Acknowledgments | p. xvii |
HackNotes: The Series | p. xix |
Introduction | p. xxiii |
Reference Center | |
Common System Commands | p. 2 |
Windows System and Network Commands | p. 2 |
Windows Enumeration Commands and Tools | p. 3 |
Common DOS Commands | p. 5 |
UNIX System and Network Commands | p. 6 |
Specific UNIX Enumeration Commands | p. 9 |
Netcat Remote Shell Commands | p. 10 |
Router Commands | p. 11 |
IP Addressing and Subnetting | p. 12 |
Network Ranges | p. 12 |
Usable Hosts and Networks | p. 12 |
Private, Nonroutable IP Ranges | p. 13 |
Password and Log File Locations | p. 13 |
Most Useful Ports and Services in the Hacking Process | p. 14 |
Common Remote-Access Trojans and Ports | p. 16 |
Common Trojan Ports | p. 17 |
Dangerous File Attachments "Drop List" | p. 18 |
Common and Default Passwords | p. 20 |
Decimal, Hex, Binary, ASCII Conversion Table | p. 21 |
Windows and UNIX Hacking Steps | p. 24 |
Must-Have Free (or Low Cost) Tools | p. 29 |
Network Security Principles and Methodologies | |
Security Principles and Components | p. 3 |
Asset and Risk Based INFOSEC Lifecycle Model | p. 4 |
ARBIL Outer Wheel | p. 4 |
ARBIL Inner Wheel | p. 6 |
Confidentiality, Integrity, and Availability--the CIA Model | p. 7 |
Confidentiality | p. 7 |
Integrity | p. 8 |
Availability | p. 8 |
A Glimpse at the Hacking Process | p. 8 |
Attack Trees | p. 9 |
Information Security Threats List | p. 9 |
INFOSEC Target Model | p. 10 |
Vulnerability List | p. 10 |
Network Security Safeguards and Best Practices | p. 12 |
Network Security Best Practices | p. 13 |
Summary | p. 16 |
Infosec Risk Assessment and Management | p. 17 |
Risk Management Using the SMIRA Process | p. 18 |
What Is Risk Management? | p. 21 |
What Is Risk Assessment? | p. 21 |
Risk Assessment Components | p. 23 |
Risk Assessment Terminology and Component Definitions | p. 26 |
Asset | p. 26 |
Threat | p. 28 |
Threat Agent/Actor and Threat Act | p. 28 |
Threat Indicators | p. 29 |
Vulnerability | p. 29 |
Threat Consequences | p. 30 |
Impact | p. 30 |
Risk | p. 30 |
Safeguards and Controls | p. 30 |
Conducting a Risk Assessment | p. 32 |
Summary | p. 34 |
Hacking Techniques and Defenses | |
Hacking Concepts | p. 37 |
Hacking Model | p. 38 |
Reconnaissance | p. 38 |
Compromise | p. 41 |
Leverage | p. 42 |
Targeting List | p. 43 |
Attack Trees | p. 44 |
Infrastructure | p. 45 |
Application | p. 46 |
Summary | p. 47 |
Reconnaissance | p. 49 |
Collect and Assess | p. 50 |
Identification of the Enterprise | p. 50 |
Identification of Registered Domains | p. 51 |
Identification of Addresses | p. 51 |
Scan | p. 52 |
DNS Discovery | p. 53 |
ICMP Scan | p. 54 |
TCP Scan | p. 55 |
UDP Scan | p. 56 |
Enumerate | p. 57 |
Services Enumeration | p. 57 |
Advanced Stack Enumeration | p. 61 |
Source Port Scanning | p. 62 |
Application Enumeration | p. 63 |
Service Enumeration | p. 63 |
Banner Nudges | p. 69 |
Client Connections | p. 70 |
Summary | p. 71 |
Attack, Compromise, and Escalate | p. 73 |
UNIX Exploits | p. 74 |
Remote UNIX Attacks | p. 75 |
Remote Attacks on Insecure Services | p. 78 |
Local UNIX Attacks | p. 84 |
Windows Exploits | p. 87 |
Windows 9x/ME | p. 87 |
