rating

Hacking For Dummies, 3rd Edition

Sách hướng dẫn dùng những kỹ thuật mới nhất hack Linux và Window, hack cơ sở dữ liệu database, VoiceIP và Web Application. Sách do chuyên viên CISSP viết.

Đặt in tại HoaXanh - Thêm vào giỏ hàng...

  • 130,000đ
  • Mã sản phẩm: HAC171148
  • Tình trạng: 2

Introduction ................................................................. 1 Who Should Read This Book? ........................................................................1 About This Book ..............................................................................................2 How to Use This Book .....................................................................................2 What You Don’t Need to Read .......................................................................3 Foolish Assumptions .......................................................................................3 How This Book Is Organized ..........................................................................3 Part I: Building the Foundation for Ethical Hacking ..........................4 Part II: Putting Ethical Hacking in Motion ...........................................4 Part III: Hacking the Network ................................................................4 Part IV: Hacking Operating Systems ....................................................4 Part V: Hacking Applications ................................................................5 Part VI: Ethical Hacking Aftermath ......................................................5 Part VII: The Part of Tens ......................................................................5 Icons Used in This Book .................................................................................6 Where to Go from Here ...................................................................................6 Part I: Building the Foundation for Ethical Hacking ........ 7 Chapter 1: Introduction to Ethical Hacking . . . . . . . . . . . . . . . . . . . . . . . .9 Straightening Out the Terminology ...............................................................9 Defi ning hacker ....................................................................................10 Defi ning malicious user .......................................................................11 Recognizing How Malicious Attackers Beget Ethical Hackers .................11 Ethical hacking versus auditing .........................................................12 Policy considerations ..........................................................................12 Compliance and regulatory concerns ...............................................12 Understanding the Need to Hack Your Own Systems ..............................13 Understanding the Dangers Your Systems Face .......................................14 Nontechnical attacks ...........................................................................14 Network infrastructure attacks ..........................................................15 Operating system attacks ...................................................................15 Application and other specialized attacks .......................................16 Obeying the Ethical Hacking Commandments ..........................................16 Working ethically .................................................................................16 Respecting privacy ..............................................................................17 Not crashing your systems .................................................................17 x Hacking For Dummies, 3rd Edition Using the Ethical Hacking Process ..............................................................17 Formulating your plan .........................................................................18 Selecting tools ......................................................................................20 Executing the plan ...............................................................................22 Evaluating results ................................................................................22 Moving on .............................................................................................23 Chapter 2: Cracking the Hacker Mindset. . . . . . . . . . . . . . . . . . . . . . . . .25 What You’re Up Against ................................................................................25 Who Breaks into Computer Systems ..........................................................27 Why They Do It ..............................................................................................29 Planning and Performing Attacks ................................................................32 Maintaining Anonymity .................................................................................34 Chapter 3: Developing Your Ethical Hacking Plan. . . . . . . . . . . . . . . . .35 Establishing Your Goals ................................................................................36 Determining Which Systems to Hack ..........................................................37 Creating Testing Standards ..........................................................................40 Timing....................................................................................................40 Specifi c tests .........................................................................................41 Blind versus knowledge assessments ...............................................42 Location ................................................................................................43 Reacting to vulnerabilities you fi nd ...................................................43 Silly assumptions .................................................................................43 Selecting Security Assessment Tools ..........................................................44 Chapter 4: Hacking Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45 Setting the Stage for Testing ........................................................................45 Seeing What Others See ................................................................................47 Gathering public information .............................................................47 Mapping the network ..........................................................................50 Scanning Systems ..........................................................................................52 Hosts ......................................................................................................52 Open ports ............................................................................................53 Determining What’s Running on Open Ports .............................................53 Assessing Vulnerabilities ..............................................................................55 Penetrating the System .................................................................................57 Part II: Putting Ethical Hacking in Motion ................... 