Skip to content
Cart (0) Free shipping over $35*
Buybacks (0) Free shipping on buybacks
loading
Help Contact
Return rental ›

Hacking Exposed: Network Security Secrets and Solutions, Fourth Edition

Best in textbook rentals since 2012!

ISBN-10: 0072227427

ISBN-13: 9780072227420

Edition: 4th 2003

Authors: Stuart McClure, Joel Scambray, George Kurtz

List price: $49.99
Blue ribbon 30 day, 100% satisfaction guarantee!
Marketplace
4 new & used from $3.79
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

Customers also bought

Book details

List price: $49.99
Edition: 4th
Copyright year: 2003
Publisher: McGraw-Hill Osborne
Binding: Paperback
Pages: 784
Size: 7.25" wide x 9.00" long x 1.75" tall
Weight: 2.838
Language: English

Joel Scambray, CISSP , is Chief Strategy Officer at Leviathan Security Group (leviathansecurity.com). His nearly 15 years of information security experience encompasses roles as a corporate leader (senior management positions at Microsoft and Ernst & Young), entrepreneur (co-founder of Foundstone), successful technical consultant for Fortune 500 firms, and internationally recognized speaker and author of multiple security books, including all five editions of Hacking Exposed: Network Security Secrets & Solutions . Stuart McClure, CISSP , an independent computer security consultant, is one of today's leading authorities on information security. He was SVP of Global Threats and Research for…    

