Contents

  1. Introduction
  2. Assessment Test
  3. Chapter 1: Getting Started with Ethical Hacking
    1. Hacking: A Short History
    2. What Is an Ethical Hacker?
    3. Summary
    4. Exam Essentials
    5. Review Questions
  4. Chapter 2: System Fundamentals
    1. Exploring Network Topologies
    2. Working with the Open Systems Interconnection Model
    3. Dissecting the TCP/IP Suite
    4. IP Subnetting
    5. Hexadecimal vs. Binary
    6. Exploring TCP/IP Ports
    7. Understanding Network Devices
    8. Working with MAC Addresses
    9. Intrusion Prevention and Intrusion Detection Systems
    10. Network Security
    11. Knowing Operating Systems
    12. Backups and Archiving
    13. Summary
    14. Exam Essentials
    15. Review Questions
  5. Chapter 3: Cryptography
    1. Cryptography: Early Applications and Examples
    2. Cryptography in Action
    3. Understanding Hashing
    4. Issues with Cryptography
    5. Applications of Cryptography
    6. Summary
    7. Exam Essentials
    8. Review Questions
  6. Chapter 4: Footprinting and Reconnaissance
    1. Understanding the Steps of Ethical Hacking
    2. What Is Footprinting?
    3. Terminology in Footprinting
    4. Threats Introduced by Footprinting
    5. The Footprinting Process
    6. Summary
    7. Exam Essentials
    8. Review Questions
  7. Chapter 5: Scanning Networks
    1. What Is Network Scanning?
    2. Checking for Live Systems
    3. Checking for Open Ports
    4. Types of Scans
    5. OS Fingerprinting
    6. Banner Grabbing
    7. Countermeasures
    8. Vulnerability Scanning
    9. Drawing Network Diagrams
    10. Using Proxies
    11. Summary
    12. Exam Essentials
    13. Review Questions
  8. Chapter 6: Enumeration of Services
    1. A Quick Review
    2. What Is Enumeration?
    3. Windows Basics
    4. Enumeration with SNMP
    5. Unix and Linux Enumeration
    6. LDAP and Directory Service Enumeration
    7. Enumeration Using NTP
    8. SMTP Enumeration
    9. Using EXPN
    10. Using RCPT TO
    11. SMTP Relay
    12. Summary
    13. Exam Essentials
    14. Review Questions
  9. Chapter 7: Gaining Access to a System
    1. Up to This Point
    2. Summary
    3. Exam Essentials
    4. Review Questions
  10. Chapter 8: Trojans, Viruses, Worms, and Covert Channels
    1. Malware
    2. Overt and Covert Channels
    3. Summary
    4. Exam Essentials
    5. Review Questions
  11. Chapter 9: Sniffers
    1. Understanding Sniffers
    2. Using a Sniffer
    3. Switched Network Sniffing
    4. Exam Essentials
    5. Summary
    6. Review Questions
  12. Chapter 10: Social Engineering
    1. What Is Social Engineering?
    2. What Is Social Networking?
    3. Commonly Employed Threats
    4. Identity Theft
    5. Summary
    6. Exam Essentials
    7. Review Questions
  13. Chapter 11: Denial of Service
    1. Understanding DoS
    2. Understanding DDoS
    3. DoS Tools
    4. DDoS Tools
    5. DoS Defensive Strategies
    6. DoS Pen Testing Considerations
    7. Summary
    8. Exam Essentials
    9. Review Questions
  14. Chapter 12: Session Hijacking
    1. Understanding Session Hijacking
    2. Exploring Defensive Strategies
    3. Summary
    4. Exam Essentials
    5. Review Questions
  15. Chapter 13: Web Servers and Web Applications
    1. Exploring the Client-Server Relationship
    2. Summary
    3. Exam Essentials
    4. Review Questions
  16. Chapter 14: SQL Injection
    1. Introducing SQL Injection
    2. Summary
    3. Exam Essentials
    4. Review Questions
  17. Chapter 15: Wireless Networking
    1. What Is a Wireless Network?
    2. Summary
    3. Exam Essentials
    4. Review Questions
  18. Chapter 16: Evading IDSs, Firewalls, and Honeypots
    1. Honeypots, IDSs, and Firewalls
    2. Summary
    3. Exam Essentials
    4. Review Questions
  19. Chapter 17: Physical Security
    1. Introducing Physical Security
    2. Summary
    3. Exam Essentials
    4. Review Questions
  20. Appendix A: Answers to Review Questions
  21. Appendix B: About the Additional Study Tools
  22. Advertisement
  23. End User License Agreement