59 Chapter 5: Social Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61 Social Engineering 101 ..................................................................................61 Before You Start .............................................................................................62 Why Attackers Use Social Engineering .......................................................64 Table of Contents xi Understanding the Implications ..................................................................65 Performing Social Engineering Attacks .......................................................66 Phishing for information .....................................................................66 Building trust ........................................................................................68 Exploiting the relationship .................................................................69 Social Engineering Countermeasures .........................................................72 Policies ..................................................................................................72 User awareness and training ..............................................................73 Chapter 6: Physical Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75 Physical Security Vulnerabilities .................................................................76 What to Look For ...........................................................................................78 Building infrastructure ........................................................................78 Utilities ..................................................................................................79 Offi ce layout and usage .......................................................................80 Network components and computers ...............................................82 Chapter 7: Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85 Password Vulnerabilities ..............................................................................86 Organizational password vulnerabilities ..........................................86 Technical password vulnerabilities ..................................................88 Cracking Passwords ......................................................................................89 Cracking passwords the old-fashioned way .....................................89 High-tech password cracking .............................................................91 Password-protected fi les ..................................................................102 Other ways to crack passwords.......................................................103 General Password-Cracking Countermeasures .......................................109 Storing passwords .............................................................................110 Policy considerations ........................................................................110 Other considerations ........................................................................111 Securing Operating Systems ......................................................................113 Windows..............................................................................................113 Linux and UNIX ...................................................................................114 Part III: Hacking the Network ................................... 115 Chapter 8: Network Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117 Network Infrastructure Vulnerabilities .....................................................119 Choosing Tools ............................................................................................120 Scanners and analyzers.....................................................................120 Vulnerability assessment ..................................................................121 Scanning, Poking, and Prodding ................................................................121 Port scanners .....................................................................................122 SNMP scanning ...................................................................................128 Banner grabbing .................................................................................130 xii Hacking For Dummies, 3rd Edition Firewall rules ......................................................................................131 Network analyzers .............................................................................134 The MAC-daddy attack ......................................................................140 Denial of service .................................................................................145 Common Router, Switch, and Firewall Weaknesses ...............................147 Unsecured interfaces.........................................................................147 IKE weaknesses ..................................................................................148 General Network Defenses .........................................................................149 Chapter 9: Wireless LANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .151 Understanding the Implications of Wireless Network Vulnerabilities ..........................................................................152 Choosing Your Tools ...................................................................................154 Wireless LAN Discovery .............................................................................156 Checking for worldwide recognition ...............................................156 Scanning your local airwaves ...........................................................157 Wireless Network Attacks and Countermeasures ...................................158 Encrypted traffi c ................................................................................160 Countermeasures against encrypted traffi c attacks .....................164 Rogue wireless devices .....................................................................165 Countermeasures against rogue wireless devices ........................170 MAC spoofi ng .....................................................................................170 Countermeasures against MAC spoofi ng ........................................175 Queensland DoS attack .....................................................................175 Countermeasures against DoS attacks ............................................176 Physical security problems ..............................................................176 Countermeasures against physical security problems.................176 Vulnerable wireless workstations ...................................................177 Countermeasures against vulnerable wireless workstations ......177 Default confi guration settings ..........................................................178 Countermeasures against default confi guration settings exploits .....................................................178 Part IV: Hacking Operating Systems .......................... 179 Chapter 10: Windows. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181 Windows Vulnerabilities .............................................................................182 Choosing Tools ............................................................................................183 Free Microsoft tools ..........................................................................183 All-in-one assessment tools ..............................................................184 Task-specifi c tools .............................................................................184 Table of Contents xiii Information Gathering .................................................................................185 System scanning ................................................................................185 NetBIOS ...............................................................................................187 Null Sessions ................................................................................................190 Mapping ..............................................................................................191 Gleaning information .........................................................................192 Countermeasures against null session hacks ................................194 Share Permissions .......................................................................................196 Windows defaults...............................................................................196 Testing .................................................................................................197 Missing Patch Exploitation .........................................................................198 Using Metasploit ................................................................................200 Countermeasures against missing patch vulnerability exploits ...205 Authenticated Scans ...................................................................................205 Chapter 11: Linux . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207 Linux Vulnerabilities ...................................................................................208 Choosing Tools ............................................................................................208 Information Gathering .................................................................................209 System scanning ................................................................................209 Countermeasures against system scanning ...................................213 Unneeded and Unsecured Services ...........................................................213 Searches ..............................................................................................213 Countermeasures against attacks on unneeded services ............216 .rhosts and hosts.equiv Files .....................................................................218 Hacks using the .rhosts and hosts.equiv fi les ................................218 Countermeasures against .rhosts and hosts.equiv fi le attacks ...219 NFS .................................................................................................................220 NFS hacks ............................................................................................220 Countermeasures against NFS attacks ............................................221 File Permissions ...........................................................................................221 File permission hacks ........................................................................222 Countermeasures against fi le permission attacks .........................222 Buffer Overfl ows ..........................................................................................223 Attacks.................................................................................................223 Countermeasures against buffer-overfl ow attacks ........................223 Physical Security .........................................................................................224 Physical security hacks .....................................................................224 Countermeasures against physical security attacks .....................224 General Security Tests ................................................................................225 Patching Linux .............................................................................................226 Distribution updates..........................................................................227 Multiplatform update managers ......................................................227 xiv Hacking For Dummies, 3rd Edition Chapter 12: Novell NetWare. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229 NetWare Vulnerabilities ..............................................................................229 Choosing Tools ............................................................................................230 Getting Started .............................................................................................230 Server access methods .....................................................................231 Port scanning......................................................................................231 Authentication .............................................................................................233 rconsole ..............................................................................................233 Server-console access .......................................................................236 Intruder detection ..............................................................................237 Testing for rogue NLMs .....................................................................238 Countermeasures against rogue NLM attacks ...............................241 Cleartext packets ...............................................................................242 Solid Practices for Minimizing NetWare Security Risks .........................243 Rename admin ....................................................................................243 Disable eDirectory browsing ............................................................244 Remove bindery contexts .................................................................245 Audit the system ................................................................................246 TCP/IP parameters .............................................................................246 Patch ....................................................................................................246 Part V: Hacking Applications .................................... 247 Chapter 13: Communication and Messaging Systems . . . . . . . . . . . .249 Messaging System Vulnerabilities .............................................................249 E-Mail Attacks ...............................................................................................252 E-mail bombs ......................................................................................252 Banners ...............................................................................................255 SMTP attacks ......................................................................................257 General best practices for minimizing e-mail security risks ........266 Instant Messaging ........................................................................................267 IM vulnerabilities ...............................................................................267 Countermeasures against IM vulnerabilities ..................................268 Voice over IP ................................................................................................270 VoIP vulnerabilities ...........................................................................270 Countermeasures against VoIP vulnerabilities ..............................276 Chapter 14: Web Sites and Applications . . . . . . . . . . . . . . . . . . . . . . . .277 Choosing Your Web Application Tools ....................................................278 Web Vulnerabilities .....................................................................................280 Directory traversal ............................................................................280 Countermeasures against directory traversals .............................282 Input fi ltering attacks ........................................................................283 Countermeasures against input attacks .........................................291 Table of Contents xv Default script attacks ........................................................................292 Countermeasures against default script attacks ...........................294 Unsecured login mechanisms ..........................................................294 Countermeasures against unsecured login systems .....................297 General security scans for Web application vulnerabilities ........297 Best Practices for Minimizing Web Security Risks ..................................298 Obscurity ............................................................................................299 Firewalls ..............................................................................................299 Source code analysis .........................................................................300 Chapter 15: Databases and Storage Systems . . . . . . . . . . . . . . . . . . . .303 Databases .....................................................................................................303 Choosing tools....................................................................................303 Finding databases on the network...................................................304 Cracking database passwords..........................................................306 Scanning databases for vulnerabilities ...........................................307 Best Practices for Minimizing Database Security Risks .........................308 Storage Systems ...........................................................................................309 Choosing tools....................................................................................309 Finding storage systems on the network ........................................310 Rooting out sensitive text in network fi les .....................................310 Best Practices for Minimizing Storage Security Risks ............................313 Part VI: Ethical Hacking Aftermath ........................... 315 Chapter 16: Reporting Your Results . . . . . . . . . . . . . . . . . . . . . . . . . . . .317 Pulling the Results Together ......................................................................317 Prioritizing Vulnerabilities .........................................................................319 Reporting Methods ......................................................................................320 Chapter 17: Plugging Security Holes . . . . . . . . . . . . . . . . . . . . . . . . . . .323 Turning Your Reports into Action .............................................................323 Patching for Perfection ...............................................................................324 Patch management ............................................................................325 Patch automation ...............................................................................325 Hardening Your Systems ............................................................................326 Assessing Your Security Infrastructure ....................................................327 Chapter 18: Managing Security Changes. . . . . . . . . . . . . . . . . . . . . . . .329 Automating the Ethical Hacking Process .................................................329 Monitoring Malicious Use ...........................................................................330 Outsourcing Ethical Hacking ......................................................................332 Instilling a Security-Aware Mindset ...........................................................333 Keeping Up with Other Security Issues ....................................................334 xvi Hacking For Dummies, 3rd Edition Part VII: The Part of Tens .......................................... 335 Chapter 19: Ten Tips for Getting Upper Management Buy-In . . . . . .337 Cultivate an Ally and Sponsor ....................................................................337 Don’t Be a FUDdy Duddy ............................................................................337 Demonstrate How the Organization Can’t Afford to Be Hacked ............338 Outline the General Benefi ts of Ethical Hacking ......................................339 Show How Ethical Hacking Specifi cally Helps the Organization ...........339 Get Involved in the Business ......................................................................339 Establish Your Credibility ..........................................................................340 Speak on Management’s Level ...................................................................340 Show Value in Your Efforts .........................................................................340 Be Flexible and Adaptable ..........................................................................341 Chapter 20: Ten Reasons Hacking Is the Only Effective Way to Test. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343 The Bad Guys Are Thinking Bad Thoughts, Using Good Tools, and Developing New Attack Methods ...................................................343 IT Governance and Compliance Is More Than High-Level Checklist Audits ....................................................................343 Ethical Hacking Complements Audits and Security Evaluations ..........344 Someone’s Going to Ask How Secure Your Systems Are .......................344 The Law of Averages Is Working Against Businesses .............................344 Ethical Hacking Creates a Better Understanding of What the Business Is Up Against ...........................................................344 If a Breach Occurs, You Have Something to Fall Back On ......................345 Ethical Hacking Brings Out the Worst in Your Systems .........................345 Ethical Hacking Combines the Best of Penetration Testing and Vulnerability Testing..........................................................345 Ethical Hacking Can Uncover Operational Weaknesses That Might Go Overlooked For Years ...................................................345 Chapter 21: Ten Deadly Mistakes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .347 Not Getting Prior Approval in Writing ......................................................347 Assuming That You Can Find All Vulnerabilities during Your Tests ....347 Assuming That You Can Eliminate All Security Vulnerabilities ............348 Performing Tests Only Once ......................................................................348 Thinking That You Know It All ...................................................................348 Running Your Tests without Looking at Things from a Hacker’s Viewpoint ...............................................................................349 Not Testing the Right Systems ...................................................................349 Not Using the Right Tools ...........................................................................349 Pounding Production Systems at the Wrong Time .................................349 Outsourcing Testing and Not Staying Involved .......................................350

Không có đánh giá nào cho sản phẩm này.

Viết đánh giá

Vui lòng đăng nhập hoặc đăng ký trước khi đánh giá