Forewordp. xv
Acknowledgmentsp. xix
Introductionp. xxi
Casing the Establishment
Case Study: Network Security Monitoringp. 2
Footprintingp. 9
What Is Footprinting?p. 10
Internet Footprintingp. 11
Determine the Scope of Your Activitiesp. 12
Network Enumerationp. 16
DNS Interrogationp. 25
Network Reconnaissancep. 29
Summaryp. 33
Scanningp. 35
Determining If the System Is Alivep. 36
Determining Which Services Are Running or Listeningp. 44
Scan Typesp. 44
Identifying TCP and UDP Services Runningp. 46
Windows-Based Port Scannersp. 52
Port Scanning Breakdownp. 57
Detecting the Operating Systemp. 60
Active Stack Fingerprintingp. 61
Passive Stack Fingerprintingp. 64
The Whole Enchilada: Automated Discovery Toolsp. 66
Summaryp. 68
Enumerationp. 69
Basic Banner Grabbingp. 71
Enumerating Common Network Servicesp. 73
Summaryp. 123
System Hacking
Case Study: The Perils of Pen-Testingp. 126
Hacking Windows 95/98 and Mep. 129
Windows 9x Remote Exploitsp. 131
Direct Connection to Windows 9x Shared Resourcesp. 131
Windows 9x Backdoor Servers and Trojansp. 137
Known Server Application Vulnerabilitiesp. 142
Windows 9x Local Exploitsp. 143
Windows Millennium Edition (Me)p. 150
Windows Me Remote Attacksp. 150
Windows Me Local Attacksp. 150
Summaryp. 152
Hacking the Windows NT Familyp. 153
Overviewp. 155
What's Not Coveredp. 156
Unauthenticated Attacksp. 156
Server Message Block (SMB) Attacksp. 156
IIS Attacksp. 175
Authenticated Attacksp. 185
Privilege Escalationp. 185
Pilferingp. 190
Remote Control and Back Doorsp. 200
Port Redirectionp. 204
General Countermeasures to Authenticated Compromisep. 206
Covering Tracksp. 210
NT Family Security Featuresp. 212
Keeping Up with Patchesp. 212
Group Policyp. 213
IPSecp. 215
runasp. 216
NET Frameworkp. 217
Internet Connection Firewallp. 217
The Encrypting File System (EFS)p. 217
A Note on Raw Sockets and Other Unsubstantiated Claimsp. 218
Summaryp. 219
Novell NetWare Hackingp. 221
Attaching but Not Touchingp. 223
Enumerating Bindery and Treesp. 224
Opening the Unlocked Doorsp. 231
Authenticated Enumerationp. 233
Gaining Adminp. 238
Application Vulnerabilitiesp. 241
Spoofing Attacks (Pandora)p. 248
Once You Have Admin on a Serverp. 251
Owning the NDS Filesp. 253
Log Doctoringp. 259
Console Logsp. 260
Summaryp. 263
Hacking UNIXp. 265
The Quest for Rootp. 266
A Brief Reviewp. 266
Vulnerability Mappingp. 267
Remote Access vs. Local Accessp. 267
Remote Accessp. 268
Data Driven Attacksp. 272
I Want My Shellp. 279
Common Types of Remote Attacksp. 283
Local Accessp. 307
After Hacking Rootp. 321
Rootkitsp. 322
Rootkit Recoveryp. 333
Summaryp. 334
Network Hacking
Case Study: Tunneling Out of Firewallsp. 338
Dial-Up, PBX, Voicemail, and VPN Hackingp. 341
Preparing to Dial Upp. 342
War-Dialingp. 344
Hardwarep. 344
Legal Issuesp. 345
Peripheral Costsp. 346
Softwarep. 346
Brute-Force Scripting--The Home-Grown Wayp. 362
PBX Hackingp. 374
Voicemail Hackingp. 378
Virtual Private Network (VPN) Hackingp. 383
Summaryp. 388
Network Devicesp. 391
Discoveryp. 392
Detectionp. 392
Autonomous System Lookupp. 396
Normal Traceroutep. 396
Traceroute with ASN Informationp. 397
show ip bgpp. 397
Public Newsgroupsp. 398
Service Detectionp. 399
Network Vulnerabilityp. 405
OSI Layer 1p. 406
OSI Layer 2p. 406
Detecting Layer 2 Mediap. 406
Switch Sniffingp. 408
OSI Layer 3p. 416
Dsniffp. 418
Misconfigurationsp. 420
Route Protocol Hackingp. 427
Summaryp. 437
Wireless Hackingp. 439
Wireless Footprintingp. 440
Equipmentp. 441
Wireless Scanning and Enumerationp. 455
Wireless Sniffersp. 456
Wireless Monitoring Toolsp. 458
MAC Access Controlp. 467
Gaining Access (Hacking 802.11)p. 468
MAC Access Controlp. 470
Attacks Against the WEP Algorithmp. 471
Securing WEPp. 473
Tools That Exploit WEP Weaknessesp. 473
Denial of Service (DoS) Attacksp. 477
An 802.1x Overviewp. 477
Summaryp. 479
Firewallsp. 481
Firewall Landscapep. 482
Firewall Identificationp. 483
Advanced Firewall Discoveryp. 487
Scanning Through Firewallsp. 490
Packet Filteringp. 494
Application Proxy Vulnerabilitiesp. 498
WinGate Vulnerabilitiesp. 500
Summaryp. 502
Denial of Service (DoS) Attacksp. 503
Motivation of DoS Attackersp. 504
Types of DoS Attacksp. 505
Bandwidth Consumptionp. 505
Resource Starvationp. 506
Programming Flawsp. 506
Routing and DNS Attacksp. 507
Generic DoS Attacksp. 508
Sites Under Attackp. 510
UNIX and Windows DoSp. 514
Remote DoS Attacksp. 514
Distributed Denial of Service Attacksp. 518
Local DoS Attacksp. 524
Summaryp. 525
Software Hacking
Case Study: You Say Goodbye, I Say Hellop. 528
Remote Control Insecuritiesp. 529
Discovering Remote Control Softwarep. 530
Connectingp. 531
Weaknessesp. 532
Virtual Network Computing (VNC)p. 539
Microsoft Terminal Server and Citrix ICAp. 543
Serverp. 544
Clientsp. 544
Data Transmissionp. 544
Finding Targetsp. 544
Attacking Terminal Serverp. 547
Additional Security Considerationsp. 551
Resourcesp. 552
Summaryp. 553
Advanced Techniquesp. 555
Session Hijackingp. 556
Back Doorsp. 558
Trojansp. 580
Cryptographyp. 583
Terminologyp. 583
Classes of Attacksp. 583
Secure Shell (SSH) Attacksp. 584
Subverting the System Environment: Rootkits and Imaging Toolsp. 586
Social Engineeringp. 589
Summaryp. 591
Web Hackingp. 593
Web Server Hackingp. 594
Source Code Disclosurep. 595
Canonicalization Attacksp. 597
WebDAV Vulnerabilitiesp. 597
Buffer Overflowsp. 600
ColdFusion Vulnerabilitiesp. 609
Web Server Vulnerability Scannersp. 611
Web Application Hackingp. 612
Finding Vulnerable Web Apps with Googlep. 613
Web Crawlingp. 614
Web Application Assessmentp. 615
Common Web Application Vulnerabilitiesp. 623
Summaryp. 629
Hacking the Internet Userp. 631
Malicious Mobile Codep. 633
Microsoft ActiveXp. 633
Java Security Holesp. 645
Beware the Cookie Monsterp. 649
Internet Explorer HTML Frame Vulnerabilitiesp. 654
SSL Fraudp. 656
E-mail Hackingp. 659
Mail Hacking 101p. 659
Executing Arbitrary Code Through E-Mailp. 662
Outlook Address Book Wormsp. 676
File Attachment Attacksp. 679
Writing Attachments to Disk Without User Interventionp. 682
Invoking Outbound Client Connectionsp. 687
IRC Hackingp. 690
Global Countermeasures to Internet User Hackingp. 692
Summaryp. 693
Appendixes
Portsp. 697
Top 14 Security Vulnerabilitiesp. 703
Indexp. 705
Table of Contents provided by Ingram. All Rights Reserved.
  • TextbookRush.com BBB Business Review
  • Trustpilot
Like TextbookRush on Facebook Follow TextbookRush on X Follow TextbookRush on Instagram Subscribe to TextbookRush on YouTube Follow TextbookRush on Pinterest Add TextbookRush on Snapchat Add TextbookRush on TikTok
© 2002-2024 TextbookRush
Subscribe