You are previewing Hacker Techniques, Tools, and Incident Handling.
O'Reilly logo
Hacker Techniques, Tools, and Incident Handling

Book Description

PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES! Hacker Techniques, Tools, and Incident Handling begins with an examination of the landscape, key terms, and concepts that a security professional needs to know about hackers and computer criminals who break into networks, steal information, and corrupt data. It goes on to review the technical overview of hacking: how attacks target networks and the methodology they follow. The final section studies those methods that are most effective when dealing with hacking attacks, especially in an age of increased reliance on the Web. Written by a subject matter expert with numerous real-world examples, Hacker Techniques, Tools, and Incident Handling provides readers with a clear, comprehensive introduction to the many threats on our Internet environment and security and what can be done to combat them.

Table of Contents

  1. Copyright
  2. Preface
    1. Purpose of This Book
    2. Learning Features
    3. Audience
  3. Acknowledgments
  4. About the Authors
  5. ONE. Hacker Techniques and Tools
    1. 1. Hacking: The Next Generation
      1. Profiles of Hackers, Crackers, and Cybercriminals
        1. The Hacker Mindset
      2. A Look Back at the History of Computer Hacking
      3. Ethical Hacking and Penetration Testing
        1. The Role of Ethical Hacking
      4. Common Hacking Methodologies
      5. Performing a Penetration Test
      6. The Role of the Law and Ethical Standards
      7. CHAPTER SUMMARY
      8. KEY CONCEPTS AND TERMS
      9. CHAPTER 1 ASSESSMENT
    2. 2. TCP/IP Review
      1. Exploring the OSI Reference Model
        1. The Role of Protocols
        2. Layer 1: Physical Layer
        3. Layer 2: Data Link Layer
        4. Layer 3: Network Layer
        5. Layer 4: Transport Layer
        6. Layer 5: Session Layer
        7. Layer 6: Presentation Layer
        8. Layer 7: Application Layer
          1. The Role of Encapsulation
        9. Mapping the OSI to Functions and Protocols
          1. OSI Layers and Services
      2. TCP/IP (a Layer-by-Layer Review)
        1. Physical/Network Access Layer
          1. Physical/Network Equipment
          2. Physical/Network Layer Protocols
          3. Physical Layer Threats
          4. Physical Layer Controls
        2. Internetwork Layer
          1. Internetworking Layer Equipment
          2. Routing Protocols
          3. Internetwork Layer Protocols
          4. Internetwork Layer Threats
          5. Internetwork Layer Controls
        3. Host-to-Host Layer
          1. Host-to-Host Layer Protocols
          2. Host-to-Host Layer Threats
          3. Host-to-Host Layer Controls
        4. Application Layer
          1. Application Layer Services
          2. Application Layer Threats
          3. Application Layer Controls
      3. CHAPTER SUMMARY
      4. KEY CONCEPTS AND TERMS
      5. CHAPTER 2 ASSESSMENT
    3. 3. Cryptographic Concepts
      1. Cryptographic Basics
        1. Cryptographic History
      2. Symmetric Encryption
      3. Asymmetric Encryption
        1. Digital Signatures
      4. Purpose of Public Key Infrastructure
        1. The Role of Certificate Authorities (CAs)
          1. Registration Authority (RA)
          2. Certificate Revocation List (CRL)
          3. Digital Certificates
        2. PKI Attacks
      5. Hashing
      6. Common Cryptographic Systems
      7. Cryptanalysis
      8. CHAPTER SUMMARY
      9. KEY CONCEPTS AND TERMS
      10. CHAPTER 3 ASSESSMENT
    4. 4. Physical Security
      1. Basic Equipment Controls
        1. Hard Drive and Mobile Device Encryption
        2. Fax Machines and Public Branch Exchanges
        3. Voice over IP (VoIP)
      2. Physical Area Controls
        1. Fences
        2. Gates
        3. Bollards
      3. Facility Controls
        1. Doors, Mantraps, and Turnstiles
        2. Walls, Ceilings, and Floors
        3. Windows
        4. Guards and Dogs
        5. Construction
      4. Personal Safety Controls
        1. Lighting
