Đây là bộ sách tiếng anh cho dân công nghệ thông tin chuyên về bảo mật,lập trình.Thích hợp cho những ai đam mê về công nghệ thông tin,tìm hiểu về bảo mật và lập trình.
Release from TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by- Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice Hall Pub Date: December 23, 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 Table of Contents | Index Copyright Praise for Counter Hack Reloaded The Radia Perlman Series in Computer Networking and Security Radia Perlman, Series Editor Foreword Preface Reloaded About the Authors Chapter 1. Introduction The Computer World and the Golden Age of Hacking Why This Book? The Threat: Never Underestimate Your Adversary A Note on Terminology and Iconography Caveat: These Tools Could Hurt You Organization of Rest of the Book Summary Chapter 2. Networking Overview: Pretty Much Everything You Need to Know About Networking to Follow the Rest of This Book The OSI Reference Model and Protocol Layering How Does TCP/IP Fit In? Understanding TCP/IP Transmission Control Protocol (TCP) User Datagram Protocol (UDP) Internet Protocol (IP) and Internet Control Message Protocol (ICMP) ICMP Other Network-Level Issues Don't Forget About the Data Link and Physical Layers! Security Solutions for the Internet Conclusion Summary Chapter 3. Linux and UNIX Overview: Pretty Much Everything You Need to Know About Linux and UNIX to Follow the Rest of This Book Introduction Architecture Accounts and Groups Linux and UNIX Permissions Linux and UNIX Trust Relationships Common Linux and UNIX Network Services Conclusion Summary Chapter 4. Windows NT/2000/XP/2003 Overview: Pretty Much Everything You Need to Know about Windows to Follow the Rest of This Book Introduction A Brief History of Time The Underlying Windows Operating System Architecture How Windows Password Representations Are Derived Kernel Mode From Service Packs and Hotfixes to Windows Update and Beyond Accounts and Groups Privilege Control Policies Trust Auditing Object Access Control and Permissions Network Security Windows 2000 and Beyond: Welcome to the New Millennium Conclusion Summary Chapter 5. Phase 1: Reconnaissance Low-Technology Reconnaissance: Social Engineering, Caller ID Spoofing, Physical Break-In, and Dumpster Diving Search the Fine Web (STFW) Whois Databases: Treasure Chests of Information The Domain Name System General-Purpose Reconnaissance Tools Conclusion Summary Chapter 6. Phase 2: Scanning War Driving: Finding Wireless Access Points War Dialing: Looking for Modems in All the Right Places Network Mapping Determining Open Ports Using Port Scanners Vulnerability-Scanning Tools Intrusion Detection System and Intrusion Prevention System Evasion Conclusion Summary Chapter 7. Phase 3: Gaining Access Using Application and Operating System Attacks Script Kiddie Exploit Trolling Pragmatism for More Sophisticated Attackers Buffer Overflow Exploits Password Attacks Web Application Attacks Exploiting Browser Flaws Conclusion Summary Chapter 8. Phase 3: Gaining Access Using Network Attacks Sniffing IP Address Spoofing Session Hijacking Netcat: A General-Purpose Network Tool Conclusion Summary Chapter 9. Phase 3: Denial-of-Service Attacks Locally Stopping Services Locally Exhausting Resources Remotely Stopping Services Remotely Exhausting Resources Conclusion Summary Chapter 10. Phase 4: Maintaining Access: Trojans, Backdoors, and Rootkits Oh My! Trojan Horses Backdoors The Devious Duo: Backdoors Melded into Trojan Horses Nasty: Application-Level Trojan Horse Backdoor Tools Also Nasty: The Rise of the Bots Additional Nastiness: Spyware Everywhere! Defenses Against Application-Level Trojan Horse Backdoors, Bots, and Spyware Even Nastier: User-Mode Rootkits Defending Against User-Mode Rootkits Nastiest: Kernel-Mode Rootkits Defending Against Kernel-Mode Rootkits Conclusion Summary Chapter 11. Phase 5: Covering Tracks and Hiding Hiding Evidence by Altering Event Logs Defenses Against Log and Accounting File Attacks Creating Difficult-to-Find Files and Directories Hiding Evidence on the Network: Covert Channels Defenses Against Covert Channels Conclusion Summary Chapter 12. Putting It All Together: Anatomy of an Attack Scenario 1: Crouching Wi-Fi, Hidden Dragon Scenario 2: Death of a Telecommuter Scenario 3: The Manchurian Contractor Conclusion Summary Chapter 13. The Future, References, and Conclusions Where Are We Heading? Keeping Up to Speed Final Thoughts Live Long and Prosper Summary Index Release from TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice Hall Pub Date: December 23, 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 Table of Contents | Index A A A Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses Copyright Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. The authors and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. The publisher offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales, which may include electronic versions and/or custom covers and content particular to your business, training goals, marketing focus, and branding interests. For more information, please contact: U.S. Corporate and Government Sales (800) 382-3419 corpsales@pearsontechgroup.com For sales outside the U.S., please contact: International Sales international@pearsoned.com Visit us on the Web: www.prenhallprofessional.com Skoudis, Ed. Counter hack reloaded : a step-by-step guide to computer attacks and effective defenses / Ed Skoudis with Tom Liston.