List of Illustrations

  1. FIGURE 1.1 Security versus convenience analysis
  2. FIGURE 1.2 The hacking process
  3. FIGURE 2.1 Bus topology
  4. FIGURE 2.2 Ring topology
  5. FIGURE 2.3 Star topology
  6. FIGURE 2.4 Mesh topology
  7. FIGURE 2.5 Hybrid topology
  8. FIGURE 2.6 OSI TCP/IP comparative model
  9. FIGURE 2.7 TCP three-way handshake
  10. FIGURE 2.8 TCP sequencing
  11. FIGURE 2.9 Residential network setup
  12. FIGURE 2.10 Typical enterprise network
  13. FIGURE 5.1 The three-way handshake
  14. FIGURE 5.2 Half-open scan against closed and open ports
  15. FIGURE 5.3 Xmas tree scan
  16. FIGURE 5.4 An FIN scan against a closed port and an open port
  17. FIGURE 5.5 A NULL scan against a closed and an open port
  18. FIGURE 5.6 Results of a banner grab
  19. FIGURE 5.7 A network map built by a network-mapping software package
  20. FIGURE 8.1 JPS Virus Maker user interface
  21. FIGURE 8.2 TCPView interface
  22. FIGURE 9.1 TCP three-way handshake packet
  23. FIGURE 9.2 Macof MAC flood
  24. FIGURE 9.3 Cain and Abel
  25. FIGURE 11.1 Basic program stack
  26. FIGURE 11.2 Smashing the stack
  27. FIGURE 11.3 Smashing the stack
  28. FIGURE 12.1 Session hijack
  29. FIGURE 12.2 Active attack
  30. FIGURE 12.3 Passive attack
  31. FIGURE 12.4 Spoofing
  32. FIGURE 12.5 Source routing
  33. FIGURE 12.6 Desynchronizing a connection
  34. FIGURE 12.7 TCP three-way handshake
  35. FIGURE 12.8 MITM attack
  36. FIGURE 15.1 A Yagi antenna
  37. FIGURE 15.2 A parabolic antenna
  38. FIGURE 17.1 A drive degausser
  39. FIGURE 17.2 A mantrap installed in a lobby
  40. FIGURE 17.3 One kind of cipher lock
  41. FIGURE 17.4 Lock-picking tools

List of Tables

  1. TABLE 1.1 Available types of pen tests
  2. TABLE 2.1 Hex, binary, and decimal
  3. TABLE 2.2 Well-known ports
  4. TABLE 2.3 Registered ports of interest
  5. TABLE 3.1 Cracking times for 40- and 56-bit keys
  6. TABLE 5.1 TCP flags
  7. TABLE 5.2 Results of UDP scanning against closed and open ports
  8. TABLE 5.3 Active vs. passive fingerprinting
  9. TABLE 9.1 Wireshark filters
  10. TABLE 9.2 Wireshark filter breakdown
  11. TABLE 9.3 Wireshark CLI tools
  12. TABLE 12.1 Dissected IDs
  13. TABLE 15.1 Wireless standards
  14. TABLE 15.2 Common wireless terms
  15. Exercise 2.1 Finding the maC address
  16. Exercise 4.1 Finding the IP Address of a Website
  17. Exercise 4.2 Examining a Site
  18. Exercise 7.1 Extracting Hashes from a System
  19. Exercise 7.2 Creating Rainbow Tables
  20. Exercise 7.3 Working with Rainbow Crack
  21. Exercise 7.4 PSPV
  22. Exercise 8.1 Creating a Simple Virus
  23. Exercise 8.2 Using Netstat to Detect Open Ports
  24. Exercise 8.3 Using TCPView to Track Port Usage
  25. Exercise 9.1 Sniffing with Wireshark
  26. Exercise 9.2 Sniffing with TCPdump
  27. Exercise 9.3 Understanding Packet Analysis
  28. Exercise 11.1 Performing a SYN Flood
  29. Exercise 11.2 Seeing LOIC in Action
  30. Exercise 12.1 Performing an MITM Attack
  31. Exercise 13.1 Performing a Password Crack

