When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm. What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics,…mehr
When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.
What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.
Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines - trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf-and in your hands.Hinweis: Dieser Artikel kann nur an eine deutsche Lieferadresse ausgeliefert werden.
Dr. Cyrus Peikari is currently the Chief Technical Officer of Airscanner Corporation, a leading mobile security software company. He personally holds several patents in the anti-virus and infosec fields. In addition to numerous radio and television appearances, he is a popular speaker at technology and network security conferences. He has co-authored four bestselling security books, two of them as lead author, including Maximum Wireless Security, Windows .Net Server Security Handbook, and Windows Internet Security. Dr. Cyrus Peikari is currently the Chief Technical Officer of Airscanner Corporation, a leading mobile security software company. He personally holds several patents in the anti-virus and infosec fields. In addition to numerous radio and television appearances, he is a popular speaker at technology and network security conferences. He has co-authored four bestselling security books, two of them as lead author, including Maximum Wireless Security, Windows .Net Server Security Handbook, and Windows Internet Security.
Inhaltsangabe
Dedication Preface Organization of This Book Part I: Software Cracking Part II: Network Stalking Part III: Platform Attacks Part IV: Advanced Defense Part V: Appendix Conventions Used in This Book Using Code Examples Comments and Questions Acknowledgments Part I: Software Cracking Chapter 1: Assembly Language 1.1 Registers 1.2 ASM Opcodes 1.3 References Chapter 2: Windows Reverse Engineering 2.1 History of RCE 2.2 Reversing Tools 2.3 Reverse Engineering Examples 2.4 References Chapter 3: Linux Reverse Engineering 3.1 Basic Tools and Techniques 3.2 A Good Disassembly 3.3 Problem Areas 3.4 Writing New Tools 3.5 References Chapter 4: Windows CE Reverse Engineering 4.1 Windows CE Architecture 4.2 CE Reverse Engineering Fundamentals 4.3 Practical CE Reverse Engineering 4.4 Reverse Engineering serial.exe 4.5 References Chapter 5: Overflow Attacks 5.1 Buffer Overflows 5.2 Understanding Buffers 5.3 Smashing the Stack 5.4 Heap Overflows 5.5 Preventing Buffer Overflows 5.6 A Live Challenge 5.7 References Part II: Network Stalking Chapter 6: TCP/IP Analysis 6.1 A Brief History of TCP/IP 6.2 Encapsulation 6.3 TCP 6.4 IP 6.5 UDP 6.6 ICMP 6.7 ARP 6.8 RARP 6.9 BOOTP 6.10 DHCP 6.11 TCP/IP Handshaking 6.12 Covert Channels 6.13 IPv6 6.14 Ethereal 6.15 Packet Analysis 6.16 Fragmentation 6.17 References Chapter 7: Social Engineering 7.1 Background 7.2 Performing the Attacks 7.3 Advanced Social Engineering 7.4 References Chapter 8: Reconnaissance 8.1 Online Reconnaissance 8.2 Conclusion 8.3 References Chapter 9: OS Fingerprinting 9.1 Telnet Session Negotiation 9.2 TCP Stack Fingerprinting 9.3 Special-Purpose Tools 9.4 Passive Fingerprinting 9.5 Fuzzy Operating System Fingerprinting 9.6 TCP/IP Timeout Detection 9.7 References Chapter 10: Hiding the Tracks 10.1 From Whom Are You Hiding? 