—2nd ed. p. cm. Rev. ed. of: Counter hack, c2002. Includes bibliographical references and index. ISBN 0-13-148104-5 (pbk. : alk. paper) 1. Computer networks—Security measures. 2. Data protection. I. Skoudis, Ed. Counter hack. II. Liston, Tom. III. Title. TK5105.59.S57 2006 005.8—dc22 2005027164 Copyright © 2006 Pearson Education, Inc. All rights reserved. Printed in the United States of America. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. For information regarding permissions, write to: Pearson Education, Inc. Rights and Contracts Department One Lake Street Upper Saddle River, NJ 07458 Fax: (201) 236-3290 Text printed in the United States on recycled paper at Courier in Stoughton, Massachusetts. First printing, December 2005 Dedication Release from TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice Hall Pub Date: December 23, 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 Table of Contents | Index A A A Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses Praise for "I finally get it! I used to hear words like and and they just didn't make any sense. I asked other people and they didn't seem to know how these things work, or at least they couldn't explain them in a way that I could understand. is the clearest explanation of these tools I have ever seen. Thank you!" — "Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of was a fascinating read. It's technically intriguing and very clear. . . . A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field." — Interconnections; Network Security: Private Communications in a Public World "What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks." — Malware: Fighting Malicious Code "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." — Windows Forensics and Incident Recovery "In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis's real strength is in his ability to show complex topics in an understandable form. By the time he's done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar. This book is your best source for understanding attack strategies, attack tools, and the defenses against both." — "This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online [...]... Slots: 2.0 A A A Table of Contents | Index Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses The Radia Perlman Series in Computer Networking and Security Release from TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis,... from TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice Hall Pub Date: December 23, 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 A A A Table of Contents | Index Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, Second... from TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice Hall Pub Date: December 23, 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 A A A Table of Contents | Index Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, Second... TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice Hall Pub Date: December 23, 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 A A A Table of Contents | Index | Additional Reading Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, ... from TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice Hall Pub Date: December 23, 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 A A A Table of Contents | Index Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, Second... TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice Hall Pub Date: December 23, 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 A A A Table of Contents | Index | Additional Reading Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, ... the near future, someone might try to hack into your network-enabled automobile while you are driving down the street You've heard of carjacking? Get ready for the world of car hacking Release from TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice Hall Pub Date: December 23, 2005 Print...attack methods and counter- strategies and is very engagingly written." — Secure Electronic Commerce Release from TeamUnknown Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses By Ed Skoudis, Tom Liston Publisher: Prentice... 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 A A A Table of Contents | Index | Additional Reading Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses Why This Book? If you know the enemy and know yourself, you need not fear the result of a hundred battles... Date: December 23, 2005 Print ISBN-10: 0-13-148104-5 Print ISBN-13: 978-0-13-148104-6 Pages: 784 Slots: 2.0 A A A Table of Contents | Index Security Networking Ed Skoudis Tom Liston Prentice Hall Counter Hack Reloaded, Second Edition: A Step-by-Step Guide to Computer Attacks and Effective Defenses Foreword It's hard to remember a world without the Internet We now take for granted that we can access our . Praise for Counter Hack Reloaded The Radia Perlman Series in Computer Networking and Security Radia Perlman, Series Editor Foreword Preface Reloaded . Ed. Counter hack reloaded : a step-by-step guide to computer attacks and effective defenses / Ed Skoudis with Tom Liston.—2nd ed. p. cm. Rev. ed. of: Counter