Whenever Hollywood does a movie in which someone breaks into a computer, the hacking scenes are completely laughable to anyone who knows the first thing about computer security. Think of Hacking Exposed: Network Security Secrets and Solutions as a computer thriller for people with a clue. This is a technical book, certainly--URLs, procedures, and bits of advice take the place of plot and characters--but the information about hackers' tools will leave you wondering exactly how vulnerable your system is. More to the point, the explicit instructions for stealing supposedly secure information (a Windows NT machine's Security Access Manager file, for example) will leave you absolutely certain that your computers have gaping holes in their armor.
The book describes the security characteristics of several computer-industry pillars, including Windows NT, Unix, Novell NetWare, and certain firewalls. It also explains what sorts of attacks against these systems are feasible, which are popular, and what tools exist to make them easier. The authors walk the reader through numerous attacks, explaining exactly what attackers want, how they defeat the relevant security features, and what they do once they've achieved their goal. In what might be called after-action reports, countermeasures that can help steer bad buys toward less-well-defended prey are explained. If you run Linux, you may want to supplement the Unix information in this book with Maximum Linux Security, another practical-minded and very popular security text. --David Wall
Find more here
Source : http://securityfocus.com
Saturday, December 8, 2007
Hacking Exposed: Network Security Secrets & Solutions (Hacking Exposed)
Windows 2000 (Hacking Exposed)
With a revised Microsoft operating system comes a revised set of security holes and means of attacking them. Hacking Exposed: Windows 2000 presents a snapshot of known Windows 2000 security weaknesses and the tools that have been developed to exploit them, in turn enabling system operators to mount better defenses. This book builds on and contributes to the small but respected Hacking Exposed series, giving network administrators a detailed picture of the threats their Windows 2000 machines face--and all the motivation they should need to install the latest patches right away. Which points out a characteristic of this book: Many of the problems it catalogs are known bugs that shouldn't be a problem if you've installed the latest fixes and have good password and privilege policies. The point: Even with this book on your shelf, keep an eye on the security sites for news of emerging problems.
Joel Scambray and Stuart McClure have chosen to organize their book according to the steps involved in system compromise (identifying a target, gaining access and privileges, using or destroying the system, and so on) as well as by area of vulnerability. In addition to well-written passages that explain general hacking strategies and concepts, the authors devote sections to software (meaning native Windows commands, tools that are part of the Windows NT/2000 Resource Kit, as well as external software). Sometimes, they'll just offer a description, but most of the time, the authors present a step-by-step guide to carrying out the exploit at hand. This is a valuable book that every Windows 2000 expert should read closely. --David Wall
Find more here
Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions, Third Edition (Hacking Exposed)
The latest Windows security attack and defense strategies
"Securing Windows begins with reading this book." --James Costello (CISSP) IT Security Specialist, Honeywell
Meet the challenges of Windows security with the exclusive Hacking Exposed "attack-countermeasure" approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in Windows XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors' and contributors' many years as security professionals hired to break into the world's largest IT infrastructures. Dramatically improve the security of Microsoft technology deployments of all sizes when you learn to:
*
Establish business relevance and context for security by highlighting real-world risks
* Take a tour of the Windows security architecture from the hacker's perspective, exposing old and new vulnerabilities that can easily be avoided
* Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries, and Google searches to locate vulnerable Windows systems
* Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques
* Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing, rogue server/man-in-the-middle attacks, and cracking vulnerable services
* See up close how professional hackers reverse engineer and develop new Windows exploits
* Identify and eliminate rootkits, malware, and stealth software
* Fortify SQL Server against external and insider attacks
* Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats
* Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control, the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization
Find more here
Windows Server 2003 (Hacking Exposed)
"The most demystifying source of information since Toto exposed the Wizard. Hacking Exposed Windows Server 2003 eliminates the mystique and levels the playing field by revealing the science behind the curtain." --Greg Wood, General Manager, Information Security, Microsoft Corporation
From the best-selling co-authors of the world-renowned book, Hacking Exposed, comes Hacking Exposed Windows Server 2003. You’ll learn, step-by-step, how to defend against the latest attacks by understanding how intruders enter and pilfer compromised networks and weaknesses. All the new security features and exploits in Windows Server 2003 are covered.
