Thông tin tài liệu
www.sharexxx.net - free books & magazines
363_Web_App_FM.qxd 12/19/06 10:46 AM Page ii
www.syngress.com
SOLUTIONS WEB SITE
ULTIMATE CDs
DOWNLOADABLE E-BOOKS
SYNGRESS OUTLET
SITE LICENSING
CUSTOM PUBLISHING
Visit us at
384_STS_FM.qxd 1/3/07 10:04 AM Page i
384_STS_FM.qxd 1/3/07 10:04 AM Page ii
STEALING THE NETWORK
How to Own
a Shadow
Johnny Long
Timothy (Thor) Mullen
Ryan Russell
THE CHASE FOR KNUTH
384_STS_FM.qxd 1/3/07 10:04 AM Page iii
Syngress Publishing, Inc., the author(s), and any person or firm involved in the writing, editing, or production
(collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results to be obtained from
the Work.
There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work is sold AS
IS and WITHOUT WARRANTY.You may have other legal rights, which vary from state to state.
In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other inci-
dental or consequential damages arising out from the Work or its contents. Because some states do not allow the
exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to
you.
You should always use reasonable care, including backup and other appropriate precautions, when working with
computers, networks, data, and files.
Syngress Media®, Syngress®,“Career Advancement Through Skill Enhancement®,”“Ask the Author
UPDATE®,” and “Hack Proofing®,” are registered trademarks of Syngress Publishing, Inc.“Syngress:The
Definition of a Serious Security Library”™, “Mission Critical™,” and “The Only Way to Stop a Hacker is to
Think Like One™” are trademarks of Syngress Publishing, Inc. Brands and product names mentioned in this
book are trademarks or service marks of their respective companies.
KEY SERIAL NUMBER
001 HJIRTCV764
002 PO9873D5FG
003 829KM8NJH2
004 YRT43998KL
005 CVPLQ6WQ23
006 VBP965T5T5
007 HJJJ863WD3E
008 2987GVTWMK
009 629MP5SDJT
010 IMWQ295T6T
PUBLISHED BY
Syngress Publishing, Inc.
800 Hingham Street
Rockland, MA 02370
Copyright © 2007 by Elsevier, Inc.All rights reserved. Except as permitted under the Copyright Act of 1976, no
part of this publication may be reproduced or distributed in any form or by any means, or stored in a database
or retrieval system, without the prior written permission of the publisher, with the exception that the program
listings may be entered, stored, and executed in a computer system, but they may not be reproduced for
publication.
1 2 3 4 5 6 7 8 9 0
ISBN-10: 1-59749-081-4
ISBN-13: 978-1-59749-081-8
Publisher: Andrew Williams Page Layout and Art: Patricia Lupien
Editor: D. Scott Pinzon Copy Editor: Christina LaPrue
For information on rights, translations, and bulk sales, contact Matt Pedersen, Director of Sales and Rights, email
M.Pedersen@elsevier.com.
384_STS_FM.qxd 1/3/07 10:04 AM Page iv
Acknowledgments
Syngress would like to acknowledge the following people for their kindness
and support in making this book possible.
A special thank you to all of the authors and editors who worked on the first
three books in the “Stealing” series, each of whom is listed individually later in
this front matter.
To Jeff Moss and Ping Look of Black Hat, Inc. who have been great friends and
supporters of the Syngress publishing program over the years.The Black Hat
Briefings have provided the perfect setting for many Stealing brainstorming
sessions.
384_STS_FM.qxd 1/3/07 10:04 AM Page v
384_STS_FM.qxd 1/3/07 10:04 AM Page vi
Authors
Johnny Long: Author, Technical Edit, Primary
Stealing Character: Pawn
Who’s Johnny Long? Johnny is a Christian by grace, a
family guy by choice, a professional hacker by trade, a
pirate by blood, a ninja in training, a security researcher
and author. My home on the web is
http://johnny.ihackstuff.com.
