Nowhere is the term hacker more misconstrued than in the network security field. This is understandable because the very same tools that network security professionals use to probe the robustness of their own networks also can be used to launch attacks on any machine on the Internet. The difference between system administrators legitimately testing their own machines and system crackers attempting to gain unauthorized access isn’t so much a question of techniques or tools, but a matter of intent. After all, as with any powerful piece of technology, a security tool isn’t inherently good or bad—this determination depends entirely on how it is used. The same hammer can be used to either build a wall or knock it down.
The difference between “white hat” and “black hat” hackers lies not in the tools or techniques they use (or even the color of their hats), but in their intentions. The difference is subtle but important. White hat hackers find that building secure systems presents an interesting challenge, and the security of such systems can be truly tested only through a thorough knowledge of how to subvert them. Black hat hackers (more appropriately called crackers) pursue precisely the same knowledge, but without regard for the people who built the systems or the servers they attack. They use their knowledge to subvert these systems for their own personal gain, often to the detriment of the systems they infiltrate.
Of course, tales of daring international techno-robberies and black-clad, cigarette-smoking, laptop-wielding evil masterminds tend to sell better than simple tales of engineers who build strong networks, so the term hacking has gained a bad reputation in the popular press. They use it to refer to individuals who break into systems or who wreak havoc using computers as their weapon. Among people who solve problems, though, the term hack refers to a “quick-and-dirty” solution to a problem, or a clever way to get something done. And the term hacker is taken very much as a compliment, referring to someone as being creative, i.e., having the technical chops to get things done. The Hacks series is an attempt to reclaim this word, document the ways people are hacking (in a good way), and pass the hacker ethic of creative participation on to the uninitiated. Seeing how others approach systems and problems is often the quickest way to learn about a new technology. Only by openly discussing security flaws and implementations can we hope to build stronger systems.
This second edition of Network Security Hacks is a grimoire of 125 powerful security techniques. This volume demonstrates effective methods for defending your servers and networks from a variety of devious and subtle attacks. Within this book are examples of how to detect the presence (and track every keystroke) of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be system crackers. Many important security tools are presented, as well as clever methods for using them to reveal real, useful information about what is happening on your network.