Remote Attacks--Windows 9x/ME | p. 87 |
Local Attacks--Windows 9x/ME | p. 89 |
Windows NT/2000 | p. 90 |
Remote Attacks--Windows NT/2000 | p. 91 |
Local Attacks--Windows | p. 94 |
Native Application Attacks--Windows NT/2000 | p. 99 |
Summary | p. 104 |
Special Topics | |
Wireless Network Security | p. 107 |
Wireless Networks | p. 108 |
Overview of 802.11 Wireless Standards | p. 108 |
Attacking the Wireless Arena | p. 110 |
The Future of 802.11 Security | p. 117 |
Summary | p. 118 |
Web Application Security | p. 119 |
A Dangerous Web | p. 120 |
Beyond Firewalls | p. 120 |
Overall Web Security | p. 121 |
Securing the Servers and Their Environments | p. 121 |
Securing Web Applications | p. 123 |
Categories of Web Application Security | p. 123 |
Authentication | p. 124 |
Authorization | p. 125 |
Session Management | p. 127 |
Input Parameters | p. 128 |
Encryption | p. 131 |
Miscellaneous | p. 132 |
General Web Application Assessment/Hacking | p. 134 |
Methodology | p. 135 |
Summary | p. 139 |
Common Intruder Tactics | p. 141 |
Social Engineering | p. 142 |
They Seem Legitimate! | p. 144 |
Final Thoughts on Social Engineering | p. 147 |
Network Sniffing--What Are Sniffers? | p. 147 |
Why Will a Hacker Use Them? | p. 148 |
Commonly Used Sniffers | p. 148 |
How Do You Detect Sniffers? | p. 153 |
Exploiting Software Design and Implementation Flaws | p. 157 |
Buffers--What Are They? | p. 158 |
Developing the Exploit Code | p. 162 |
Final Thoughts on Design and Implementation Flaws | p. 163 |
War Dialing and PBX Hacking | p. 163 |
Overview of Security Implications | p. 164 |
Types of Dial-Up Systems to Protect | p. 165 |
Top Three War Dialing Tools | p. 173 |
Summary | p. 175 |
Incident Response | p. 177 |
Signs of Being Hacked | p. 178 |
Trojan Horse Programs | p. 178 |
Rootkits | p. 180 |
Identifying a Compromise | p. 181 |
Network | p. 182 |
User Accounts and User Groups | p. 182 |
File Systems/Volumes and Processes | p. 184 |
Logging | p. 186 |
Incident Recovery Checklist | p. 187 |
Identify and Disable | p. 187 |
Notify and Plan | p. 188 |
Implement Countermeasures and Heighten Awareness | p. 188 |
Recover and Rebuild | p. 189 |
Wrap Up and Analyze | p. 190 |
Summary | p. 191 |
Security Assessment/Hardening Checklists | p. 193 |
System Assessment and Hardening Concepts | p. 194 |
System and Host Hardening Methodology | p. 196 |
Checklists | p. 196 |
Microsoft Windows | p. 197 |
UNIX | p. 199 |
Web Server | p. 203 |
FTP Service | p. 205 |
DNS | p. 206 |
Mail | p. 206 |
Router | p. 207 |
Wired Network | p. 209 |
Wireless Network | p. 211 |
Physical Security | p. 212 |
Summary | p. 215 |
Web Resources | p. 217 |
Various Security News and Informational Sites | p. 218 |
Exploits and Hacking Information | p. 219 |
Various Word Lists for Brute-Forcing | p. 219 |
Default Password Lists | p. 219 |
Lookup Port Numbers | p. 220 |
Information about Trojan Horses | p. 220 |
Education/Certification/Organizations | p. 220 |
Publications | p. 221 |
Security Mailing Lists | p. 221 |
Conferences | p. 221 |
Government Affiliated | p. 221 |
Miscellaneous Interesting Items | p. 222 |
Index | p. 223 |
Table of Contents provided by Ingram. All Rights Reserved. |