Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2/e
Edward Skoudis, Tom Liston
- 出版商: Prentice Hall
- 出版日期: 2005-12-23
- 定價: $2,800
- 售價: 8.0 折 $2,240
- 語言: 英文
- 頁數: 748
- 裝訂: Paperback
- ISBN: 0131481045
- ISBN-13: 9780131481046
-
相關分類:
資訊安全、駭客 Hack
立即出貨(限量) (庫存=7)
買這商品的人也買了...
-
$1,225Discrete and Combinatorial Mathematics: An Applied Introduction, 5/e (IE-Paperback)
-
$2,310$2,195 -
$750$638 -
$149$149 -
$1,264Advanced Programming in the UNIX Environment, 2/e (Hardcover)
-
$880$695 -
$880$581 -
$890$757 -
$450$405 -
$580$493 -
$99Macromedia Dreamweaver 8 for Windows and Macintosh: Visual QuickStart Guide (Paperback)
-
$780$702 -
$680$578 -
$620$490 -
$580$493 -
$450$351 -
$390$304 -
$390$308 -
$650$507 -
$480$456 -
$550$468 -
$990$891 -
$1,980$1,881 -
$380$300 -
$1,750$1,663
相關主題
商品描述
Description
For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security experts Ed Skoudis and Tom Liston have thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks.
Table of Contents
Foreword xxi
Preface Reloaded xxiii
About the Authors xxxi
Chapter 1: Introduction 1
The Computer World and the Golden Age of Hacking 2
Why This Book? 4
The Threat: Never Underestimate Your Adversary 7
A Note on Terminology and Iconography 12
Caveat: These Tools Could Hurt You 15
Organization of Rest of the Book 19
Summary 23
Chapter 2: Networking Overview: Pretty Much Everything You Need to Know About Networking to Follow the Rest of This Book 25
The OSI Reference Model and Protocol Layering 26
How Does TCP/IP Fit In? 28
Understanding TCP/IP 32
Transmission Control Protocol (TCP) 33
User Datagram Protocol (UDP) 41
Internet Protocol (IP) and Internet Control Message Protocol (ICMP) 44
ICMP 51
Other Network-Level Issues 53
Don’t Forget About the Data Link and Physical Layers! 66
Security Solutions for the Internet 75
Conclusion 86
Summary 87
Chapter 3: Linux and UNIX Overview: Pretty Much Everything You Need to Know About Linux and UNIX to Follow the Rest of This Book 91
Introduction 91
Architecture 95
Accounts and Groups 107
Linux and UNIX Permissions 110
Linux and UNIX Trust Relationships 115
Common Linux and UNIX Network Services 119
Conclusion 124
Summary 124
Chapter 4: Windows NT/2000/XP/2003 Overview: Pretty Much Everything You Need to Know About Windows to Follow the Rest of This Book 127
Introduction 127
A Brief History of Time 128
The Underlying Windows Operating System Architecture 133
How Windows Password Representations Are Derived 137
Kernel Mode 139
From Service Packs and Hotfixes to Windows Update and Beyond 141
Accounts and Groups 142
Privilege Control 147
Policies 149
Trust 152
Auditing 154
Object Access Control and Permissions 156
Network Security 160
Windows 2000 and Beyond: Welcome to the New Millennium 162
Conclusion 177
Summary 177
Chapter 5: Phase 1: Reconnaissance 183
Low-Technology Reconnaissance: Social Engineering, Caller ID Spoofing, Physical Break-In, and Dumpster Diving 184
Search the Fine Web (STFW) 195
Whois Databases: Treasure Chests of Information 212
The Domain Name System 220
General-Purpose Reconnaissance Tools 230
Conclusion 235
Summary 235
Chapter 6: Phase 2: Scanning 239
