Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses [NOOK Book]

Overview

For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today’s newest, most sophisticated, and most destructive attacks.

For this second edition, more than half the content is new and updated, including ...

See more details below
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac

Want a NOOK? Explore Now

NOOK Book (eBook)
$36.49
BN.com price
(Save 42%)$63.99 List Price

Overview

For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today’s newest, most sophisticated, and most destructive attacks.

For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic. You’ll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments.

Important features of this new edition include

  • All-new “anatomy-of-an-attack” scenarios and tools
  • An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more
  • Fully updated coverage of reconnaissance tools, including Nmap port scanning and “Google hacking”
  • New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit
  • New information on dangerous, hard-to-detect, kernel-mode rootkits


Read More Show Less

Product Details

  • ISBN-13: 9780132704533
  • Publisher: Pearson Education
  • Publication date: 1/6/2006
  • Sold by: Barnes & Noble
  • Format: eBook
  • Edition number: 2
  • Pages: 784
  • Sales rank: 972,499
  • File size: 15 MB
  • Note: This product may take a few minutes to download.

Meet the Author

Ed Skoudis is a founder and senior security consultant for the Washington, D.C.-based network security consultancy, Intelguardians Network Intelligence, LLC. His expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues. He has performed numerous security assessments, designed information security governance and operations teams for Fortune 500 companies, and responded to computer attacks for clients in financial, high technology, health care, and other industries. Ed has demonstrated hacker techniques for the U.S. Senate and is a frequent speaker on issues associated with hacker tools and defenses. He was also awarded 2004 and 2005 Microsoft MVP awards for Windows Server Security and is an alumnus of the Honeynet Project. Prior to Intelguardians, Ed served as a security consultant with International Network Services (INS), Predictive Systems, Global Integrity, SAIC, and Bell Communications Research (Bellcore).

Tom Liston is a senior analyst for the Washington, D.C.-based network security consultancy, Intelguardians Network Intelligence, LLC. He is the author of the popular open source network tarpit, LaBrea, for which he was a finalist for eWeek and PC Magazine’s Innovations In Infrastructure (i3) award in 2002. He is one of the handlers at the SANS Institute’s Internet Storm Center, where he deals daily with cutting edge security issues and authors a popular series of articles under the title “Follow the Bouncing Malware.” Mr. Liston resides in the teeming metropolis of Johnsburg, Illinois, and has four beautiful children (who demanded to be mentioned): Mary, Maggie, Erin, and Victoria.



Read More Show Less

Table of Contents

(NOTE: Each chapter concludes with Summary).

Foreword.

Preface Reloaded.

About the Authors.

 1. Introduction.

    The Computer World and the Golden Age of Hacking.

    Why This Book?

    The Threat: Never Underestimate Your Adversary.

    A Note on Terminology and Iconography.

    Caveat: These Tools Could Hurt You.

    Organization of Rest of the Book.

 2. Networking Overview: Pretty Much Everything You Need to Know About Networking to Follow the Rest of This Book.

    The OSI Reference Model and Protocol Layering.

    How Does TCP/IP Fit In?

    Understanding TCP/IP.

    Transmission Control Protocol (TCP).

    User Datagram Protocol (UDP).

    Internet Protocol (IP) and Internet Control Message Protocol (ICMP).

    ICMP.

    Other Network-Level Issues.

    Don’t Forget About the Data Link and Physical Layers!

    Security Solutions for the Internet.

    Conclusion.

 3. Linux and UNIX Overview: Pretty Much Everything You Need to Know About Linux and UNIX to Follow the Rest of This Book.

    Introduction.

    Architecture.

    Accounts and Groups.

    Linux and UNIX Permissions.

    Linux and UNIX Trust Relationships.

    Common Linux and UNIX Network Services.

    Conclusion.

 4. Windows NT/000/XP/00 Overview: Pretty Much Everything You Need to Know About Windows to Follow the Rest of This Book.

    Introduction.

    A Brief History of Time.

    The Underlying Windows Operating System Architecture.

    How Windows Password Representations Are Derived.

    Kernel Mode.

    From Service Packs and Hotfixes to Windows Update and Beyond.

    Accounts and Groups.

    Privilege Control.

    Policies

    Trust.

    Auditing.

    Object Access Control and Permissions.

    Network Security.

    Windows 2000 and Beyond: Welcome to the New Millennium.

    Conclusion.

 5. Phase 1: Reconnaissance.

    Low-Technology Reconnaissance: Social Engineering, Caller ID Spoofing, Physical Break-In, and Dumpster Diving.

    Search the Fine Web (STFW).

    Who is Databases: Treasure Chests of Information.

    The Domain Name System.

    General-Purpose Reconnaissance Tools.

    Conclusion.

 6. Phase 2: Scanning.

    War Driving: Finding Wireless Access Points.

    War Dialing: Looking for Modems in All the Right Places.

    Network Mapping.

    Determining Open Ports Using Port Scanners.

    Vulnerability-Scanning Tools.

    Intrusion Detection System and Intrusion Prevention System Evasion.

    Conclusion.

 7. Phase 3: Gaining Access Using Application and Operating System Attacks.

    Script Kiddie Exploit Trolling.

    Pragmatism for More Sophisticated Attackers.

    Buffer Overflow Exploits.

    Password Attacks.

    Web Application Attacks.

    Exploiting Browser Flaws.

    Conclusion.

 8. Phase 4: Gaining Access Using Network Attacks.

    Sniffing.

    IP Address Spoofing.

    Session Hijacking.

    Netcat: A General-Purpose Network Tool.

    Conclusion.

 9. Phase 3: Denial-of-Service Attacks.

    Locally Stopping Services.

    Locally Exhausting Resources.

    Remotely Stopping Services.

    Remotely Exhausting Resources.

    Conclusion.

10. Phase 4: Maintaining Access: Trojans, Backdoors, and Rootkits ... Oh My!

    Trojan Horses.

    Backdoors.

    The Devious Duo: Backdoors Melded into Trojan Horses.

    Nasty: Application-Level Trojan Horse Backdoor Tools.

    Also Nasty: The Rise of the Bots.

    Additional Nastiness: Spyware Everywhere!

    Defenses Against Application-Level Trojan Horse Backdoors, Bots, and Spyware.

    Even Nastier: User-Mode Rootkits.

    Defending Against User-Mode Rootkits.

    Nastiest: Kernel-Mode Rootkits.

    Defending Against Kernel-Mode Rootkits.

    Conclusion.

11. Phase 5: Covering Tracks and Hiding.

    Hiding Evidence by Altering Event Logs.

    Defenses Against Log and Accounting File Attacks.

    Creating Difficult-to-Find Files and Directories.

    Hiding Evidence on the Network: Covert Channels.

    Defenses Against Covert Channels.

    Conclusion.

12. Putting It All Together: Anatomy of an Attack.

    Scenario 1: Crouching Wi-Fi, Hidden Dragon.

    Scenario 2: Death of a Telecommuter.

    Scenario 3: The Manchurian Contractor.

    Conclusion.

13. The Future, References, and Conclusions.

    Where Are We Heading?

    Keeping Up to Speed.

    Final Thoughts ... Live Long and Prosper.

Index.

 

Read More Show Less

Customer Reviews

Average Rating 4
( 4 )
Rating Distribution

5 Star

(3)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(1)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 4 Customer Reviews
  • Anonymous

    Posted September 16, 2006

    Counter Hack This Book

    Counter Hack Reloaded Second Edition by Ed Skoudis with Tom Liston Published by Prentice Hall, December 2005 ISBN 0-13-148104-5 This book is an absolute must have for every security professionals bookshelf. If you are new to the arena of Information Systems Security or a CISSP this book leads you down some extremely interesting vulnerability protection paths. Ed Skoudis gives an exhaustive look into the mind and intentions of the ¿Nasties¿ out there and how to protect yourself and your network from them. The chapters are well laid out and each builds on the knowledge from the previous chapter(s). The Table of Contents allows for easy reference back to a specific chapter for later the material is cutting edge and well explained with references to additional material online. All in all a very insightful book that made me double check all of my firewalls and filesystem protection methods and apply some of the knowledge learned.

    2 out of 2 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted January 16, 2006

    explains types of malware and your defenses

    [A review of the 2ND EDITION, December 2005.] In 2001, Skoudis published the first edition of this book. It was a lucid and well received explanation of how crackers can attack your computer. The intervening years have seen significant growth in this field, as both sides have escalated their techniques. Hence this second edition. In hindsight, the first book was written in what seems to be a more innocent time. Then, successful attacks were often the equivalent of graffiti. They gave bragging rights to the cracker, but no economic payoff. Now, the authors point out, there is far more likely to be a financial incentive, as more corporations leave sensitive data on insecure machines. Plus, of course, that book was written before 11 Sept 2001. Today there are scenarios of terrorists attacking computers. Perhaps to finance their operations, or to communicate with each other. However, the authors carefully state that there has thus far been little actual evidence of such terrorist usage. Still, it's an ever-present possibility. The second edition has updates on the latest attack methods. Some of these were virtually unknown in 2001, like wardriving. Here, the massive uptake in wireless computing and the concomitant proliferation of badly administered wireless access points has led to malicious wardriving. The book also shows the use of Intrusion Detection Systems and their more aggressive sibling, Intrusion Prevention Systems. These have improved heavily in sophistication in just a few years. There is a passing reference to phishing. Starting in 2003, we have seen a huge global increase in this scourge. The book explains the most common form of phishing, and how it is based on social engineering, by trying, often successfully, to fool a recipient of a phishing email. The only countermeasure described is to warn the reader to beware of such messages. No technical solution is proposed. Perhaps the most interesting chapters are 10 and 11. These describe Trojans, backdoors and rootkits. Where the latter can be user-mode or the more dangerous kernel-mode. The most dangerous attacks are given in these chapters. But the text explains strong countermeasures that you can do. Including using several white hat websites like chkrootkit.org, knowngoods.org and cisecurity.org. These offer very useful tools and data that you can run against your machines, as extra protection. There are many websites out there with such agendas. But the sheer number of these can be daunting. Who can you rely on? One answer is to use the book as a reliable guide.

    1 out of 1 people found this review helpful.

    Was this review helpful? Yes  No   Report this review
  • Posted June 3, 2013

    WOW... I love MyDeals247 model - they create competition among t

    WOW... I love MyDeals247 model - they create competition among the sellers real-time.

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted August 9, 2011

    No text was provided for this review.

Sort by: Showing all of 4 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)