Pages

  1. iii
  2. iv
  3. v
  4. vii
  5. viii
  6. xxi
  7. xxii
  8. xxiii
  9. xxiv
  10. xxv
  11. xxvi
  12. xxvii
  13. xxviii
  14. xxix
  15. xxx
  16. xxxi
  17. xxxii
  18. xxxiii
  19. xxxiv
  20. xxxv
  21. xxxvi
  22. xxxvii
  23. xxxviii
  24. 1
  25. 2
  26. 3
  27. 4
  28. 5
  29. 6
  30. 7
  31. 8
  32. 9
  33. 10
  34. 11
  35. 12
  36. 13
  37. 14
  38. 15
  39. 16
  40. 17
  41. 18
  42. 19
  43. 20
  44. 21
  45. 22
  46. 23
  47. 24
  48. 25
  49. 26
  50. 27
  51. 28
  52. 29
  53. 30
  54. 31
  55. 32
  56. 33
  57. 34
  58. 35
  59. 36
  60. 37
  61. 38
  62. 39
  63. 40
  64. 41
  65. 42
  66. 43
  67. 44
  68. 45
  69. 46
  70. 47
  71. 48
  72. 49
  73. 50
  74. 51
  75. 52
  76. 53
  77. 54
  78. 55
  79. 56
  80. 57
  81. 58
  82. 59
  83. 60
  84. 61
  85. 62
  86. 63
  87. 64
  88. 65
  89. 66
  90. 67
  91. 68
  92. 69
  93. 70
  94. 71
  95. 72
  96. 73
  97. 74
  98. 75
  99. 76
  100. 77
  101. 78
  102. 79
  103. 80
  104. 81
  105. 82
  106. 83
  107. 84
  108. 85
  109. 86
  110. 87
  111. 88
  112. 89
  113. 90
  114. 91
  115. 92
  116. 93
  117. 94
  118. 95
  119. 96
  120. 97
  121. 98
  122. 99
  123. 100
  124. 101
  125. 102
  126. 103
  127. 104
  128. 105
  129. 106
  130. 107
  131. 108
  132. 109
  133. 110
  134. 111
  135. 112
  136. 113
  137. 114
  138. 115
  139. 116
  140. 117
  141. 118
  142. 119
  143. 120
  144. 121
  145. 122
  146. 123
  147. 124
  148. 125
  149. 126
  150. 127
  151. 128
  152. 129
  153. 130
  154. 131
  155. 132
  156. 133
  157. 134
  158. 135
  159. 136
  160. 137
  161. 138
  162. 139
  163. 140
  164. 141
  165. 142
  166. 143
  167. 144
  168. 145
  169. 146
  170. 147
  171. 148
  172. 149
  173. 150
  174. 151
  175. 152
  176. 153
  177. 154
  178. 155
  179. 156
  180. 157
  181. 158
  182. 159
  183. 160
  184. 161
  185. 162
  186. 163
  187. 164
  188. 165
  189. 166
  190. 167
  191. 168
  192. 169
  193. 170
  194. 171
  195. 172
  196. 173
  197. 174
  198. 175
  199. 176
  200. 177
  201. 178
  202. 179
  203. 180
  204. 181
  205. 182
  206. 183
  207. 184
  208. 185
  209. 186
  210. 187
  211. 188
  212. 189
  213. 190
  214. 191
  215. 192
  216. 193
  217. 194
  218. 195
  219. 196
  220. 197
  221. 198
  222. 199
  223. 200
  224. 201
  225. 202
  226. 203
  227. 204
  228. 205
  229. 206
  230. 207
  231. 208
  232. 209
  233. 210
  234. 211
  235. 212
  236. 213
  237. 214
  238. 215
  239. 216
  240. 217
  241. 218
  242. 219
  243. 220