This page can support only fraction of all I am thankful for.Thanks first
to Christ without whom I am nothing.Thanks to Jen, Makenna,Trevor and
Declan.You guys pay the price when deadlines hit, and this book in partic-
ular has taken me away from you for far too long.Thanks for understanding
and supporting me.You have my love, always.
Thanks to Andrew and Christina (awesome tech edit) and the rest of
my Syngress family.Thanks to Ryan Russell (Blue Boar) for your contribu-
tions over the years and for Knuth.What a great character!
Thanks to Tim “Thor” Mullen.We work so well together, and your
great ideas and collaborative contributions aside, you are a great friend.
Thanks to Scott Pinzon for the guidance and the editorial work.Your
contribution to this project has literally transformed my writing.
Thanks to Pawn. If I have my say, we’ll meet again.
Thanks to the johnny.ihackstuff.com mods (Murf, Jimmy Neutron,
JBrashars, CP Klouw, Sanguis,ThePsyko,Wolveso) and members for your
help and support.Thanks to RFIDeas for the support, and to Pablos for the
RFID gear.Thanks to Roelof and Sensepost for BiDiBLAH, to NGS for
the great docs, to nummish and xeron for Absinthe.
Thanks to everyone at the real Mitsuboshi dojo, including Shidoshi and
Mrs.Thompson, Mr.Thompson, Mr. Stewart, Mrs. Mccarron, Mrs. Simmons,
Mr. Parsons, Mr. Birger, Mr. Barnett, Ms. Simmons, Mr. Street, Mrs. Hebert,
Mrs. Kos, Mrs.Wagner and all those not listed on the official instructor
sheet.
384_STS_FM.qxd 1/3/07 10:04 AM Page vii
Shouts: Nathan “Whatever” Bowers, Stephen S, Mike “Sid A. Biggs”,
John Lindner, Chaney, Jenny Yang, SecurityTribe, the Shmoo Group,
Sensepost, Blackhat, Defcon, Neal Stephenson (Baroque), Stephen King
(On Writing),Ted Dekker (Thr3e), Project86, Shadowvex, Green Sector,
Matisyahu,Thousand Foot Krutch, KJ-52 (Slim Part 2).To Jason Russell,
Bobby Bailey and Laren Poole for the Invisible Children movement
(http://www.invisiblechildren.com).
Timothy (Thor) Mullen: Created concept for this
book, Author, Technical Edit, Primary Stealing
Character: Gayle
Thor has been educating and training users in the tech-
nology sector since 1983 when he began teaching
BASIC and COBOL through a special educational pro-
gram at the Medical University of South Carolina
(while still a high school senior). He then launched his professional
career in application development and network integration in 1984.
Timothy is now CIO and Chief Software Architect for Anchor
Sign, one of the 10 largest sign-system manufacturers in America.
He has developed and implemented Microsoft networking security
solutions for institutions like the US Air Force, Microsoft, the US
Federal Courts, regional power plants, and international
banking/financial institutions. He has developed applications ranging
from military aircraft statistics interfaces and biological aqua-culture
management to nuclear power-plant effects monitoring for private,
government, and military entities.Timothy is currently being
granted a patent for the unique architecture of his payroll processing
engine used in the AnchorIS accounting solutions suite.
Timothy has been a columnist for Security Focus’ Microsoft
section, and is a regular contributor of InFocus technical articles.
