Hacking Exposed,9780072127485

Hacking Exposed

by
ISBN13: 9780072127485
ISBN10: 0072127481
Format: Paperback
Pub. Date: 2000-10-01
Publisher(s): McGraw-Hill Osborne Media
List Price: $44.00

Buy New

Usually Ships in 5-7 Business Days
$43.96
Add to Cart

Rent Textbook

Select for Price
Add to Cart
There was a problem. Please try again later.

Rent Digital

Rent Digital Options
Online:1825 Days access
Downloadable:Lifetime Access
$49.50
*To support the delivery of the digital material to you, a digital delivery fee of $3.99 will be charged on each digital item.
$49.50*
Add to Cart

Used Textbook

We're Sorry
Sold Out

Buy from our Marketplace starting at $4.13

How Marketplace Works:

  • This item is offered by an independent seller and not shipped from our warehouse
  • Item details like edition and cover design may differ from our description; see seller's comments before ordering.
  • Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
  • Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
  • Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.

Summary

Since new hacks and attacks are occurring daily, "Hacking Exposed" provides administrators with the latest information to combat hackers and protect their networks. It shows how flaws and loopholes in security technologies can be exploited and provides security solutions. Line illustrations.

Table of Contents

Foreword xvii
Acknowledgments xxi
Introduction xxiii
Part I Casing the Establishment
Case Study: Target Acquisition
2(3)
Footprinting
5(28)
What Is Footprinting?
6(1)
Why Is Footprinting Necessary?
6(1)
Internet Footprinting
6(25)
Determine the Scope of Your Activities
8(5)
Network Enumeration
13(9)
DNS Interrogation
22(5)
Network Reconnaissance
27(4)
Summary
31(2)
Scanning
33(38)
Scan Types
44(2)
Identifying TCP and UDP Services Runing
46(5)
Windows-Based Port Scanners
51(6)
Port Scanning Breakdown
57(4)
Active Stack Fingerprinting
61(4)
Passive Stack Fingerprinting
65(2)
The Whole Enchilada: Automated Discovery Tools
67(1)
Summary
68(3)
Enumeration
71(46)
Windows NT/2000 Enumeration
72(28)
NT/2000 Network Resource Enumeration
76(11)
NT/2000 User and Group Enumeration
87(8)
NT/2000 Applications and Banner Enumeration
95(4)
Let Your Scripts Do the Walking
99(1)
Novell Enumeration
100(6)
Browsing the Network Neighborhood
100(6)
UNIX Enumeration
106(7)
Summary
113(3)
Part II System Hacking
Case Study: Know Your Enemy
116(1)
Hacking Windows 95/98 and ME
117(24)
Win 9x Remote Exploits
118(12)
Direct Connection to Win 9x Shared Resources
119(5)
Win 9x Backdoor Servers and Trojans
124(5)
Known Server Application Vulnerabilities
129(1)
Win 9x Denial of Service
130(1)
Win 9x Local Exploits
130(7)
Windows Millennium Edition (ME)
137(1)
Summary
138(3)
Hacking Windows NT
141(78)
Overview
143(1)
Where We're Headed
143(1)
What About Windows 2000?
143(1)
The Quest for Administrator
144(30)
Remote Exploits: Denial of Service and Buffer Overflows
160(4)
Privilege Escalation
164(10)
Consolidation of Power
174(37)
Exploiting Trust
185(5)
Sniffers
190(4)
Remote Control and Back Doors
194(9)
Port Redirection
203(4)
General Countermeasures to Privileged Compromise
207(4)
Rootkit: The Ultimate Compromise
211(3)
Covering Tracks
214(2)
Disabling Auditing
214(1)
Clearing the Event Log
214(1)
Hiding Files
215(1)
Summary
216(3)
Hacking Windows 2000
219(46)
Footprinting
221(1)
Scanning
221(5)
Enumeration
226(3)
Penetration
229(4)
NetBIOS-SMB Password Guessing
229(1)
Eavesdropping on Password Hashes
229(1)
Attacks Against IIS 5
229(4)
Remote Buffer Overflows
233(1)
Denial of Service
233(5)
Privilege Escalation
238(3)
Pilfering
241(10)
Grabbing the Win 2000 Password Hashes
241(5)
The Encrypting File System (EFS)
246(3)
Exploiting Trust
249(2)
Covering Tracks
251(1)
Disabling Auditing
251(1)
Clearing the Event Log
252(1)
Hiding Files
252(1)
Back Doors
252(5)
Startup Manipulation
252(3)
Remote Control
255(2)
Keystroke Loggers
257(1)
General Countermeasures: New Windows Security Tools
257(4)
Group Policy
257(3)
runas
260(1)
Summary
261(4)
Novell NetWare Hacking
265(40)
Attaching but Not Touching
267(1)
Enumerate Bindery and Trees
268(7)
Opening the Unlocked Doors
275(2)
Authenticated Enumeration
277(5)
Gaining Admin
282(3)
Application Vulnerabilities
