Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Cover Page
Hacking Exposed ™ 7: Network Security Secrets & Solutions
Copyright Page
Dedication
Contents
Foreword
Acknowledgments
Introduction
Part I Casing the Establishment
Case Study
IAAAS—It’s All About Anonymity, Stupid
Tor-menting the Good Guys
1 Footprinting
What Is Footprinting
Why Is Footprinting Necessary
Internet Footprinting
Step 1: Determine the Scope of Your Activities
Step 2: Get Proper Authorization
Step 3: Publicly Available Information
Step 4: WHOIS & DNS Enumeration
Step 5: DNS Interrogation
Step 6: Network Reconnaissance
Summary
2 Scanning
Determining If the System Is Alive
ARP Host Discovery
ICMP Host Discovery
TCP/UDP Host Discovery
Determining Which Services Are Running or Listening
Scan Types
Identifying TCP and UDP Services Running
Detecting the Operating System
Making Guesses from Available Ports
Active Stack Fingerprinting
Passive Stack Fingerprinting
Processing and Storing Scan Data
Managing Scan Data with Metasploit
Summary
3 Enumeration
Service Fingerprinting
Vulnerability Scanners
Basic Banner Grabbing
Enumerating Common Network Services
Summary
Part II Endpoint and Server Hacking
Case Study: International Intrigue
4 Hacking Windows
Overview
What’s Not Covered
Unauthenticated Attacks
Authentication Spoofing Attacks
Remote Unauthenticated Exploits
Authenticated Attacks
Privilege Escalation
Extracting and Cracking Passwords
Remote Control and Back Doors
Port Redirection
Covering Tracks
General Countermeasures to Authenticated Compromise
Windows Security Features
Windows Firewall
Automated Updates
Security Center
Security Policy and Group Policy
Microsoft Security Essentials
The Enhanced Mitigation Experience Toolkit
Bitlocker and the Encrypting File System
Windows Resource Protection
Integrity Levels, UAC, and PMIE
Data Execution Prevention (DEP)
Windows Service Hardening
Compiler-based Enhancements
Coda: The Burden of Windows Security
Summary
5 Hacking UNIX
The Quest for Root
A Brief Review
Vulnerability Mapping
Remote Access vs. Local Access
Remote Access
Data-driven Attacks
I Want My Shell
Common Types of Remote Attacks
Local Access
After Hacking Root
Rootkit Recovery
Summary
6 Cybercrime and Advanced Persistent Threats
What Is an APT
Operation Aurora
Anonymous
RBN
What APTs Are NOT
Examples of Popular APT Tools and Techniques
Common APTs Indicators
Summary
Part III Infrastructure Hacking
Case Study: Read It and WEP
7 Remote Connectivity and VoIP Hacking
Preparing to Dial Up
Wardialing
Hardware
Legal Issues
Peripheral Costs
Software
Brute-Force Scripting—The Homegrown Way
A Final Note About Brute-Force Scripting
PBX Hacking
Voicemail Hacking
Virtual Private Network (VPN) Hacking
Basics of IPSec VPNs
Hacking the Citrix VPN Solution
Voice over IP Attacks
Attacking VoIP
Summary
8 Wireless Hacking
Background
Frequencies and Channels
Session Establishment
Security Mechanisms
Equipment
Wireless Adapters
Operating Systems
Miscellaneous Goodies
Discovery and Monitoring
Finding Wireless Networks
Sniffing Wireless Traffic
Denial of Service Attacks
Encryption Attacks
WEP
Authentication Attacks
WPA Pre-Shared Key
WPA Enterprise
Summary
9 Hacking Hardware
Physical Access: Getting in the Door
Hacking Devices
Default Configurations
Owned Out of the Box
Standard Passwords
Bluetooth
Reverse Engineering Hardware
Mapping the Device
Sniffing Bus Data
Sniffing the Wireless Interface
Firmware Reversing
ICE Tools
Summary
Part IV Application and Data Hacking
Case Study
10 Web and Database Hacking
Web Server Hacking
Sample Files
Source Code Disclosure
Canonicalization Attacks
Server Extensions
Buffer Overflows
Denial of Service
Web Server Vulnerability Scanners
Web Application Hacking
Finding Vulnerable Web Apps with Google (Googledorks)
Web Crawling
Web Application Assessment
Common Web Application Vulnerabilities
Database Hacking
Database Discovery
Database Vulnerabilities
Other Considerations
Summary
11 Mobile Hacking
Hacking Android
Android Fundamentals
Hacking Your Android
Hacking Other Androids
Android as a Portable Hacking Platform
Defending Your Android
iOS
Know Your iPhone
How Secure Is iOS
Jailbreaking: Unleash the Fury!
Hacking Other iPhones: Fury Unleashed!
Summary
12 Countermeasures Cookbook
General Strategies
(Re)move the Asset
Separation of Duties
Authenticate, Authorize, and Audit
Layering
Adaptive Enhancement
Orderly Failure
Policy and Training
Simple, Cheap, and Easy
Example Scenarios
Desktop Scenarios
Server Scenarios
Network Scenarios
Web Application and Database Scenarios
Mobile Scenarios
Summary
Part V Appendixes
A Ports
B Top 10 Security Vulnerabilities
C Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks Countermeasures
Countermeasures
Index
← Prev
Back
Next →
← Prev
Back
Next →