Find more here
Source : http://securityfocus.com
Hacking Exposed [BARGAIN PRICE]
A lot of computer-security textbooks approach the subject from a defensive point of view. "Do this, and probably you'll survive a particular kind of attack," they say. In refreshing contrast, Hacking Exposed, Second Edition talks about security from an offensive angle. A Jane's-like catalog of the weaponry that black-hat hackers use is laid out in full. Readers see what programs are out there, get a rundown on what the programs can do, and benefit from detailed explanations of concepts (such as wardialing and rootkits) that most system administrators kind of understand, but perhaps not in detail. The book also walks through how to use the more powerful and popular hacker software, including L0phtCrack. This new edition has been updated extensively, largely with the results of "honeypot" exercises (in which attacks on sacrificial machines are monitored) and Windows 2000 public security trials. There's a lot of new stuff on e-mail worms, distributed denial-of-service (DDoS) attacks, and attacks that involve routing protocols.
The result of all of this familiarity with bad-guy tools is a leg up on defending against them. Hacking Exposed wastes no time in explaining how to implement the countermeasures--where they exist--that will render known attacks ineffective. Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what Unix configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare. They spare no criticism of products with which they aren't impressed, and don't hesitate to point out inherent, uncorrectable security weaknesses where they find them. This book is no mere rehashing of generally accepted security practices. It and its companion Web site are the best way for all of you network administrators to know thine enemies. --David Wall
Find more here
Configuring Netscreen Firewalls [ILLUSTRATED]
The first book on the market covering the #2 best-selling firewall appliances in the world from NetScreen. This book continues Syngress' history from ISA Server to Check Point to Cisco Pix of being first to market with best-selling firewall books for security professionals.
Configuring NetScreen Firewalls is the first book to deliver an in-depth look at the NetScreen firewall product line. It covers all of the aspects of the NetScreen product line from the SOHO devices to the Enterprise NetScreen firewalls. Also covered are advanced troubleshooting techniques and the NetScreen Security Manager. This book offers novice users a complete opportunity to learn the NetScreen firewall appliance. Advanced users will find it a rich technical resource.
* NetScreen is the #2 best-selling firewall appliance in the world (behind only Cisco PIX) and there are no competing books.
* Covers the materials found on the NetScreen NCSA 5.0 exam.
* Syngress firewall books are consistent best-sellers with market-leading books on ISA Server, Cisco PIX, and Check Point Next Generation.
Find more here
Thursday, December 6, 2007
Security Power Tools [ILLUSTRATED]
What if you could sit down with some of the most talented security engineers in the world and ask any network security question you wanted? Security Power Tools lets you do exactly that! Members of Juniper Networks' Security Engineering team and a few guest experts reveal how to use, tweak, and push the most popular network security applications, utilities, and tools available using Windows, Linux, Mac OS X, and Unix platforms.
Designed to be browsed, Security Power Tools offers you multiple approaches to network security via 23 cross-referenced chapters that review the best security tools on the planet for both black hat techniques and white hat defense tactics. It's a must-have reference for network administrators, engineers and consultants with tips, tricks, and how-to advice for an assortment of freeware and commercial tools, ranging from intermediate level command-line operations to advanced programming of self-hiding exploits.
Security Power Tools details best practices for:
* Reconnaissance -- including tools for network scanning such as nmap; vulnerability scanning tools for Windows and Linux; LAN reconnaissance; tools to help with wireless reconnaissance; and custom packet generation
* Penetration -- such as the Metasploit framework for automated penetration of remote computers; tools to find wireless networks; exploitation framework applications; and tricks and tools to manipulate shellcodes
* Control -- including the configuration of several tools for use as backdoors; and a review of known rootkits for Windows and Linux
* Defense -- including host-based firewalls; host hardening for Windows and Linux networks; communication security with ssh; email security and anti-malware; and device security testing
* Monitoring -- such as tools to capture, and analyze packets; network monitoring with Honeyd and snort; and host monitoring of production servers for file changes
* Discovery -- including The Forensic Toolkit, SysInternals and other popular forensic tools; application fuzzer and fuzzing techniques; and the art of binary reverse engineering using tools like Interactive Disassembler and Ollydbg
A practical and timely network security ethics chapter written by a Stanford University professor of law completes the suite of topics and makes this book a goldmine of security information. Save yourself a ton of headaches and be prepared for any network security dilemma with Security Power Tools.
Find more here
Hacking Exposed Web Applications, 2nd Ed. (Hacking Exposed)
Implement bulletproof e-business security the proven Hacking Exposed way
Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals.
*
Find out how hackers use infrastructure and application profiling to perform reconnaissance and enter vulnerable systems
*
Get details on exploits, evasion techniques, and countermeasures for the most popular Web platforms, including IIS, Apache, PHP, and ASP.NET
*
Learn the strengths and weaknesses of common Web authentication mechanisms, including password-based, multifactor, and single sign-on mechanisms like Passport
*
See how to excise the heart of any Web application's access controls through advanced session analysis, hijacking, and fixation techniques
*
Find and fix input validation flaws, including cross-site scripting (XSS), SQL injection, HTTP response splitting, encoding, and special character abuse
*
Get an in-depth presentation of the newest SQL injection techniques, including blind attacks, advanced exploitation through subqueries, Oracle exploits, and improved countermeasures
*
Learn about the latest XML Web Services hacks, Web management attacks, and DDoS attacks, including click fraud
*
Tour Firefox and IE exploits, as well as the newest socially-driven client attacks like phishing and adware
Find more here
Exploiting Online Games: Cheating Massively Distributed Systems (Addison-Wesley Software Security Series)
"Imagine trying to play defense in football without ever studying offense. You would not know when a run was coming, how to defend pass patterns, nor when to blitz. In computer systems, as in football, a defender must be able to think like an attacker. I say it in my class every semester, you don't want to be the last person to attack your own system--you should be the first.
"The world is quickly going online. While I caution against online voting, it is clear that online gaming is taking the Internet by storm. In our new age where virtual items carry real dollar value, and fortunes are won and lost over items that do not really exist, the new threats to the intrepid gamer are all too real. To protect against these hazards, you must understand them, and this groundbreaking book is the only comprehensive source of information on how to exploit computer games. Every White Hat should read it. It's their only hope of staying only one step behind the bad guys."
--Aviel D. Rubin, Ph.D.
Professor, Computer Science
Technical Director, Information Security Institute
Johns Hopkins University
"Everyone's talking about virtual worlds. But no one's talking about virtual-world security. Greg Hoglund and Gary McGraw are the perfect pair to show just how vulnerable these online games can be."
--Cade Metz
Senior Editor
PC Magazine
"If we're going to improve our security practices, frank discussions like the ones in this book are the only way forward. Or as the authors of this book might say, when you're facing off against Heinous Demons of Insecurity, you need experienced companions, not to mention a Vorpal Sword of Security Knowledge."
--Edward W. Felten, Ph.D.
Professor of Computer Science and Public Affairs
Director, Center for Information Technology Policy
Princeton University
"Historically, games have been used by warfighters to develop new capabilities and to hone existing skills--especially in the Air Force. The authors turn this simple concept on itself, making games themselves the subject and target of the 'hacking game,' and along the way creating a masterly publication that is as meaningful to the gamer as it is to the serious security system professional.
"Massively distributed systems will define the software field of play for at least the next quarter century. Understanding how they work is important, but understanding how they can be manipulated is essential for the security professional. This book provides the cornerstone for that knowledge."
--Daniel McGarvey
Chief, Information Protection Directorate
United States Air Force
"Like a lot of kids, Gary and I came to computing (and later to computer security) through games. At first, we were fascinated with playing games on our Apple ][s, but then became bored with the few games we could afford. We tried copying each other's games, but ran up against copy-protection schemes. So we set out to understand those schemes and how they could be defeated. Pretty quickly, we realized that it was a lot more fun to disassemble and work around the protections in a game than it was to play it.
"With the thriving economies of today's online games, people not only have the classic hacker's motivation to understand and bypass the security of games, but also the criminal motivation of cold, hard cash. That's a combination that's hard to stop. The first step, taken by this book, is revealing the techniques that are being used today."
--Greg Morrisett, Ph.D.
