Network Security Hacks: 100 Industrial-Strenth Tips & Tools

Overview

To the uninitiated, the title may seem like an oxymoron: after all, aren't hacks what network security is supposed to prevent? But if you're network administrator, this book's title not only makes sense; it makes a lot of sense. You know that a busy administrator needs a hatful of devilishly effective security hacks to keep your 12-hour days from becoming all-nighters.Network Security Hacks is not a long-winded treatise on security theory. Instead, this information packed little book provides 100 quick, ...

See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (21) from $1.99   
  • New (4) from $10.80   
  • Used (17) from $1.99   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$10.80
Seller since 2008

Feedback rating:

(176)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
0596006438 BRAND NEW NEVER USED IN STOCK 125,000+ HAPPY CUSTOMERS SHIP EVERY DAY WITH FREE TRACKING NUMBER

Ships from: fallbrook, CA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
$22.99
Seller since 2015

Feedback rating:

(5)

Condition: New

Ships from: San Diego, CA

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$45.00
Seller since 2015

Feedback rating:

(241)

Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
$58.77
Seller since 2008

Feedback rating:

(217)

Condition: New

Ships from: Chicago, IL

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing All
Close
Sort by
Sending request ...

Overview

To the uninitiated, the title may seem like an oxymoron: after all, aren't hacks what network security is supposed to prevent? But if you're network administrator, this book's title not only makes sense; it makes a lot of sense. You know that a busy administrator needs a hatful of devilishly effective security hacks to keep your 12-hour days from becoming all-nighters.Network Security Hacks is not a long-winded treatise on security theory. Instead, this information packed little book provides 100 quick, practical, and clever things to do to help make your Linux, UNIX, or Windows networks more secure today.This compendium of security hacks doesn't just cover securing TCP/IP-based services, but also provides intelligent host-based security techniques. Loaded with concise but powerful examples of applied encryption, intrusion detection, logging, trending, and incident response, Network Security Hacks will demonstrate effective methods for defending your servers and networks from a variety of devious and subtle attacks.Network Security Hacks show how to detect the presence (and track every keystroke) of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be system crackers. Important security tools are presented, as well as clever methods for using them to reveal real, timely, useful information about what is happening on your network.O'Reilly's Hacks Series reclaims the term "hacking" for the good guys—innovators who use their ingenuity to solve interesting problems, explore and experiment, unearth shortcuts, and create useful tools. Network Security Hacks lives up to reputation the Hacks series has earned by providing the "roll-up-your sleeves and get-it-done" hacks that most network security tomes don't offer. Every hack can be read in just a few minutes but will save hours of searching for the right answer.Using just one of these amazing hacks will make this slim book's price seem like a remarkable deal. The other 99 make Network Security Hacks absolutely invaluable.

Read More Show Less

Product Details

  • ISBN-13: 9780596006433
  • Publisher: O'Reilly Media, Incorporated
  • Publication date: 4/30/2004
  • Edition description: First Edition
  • Edition number: 1
  • Pages: 320
  • Product dimensions: 5.94 (w) x 8.98 (h) x 0.77 (d)

Meet the Author

Andrew Lockhart is originally from South Carolina, but currently resides in northern Colorado where he spends his time trying to learn the black art of auditing disassembled binaries and trying to keep from freezing to death. He holds a BS in computer science from Colorado State University and has done security consulting for small businesses in the area. He currently works at a Fortune 100 company when not writing. In his free time he works on Snort-Wireless, a project intended to add wireless intrusion detection popular OpenSource IDS Snort.

