking 101 | 659 | |
Executing Arbitrary Code Through E-Mail | 662 | |
Outlook Address Book Worms | 676 | |
File Attachment Attacks | 679 | |
Writing Attachments to Disk Without User Intervention | 682 | |
Invoking Outbound Client Connections | 687 | |
IRC Hacking | 690 | |
Global Countermeasures to Internet User Hacking | 692 | |
Summary | 693 | |
Part V | Appendixes | |
A | Ports | 697 |
B | Top 14 Security Vulnerabilities | 703 |
Index | 705 |
Login|Complaints|Blog|Games|Digital Media|Souls|Obituary|Contact Us|FAQ
CAN'T FIND WHAT YOU'RE LOOKING FOR? CLICK HERE!!! X
You must be logged in to add to WishlistX
This item is in your Wish ListX
This item is in your CollectionHacking exposed
X
This Item is in Your InventoryHacking exposed
X
You must be logged in to review the productsX
X
X
Add Hacking exposed, The seminal book on white-hat hacking and countermeasures.... Should be required reading for anyone with a server or a network to secure. --Bill Machrone, PC Magazine This brand-new edition of the best-selling security book covers all the lat, Hacking exposed to the inventory that you are selling on WonderClubX
X
Add Hacking exposed, The seminal book on white-hat hacking and countermeasures.... Should be required reading for anyone with a server or a network to secure. --Bill Machrone, PC Magazine This brand-new edition of the best-selling security book covers all the lat, Hacking exposed to your collection on WonderClub |