Hacking Exposed: Network Security Secrets and Solutions, Fourth Edition


"The seminal book on white-hat hacking and countermeasures.... Should be required reading for anyone with a server or a network to secure." --Bill Machrone, PC Magazine

This brand-new edition of the best-selling security book covers all the latest hacks and countermeasures and includes a bonus DVD with the authors' famous "Hacking Exposed Live" presentation!

Stuart McClure is the coauthor of all four editions of Hacking Exposed as well as of ...

See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (37) from $1.99   
  • New (4) from $7.24   
  • Used (33) from $1.99   
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
Seller since 2006

Feedback rating:



New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

PAPERBACK New 0072227427 New, unused, soft-cover book with minor cover and/or page damage (typically cut, tear, crease, etc.). Content is NOT affected. Used items may or may ... not include CDs, InfoTrac, etc. Item ships within 24 hours with free tracking. Read more Show Less

Ships from: Foley, AL

Usually ships in 1-2 business days

  • Canadian
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Seller since 2015

Feedback rating:


Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Seller since 2015

Feedback rating:


Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Seller since 2008

Feedback rating:


Condition: New

Ships from: Chicago, IL

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Sort by
Sending request ...


"The seminal book on white-hat hacking and countermeasures.... Should be required reading for anyone with a server or a network to secure." --Bill Machrone, PC Magazine

This brand-new edition of the best-selling security book covers all the latest hacks and countermeasures and includes a bonus DVD with the authors' famous "Hacking Exposed Live" presentation!

Stuart McClure is the coauthor of all four editions of Hacking Exposed as well as of Hacking Exposed Windows 2000. Stuart co-authored "Security Watch," a weekly column in InfoWorld addressing topical security issues, exploits, and vulnerabilities. He is the President/CTO of Foundstone, Inc. Prior to co-founding Foundstone, Stuart was a Senior Manager with Ernst & Young's Security Profiling Services Group, responsible for project management, attack and penetration reviews, and technology evaluations. Stuart trains Foundstone's Ultimate Hacking course, and Hacking Exposed Live for conferences such as Networld + InterOp, Black Hat, RSA, CSI, among others.

Joel Scambray, CISSP, is the co-author of all four editions of Hacking Exposed as well as of Hacking Exposed Web Applications and Hacking Exposed Windows 2000. Joel co-authored "Security Watch," a weekly column in InfoWorld. Joel is the author of Microsoft's "Ask Us About ... Security" Monthly Column. He also taught Foundstone's Ultimate Hacking Windows course.

George Kurtz, CISSP, is the co-author of all four editions of Hacking Exposed and of both editions of Hacking Linux Exposed. He is the CEO of Foundstone, a cutting edge security solutions provider. Mr. Kurtz has significant experience with intrusion detection and firewall technologies, incident response procedures, and remote access solutions. As CEO and co-founder of Foundstone, George provides a unique combination of business acumen and technical security know-how.

Read More Show Less

Editorial Reviews

From Barnes & Noble
The Barnes & Noble Review
The creator of the No. 1 open source network intrusion detection system called a previous edition of Hacking Exposed "the Encyclopedia Britannica of computer security." We suspect he'll find the Fourth Edition even more indispensable. So will you.

This book is a classic. The first three editions have sold more than 300,000 copies. And the authors are, quite simply, legends in their field.

Stuart McClure is president/CTO and George Kurtz is CEO of Foundstone, one of the world's top IT security consultancies; McClure formerly led attack/penetration reviews and security technology evaluations for Ernst & Young. Joel Scambray has taught Foundstone's Ultimate Hacking Windows course, writes Microsoft's "Ask Us About Security" monthly column, and co-wrote both Hacking Exposed Web Applications and Hacking Exposed Windows 2000.

Think they're resting on their laurels? No way. This book is packed with new attacks, exploits, and countermeasures, as well as updated information on everything from viruses to web hacks. If you're concerned about it (or should be), you'll find it covered here.

For instance, the book's Windows coverage has been thoroughly revamped, benefiting from the insider's expertise of coauthor Joel Scambray, who's now Senior Director of Security for Microsoft's MSN. (He's even added coverage of the forthcoming Windows Server 2003).

The coverage of web hacking has also been massively updated, reflecting a wide range of creative new techniques hackers have come up with to enter or disrupt web sites.

For example, there's Cross-Site Scripting (XSS), wherein web apps gather user data they can use maliciously, typically via fake hyperlinks that contain malicious elements that have been encoded so as not to look suspicious. XSS attacks have allowed hackers to hijack accounts, change user settings, and steal or "poison" cookies.

The authors also discuss "fuzzing" response handlers to identify web server vulnerabilities such as format string or buffer/heap overflows; and "SQL injection" attacks, in which users enter weird text strings into your forms -- and those strings execute SQL directly against your database. (Maybe even deleting entire tables. Fun, huh?)

Hacking Exposed, Fourth Edition also updates its coverage of hacking (and protective) tools. For example, the authors introduce Nikto, a web server scanner that can test web servers for more than 1,550 dangerous files and CGIs and report on over 180 products; and Achilles, a full-featured proxy server optimized for testing the security of web applications. There's also thoroughly updated information on Apache, reflecting the latest versions.