Read More Show Less

Table of Contents

Credits;
About the Author;
Contributors;
Acknowledgments;
Preface;
Why Network Security Hacks?;
How This Book Is Organized;
Conventions Used in This Book;
Using Code Examples;
How to Contact Us;
Got a Hack?;
Chapter 1: Unix Host Security;
1.1 Hacks #1-20;
1.2 Secure Mount Points;
1.3 Scan for SUID and SGID Programs;
1.4 Scan For World- and Group-Writable Directories;
1.5 Create Flexible Permissions Hierarchies with POSIX ACLs;
1.6 Protect Your Logs from Tampering;
1.7 Delegate Administrative Roles;
1.8 Automate Cryptographic Signature Verification;
1.9 Check for Listening Services;
1.10 Prevent Services from Binding to an Interface;
1.11 Restrict Services with Sandboxed Environments;
1.12 Use proftp with a MySQL Authentication Source;
1.13 Prevent Stack-Smashing Attacks;
1.14 Lock Down Your Kernel with grsecurity;
1.15 Restrict Applications with grsecurity;
1.16 Restrict System Calls with Systrace;
1.17 Automated Systrace Policy Creation;
1.18 Control Login Access with PAM;
1.19 Restricted Shell Environments;
1.20 Enforce User and Group Resource Limits;
1.21 Automate System Updates;
Chapter 2: Windows Host Security;
2.1 Hacks #21-30;
2.2 Check Servers for Applied Patches;
2.3 Get a List of Open Files and Their Owning Processes;
2.4 List Running Services and Open Ports;
2.5 Enable Auditing;
2.6 Secure Your Event Logs;
2.7 Change Your Maximum Log File Sizes;
2.8 Disable Default Shares;
2.9 Encrypt Your Temp Folder;
2.10 Clear the Paging File at Shutdown;
2.11 Restrict Applications Available to Users;
Chapter 3: Network Security;
3.1 Hacks #31-53;
3.2 Detect ARP Spoofing;
3.3 Create a Static ARP Table;
3.4 Firewall with Netfilter;
3.5 Firewall with OpenBSD’s PacketFilter;
3.6 Create an Authenticated Gateway;
3.7 Firewall with Windows;
3.8 Keep Your Network Self-Contained;
3.9 Test Your Firewall;
3.10 MAC Filtering with Netfilter;
3.11 Block OS Fingerprinting;
3.12 Fool Remote Operating System Detection Software;
3.13 Keep an Inventory of Your Network;
3.14 Scan Your Network for Vulnerabilities;
3.15 Keep Server Clocks Synchronized;
3.16 Create Your Own Certificate Authority;
3.17 Distribute Your CA to Clients;
3.18 Encrypt IMAP and POP with SSL;
3.19 Set Up TLS-Enabled SMTP;
3.20 Detect Ethernet Sniffers Remotely;
3.21 Install Apache with SSL and suEXEC;
3.22 Secure BIND;
3.23 Secure MySQL;
3.24 Share Files Securely in Unix;
Chapter 4: Logging;
4.1 Hacks #54-60;
4.2 Run a Central Syslog Server;
4.3 Steer Syslog;
4.4 Integrate Windows into Your Syslog Infrastructure;
4.5 Automatically Summarize Your Logs;
4.6 Monitor Your Logs Automatically;
4.7 Aggregate Logs from Remote Sites;
4.8 Log User Activity with Process Accounting;
Chapter 5: Monitoring and Trending;
5.1 Hacks #61-66;
5.2 Monitor Availability;
5.3 Graph Trends;
5.4 Run ntop for Real-Time Network Stats;
5.5 Audit Network Traffic;
5.6 Collect Statistics with Firewall Rules;
5.7 Sniff the Ether Remotely;
Chapter 6: Secure Tunnels;
6.1 Hacks #67-81;
6.2 Set Up IPsec Under Linux;
6.3 Set Up IPsec Under FreeBSD;
6.4 Set Up IPsec in OpenBSD;
6.5 PPTP Tunneling;
6.6 Opportunistic Encryption with FreeS/WAN;
6.7 Forward and Encrypt Traffic with SSH;
6.8 Quick Logins with SSH Client Keys;
6.9 Squid Proxy over SSH;
6.10 Use SSH as a SOCKS Proxy;
6.11 Encrypt and Tunnel Traffic with SSL;
6.12 Tunnel Connections Inside HTTP;
6.13 Tunnel with VTun and SSH;
6.14 Automatic vtund.conf Generator;
6.15 Create a Cross-Platform VPN;
6.16 Tunnel PPP;
Chapter 7: Network Intrusion Detection;
7.1 Hacks #82-95;
7.2 Detect Intrusions with Snort;
7.3 Keep Track of Alerts;
7.4 Real-Time Monitoring;
7.5 Manage a Sensor Network;
7.6 Write Your Own Snort Rules;
7.7 Prevent and Contain Intrusions with Snort_inline;
7.8 Automated Dynamic Firewalling with SnortSam;
7.9 Detect Anomalous Behavior;
7.10 Automatically Update Snort’s Rules;
7.11 Create a Distributed Stealth Sensor Network;
7.12 Use Snort in High-Performance Environments with Barnyard;
7.13 Detect and Prevent Web Application Intrusions;
7.14 Simulate a Network of Vulnerable Hosts;
7.15 Record Honeypot Activity;
Chapter 8: Recovery and Response;
8.1 Hacks #96-100;
8.2 Image Mounted Filesystems;
8.3 Verify File Integrity and Find Compromised Files;
8.4 Find Compromised Packages with RPM;
8.5 Scan for Root Kits;
8.6 Find the Owner of a Network;
Colophon;

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted May 23, 2004

    try rummaging thru the hacks

    Lockhart has assembled a fascinating collection of 100 hacks to protect your computers against a network intrusion. He covers linux/unix systems and also Microsoft machines. An entire chapter, containing 10 hacks, is devoted to the latter. Most of the other 90 hacks can be applied to both systems, though the example implementations are usually given under linux/unix. Perusing the list of hacks may cause different readers to be attracted to different hacks. Here, I briefly summarise a few that caught my eye. Consider 'Block OS fingerprinting'. In an earlier, more innocent age, someone connecting to a telnet, sendmail or ftp daemon would cause it to reply with the machine's operating system label and the version of that daemon. Yes, really! In fact, this is still largely true, by default, on most unixes. Well, nowadays, a sysadmin can stop those daemons doing this. But a cracker can then do other probes. If you are running OpenBSD, you can use pf to block those. Logically continuing this train of thought, what if you wanted to actively mislead the cracker by mimicking another operating system? This is the honeypot hack. The honeyd daemon lets you masquerade as several types of systems. Pretty crafty, eh? The next hack would then be to record all the cracker's activity on your honeypot via the open source Sebek, which is freely available for linux and Solaris. Granted, you might be interested in other hacks. But hopefully the above gives you some idea of the book's utility. And a lot of hacks refer to other closely related hacks, in the manner shown above.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)