Allen B. Cutting Professor of Computer Science
School of Engineering and Applied Sciences
Harvard University
"If you're playing online games today and you don't understand security, you're at a real disadvantage. If you're designing the massive distributed systems of tomorrow and you don't learn from games, you're just plain sunk."
--Brian Chess, Ph.D.
Founder/Chief Scientist, Fortify Software
Coauthor of Secure Programming with Static Analysis
"This book offers up a fascinating tour of the battle for software security on a whole new front: attacking an online game. Newcomers will find it incredibly eye opening and even veterans of the field will enjoy some of the same old programming mistakes given brilliant new light in a way that only massively-multiplayer-supermega-blow-em-up games can deliver. w00t!"
--Pravir Chandra
Principal Consultant, Cigital
Coauthor of Network Security with OpenSSL
If you are a gamer, a game developer, a software security professional, or an interested bystander, this book exposes the inner workings of online-game security for all to see.
From the authors of the best-selling Exploiting Software, Exploiting Online Games takes a frank look at controversial security issues surrounding MMORPGs, such as World of Warcraft™ and Second Life®. This no-holds-barred book comes fully loaded with code examples, debuggers, bots, and hacks.
This book covers
* Why online games are a harbinger of software security issues to come
* How millions of gamers have created billion-dollar virtual economies
* How game companies invade personal privacy
* Why some gamers cheat
* Techniques for breaking online game security
* How to build a bot to play a game for you
* Methods for total conversion and advanced mods
Written by the world's foremost software security experts, this book takes a close look at security problems associated with advanced, massively distributed software. With hundreds of thousands of interacting users, today's online games are a bellwether of modern software. The kinds of attack and defense techniques described in Exploiting Online Games are tomorrow's security techniques on display today.
Find more here
Source : http://securityfocus.com
Google Hacking for Penetration Testers, Volume 1 [ILLUSTRATED]
Google, the most popular search engine worldwide, provides web surfers with an easy-to-use guide to the Internet, with web and image searches, language translation, and a range of features that make web navigation simple enough for even the novice user. What many users dont realize is that the deceptively simple components that make Google so easy to use are the same features that generously unlock security flaws for the malicious hacker. Vulnerabilities in website security can be discovered through Google hacking, techniques applied to the search engine by computer criminals, identity thieves, and even terrorists to uncover secure information. This book beats Google hackers to the punch, equipping web administrators with penetration testing applications to ensure their site is invulnerable to a hackers search.
Penetration Testing with Google Hacks explores the explosive growth of a technique known as "Google Hacking." When the modern security landscape includes such heady topics as "blind SQL injection" and "integer overflows," it's refreshing to see such a deceptively simple tool bent to achieve such amazing results; this is hacking in the purest sense of the word. Readers will learn how to torque Google to detect SQL injection points and login portals, execute port scans and CGI scans, fingerprint web servers, locate incredible information caches such as firewall and IDS logs, password databases, SQL dumps and much more - all without sending a single packet to the target! Borrowing the techniques pioneered by malicious "Google hackers," this talk aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of information leakage.
*First book about Google targeting IT professionals and security leaks through web browsing.
*Author Johnny Long, the authority on Google hacking, will be speaking about "Google Hacking" at the Black
Hat 2004 Briefing. His presentation on penetrating security flaws with Google is expected to create a lot of buzz and exposure for the topic.
*Johnny Long's Web site hosts the largest repository of Google security exposures and is the most popular destination for security professionals who want to learn about the dark side of Google.
Find more here
Extrusion Detection: Security Monitoring for Internal Intrusions
Overcome Your Fastest-Growing Security Problem: Internal, Client-Based Attacks
Today's most devastating security attacks are launched from within the company, by intruders who have compromised your users' Web browsers, e-mail and chat clients, and other Internet-connected software. Hardening your network perimeter won't solve this problem. You must systematically protect client software and monitor the traffic it generates.
Extrusion Detection is a comprehensive guide to preventing, detecting, and mitigating security breaches from the inside out. Top security consultant Richard Bejtlich offers clear, easy-to-understand explanations of today's client-based threats and effective, step-by-step solutions, demonstrated against real traffic and data. You will learn how to assess threats from internal clients, instrument networks to detect anomalies in outgoing traffic, architect networks to resist internal attacks, and respond effectively when attacks occur.