War Driving: Finding Wireless Access Points 240
War Dialing: Looking for Modems in All the Right Places 252
Network Mapping 261
Determining Open Ports Using Port Scanners 268
Vulnerability-Scanning Tools 307
Intrusion Detection System and Intrusion Prevention System Evasion 319
Conclusion 335
Summary 335
Chapter 7: Phase 3: Gaining Access Using Application and Operating System Attacks 339
Script Kiddie Exploit Trolling 339
Pragmatism for More Sophisticated Attackers 340
Buffer Overflow Exploits 342
Password Attacks 377
Web Application Attacks 406
Exploiting Browser Flaws 431
Conclusion 435
Summary 435
Chapter 8: Phase 3: Gaining Access Using Network Attacks 439
Sniffing 439
IP Address Spoofing 470
Session Hijacking 482
Netcat: A General-Purpose Network Tool 491
Conclusion 510
Summary 510
Chapter 9: Phase 3: Denial-of-Service Attacks 513
Locally Stopping Services 515
Locally Exhausting Resources 517
Remotely Stopping Services 518
Remotely Exhausting Resources 523
Conclusion 543
Summary 544
Chapter 10: Phase 4: Maintaining Access: Trojans, Backdoors, and Rootkits ... Oh My! 547
Trojan Horses 547
Backdoors 548
The Devious Duo: Backdoors Melded into Trojan Horses 553
Nasty: Application-Level Trojan Horse Backdoor Tools 555
Also Nasty: The Rise of the Bots 568
Additional Nastiness: Spyware Everywhere! 578
Defenses Against Application-Level Trojan Horse Backdoors, Bots, and Spyware 581
Even Nastier: User-Mode Rootkits 587
Defending Against User-Mode Rootkits 604
Nastiest: Kernel-Mode Rootkits 608
Defending Against Kernel-Mode Rootkits 616
Conclusion 623
Summary 623
Chapter 11: Phase 5: Covering Tracks and Hiding 627
Hiding Evidence by Altering Event Logs 628
Defenses Against Log and Accounting File Attacks 637
Creating Difficult-to-Find Files and Directories 641
Hiding Evidence on the Network: Covert Channels 647
Defenses Against Covert Channels 665
Conclusion 668
Summary 668
Chapter 12: Putting It All Together: Anatomy of an Attack 671
Scenario 1: Crouching Wi-Fi, Hidden Dragon 673
Scenario 2: Death of a Telecommuter 685
Scenario 3: The Manchurian Contractor 696
Conclusion 708
Summary 709
Chapter 13: The Future, References, and Conclusions 711
Where Are We Heading? 711
Keeping Up to Speed 715
Final Thoughts ... Live Long and Prosper 721
Summary 722
Index 723
商品描述(中文翻譯)
描述
多年來,《Counter Hack》一直是每個網絡/系統管理員和安全專業人員的主要資源,他們需要深入、實踐性地了解黑客攻擊和對策。現在,領先的網絡安全專家Ed Skoudis和Tom Liston全面更新了這本暢銷指南,展示了如何擊敗當今最新、最複雜和最具破壞性的攻擊。
目錄
前言 xxi
重新載入的前言 xxiii
關於作者 xxxi
第一章:介紹 1
計算機世界和黑客的黃金時代 2
為什麼選擇這本書? 4
威脅:永遠不要低估你的對手 7
術語和圖示說明 12
注意:這些工具可能會傷害你 15
本書其餘部分的組織 19
摘要 23
第二章:網絡概述:關於網絡的幾乎所有你需要知道的內容,以便理解本書的其餘部分 25
OSI參考模型和協議分層 26
TCP/IP的作用是什麼? 28
理解TCP/IP 32
傳輸控制協議(TCP) 33
用戶數據報協議(UDP) 41
網際網路協議(IP)和網際網路控制消息協議(ICMP) 44
ICMP 51
其他網絡層面的問題 53
不要忘記數據鏈接和物理層! 66
互聯網的安全解決方案 75
結論 86
摘要 87
第三章:Linux和UNIX概述:關於Linux和UNIX的幾乎所有你需要知道的內容,以便理解本書的其餘部分 91
介紹 91
架構 95
帳戶和群組 107
Linux和UNIX權限 110
Linux和UNIX信任關係 115
常見的Linux和UNIX網絡服務 119
結論 124
摘要 124
第四章:Windows NT/2000/XP/2003概述:關於Windows的幾乎所有你需要知道的內容,以便理解本書的其餘部分 127
介紹 127
時間的簡史 128
底層的Windows結構 131
Windows NT 133
Windows 2000 135
Windows XP 137
Windows Server 2003 139
結論 140
摘要 141