Also known as “Thor,” he is the founder of the “Hammer of God”
security co-op group. His writings appear in multiple publications
such as Hacker’s Challenge, the Stealing the Network series, and in
Windows XP Security. His security tools, techniques and processes
384_STS_FM.qxd 1/3/07 10:04 AM Page viii
[...]... hack as well as his role in it Just as readers latched on to the concept of How to Own the Box, the readers of How to Own a Continent latched on to this Knuth character, and again, they wanted more The third book in the series Stealing the Network: How to Own a Shadow continued the story of Knuth .The authoring team on this book included Stealing veterans Ryan Russell,Thor,Tom Parker, and Jay Beale... For the second book in the series, Stealing the Network: How to Own a Continent, the authors aspired to write a series of stories that actually formed a single, coherent story line (unlike the unrelated stories in How to Own the Box) How to Own a Continent was released at Black Hat USA 2004 in Las Vegas and featured many authors from the first book, including Ryan Russell,Thor, Joe Grand and Paul Craig .The. .. obsession with creativity lead him to start a company along with a similar minded friend.Together they operated from a master bedroom at Roelof ’s house and started SensePost During his time at SensePost Roelof became a veteran BlackHat trainer/speaker and spoke at RSA and Ruxcon - to name a few He also contributed to many Syngress books such as How to own a continent’ and ‘Aggressive Network Self Defense’... South Africa from where it provides services primarily large and very large clients in Australia, South Africa, Germany, Switzerland, Belgium ,The Netherlands, United Kingdom, Malaysia, Gibraltar, Panama, the USA, and various African countries The majority of these clients are in the financial services industry, government, gaming and manufacturing where information security is an essential part of their... ultimately spawned and evolved into a new Stealing book So now, we will find out where How to Own a Shadow leads us as the chase for the Shadowy “Knuth” continues Enjoy the read, and I hope to see you at the annual: Stealing book signing at Black Hat USA 2007 in Las Vegas —Jeff Moss Black Hat, Inc www.blackhat.com December, 2006 Jeff Moss is CEO of Black Hat, Inc and founder of DEFCON He is also a renowned... Stealing the Network: How to Own the Box changed that and provided the general public with a real understanding of the true world of hacking; that is, how criminals use hacking techniques to commit crimes and how law enforcement strives to prevent crimes and apprehend those responsible After Stealing the Network: How to Own the Box was published, readers wanted more Stealing books, and the series was born... function of the tools that he created - from Wikto and the infamous BiDiBLAH (whom someone fondly described as “having a seizure on the keyboard”) to innovative tools like Crowbar and Suru NGS Software is the leader in database vulnerability assessment Founded by David and Mark Litchfield in 2001 the team at NGS has pioneered advanced testing techniques, which are both accurate and safe and which are employed... on as technical advisers Now, getting 10 hackers to follow the same thread is, in the words of lead author Ryan Russell, like “herding cats.” How to Own a Continent was written in the vein of the film “Usual Suspects.” It featured a criminal hacker group led by the shadowy Bob Knuth Each member of the group was expert in a particular area of compromise, and each had a varying understanding of the larger... services to more than 70 large and very large clients in Australia, South Africa, Germany, Switzerland, Belgium ,The Netherlands, United Kingdom, Malaysia, United States of America, and various African countries More than 20 of these clients are in the financial services industry, where information security is an essential part of their core competency SensePost analysts are regular speakers at international... in Las Vegas became a reality as Stealing the Network: How to Own the Box was released at Black Hat USA 2003 in Las Vegas.This first book brought together some of the most talented and creative minds in the security world, including Ryan Russell,Tim Mullen (Thor), FX, Dan Kaminsky, Joe Grand, Ken Pfeil, Ido Dubrawsky, Mark Burnett, and Paul Craig In all honesty, Stealing was not conceived of as a series, . regional power generation facilities and interna- tional banking/financial institutions. He has developed a myriad of applications from military aircraft statistics interfaces and biological aqua-culture. Jen, Makenna,Trevor and Declan, my love always.Thanks to Anthony for his great insight into LE and the forensics scene, and the “AWE-some” brainstorming sessions.Thanks to Jaime and Andrew at Syngress. ISBN: 1-9 2899 4-7 0-9 ), contributing author and technical editor of Stealing The Network: How to Own The Box (Syngress, ISBN: 1-9 3183 6- 8 7-6 ), and is a frequent technical editor for the Hack Proofing
Ngày đăng: 25/03/2014, 12:09
Xem thêm: stealing the network - how to own a shadow, stealing the network - how to own a shadow