As in previous editions, the authors have organized Hacking Exposed into four sections. First, you'll "case the establishment." That begins with "footprinting" -- identifying what can easily be discovered about your (or someone else's) IP infrastructure. You'll scan to identify live hosts and running services; then probe the services you've identified more fully for known weaknesses, a procedure known as "enumeration."

In Part II, you'll walk through system hacking techniques and countermeasures for Windows 9x/Me, Windows XP/2000/NT, Unix/Linux, databases, and NetWare. Incidentally, while NetWare doesn't get the hype it once did, there are still more than 4.5 million NetWare servers out there -- and many of them have moved onto IP, making them fair game for web hackers. Many NetWare servers are shockingly unprotected, still relying on the discredited "security through obscurity" approach. If you're running NetWare, this chapter could save your business.

Part III focuses on network hacking -- everything from an entirely new chapter on wireless security to updated coverage of dial-up, PBX, voicemail, and VPN hacking, firewalls, and Denial of Service attacks. Finally, in Part IV, the authors turn to application hacking -- including techniques for controlling software remotely; hacking Internet users, and more.

Perhaps this edition's most exciting new feature is a full hour of CD-ROM video from the authors' incredibly popular Hacking Exposed LIVE! seminars. These events have drawn SRO crowds at events ranging from Networld+Interop to Black Hat. Folks come running out of them grabbing their cell phones, calling in immediate configuration changes to their network administrators. That's how crucial this information is. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.

Read More Show Less

Product Details

  • ISBN-13: 9780072227420
  • Publisher: McGraw-Hill Companies, The
  • Publication date: 2/25/2003
  • Series: Hacking Exposed
  • Edition description: Older Edition
  • Edition number: 4
  • Pages: 784
  • Product dimensions: 7.36 (w) x 9.18 (h) x 1.64 (d)

Table of Contents

Foreword xv
Acknowledgments xix
Introduction xxi
Part I Casing the Establishment
Case Study: Network Security Monitoring 2
1 Footprinting 9
What Is Footprinting? 10
Internet Footprinting 11
Step 1 Determine the Scope of Your Activities 12
Step 2 Network Enumeration 16
Step 3 DNS Interrogation 25
Step 4 Network Reconnaissance 29
Summary 33
2 Scanning 35
Determining If the System Is Alive 36
Determining Which Services Are Running or Listening 44
Scan Types 44
Identifying TCP and UDP Services Running 46
Windows-Based Port Scanners 52
Port Scanning Breakdown 57
Detecting the Operating System 60
Active Stack Fingerprinting 61
Passive Stack Fingerprinting 64
The Whole Enchilada: Automated Discovery Tools 66
Summary 68
3 Enumeration 69
Basic Banner Grabbing 71
Enumerating Common Network Services 73
Summary 123
Part II System Hacking
Case Study: The Perils of Pen-Testing 126
4 Hacking Windows 95/98 and Me 129
Windows 9x Remote Exploits 131
Direct Connection to Windows 9x Shared Resources 131
Windows 9x Backdoor Servers and Trojans 137
Known Server Application Vulnerabilities 142
Windows 9x Local Exploits 143
Windows Millennium Edition (Me) 150
Windows Me Remote Attacks 150
Windows Me Local Attacks 150
Summary 152
5 Hacking the Windows NT Family 153
Overview 155
What's Not Covered 156
Unauthenticated Attacks 156
Server Message Block (SMB) Attacks 156
IIS Attacks 175
Authenticated Attacks 185
Privilege Escalation 185
Pilfering 190
Remote Control and Back Doors 200
Port Redirection 204
General Countermeasures to Authenticated Compromise 206
Covering Tracks 210
NT Family Security Features 212
Keeping Up with Patches 212
Group Policy 213
IPSec 215
runas 216
NET Framework 217
Internet Connection Firewall 217
The Encrypting File System (EFS) 217
A Note on Raw Sockets and Other Unsubstantiated Claims 218
Summary 219
6 Novell NetWare Hacking 221
Attaching but Not Touching 223
Enumerating Bindery and Trees 224
Opening the Unlocked Doors 231
Authenticated Enumeration 233
Gaining Admin 238
Application Vulnerabilities 241
Spoofing Attacks (Pandora) 248
Once You Have Admin on a Server 251
Owning the NDS Files 253
Log Doctoring 259
Console Logs 260
Summary 263
7 Hacking UNIX 265
The Quest for Root 266
A Brief Review 266
Vulnerability Mapping 267
Remote Access vs. Local Access 267
Remote Access 268
Data Driven Attacks 272
I Want My Shell 279
Common Types of Remote Attacks 283
Local Access 307
After Hacking Root 321
Rootkits 322
Rootkit Recovery 333
Summary 334
Part III Network Hacking
Case Study: Tunneling Out of Firewalls 338
8 Dial-Up, PBX, Voicemail, and VPN Hacking 341
Preparing to Dial Up 342
War-Dialing 344
Hardware 344
Legal Issues 345
Peripheral Costs 346
Software 346
Brute-Force Scripting--The Home-Grown Way 362
PBX Hacking 374
Voicemail Hacking 378
Virtual Private Network (VPN) Hacking 383
Summary 388
9 Network Devices 391
Discovery 392
Detection 392
Autonomous System Lookup 396
Normal Traceroute 396
Traceroute with ASN Information 397
show ip bgp 397
Public Newsgroups 398
Service Detection 399
Network Vulnerability 405
OSI Layer 1 406
OSI Layer 2 406
Detecting Layer 2 Media 406
Switch Sniffing 408
OSI Layer 3 416
Dsniff 418
Misconfigurations 420
Route Protocol Hacking 427
Summary 437
10 Wireless Hacking 439
Wireless Footprinting 440
Equipment 441
Wireless Scanning and Enumeration 455
Wireless Sniffers 456
Wireless Monitoring Tools 458
MAC Access Control 467
Gaining Access (Hacking 802.11) 468
MAC Access Control 470
Attacks Against the WEP Algorithm 471
Securing WEP 473
Tools That Exploit WEP Weaknesses 473
Denial of Service (DoS) Attacks 477
An 802.1x Overview 477
Summary 479
11 Firewalls 481
Firewall Landscape 482
Firewall Identification 483
Advanced Firewall Discovery 487
Scanning Through Firewalls 490
Packet Filtering 494
Application Proxy Vulnerabilities 498
WinGate Vulnerabilities 500
Summary 502
12 Denial of Service (DoS) Attacks 503
Motivation of DoS Attackers 504
Types of DoS Attacks 505
Bandwidth Consumption 505
Resource Starvation 506
Programming Flaws 506
Routing and DNS Attacks 507
Generic DoS Attacks 508
Sites Under Attack 510
UNIX and Windows DoS 514
Remote DoS Attacks 514
Distributed Denial of Service Attacks 518
Local DoS Attacks 524
Summary 525
Part IV Software Hacking
Case Study: You Say Goodbye, I Say Hello 528
13 Remote Control Insecurities 529
Discovering Remote Control Software 530
Connecting 531
Weaknesses 532
Virtual Network Computing (VNC) 539
Microsoft Terminal Server and Citrix ICA 543
Server 544
Clients 544
Data Transmission 544
Finding Targets 544
Attacking Terminal Server 547
Additional Security Considerations 551
Resources 552
Summary 553
14 Advanced Techniques 555
Session Hijacking 556
Back Doors 558
Trojans 580
Cryptography 583
Terminology 583
Classes of Attacks 583
Secure Shell (SSH) Attacks 584
Subverting the System Environment: Rootkits and Imaging Tools 586
Social Engineering 589
Summary 591
15 Web Hacking 593
Web Server Hacking 594
Source Code Disclosure 595
Canonicalization Attacks 597
WebDAV Vulnerabilities 597
Buffer Overflows 600
ColdFusion Vulnerabilities 609
Web Server Vulnerability Scanners 611
Web Application Hacking 612
Finding Vulnerable Web Apps with Google 613
Web Crawling 614
Web Application Assessment 615
Common Web Application Vulnerabilities 623
Summary 629
16 Hacking the Internet User 631
Malicious Mobile Code 633
Microsoft ActiveX 633
Java Security Holes 645
Beware the Cookie Monster 649
Internet Explorer HTML Frame Vulnerabilities 654
SSL Fraud 656
E-mail Hacking 659
Mail Hacking 101 659
Executing Arbitrary Code Through E-Mail 662
Outlook Address Book Worms 676
File Attachment Attacks 679
Writing Attachments to Disk Without User Intervention 682
Invoking Outbound Client Connections 687
IRC Hacking 690
Global Countermeasures to Internet User Hacking 692
Summary 693
Part V Appendixes
A Ports 697
B Top 14 Security Vulnerabilities 703
Index 705
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing all of 3 Customer Reviews
  • Anonymous

    Posted July 23, 2004

    My favorite

    I first saw this book at Books A Million. I searched ever hacking book there was. I looked through everyone of them trying to find the best. About 20 minutes later I found Hacking Exposed and read it. After reading it I thought man I have to have this book. It goes through detail. It shows you step by step exactly how to do it, and all of the other books I looked through gave you some detail but very little. I give this book 5 stars because it deserves it. I LOVE IT!

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted February 13, 2004

    To learn more about Hacking

    Hacking can be done by any one who has access and knowledge about the computer

    Was this review helpful? Yes  No   Report this review
  • Anonymous

    Posted April 10, 2003

    Great!!! 4.5 Stars!!!

    I am a 'novice' in the security world. I know the basics but this book has filled in tons of holes in my knowledge. It does a great job of explaining most topics. A few topics in the book are not completely clear. If I was in charge of security in a company I would definitly make this a MUST READ for all IT employees. (Reader MUST understand how computers work however) If you know A LOT about how computers work and are interested in learning much much more BUY THIS BOOK!! IT IS A GREAT BOOK!!! DVD is also quite interesting!!

    Was this review helpful? Yes  No   Report this review
Sort by: Showing all of 3 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)