Hands-On Ethical Hacking and Network Defense

Name: Hands-On Ethical Hacking and Network Defense
Price: 5.7 USD
Availability: InStock
ISBN: 9781133935612

ISBN-10: 1133935613

ISBN-13: 9781133935612

Edition: 2013

Authors: Michael T. Simpson, Kent Backman, James Corley

List price: $39.00

30 day, 100% satisfaction guarantee!

Marketplace

1 new & used from $5.70

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Description:

Learn the art of ethical hacking and security testing with HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE. Covering the tools and techniques ethical hackers and security testers use to assess and protect computer networks, this book will help you develop the critical thinking skills and creativity essential to becoming a knowledgeable, efficient computer security professional. It provides practical knowledge in computer programming, documentation of security tests, and ethical and legal ramifications. It also covers the basics of programming with C, HTML and Perl as they relate to network and computer security--and Web applications, wireless networks, and TCP/IP as well. With the continued…

Book details

List price: $39.00
Copyright year: 2013
Publisher: Course Technology
Publication date: 4/17/2012
Binding: Paperback
Pages: 464
Size: 7.75" wide x 9.50" long x 1.00" tall
Weight: 2.134
Language: English

Michael T. Simpson has 20 years of experience in IT as a software engineer, network engineer, database administrator, and security professional. He worked for the Department of Defense for 12 years, serving as Information Systems Security Officer for three years. Michael is also the president of MTS Consulting, Inc., an IT consulting company. He holds the following certifications: OPST, OPSA (OSSTMM Professional Security Tester/Analyst), CEH (Certified Ethical Hacker, EC-Council), CompTIA Security + and Network+, MCSE, MCDBA, MCSD, MCDST, and OCP (Oracle Certified Professional). Michael has co-authored Guide to Novell NetWare 6.0 Administration (2003) and Guide to Novell NetWare 6.0/6.5…

Kent Backman's expertise is in intrusion analysis, network vulnerability assessment, and open-source solution engineering. His interest and skill in ethical hacking developed while managing Web servers for Fortune 500 companies. An analyst for several security incident response teams, Kent also spent several years in Baghdad as part of the advisory team to the Iraq Ministry of Defense, specializing in network security and Linux engineering. He holds RHCT, MCSA, CISSP, and CEH certifications and is a network security consultant in Honolulu.

James (Jim) Corley has more than 25 years of experience in IT as a systems analyst, network engineer, and security professional. He worked for the Department of Defense (DoD) for nine years as a database administrator and information systems security officer. For the past 16 years, Jim has been a consultant to the DoD on dozens of IT programs supporting both classified and unclassified voice, video, and data systems. He has been a Certified Information Systems Security Professional (CISSP) since 2002.



Introduction


Methods for Running BackTrack Linux



Ethical Hacking Overview


Introduction to Ethical Hacking


The Role of Security and Penetration Testers


Penetration-Testing Methodologies


Certification Programs for Network Security Personnel


What You Can Do Legally


Laws of the Land


Is Port Scanning Legal?


Federal Laws


What You Cannot Do Legally


Get It in Writing


Ethical Hacking in a Nutshell


Chapter Summary



TCP/IP Concepts Review


Overview of TCP/IP


The Application Layer


The Transport Layer


The Internet Layer


IP Addressing


Planning IP Address Assignments


IPv6 Addressing


Overview of Numbering Systems


Reviewing the Binary Numbering System


Reviewing the Octal Numbering System


Reviewing the Hexadecimal Numbering System


Chapter Summary



Network and Computer Attacks


Malicious Software (Malware)