Bejtlich's The Tao of Network Security Monitoring earned acclaim as the definitive guide to overcoming external threats. Now, in Extrusion Detection, he brings the same level of insight to defending against today's rapidly emerging internal threats. Whether you're an architect, analyst, engineer, administrator, or IT manager, you face a new generation of security risks. Get this book and protect yourself.
Coverage includes
* Architecting defensible networks with pervasive awareness: theory, techniques, and tools
* Defending against malicious sites, Internet Explorer exploitations, bots, Trojans, worms, and more
* Dissecting session and full-content data to reveal unauthorized activity
* Implementing effective Layer 3 network access control
* Responding to internal attacks, including step-by-step network forensics
* Assessing your network's current ability to resist internal attacks
* Setting reasonable corporate access policies
* Detailed case studies, including the discovery of internal and IRC-based bot nets
* Advanced extrusion detection: from data collection to host and vulnerability enumeration
Find more here
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
This is one of the most detailed, sophisticated, and useful guides to software security auditing ever written. The authors are leading security consultants and researchers who have personally uncovered vulnerabilities in applications ranging from sendmail to Microsoft Exchange, Check Point VPN to Internet Explorer. Drawing on their extraordinary experience, they introduce a start-to-finish methodology for “ripping apart” applications to reveal even the most subtle and well-hidden security flaws.
The Art of Software Security Assessment covers the full spectrum of software vulnerabilities in both UNIX/Linux and Windows environments. It demonstrates how to audit security in applications of all sizes and functions, including network and Web software. Moreover, it teaches using extensive examples of real code drawn from past flaws in many of the industry's highest-profile applications.
Coverage includes
• Code auditing: theory, practice, proven methodologies, and secrets of the trade
• Bridging the gap between secure software design and post-implementation review
• Performing architectural assessment: design review, threat modeling, and operational review
• Identifying vulnerabilities related to memory management, data types, and malformed data
• UNIX/Linux assessment: privileges, files, and processes
• Windows-specific issues, including objects and the filesystem
• Auditing interprocess communication, synchronization, and state
• Evaluating network software: IP stacks, firewalls, and common application protocols
• Auditing Web applications and technologies
Find more here
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition) The Radia Perlman Series in Computer Networking
casual among them--seek out softer targets. Counter Hack aims to provide its readers with enough knowledge to toughen their Unix and Microsoft Windows systems against attacks in general, and with specific knowledge of the more common sorts of attacks that can be carried out by relatively unskilled "script kiddies." The approach author Ed Skoudis has chosen is effective, in that his readers accumulate the knowledge they need and generally enjoy the process.
The best part of this book may be two chapters, one each for Windows and Unix, that explain the essential security terms, conventions, procedures, and behaviors of each operating system. This is the sort of information that readers need--a Unix person getting into Windows administration for the first time needs an introduction to the Microsoft security scheme, and vice versa. A third chapter explains TCP/IP with focus on security. With that groundwork in place, Skoudis explains how (with emphasis on tools) attackers look for vulnerabilities in systems, gain access, and maintain their access for periods of time without being discovered. You'll probably want to search online resources for more specific information--Skoudis refers to several--but this book by itself will provide you with the vocabulary and foundation knowledge you need to get the details you want. --David Wall
Find more here
Professional Assembly Language (Programmer to Programmer) (Paperback)
Every high level language program (such as C and C++) is converted by a compiler into assembly language before it is linked into an executable program. This book shows you how to view the assembly language code generated by the compiler and understand how it is created. With that knowledge you can tweak the assembly language code generated by the compiler or create your own assembly language routines. This code-intensive guide is divided into three sections - basics of the assembly language program development environment, assembly language programming, and advanced assembly language techniques. It shows how to decipher the compiler-generated assembly language code, and how to make functions in your programs faster and more efficient to increase the performance of an application. What you will learn from this book: -The benefits of examining the assembly language code generated from your high-level language program -How to create stand-alone assembly language programs for the Linux Pentium environment -Ways to incorporate advanced functions and libraries in assembly language programs -How to incorporate assembly language routines in your C and C++ applications -Ways to use Linux system calls in your assembly language programs -How to utilize Pentium MMX and SSE functions in your applications
Find more here