Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống
1
/ 577 trang
THÔNG TIN TÀI LIỆU
Thông tin cơ bản
Định dạng
Số trang
577
Dung lượng
12,55 MB
Nội dung
[...]... Please e-mail us at book@grayhathackingbook.com Also, browse to www.grayhathackingbook.com for additional technical information and resources related to this book and ethicalhacking Introduction to Ethical Disclosure ■ Chapter 1 ■ Chapter 2 ■ Chapter 3 Ethics of EthicalHackingEthicalHacking and the Legal System Proper and Ethical Disclosure 1 This page intentionally left blank CHAPTER Ethics of Ethical. .. chapters are presented and the other chapters have been updated In Part I of this book we lay down the groundwork of the necessary ethics and expectations of a grayhat hacker This section: • Clears up the confusion about white, black, and grayhat definitions and characteristics • Reviews the slippery ethical issues that should be understood before carrying out any type of ethicalhacking activities • Surveys... business NOTE Chapter 6 goes in-depth into rootkits and how they work Although malware use has decreased, it is still the main culprit that costs companies the most money An interesting thing about malware is that many people seem to put it in a category different from hacking and intrusions The fact is, malware has evolved to GrayHat Hacking: TheEthical Hacker’s Handbook 6 Table 1-1 Downtime Losses (Source:... we believe the industry needs: a holistic review of ethicalhacking that is responsible and truly ethical in its intentions and material This is why we are starting this book with a clear definition of what ethicalhacking is and is not—something society is very confused about We have updated the material from the first edition and have attempted to deliver the most comprehensive and up-to-date assembly... that staff and student information had been obtained through a security breach by a former student The data had been copied to an iPod and included names, social security numbers, birth dates, phone numbers, and addresses PART I thought to have been introduced into the production line through another company that builds the iPods for Apple Gray Hat Hacking: TheEthical Hacker’s Handbook 8 • The theft... Surveys legal issues surrounding hacking and many other types of malicious activities • Walks through proper vulnerability discovery processes and current models that provide direction In Part II we introduce more advanced penetration methods and tools that no other books cover today Many existing books cover the same old tools and methods that have xxiii GrayHat Hacking: TheEthical Hacker’s Handbook xxiv... reported that identity theft had topped the Federal Trade Commission’s (FTC’s) complaint list for the seventh year in a row Identity theft complaints accounted for 36 percent of the 674,354 complaints that were received by the FTC in the period between January 1, 2006, and December 31, 2006 • Privacyrights.org has reported that the total number of records containing sensitive information that have been... guys.” The bad guys use the tactics, techniques, and fighting methods of a specific type of enemy—Libya, Russia, United States, Germany, North Korea, and so on 3 1 GrayHat Hacking: TheEthical Hacker’s Handbook 4 The goal of these exercises is to allow the pilots to understand enemy attack patterns, and to identify and be prepared for certain offensive actions so they can properly react in the correct... prison At the time of sentencing it was the first prosecution of its kind in the United States, and was the longest known sentence for a defendant who had spread computer viruses Gray Hat Hacking: TheEthical Hacker’s Handbook 10 NOTE A drastic increase in spam was experienced in the later months of 2006 and early part of 2007 because spammers embedded images with their messages instead of using the traditional... attacker The commands and logic within the malware are the same components that many attackers carry out manually The company Alinean has put together some cost estimates, per minute, for different organizations if their operations are interrupted Even if an attack or compromise is not totally successful for the attacker (he does not obtain the asset he is going for), this in no way means that the company