Viruses


Macro Viruses


Worms


Trojan Programs


Spyware


Adware


Protecting Against Malware Attacks


Educating Your Users


Intruder Attacks on Networks and Computers


Denial-of-Service Attacks


Distributed Denial-of-Service Attacks


Buffer Overflow Attacks


Ping of Death Attacks


Session Hijacking


Addressing Physical Security


Keyloggers


Behind Locked Doors


Chapter Summary



Footprinting and Social Engineering


Using Web Tools for Footprinting


Conducting Competitive Intelligence


Analyzing a Company's Web Site


Using Other Footprinting Tools


Using E-mail Addresses


Using HTTP Basics


Other Methods of Gathering Information


Using Domain Name System Zone Transfers


Introduction to Social Engineering


The Art of Shoulder Surfing


The Art of Dumpster Diving


The Art of Piggybacking


Phishing


Chapter Summary



Port Scanning


Introduction to Port Scanning


Types of Port Scans


Using Port-Scanning Tools


Nmap


Unicornscan


Nessus and OpenVAS


Conducting Ping Sweeps


Fping


Hping


Crafting IP Packets


Understanding Scripting


Scripting Basics


Chapter Summary



Enumeration


Introduction to Enumeration


Enumerating Windows Operating Systems


NetBIOS Basics


NetBIOS Enumeration Tools


Additional Enumeration Tools


Enumerating the NetWare Operating System


NetWare Enumeration Tools


Enumerating the *nix Operating System


UNIX Enumeration


Chapter Summary



Programming for Security Professionals


Introduction to Computer Programming


Programming Fundamentals


Learning the C Language


Anatomy of a C Program


Understanding HTML Basics


Creating a Web Page with HTML


Understanding Perl


Background on Perl


Understanding the Basics of Perl


Understanding the BLT of Perl


Understanding Object-Oriented Programming Concepts


Components of Object-Oriented Programming


An Overview of Ruby


Chapter Summary



Desktop and Server OS Vulnerabilities


Windows OS Vulnerabilities


Windows File Systems


Remote Procedure Call


NetBIOS


Server Message Block


Common Internet File System


Null Sessions


Web Services


SQL Server


Buffer Overflows


Passwords and Authentication


Tools for Identifying Vulnerabilities in Windows


Built-in Windows Tools


Best Practices for Hardening Windows Systems


Patching Systems


Antivirus Solutions


Enable Logging and Review Logs Regularly


Disable Unused Services and Filtering Ports


Other Security Best Practices


Linux OS Vulnerabilities


Samba


Tools for Identifying Linux Vulnerabilities


More Countermeasures Against Linux Attacks


Chapter Summary



Embedded Operating Systems: The Hidden Threat


Introduction to Embedded Operating Systems


Windows and Other Embedded Operating Systems


Other Proprietary Embedded OSs


*Nix Embedded OSs


Vulnerabilities of Embedded OSs


Embedded OSs Are Everywhere


Embedded OSs Are Networked


Embedded OSs Are Difficult to Patch


Embedded OSs Are in Networking Devices


Embedded OSs Are in Network Peripherals


Supervisory Control and Data Acquisition Systems


Cell Phones, Smartphones, and PDAs


Rootkits


Best Practices for Protecting Embedded OSs


Chapter Summary



Hacking Web Servers


Understanding Web Applications


Web Application Components


Using Scripting Languages


Connecting to Databases


Understanding Web Application Vulnerabilities


Application Vulnerabilities and Countermeasures


Assessing Web Applications


Tools for Web Attackers and Security Testers


Web Tools


Chapter Summary



Hacking Wireless Networks


Understanding Wireless Technology


Components of a Wireless Network


Understanding Wireless Network Standards


The 802.11 Standard


An Overview of Wireless Technologies


Additional IEEE 802.11 Projects


Understanding Authentication


The 802.1X Standard


Understanding Wardriving


How It Works


Understanding Wireless Hacking


Tools of the Trade


Countermeasures for Wireless Attacks


Chapter Summary



Cryptography


Understanding Cryptography Basics


History of Cryptography


Understanding Symmetric and Asymmetric Algorithms


Symmetric Algorithms


Asymmetric Algorithms


Digital Signatures


Sensitive Data Encryption


Hashing Algorithms


Understanding Public Key Infrastructure


Components of PKI


Understanding Cryptography Attacks


Birthday Attack


Mathematical Attacks


Brute-Force Attack


Man-in-the-Middle Attack


Dictionary Attack


Replay Attack


Understanding Password Cracking


Chapter Summary



Network Protection Systems


Understanding Routers


Understanding Routing Protocols


Understanding Basic Hardware Routers


Understanding Access Control Lists


Understanding Firewalls


Understanding Firewall Technology


Implementing a Firewall


Understanding the Cisco Adaptive Security Appliance Firewall


Using Configuration and Risk Analysis Tools for Firewalls and Routers


Understanding Intrusion Detection and Prevention Systems


Network-Based and Host-Based IDSs and IPSs


Web Filtering


Security Incident Response Teams


Understanding Honeypots


How Honeypots Work


Chapter Summary



Legal Resources



Resources



Virtualization and Ethical Hacking


Virtualization and Security Testing


Virtualization Vulnerabilities


Installing and Using Virtualization Software


Overview of VMware Server


Downloading and Installing VMware Server


Creating a Virtual Machine and Installing a Guest OS


Configuring Networking Options


Configuring Hardware Options


Installing VMware Tools


Glossary


Index