Security Warrior

Cyrus Peikari, Anton Chuvakin

  • 出版商: O'Reilly
  • 出版日期: 2004-02-17
  • 售價: $1,670
  • 貴賓價: 9.5$1,587
  • 語言: 英文
  • 頁數: 556
  • 裝訂: Paperback
  • ISBN: 0596005458
  • ISBN-13: 9780596005450
  • 相關分類: 資訊安全
  • 相關翻譯: 防駭戰士 (Security Warrior) (繁中版)
  • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

商品描述

When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.

What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.

Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.

Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.

Table of Contents

Preface

Part I. Software Cracking

1. Assembly Language
     Registers
     ASM Opcodes
     References

2. Windows Reverse Engineering
     History of RCE
     Reversing Tools
     Reverse Engineering Examples
     References

3. Linux Reverse Engineering
     Basic Tools and Techniques
     A Good Disassembly
     Problem Areas
     Writing New Tools
     References

4. Windows CE Reverse Engineering
     Windows CE Architecture
     CE Reverse Engineering Fundamentals
     Practical CE Reverse Engineering
     Reverse Engineering serial.exe
     References

5. Overflow Attacks
     Buffer Overflows
     Understanding Buffers
     Smashing the Stack
     Heap Overflows
     Preventing Buffer Overflows
     A Live Challenge
     References

Part II. Network Stalking

6. TCP/IP Analysis
     A Brief History of TCP/IP
     Encapsulation
     TCP
     IP
     UDP
     ICMP
     ARP
     RARP
     BOOTP
     DHCP
     TCP/IP Handshaking
     Covert Channels
     IPv6
     Ethereal
     Packet Analysis
     Fragmentation
     References

7. Social Engineering
     Background
     Performing the Attacks
     Advanced Social Engineering
     References

8. Reconnaissance
     Online Reconnaissance
     Conclusion
     References

9. OS Fingerprinting
     Telnet Session Negotiation
     TCP Stack Fingerprinting
     Special-Purpose Tools
     Passive Fingerprinting
     Fuzzy Operating System Fingerprinting
     TCP/IP Timeout Detection
     References

10. Hiding the Tracks
     From Whom Are You Hiding?
     Postattack Cleanup
     Forensic Tracks
     Maintaining Covert Access
     References

Part III. Platform Attacks

11. Unix Defense
     Unix Passwords
     File Permissions
     System Logging
     Network Access in Unix
     Unix Hardening
     Unix Network Defense
     References

12. Unix Attacks
     Local Attacks
     Remote Attacks
     Unix Denial-of-Service Attacks
     References

13. Windows Client Attacks
     Denial-of-Service Attacks
     Remote Attacks
     Remote Desktop/Remote Assistance
     References

14. Windows Server Attacks
     Release History
     Kerberos Authentication Attacks
     Kerberos Authentication Review
     Defeating Buffer Overflow Prevention
     Active Directory Weaknesses
     Hacking PKI
     Smart Card Hacking
     Encrypting File System Changes
     Third-Party Encryption
     References

15. SOAP XML Web Services Security
     XML Encryption
     XML Signatures
     Reference

Part IV. Advanced Defense

16. SQL Injection
     Introduction to SQL
     SQL Injection Attacks
     SQL Injection Defenses
     PHP-Nuke Examples
     References

17. Wireless Security
     Reducing Signal Drift
     Problems with WEP
     Cracking WEP
     Practical WEP Cracking
     VPNs
     TKIP
     SSL
     Airborne Viruses
     References

18. Audit Trail Analysis
     Log Analysis Basics
     Log Examples
     Logging States
     When to Look at the Logs
     Log Overflow and Aggregation
     Challenge of Log Analysis
     Security Information Management
     Global Log Aggregation
     References

19. Intrusion Detection Systems
     IDS Examples
     Bayesian Analysis
     Hacking Through IDSs
     The Future of IDSs
     Snort IDS Case Study
     IDS Deployment Issues
     References

20. Honeypots
     Motivation
     Building the Infrastructure
     Capturing Attacks
     References

21. Incident Response
     Case Study: Worm Mayhem
     Definitions
     Incident Response Framework
     Small Networks
     Medium-Sized Networks
     Large Networks
     References

22. Forensics and Antiforensics
     Hardware Review
     Information Detritus
     Forensics Tools
     Bootable Forensics CD-ROMs
     Evidence Eliminator
     Forensics Case Study: FTP Attack
     References

Part V. Appendix

Appendix: Useful SoftICE Commands and Breakpoints

Index

商品描述(中文翻譯)

在談到網絡安全時,許多用戶和管理員都感到恐懼,這是合理的。隨著每一個新的互聯網蠕蟲的出現,對計算機系統的攻擊越來越複雜。攻擊者對你造成的最嚴重的後果是什麼?你最好弄清楚,對吧?這就是《安全戰士》要教給你的。基於一個原則,即唯一的防禦方式是深入了解攻擊者,《安全戰士》揭示了你的系統如何受到攻擊。本書涵蓋了從逆向工程到SQL攻擊的所有內容,還包括社交工程、反取證和對UNIX和Windows系統的常見攻擊等主題,教你了解你的敵人並做好戰鬥準備。《安全戰士》特別強調逆向工程。對於管理員來說,逆向工程是一項基本技能,他必須了解可以安裝在他的機器上的各種惡意軟件,如木馬二進制文件、看似無害但會將私人數據發送給創建者的“間諜軟件”等等。這是唯一一本討論Linux或Windows CE逆向工程的書籍。它也是唯一一本向你展示SQL注入如何工作的書籍,讓你能夠檢查你的數據庫和網絡應用程序的漏洞。《安全戰士》是涵蓋計算機戰爭藝術的最全面和最新的書籍:對計算機系統的攻擊及其防禦。它常常讓人感到恐懼,從不讓人感到安心。如果你是在前線保衛你的網站免受攻擊的人,你需要這本書。它應該放在你的書架上,並放在你的手中。

目錄

前言

第一部分. 軟體破解

1. 組合語言

     寄存器

     組合語言操作碼

     參考資料

2. Windows逆向工程

     逆向工程的歷史

     逆向工程工具

     逆向工程示例

     參考資料

3. Linux逆向工程

     基本工具和技術

     良好的反組譯

     問題領域

     編寫新工具

     參考資料

4. Windows CE逆向工程

     Windows CE架構

     CE逆向工程基礎知識

     實際的CE逆向工程

     逆向工程serial.exe

     參考資料

5. 溢出攻擊

     緩衝區溢出

     理解緩衝區

     破壞堆棧

     堆溢出

     防止緩衝區溢出

     一個實時挑戰

     參考資料

第二部分. 網絡監視

6. TCP/IP分析

     TCP/IP的簡要歷史

     封裝

     TCP

     IP

     UDP

     ICMP

     ARP

     RARP

     BOOTP

     DHCP

     TCP/IP握手

     隱蔽通道

     IPv6

     Ethereal

     封包分析

     分段

     參考資料

7. 社交工程

     背景

     進行攻擊

     高級社交工程

  &nbsp```