Network Security: A Hacker's Perspective / Edition 2

Network Security: A Hacker's Perspective / Edition 2

by Ankit Fadia
     
 


Learn how to protect your network system from a hacker's perspective. Virtually every organization is reliant on their computer system and when hackers infiltrate, productivity often halts completely. "Network Security: A Hacker's Perspective" provides comprehensive analysis of the most dangerous network-related security threats, vulnerabilities, and loopholes… See more details below

Overview


Learn how to protect your network system from a hacker's perspective. Virtually every organization is reliant on their computer system and when hackers infiltrate, productivity often halts completely. "Network Security: A Hacker's Perspective" provides comprehensive analysis of the most dangerous network-related security threats, vulnerabilities, and loopholes. Using a hands-on approach and numerous real-life case studies, the book identifies the tools, techniques, and methods used by criminals to break into networks for espionage and malicious purposes. Written for anyone with some networking experience, the book covers security issues related to most major platforms including Windows, Unix, and Novell, and features graphics, appendices, tips, and tricks to make new concepts easy to understand. A companion web site will contain source code, network security discussion, tutorials, and more.

Product Details

ISBN-13:
9781598631630
Publisher:
Cengage Learning
Publication date:
05/10/2006
Edition description:
New Edition
Pages:
500
Product dimensions:
7.30(w) x 9.00(h) x 1.10(d)

Table of Contents

Chapter 1 IP Addresses: Your Identity on the Internet
    IP Addresses Torn Apart
    The Various Forms of IP Addresses
    Converting a DNS IP Address into a Normal IP Address
    Converting a Normal IP Address into Its DWORD Equivalent
    Converting a Normal IP Address into Its Binary and Octal Equivalents
    Converting a Normal IP Address into Its Hexadecimal Equivalent
    Subnet Addressing Torn Apart 
    Netmask Values
    Subnet Mask Explained
    Special-Case IP Addresses
    Obtaining the IP Address of a Remote System
    Obtaining the IP Address of a Person Through Messaging Software
    ICQ
    MSN Messenger
    Countermeasures
    Getting the IP Address of a Person Visiting Your Web Site
    The HTTP Protocol
    Countermeasures
    Obtaining IP Addresses by Studying Email Headers
    Obtaining IP Addresses of Hotmail Users
    Obtaining IP Addresses of Other Email Users
    Countermeasures
    Getting an IP Address Via IRC
    Using WHOIS
    Using netstat
    Countermeasures
    Netstat Made Easy
    Netstat -a
    Netstat -n
    Netstat -p
    Netstat -e
    Netstat -r
    Closing Open Holes
    Open Ports: A Threat to Security?
    Well-Known Port Numbers
    Registered Port Numbers
    Dynamic/Private Port Numbers
    Firewalls
    Why Use a Firewall?
    Breaking Through Firewalls
    Proxy Servers Torn Apart
    Using Wingate
    Wingate Torn Apart
    Locating Open Wingates
    The Telnet Proxy Server (Port 23)
    The SOCKS Server (Port 1080) and IRC Server (Port 6667)
    Countermeasures
    Squid
    Using Squid with a Transparent Proxy
    

Chapter 2 Gathering Information
    Port Scanning Unscanned
    Port Scanning TCP Ports
    Types of TCP Port Scans
    TCP Connect Scanning
    Coding Your Own TCP Connect Port Scanner in PERL
    Understanding Sockets
    Understanding PERL
    Coding Your Own TCP Connect Port Scanner in C
    Detecting a TCP Connect Port Scan
    TCP SYN Scanning (Half-Open Scanning)
    Coding Your Own TCP SYN Scanner in C
    Detecting SYN Scans
    SYN/ACK Scanning
    Detecting SYN/ACK Port Scans
    TCP FIN Scanning
    Detecting FIN Scanning
    TCP NULL Scanning
    TCP Xmas Tree Scanning (Christmas Tree Scanning)
    Port-Scanning UDP Ports
    Coding Your Own UDP Port Scanner
    FTP Bounce Port Scanning
    Coding Your Own FTP Bounce Attack Port Scanner
    Using Port Scanners to Obtain Information on the Target System
    General Countermeasures Against Port Scanning
    Daemon-Banner Grabbing
    Using the FTP Port to Determine a System's OS
    Countermeasures
    Using the HTTP Port to Obtain a Web Server's Name
    Countermeasures
    Using the Identification Protocol (Port 113) to Gather Information about the Remote System
    Countermeasures
    Exploiting the SMTP Port
    General Countermeasures Against Port Exploitation
    ICMP Messages Torn Apart
    Main Errors and Sub-errors
    Using ICMP Error Messages to Gather Information about the Remote Host
    Using the "Echo Request" and "Echo Reply" Messages to Determine Whether the Target Host Is Alive
    Countermeasures
    Using the "Timestamp Request" and "Timestamp Reply" Messages to Determine the Target System's Current Time
    Countermeasures
    Using the "Address Mask Request" and "Address Mask Reply" Messages to Determine the Target System's Subnet Address
    Countermeasures
    Remote OS Detection with ICMP Messages
    ICMP Error Message Quoting
    ICMP Error Message Quenching
    ICMP Error Message Echo Integrity
    Advanced OS Detection
    Types of Malformed Packets
    Sending Packets with Missing Fragments
    Sending Packets with Invalid Header Lengths
    Sending Packets with Invalid Values in the IP Protocol Field
    Countermeasures
    Using ICMP Error Messages to Detect Filtering Devices and Firewalls
    Detecting Filtering Devices
    Detecting Firewalls
    Countermeasures
    Ping Unpinged
    How ping Works
    Detecting a ping Session
    Countermeasures
    Tracing the traceroute
    Traceroute: A Look under the Hood
    Traceroute Breeds
    Text-Based traceroute Tools
    Visual Traceroute
    3D Traceroute
    Traceroute's Uses
    Using traceroute to Determine a System's Geographic Location
    Using traceroute to Obtain Information on Network Topography
    Using traceroute to Detect Firewalls
    Using traceroute to Determine a Remote System's OS
    Countermeasures
    Anonymous Tracerouting
    Countermeasures
    Fingerprinting Techniques
    Using Active Fingerprinting to Determine the OS of a Remote System
    Using Passive Fingerprinting to Determine the OS of a Remote System
    Countermeasures
    Using Email-Headers Fingerprinting to Determine the OS of a Remote System
    Sniffers Torn Apart
    Protocol Analysis: Studying and Analyzing Sniffed Packets
    The MAC Address Part
    The IP Header Part
    The TCP Header Part
    Coding Your Own Sniffer in C
    Countermeasures
    Getting Information about a Remote System's Routing Tables
    Unix Routing Tables
    Understanding the Structure of a Unix Routing Table
    Dissecting a Unix Routing Table Line by Line
    Windows Routing Tables
    Understanding the Structure of a Windows Routing Table
    The Netmask Field
    Dissecting a Unix Routing Table Line by Line
    Getting Information about a Remote Router
    Obtaining Geographical Information About a Remote System
    Trial and Error
    Reverse DNS Lookup with nslookup
    WHOIS Queries
    

