Security Warrior: Know Your Enemy

When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.

1140203455

Security Warrior: Know Your Enemy

35.99 In Stock

Security Warrior: Know Your Enemy

Add to Wishlist

Security Warrior: Know Your Enemy

eBook

$35.99

View All Available Formats & Editions

eBook
$35.99

View All Available Formats & Editions

Available on Compatible NOOK devices, the free NOOK App and in My Digital Library.

WANT A NOOK? Explore Now

Buy As Gift

Related collections and offers

Overview

Product Details

ISBN-13:	9780596552398
Publisher:	O'Reilly Media, Incorporated
Publication date:	01/12/2004
Sold by:	Barnes & Noble
Format:	eBook
Pages:	556
File size:	6 MB

About the Author

Dr. Cyrus Peikari is currently the Chief Technical Officer of Airscanner Corporation, a leading mobile security software company. He personally holds several patents in the anti-virus and infosec fields. In addition to numerous radio and television appearances, he is a popular speaker at technology and network security conferences. He has co-authored four bestselling security books, two of them as lead author, including Maximum Wireless Security, Windows .Net Server Security Handbook, and Windows Internet Security.

Dr. Cyrus Peikari is currently the Chief Technical Officer of Airscanner Corporation, a leading mobile security software company. He personally holds several patents in the anti-virus and infosec fields. In addition to numerous radio and television appearances, he is a popular speaker at technology and network security conferences. He has co-authored four bestselling security books, two of them as lead author, including Maximum Wireless Security, Windows .Net Server Security Handbook, and Windows Internet Security.

	Preface	xiii
Part I.	Software Cracking
1.	Assembly Language	3
	Registers	4
	ASM Opcodes	7
	References	8
2.	Windows Reverse Engineering	9
	History of RCE	10
	Reversing Tools	11
	Reverse Engineering Examples	23
	References	32
3.	Linux Reverse Engineering	33
	Basic Tools and Techniques	34
	A Good Disassembly	54
	Problem Areas	69
	Writing New Tools	74
	References	116
4.	Windows CE Reverse Engineering	118
	Windows CE Architecture	119
	CE Reverse Engineering Fundamentals	123
	Practical CE Reverse Engineering	131
	Reverse Engineering serial.exe	147
	References	160
5.	Overflow Attacks	161
	Buffer Overflows	161
	Understanding Buffers	162
	Smashing the Stack	165
	Heap Overflows	166
	Preventing Buffer Overflows	167
	A Live Challenge	168
	References	175
Part II.	Network Stalking
6.	TCP/IP Analysis	179
	A Brief History of TCP/IP	179
	Encapsulation	179
	TCP	180
	IP	182
	UDP	184
	ICMP	185
	ARP	185
	RARP	186
	BOOTP	186
	DHCP	186
	TCP/IP Handshaking	186
	Covert Channels	188
	IPv6	188
	Ethereal	190
	Packet Analysis	191
	Fragmentation	192
	References	198
7.	Social Engineering	199
	Background	200
	Performing the Attacks	202
	Advanced Social Engineering	209
	References	211
8.	Reconnaissance	212
	Online Reconnaissance	212
	Conclusion	224
	References	224
9.	OS Fingerprinting	225
	Telnet Session Negotiation	225
	TCP Stack Fingerprinting	226
	Special-Purpose Tools	229
	Passive Fingerprinting	229
	Fuzzy Operating System Fingerprinting	232
	TCP/IP Timeout Detection	234
	References	235
10.	Hiding the Tracks	236
	From Whom Are You Hiding?	236
	Postattack Cleanup	237
	Forensic Tracks	243
	Maintaining Covert Access	248
	References	254
Part III.	Platform Attacks
11.	Unix Defense	257
	Unix Passwords	257
	File Permissions	261
	System Logging	264
	Network Access in Unix	267
	Unix Hardening	270
	Unix Network Defense	285
	References	298
12.	Unix Attacks	299
	Local Attacks	299
	Remote Attacks	307
	Unix Denial-of-Service Attacks	321
	References	328
13.	Windows Client Attacks	329
	Denial-of-Service Attacks	329
	Remote Attacks	339
	Remote Desktop/Remote Assistance	343
	References	349
14.	Windows Server Attacks	350
	Release History	350
	Kerberos Authentication Attacks	351
	Kerberos Authentication Review	351
	Defeating Buffer Overflow Prevention	356
	Active Directory Weaknesses	357
	Hacking PKI	359
	Smart Card Hacking	360
	Encrypting File System Changes	363
	Third-Party Encryption	365
	References	367
15.	SOAP XML Web Services Security	369
	XML Encryption	369
	XML Signatures	372
	Reference	373
16.	SQL Injection	374
	Introduction to SQL	374
	SQL Injection Attacks	377
	SQL Injection Defenses	383
	PHP-Nuke Examples	387
	References	390
17.	Wireless Security	391
	Reducing Signal Drift	391
	Problems with WEP	393
	Cracking WEP	393
	Practical WEP Cracking	399
	VPNs	399
	TKIP	400
	SSL	401
	Airborne Viruses	401
	References	406
Part IV.	Advanced Defense
18.	Audit Trail Analysis	409
	Log Analysis Basics	409
	Log Examples	410
	Logging States	418
	When to Look at the Logs	419
	Log Overflow and Aggregation	420
	Challenge of Log Analysis	421
	Security Information Management	421
	Global Log Aggregation	422
	References	423
19.	Intrusion Detection Systems	424
	IDS Examples	425
	Bayesian Analysis	430
	Hacking Through IDSs	435
	The Future of IDSs	437
	Snort IDS Case Study	439
	IDS Deployment Issues	443
	References	445
20.	Honeypots	446
	Motivation	447
	Building the Infrastructure	448
	Capturing Attacks	457
	References	458
21.	Incident Response	459
	Case Study: Worm Mayhem	459
	Definitions	460
	Incident Response Framework	462
	Small Networks	466
	Medium-Sized Networks	471
	Large Networks	473
	References	477
22.	Forensics and Antiforensics	478
	Hardware Review	478
	Information Detritus	480
	Forensics Tools	481
	Bootable Forensics CD-ROMs	486
	Evidence Eliminator	490
	Forensics Case Study: FTP Attack	497
	References	506
Part V.	Appendix
Appendix	Useful SoftICE Commands and Breakpoints	509
	Index	517

From the B&N Reads Blog

Page 1 of

Editorial Reviews

The Barnes & Noble Review
The “black hats” have taken their game to the next level. Experienced security professionals need to do likewise. That’s where Security Warrior comes in. Here’s the stuff everyone else will be scrambling to learn a year from now.
For example, Cyrus Peikari and Anton Chuvakin focus heavily on reverse code engineering for leading OS platforms and embedded devices. How do crackers identify potential software vulnerabilities? How can you beat them to the punch?
You’ll find systematic coverage of network stalking -- including the newest anti-forensics and IDS evasion techniques. There’s a full section on platform attacks: Linux, Windows, and mobile (including today’s newest “airborne viruses”). The authors wrap up with state-of-the-art defense -- from audit trail analysis to effective IDS placement. Bill Camarda
Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2003 and Upgrading & Fixing Networks for Dummies, Second Edition.

bn.com

Security Warrior: Know Your Enemy

Security Warrior: Know Your Enemy

eBook

eBook

Related collections and offers

Overview

Product Details

About the Author

Table of Contents

Customer Reviews

Related collections and offers

Overview

Product Details

About the Author

Table of Contents

Related Subjects

Customer Reviews