10.2 Postattack Cleanup 10.3 Forensic Tracks 10.4 Maintaining Covert Access 10.5 References Part III: Platform Attacks Chapter 11: Unix Defense 11.1 Unix Passwords 11.2 File Permissions 11.3 System Logging 11.4 Network Access in Unix 11.5 Unix Hardening 11.6 Unix Network Defense 11.7 References Chapter 12: Unix Attacks 12.1 Local Attacks 12.2 Remote Attacks 12.3 Unix Denial-of-Service Attacks 12.4 References Chapter 13: Windows Client Attacks 13.1 Denial-of-Service Attacks 13.2 Remote Attacks 13.3 Remote Desktop/Remote Assistance 13.4 References Chapter 14: Windows Server Attacks 14.1 Release History 14.2 Kerberos Authentication Attacks 14.3 Kerberos Authentication Review 14.4 Defeating Buffer Overflow Prevention 14.5 Active Directory Weaknesses 14.6 Hacking PKI 14.7 Smart Card Hacking 14.8 Encrypting File System Changes 14.9 Third-Party Encryption 14.10 References Chapter 15: SOAP XML Web Services Security 15.1 XML Encryption 15.2 XML Signatures 15.3 Reference Chapter 16: SQL Injection 16.1 Introduction to SQL 16.2 SQL Injection Attacks 16.3 SQL Injection Defenses 16.4 PHP-Nuke Examples 16.5 References Chapter 17: Wireless Security 17.1 Reducing Signal Drift 17.2 Problems with WEP 17.3 Cracking WEP 17.4 Practical WEP Cracking 17.5 VPNs 17.6 TKIP 17.7 SSL 17.8 Airborne Viruses 17.9 References Part IV: Advanced Defense Chapter 18: Audit Trail Analysis 18.1 Log Analysis Basics 18.2 Log Examples 18.3 Logging States 18.4 When to Look at the Logs 18.5 Log Overflow and Aggregation 18.6 Challenge of Log Analysis 18.7 Security Information Management 18.8 Global Log Aggregation 18.9 References Chapter 19: Intrusion Detection Systems 19.1 IDS Examples 19.2 Bayesian Analysis 19.3 Hacking Through IDSs 19.4 The Future of IDSs 19.5 Snort IDS Case Study 19.6 IDS Deployment Issues 19.7 References Chapter 20: Honeypots 20.1 Motivation 20.2 Building the Infrastructure 20.3 Capturing Attacks 20.4 References Chapter 21: Incident Response 21.1 Case Study: Worm Mayhem 21.2 Definitions 21.3 Incident Response Framework 21.4 Small Networks 21.5 Medium-Sized Networks 21.6 Large Networks 21.7 References Chapter 22: Forensics and Antiforensics 22.1 Hardware Review 22.2 Information Detritus 22.3 Forensics Tools 22.4 Bootable Forensics CD-ROMs 22.5 Evidence Eliminator 22.6 Forensics Case Study: FTP Attack 22.7 References Part V: Appendix Appendix A: Useful SoftICE Commands and Breakpoints A.1 SoftICE Commands A.2 Breakpoints Colophon
Dedication Preface Organization of This Book Part I: Software Cracking Part II: Network Stalking Part III: Platform Attacks Part IV: Advanced Defense Part V: Appendix Conventions Used in This Book Using Code Examples Comments and Questions Acknowledgments Part I: Software Cracking Chapter 1: Assembly Language 1.1 Registers 1.2 ASM Opcodes 1.3 References Chapter 2: Windows Reverse Engineering 2.1 History of RCE 2.2 Reversing Tools 2.3 Reverse Engineering Examples 2.4 References Chapter 3: Linux Reverse Engineering 3.1 Basic Tools and Techniques 3.2 A Good Disassembly 3.3 Problem Areas 3.4 Writing New Tools 3.5 References Chapter 4: Windows CE Reverse Engineering 4.1 Windows CE Architecture 4.2 CE Reverse Engineering Fundamentals 4.3 Practical CE Reverse Engineering 4.4 Reverse Engineering serial.exe 4.5 References Chapter 5: Overflow Attacks 5.1 Buffer Overflows 5.2 Understanding Buffers 5.3 Smashing the Stack 5.4 Heap Overflows 5.5 Preventing Buffer Overflows 5.6 A Live Challenge 5.7 References Part II: Network Stalking Chapter 6: TCP/IP Analysis 6.1 A Brief History of TCP/IP 6.2 Encapsulation 6.3 TCP 6.4 IP 6.5 UDP 6.6 ICMP 6.7 ARP 6.8 RARP 6.9 BOOTP 6.10 DHCP 6.11 TCP/IP Handshaking 6.12 Covert Channels 6.13 IPv6 6.14 Ethereal 6.15 Packet Analysis 6.16 Fragmentation 6.17 References Chapter 7: Social Engineering 7.1 Background 7.2 Performing the Attacks 7.3 Advanced Social Engineering 7.4 References Chapter 8: Reconnaissance 8.1 Online Reconnaissance 8.2 Conclusion 8.3 References Chapter 9: OS Fingerprinting 9.1 Telnet Session Negotiation 9.2 TCP Stack Fingerprinting 9.3 Special-Purpose Tools 9.4 Passive Fingerprinting 9.5 Fuzzy Operating System Fingerprinting 9.6 TCP/IP Timeout Detection 9.7 References Chapter 10: Hiding the Tracks 10.1 From Whom Are You Hiding? 10.2 Postattack Cleanup 10.3 Forensic Tracks 10.4 Maintaining Covert Access 10.5 References Part III: Platform Attacks Chapter 11: Unix Defense 11.1 Unix Passwords 11.2 File Permissions 11.3 System Logging 11.4 Network Access in Unix 11.5 Unix Hardening 11.6 Unix Network Defense 11.7 References Chapter 12: Unix Attacks 12.1 Local Attacks 12.2 Remote Attacks 12.3 Unix Denial-of-Service Attacks 12.4 References Chapter 13: Windows Client Attacks 13.1 Denial-of-Service Attacks 13.2 Remote Attacks 13.3 Remote Desktop/Remote Assistance 13.4 References Chapter 14: Windows Server Attacks 14.1 Release History 14.2 Kerberos Authentication Attacks 14.3 Kerberos Authentication Review 14.4 Defeating Buffer Overflow Prevention 14.5 Active Directory Weaknesses 14.6 Hacking PKI 14.7 Smart Card Hacking 14.8 Encrypting File System Changes 14.9 Third-Party Encryption 14.10 References Chapter 15: SOAP XML Web Services Security 15.1 XML Encryption 15.2 XML Signatures 15.3 Reference Chapter 16: SQL Injection 16.1 Introduction to SQL 16.2 SQL Injection Attacks 16.3 SQL Injection Defenses 16.4 PHP-Nuke Examples 16.5 References Chapter 17: Wireless Security 17.1 Reducing Signal Drift 17.2 Problems with WEP 17.3 Cracking WEP 17.4 Practical WEP Cracking 17.5 VPNs 17.6 TKIP 17.7 SSL 17.8 Airborne Viruses 17.9 References Part IV: Advanced Defense Chapter 18: Audit Trail Analysis 18.1 Log Analysis Basics 18.2 Log Examples 18.3 Logging States 18.4 When to Look at the Logs 18.5 Log Overflow and Aggregation 18.6 Challenge of Log Analysis 18.7 Security Information Management 18.8 Global Log Aggregation 18.9 References Chapter 19: Intrusion Detection Systems 19.1 IDS Examples 19.2 Bayesian Analysis 19.3 Hacking Through IDSs 19.4 The Future of IDSs 19.5 Snort IDS Case Study 19.6 IDS Deployment Issues 19.7 References Chapter 20: Honeypots 20.1 Motivation 20.2 Building the Infrastructure 20.3 Capturing Attacks 20.4 References Chapter 21: Incident Response 21.1 Case Study: Worm Mayhem 21.2 Definitions 21.3 Incident Response Framework 21.4 Small Networks 21.5 Medium-Sized Networks 21.6 Large Networks 21.7 References Chapter 22: Forensics and Antiforensics 22.1 Hardware Review 22.2 Information Detritus 22.3 Forensics Tools 22.4 Bootable Forensics CD-ROMs 22.5 Evidence Eliminator 22.6 Forensics Case Study: FTP Attack 22.7 References Part V: Appendix Appendix A: Useful SoftICE Commands and Breakpoints A.1 SoftICE Commands A.2 Breakpoints Colophon
Rezensionen
"...brings a no-nonsense serious technical edge, as you'd expect from O'Reilly. This means lots of code examples to work with, and no patronising along the way..." - Davey Winder, PC Plus, Spring 04
Es gelten unsere Allgemeinen Geschäftsbedingungen: www.buecher.de/agb
Impressum
www.buecher.de ist ein Internetauftritt der buecher.de internetstores GmbH
Geschäftsführung: Monica Sawhney | Roland Kölbl | Günter Hilger
Sitz der Gesellschaft: Batheyer Straße 115 - 117, 58099 Hagen
Postanschrift: Bürgermeister-Wegele-Str. 12, 86167 Augsburg
Amtsgericht Hagen HRB 13257
Steuernummer: 321/neu