Chapter 3: Under Attack!!!
    DOS Attacked!!!
    Ping of Death
    Countermeasures
    Teardrop Attacks
    Countermeasures
    SYN-Flood Attacks
    SYN Flooding: How It Works
    Detecting a SYN-Flood Attack
    Countermeasures
    Land Attacks
    Countermeasures
    Smurf Attacks
    Countermeasures
    UDP-Flood Attacks
    Countermeasures
    Distributed DOS Attacks
    DDOS: How It Works
    Disconnecting Modems Remotely
    Countermeasures
    IP Spoofing Torn Apart
    IP Spoofing: How It Works
    Problems with IP Spoofing
    Networking Basics Involved in IP Spoofing
    Sequence Numbers
    Trust Relationships
    Spoofing Your IP Address to Exploit Trust Relationships
    Detecting a Trusted System
    Disabling the Trusted System
    Getting the ISN and Predicting Sequence Numbers
    Launching the Actual Attack
    Returning the Trusted System to Normal
    Countermeasures
    TCP Wrappers Unwrapped
    TCP Wrappers: How They Work
    Configuring TCP Wrappers
    The Not-So-Secure But Service-Providing System
    The Secure But No-Service-Providing System
    Attacks on Password Files
    Getting the NT Administrator Password
    Getting the SAM from the Backup Directory
    Countermeasures
    Obtaining the SAM Via Another Operating System
    Countermeasures
    Extracting Hashes from the SAM Hive
    Countermeasures
    Other Popular NT Holes
    Attacks on the Unix Password File
    Getting Root on a Linux Machine
    Method 1
    Method 2
    Method 3
    Changing the Existing Password
    Countermeasures
    Cracking the Unix Password File
    Removing Footprints from a Remote System
    Removing Footprints from a Unix System
    The Syslog Daemon and the syslog.conf File
    Removing Traces from the /etc/utmp File
    Removing Traces from the /var/adm/wtmp and /var/adm/lastlogin Files
    Removing Traces from the /var/secure, /var/Messages, and /var/xferno Files
    Countermeasures
    Removing Footprints from a Windows NT System
    Trojan Attacks
    Trojans: How They Work
    Detecting Trojans
    Countermeasures
    Securing Your Systems
    Securing a Standalone Home System
    Securing a System Acting as a Server
    

Chapter 4: Secure Protocols, Encryption Algorithms, and File Security
    Secure Sockets Layer (SSL) Torn Apart
    Determining Whether Your Connection Is Secure
    SSL: How It Works
    Cracking SSL
    Kerberos Torn Apart
    Kerberos: How It Works
    Determining Whether Your ISP is Running Kerberos
    Encryption Algorithms Torn Apart
    The RSA Encryption Algorithm
    The Blowfish Encryption Algorithm
    Data Encryption Standard (DES) Algorithm
    Using the DES Algorithm for Encryption
    Step 1: Process the Key
    Step 2: Process a 64-Bit Data Block
    Using the DES Algorithm for Decryption
    Implementing DES: A C Program
    The RC4 Cipher
    The MD5 Hash Algorithm
    XOR
    Base64 Encoding Torn Apart
    Base 64 Encoding: How It Works
    Decoding Base64 encoding
    Coding Your Own Base64 Encoder/Decoder
    Securing Files on Your Hard Disk
    The Windows Policy Editor
    File-Security Software
    Encryption for Masses (E4M)
    Securing Data by Encrypting Entire Drives
    Appendix A: Well-Known Port Numbers
    Appendix B: Country Codes
    Appendix C: Trojan Port Numbers
    Appendix D: Protocol Numbers List
     
     

 

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >