Chained Exploits Advanced Hacking Attacks from Start to Finish

ISBN-10: 032149881X
ISBN-13: 9780321498816
Edition: 2009
List price: $59.99
eBook available
This item qualifies for FREE shipping

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

30 day, 100% satisfaction guarantee

If an item you ordered from TextbookRush does not meet your expectations due to an error on our part, simply fill out a return request and then return it by mail within 30 days of ordering it for a full refund of item cost.

Learn more about our returns policy

eBooks Starting from $47.99
Buy
what's this?
Rush Rewards U
Members Receive:
coins
coins
You have reached 400 XP and carrot coins. That is the daily max!
You could win $10,000

Get an entry for every item you buy, rent, or sell.

Study Briefs

Limited time offer: Get the first one free! (?)

All the information you need in one place! Each Study Brief is a summary of one specific subject; facts, figures, and explanations to help you learn faster.

Add to cart
Study Briefs
History of Western Art Online content $4.95 $1.99
Add to cart
Study Briefs
History of World Philosophies Online content $4.95 $1.99
Add to cart
Study Briefs
American History Volume 1 Online content $4.95 $1.99
Add to cart
Study Briefs
History of Western Music Online content $4.95 $1.99

Customers also bought

Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading
Loading

Book details

List price: $59.99
Copyright year: 2009
Publisher: Addison Wesley Professional
Publication date: 2/27/2009
Binding: Paperback
Pages: 312
Size: 7.25" wide x 9.25" long x 1.00" tall
Weight: 1.386
Language: English

Andrew Whitaker(M.Sc., CISSP, CEI, LPT, ECSA, CHFI, CEH, CCSP, CCNP, CCVP, CCDP, CCNA, CCDA, CCENT, MCSE, MCTS, CNE, A+, Network+, Convergence+, Security+, CTP, EMCPA) is a recognized expert, trainer, and author in the field of penetration testing and security countermeasures. He works as the Director of Enterprise InfoSec and Networking and as a senior ethical hacking instructor for Training Camp. Over the past several years his courses have trained thousands of security professionals throughout the world. His security courses have also caught the attention of theWall Street Journal,BusinessWeek,San Francisco Gate, and others. nbsp; Keatron Evansis a senior penetration tester and principal of Blink Digital Security based in Chicago, Illinois. He has more than 11 years experience doing penetration tests, vulnerability assessments, and forensics. Keatron regularly consults with and sometimes trains several government entities and corporations in the areas of network penetration, SCADA security, and other related national infrastructure security topics. He holds several information security certifications including CISSP, CSSA, CEH, CHFI, LPT, CCSP, MCSE:Security, MCT, Security+, and others.When not doing penetration tests, you can find Keatron teaching ethical hacking and forensics classes for Training Camp and a few other security training organizations. nbsp; Jack Vothhas been working in the information technology field for 24 years. He holds numerous industry certifications including CISSP, MCSE, LPT, CEH, CHFI, ECSA, CTP, Security+, ACA, MCT, CEI, and CCNA. He specializes in penetration testing, vulnerability assessment, perimeter security, and voice/data networking architecture. In addition to being a co-owner and senior engineer of The Client Server, Inc., Jack has been instructing for more than six years on subject matter including Microsoft, Telecommunications Industry Association (TIA), EC-Council, ISC/2, and CompTIA. nbsp;

Introduction
Get Your Free Credit Cards Here
Setting the Stage
The Approach
The Chained Exploit
Enumerating the PDXO Web Site
Enumerating the Credit Card Database
Stealing Credit Card Information from the Web Site
Selling the Credit Card Information on the Underground Market
Defacing the PDXO Web Site
Chained Exploit Summary
Countermeasures
Change the Default HTTP Response Header
Do Not Have Public Access to Developer Sites
Do Not Install SQL Server on the Same Machine as IIS
Sanitize Input on Web Forms
Do Not Install IIS in the Default Location
Make Your Web Site Read-Only
Remove Unnecessary Stored Procedures from Your SQL Database
Do Not Use the Default Username and Password for Your Database
Countermeasures for Customers
Conclusion
Discover What Your Boss Is Looking At
Setting the Stage
The Approach
For More Information
The Chained Exploit
Phishing Scam
Installing Executables
Setting Up the Phishing Site
Sending Mr. Minutia an E-mail
Finding the Boss's Computer
Connecting to the Boss's Computer
WinPcap
Analyzing the Packet Capture
Reassembling the Graphics
Other Possibilities
Chained Exploit Summary
Countermeasures
Countermeasures for Phishing Scams
Countermeasures for Trojan Horse Applications
Countermeasures for Packet-Capturing Software
Conclusion
Take Down Your Competitor's Web Site
Setting the Stage
The Approach
For More Information
The Chained Exploit
The Test
The One That Worked
Getting Access to the Pawn Web site
Lab-Testing the Hack
Modifying the Pawn Web Site
Other Possibilities
Chained Exploit Summary
Countermeasures
Countermeasures for Hackers Passively Finding Information about Your Company
Countermeasures for DDoS Attacks via ICMP
Countermeasures for DDoS Attacks via HTTP and Other Protocols
Countermeasures for Unauthorized Web Site Modification
Countermeasures for Compromise of Internal Employees
Conclusion
Corporate Espionage
Setting the Stage
The Approach
The Chained Exploit
Reconnaissance
Getting Physical Access
Executing the Hacks
Bringing Down the Hospital
Other Possibilities
Chained Exploit Summary
Countermeasures
Countermeasures for Physical Security Breaches and Access Systems Compromise
Countermeasures for Scanning Attacks
Countermeasures for Social Engineering
Countermeasures for Operating System Attacks
Countermeasures for Data Theft
Conclusion
Chained Corporations
Setting the Stage
The Approach
The Chained Exploit
Reconnaissance
Social Engineering Attack
More and Yet More Recon
Aggressive Active Recon
Building the Exploit Infrastructure
Testing the Exploit
Executing the Hack
Constructing the Rootkit
Game Over-The End Result
Other Possibilities
Chained Exploit Summary
Countermeasures
Countermeasures for Hackers Passively Finding Information about Your Company
Countermeasures for Social Engineering Attack on Visual IQ
Countermeasures for Recon on the Visual IQ Software
Countermeasures for Wi-Fi Attack on Quizzi Home Network
Countermeasures for the Keylogger Attack
Conclusion
Gain Physical Access to Healthcare Records
Setting the Stage
The Approach
For More Information
The Chained Exploit
Social Engineering and Piggybacking
Gaining Physical Access
Booting into Windows with Knoppix
Modifying Personally Identifiable Information or Protected Medical Information
Chained Exploit Summary
Countermeasures
Social Engineering and Piggybacking
Lock Picking
Defeating Biometrics
Compromising a PC
Conclusion
Attracking Social Networking Sites
Setting the Stage
The Approach
The Chained Exploit
Creating a Fake MySpace Web Site
Creating the Redirection Web Site
Creating a MySpace Page
Sending a Comment
Compromising the Account
Logging In to the Hacked Account
The Results
Chained Exploit Summary
Countermeasures
Avoid Using Social Networking Sites
Use a Private Profile
Be Careful about Clicking on Links
Require Last Name / E-mail Address to Be a Friend
Do Not Post Too Much Information
Be Careful When Entering Your Username/Password
Use a Strong Password
Change Your Password Frequently
Use Anti-Phishing Tools
Conclusion
Wreaking Havoc from the Parking Lot
Setting the Stage
The Approach
For More Information
Accessing Networks Through Access Points
The Chained Exploit
Connecting to an Access Point
Performing the Microsoft Kerberos Preauthentication Attack
Cracking Passwords with RainbowCrack
Pilfering the Country Club Data
Chained Exploit Summary
Countermeasures
Secure Access Points
Configure Active Directory Properly
Use an Intrusion Prevention System or Intrusion Detection System
Update Anti-Virus Software Regularly
Computer Network Security Checklist
Conclusion
Index

×
Free shipping on orders over $35*

*A minimum purchase of $35 is required. Shipping is provided via FedEx SmartPost® and FedEx Express Saver®. Average delivery time is 1 – 5 business days, but is not guaranteed in that timeframe. Also allow 1 - 2 days for processing. Free shipping is eligible only in the continental United States and excludes Hawaii, Alaska and Puerto Rico. FedEx service marks used by permission."Marketplace" orders are not eligible for free or discounted shipping.

Learn more about the TextbookRush Marketplace.

×