285(2)
Spoofing Attacks (Pandora)
287(3)
Once You Have Admin on a Server
290(2)
Owning the NDS Files
292(6)
Log Doctoring
298(4)
Console Logs
299(3)
Further Resources
302(1)
Web Sites (ftp:/ /ftp.novell.com/pub/updates/nw/nw411/)
302(1)
Usenet Groups
303(1)
Summary
303(2)
Hacking UNIX
305(72)
The Quest for Root
306(1)
A Brief Review
306(1)
Vulnerability Mapping
307(1)
Remote Access Versus Local Access
307(1)
Remote Access
308(31)
Data Driven Attacks
312(5)
I Want My Shell
317(5)
Common Types of Remote Attacks
322(17)
Local Access
339(18)
After Hacking Root
357(13)
Trojans
358(11)
Rootkit Recovery
369(1)
Summary
370(4)
Part III Network Hacking
Case Study: Sweat the Small Stuff!
374(3)
Dial-Up, PBX, Voicemail, and VPN Hacking
377(44)
Wardialing
380(25)
Hardware
380(1)
Legal Issues
381(1)
Peripheral Costs
382(1)
Software
382(21)
A Final Note
403(2)
PBX Hacking
405(10)
Virtual Private Network (VPN) Hacking
415(4)
Summary
419(2)
Network Devices
421(38)
Discovery
422(11)
Detection
422(7)
SNMP
429(4)
Back Doors
433(10)
Default Accounts
433(4)
Lower the Gates (Vulnerabilities)
437(6)
Shared Versus Switched
443(14)
Detecting the Media You're On
444(1)
Passwords on a Silver Platter: Dsniff
445(3)
Sniffing on a Network Switch
448(4)
Snmpsniff
452(5)
Summary
457(2)
Firewalls
459(24)
Firewall Landscape
460(1)
Firewall Identification
460(9)
Advanced Firewall Discovery
465(4)
Scanning Through Firewalls
469(4)
Packet Filtering
473(4)
Application Proxy Vulnerabilities
477(4)
WinGate Vulnerabilities
479(2)
Summary
481(2)
Denial of Service (DoS) Attacks
483(28)
Motivation of DoS Attackers
484(1)
Types of DoS Attacks
485(3)
Bandwidth Consumption
485(1)
Resource Starvation
486(1)
Programming Flaws
486(1)
Routing and DNS Attacks
487(1)
Generic DoS Attacks
488(6)
Sites Under Attack
491(3)
UNIX and Windows NT DoS
494(12)
Remote DoS Attacks
495(4)
Distributed Denial of Service Attacks
499(5)
Local DoS Attacks
504(2)
Summary
506(2)
Part IV Software Hacking
Case Study: Using All the Dirty Tricks to Get In
508(3)
Remote Control Insecurities
511(18)
Discovering Remote Control Software
512(1)
Connecting
513(1)
Weaknesses
514(7)
Revealed Passwords
516(1)
Uploading Profiles
517(4)
What Software Package Is the Best in Terms of Security?
521(6)
pcAnywhere
521(1)
ReachOut
521(1)
Remotely Anywhere
521(2)
Remotely Possible/ControIIT
523(1)
Timbuktu
523(1)
Virtual Network Computing (VNC)
523(3)
Citrix
526(1)
Summary
527(2)
Advanced Techniques
529(36)
Session Hijacking
530(3)
Back Doors
533(22)
Trojans
555(3)
Subverting the System Environment: Rootkits and Imaging Tools
558(3)
Social Engineering
561(2)
Summary
563(2)
Web Hacking
565(36)
Web Pilfering
566(4)
Finding Well-Known Vulnerabilities
570(3)
Automated Scripts, for All Those ``Script Kiddies''
570(2)
Automated Applications
572(1)
Script Inadequacies: Input Validation Attacks
573(17)
Active Server Pages (ASP) Vulnerabilities
582(8)
Buffer Overflows
590(8)
Poor Web Design
598(2)
Summary
600(1)
Hacking the Internet User
601(66)
Malicious Mobile Code
603(20)
Microsoft ActiveX
603(11)
Java Security Holes
614(4)
Beware the Cookie Monster
618(3)
Internet Explorer HTML Frame Vulnerabilities
621(2)
SSL Fraud
623(3)
Email Hacking
626(21)
Mail Hacking 101
626(3)
Executing Arbitrary Code Through Email
629(8)
Outlook Address Books Worms
637(2)
File Attachment Attacks
639(8)
IRC Hacking
647(2)
Napster Hacking with Wrapster
649(1)
Global Countermeasures to Internet User Hacking
650(2)
Keep Antivirus Signatures Updated
650(1)
Guarding the Gateways
651(1)
Summary
652(5)
Part V Appendixes
A Ports
657(4)
B Top 14 Security Vulnerabilities
661(2)
C About the Companion Web Site
663(4)
Novell
664(1)
UNIX
665(1)
Windows NT
665(1)
Wordlists and Dictionaries
666(1)
Wardialing
666(1)
Enumeration Scripts
666(1)
Index 667

An electronic version of this book is available through VitalSource.

This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.

By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.

Digital License

You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.

More details can be found here.

A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.

Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.

Please view the compatibility matrix prior to purchase.