  244. 221
  245. 222
  246. 223
  247. 224
  248. 225
  249. 226
  250. 227
  251. 228
  252. 229
  253. 230
  254. 231
  255. 232
  256. 233
  257. 234
  258. 235
  259. 236
  260. 237
  261. 238
  262. 239
  263. 240
  264. 241
  265. 242
  266. 243
  267. 244
  268. 245
  269. 246
  270. 247
  271. 248
  272. 249
  273. 250
  274. 251
  275. 252
  276. 253
  277. 254
  278. 255
  279. 256
  280. 257
  281. 258
  282. 259
  283. 260
  284. 261
  285. 262
  286. 263
  287. 264
  288. 265
  289. 266
  290. 267
  291. 268
  292. 269
  293. 270
  294. 271
  295. 272
  296. 273
  297. 274
  298. 275
  299. 276
  300. 277
  301. 278
  302. 279
  303. 280
  304. 281
  305. 282
  306. 283
  307. 284
  308. 285
  309. 286
  310. 287
  311. 288
  312. 289
  313. 290
  314. 291
  315. 292
  316. 293
  317. 294
  318. 295
  319. 296
  320. 297
  321. 298
  322. 299
  323. 300
  324. 301
  325. 302
  326. 303
  327. 304
  328. 305
  329. 306
  330. 307
  331. 308
  332. 309
  333. 310
  334. 311
  335. 312
  336. 313
  337. 314
  338. 315
  339. 316
  340. 317
  341. 318
  342. 319
  343. 320
  344. 321
  345. 322
  346. 323
  347. 324
  348. 325
  349. 326
  350. 327
  351. 328
  352. 329
  353. 330
  354. 331
  355. 332
  356. 333
  357. 334
  358. 335
  359. 336
  360. 337
  361. 338
  362. 339
  363. 340
  364. 341
  365. 342
  366. 343
  367. 344
  368. 345
  369. 346
  370. 347
  371. 348
  372. 349
  373. 350
  374. 351
  375. 352
  376. 353
  377. 354
  378. 355
  379. 356
  380. 357
  381. 358
  382. 359
  383. 360
  384. 361
  385. 362
  386. 363
  387. 364
  388. 365
  389. 366
  390. 367
  391. 368
  392. 369
  393. 370
  394. 371
  395. 372
  396. 373
  397. 374
  398. 375
  399. 376
  400. 377
  401. 378
  402. 379
  403. 380
  404. 381
  405. 382
  406. 383
  407. 384
  408. 385
  409. 386
  410. 387
  411. 388
  412. 389
  413. 390
  414. 391
  415. 392
  416. 393
  417. 394
  418. 395
  419. 396
  420. 397
  421. 398
  422. 399
  423. 400
  424. 401
  425. 402
  426. 403
  427. 404
  428. 405
  429. 406
  430. 407
  431. 408
  432. 409
  433. 410
  434. 411
  435. 412
  436. 413
  437. 414
  438. 415
  439. 416
  440. 417
  441. 418
  442. 419
  443. 420
  444. 421
  445. 422
  446. 423
  447. 424
  448. 425
  449. 426
  450. 427
  451. 428
  452. 429
  453. 430
  454. 431
  455. 432
  456. 433
  457. 434
  458. 435
  459. 436
  460. 437
  461. 438
  462. 439
  463. 440
  464. 464

Guide

  1. Cover
  2. Table of Contents
  3. Begin Reading