        2. Alarms and Intrusion Detection
        3. Closed-Circuit TV (CCTV)
      5. Physical Access Controls
        1. Locks
        2. Lock Picking
        3. Tokens and Biometrics
      6. Avoiding Common Threats to Physical Security
        1. Natural, Human, and Technical Threats
        2. Physical Keyloggers and Sniffers
        3. Wireless Interception and Rogue Access Points
      7. Defense in Depth
      8. CHAPTER SUMMARY
      9. KEY CONCEPTS AND TERMS
      10. CHAPTER 4 ASSESSMENT
  6. TWO. A Technical Overview of Hacking
    1. 5. Footprinting Tools and Techniques
      1. The Information-Gathering Process
      2. The Information on a Company Web Site
      3. Discovering Financial Information
      4. Google Hacking
      5. Exploring Domain Information Leakage
        1. Manual Registrar Query
        2. Automatic Registrar Query
        3. Whois
        4. Nslookup
        5. Internet Assigned Numbers Authority (IANA)
        6. Determining a Network Range
          1. Traceroute
      6. Tracking an Organization's Employees
      7. Exploiting Insecure Applications
      8. Using Basic Countermeasures
      9. CHAPTER SUMMARY
      10. KEY CONCEPTS AND TERMS
      11. CHAPTER 5 ASSESSMENT
    2. 6. Port Scanning
      1. Determining the Network Range
      2. Identifying Active Machines
        1. Wardialing
        2. Wardriving
        3. Pinging
        4. Port Scanning
          1. A Closer Look at TCP Port Scanning Techniques
          2. Port Scanning Countermeasures
      3. Mapping Open Ports
        1. Nmap
        2. Superscan
        3. Scanrand
        4. THC-Amap
      4. OS Fingerprinting
        1. Active OS Fingerprinting
          1. Xprobe2
          2. Nmap
        2. Passive OS Fingerprinting
          1. The p0f Tool
      5. Mapping the Network
        1. Cheops
        2. Solarwinds
      6. Analyzing the Results
      7. CHAPTER SUMMARY
      8. KEY CONCEPTS AND TERMS
      9. CHAPTER 6 ASSESSMENT
    3. 7. Enumeration and Computer System Hacking
      1. Windows Basics
        1. Controlling Access
        2. Users
        3. Groups
        4. Security Identifiers
      2. Commonly Attacked and Exploited Services
      3. Enumeration
        1. NULL Session
        2. Working with Nbtstat
        3. SuperScan
        4. SNScan
      4. System Hacking
      5. Types of Password Cracking
        1. Passive Online Attacks
        2. Active Online Attacks
        3. Offline Attacks
          1. Dictionary Attacks
          2. Hybrid Attacks
          3. Brute-Force Attacks
          4. Precomputed Hashes
        4. Nontechnical Attacks
          1. Shoulder Surfing
          2. Keyboard Sniffing
          3. Social Engineering
      6. Using Password Cracking
        1. Privilege Escalation
          1. Active@ Password Changer
          2. Trinity Rescue Kit
        2. Planting Backdoors
      7. Using PsTools
      8. Rootkits
      9. Covering Tracks
        1. Disabling Auditing
        2. Data Hiding
      10. CHAPTER SUMMARY
      11. KEY CONCEPTS AND TERMS
      12. CHAPTER 7 ASSESSMENT
    4. 8. Wireless Vulnerabilities
      1. The Importance of Wireless Security
        1. Emanations
        2. Common Support and Availability
      2. A Brief History of Wireless Technologies
        1. 802.11
        2. 802.11b
        3. 802.11a
        4. 802.11g
        5. 802.11n
        6. Other Wireless Technologies
          1. Bluetooth
          2. WiMax
      3. Working with and Securing Bluetooth
        1. Bluetooth Security
          1. Trusted Devices
          2. Discoverable Devices
          3. Bluejacking, Bluesnarfing, and Bluebugging
          4. Viruses and Malware
          5. Securing Bluetooth
          6. Discovering
      4. Working with Wireless LANs
        1. CSMA/CD Versus CSMA/CA
        2. Role of APs
        3. Service Set Identifier (SSID)
        4. Association with an AP
        5. The Importance of Authentication
        6. Working with RADIUS
        7. Network Setup Options
          1. Ad Hoc Network
          2. Infrastructure Network
      5. Threats to Wireless LANs
        1. Wardriving
        2. Misconfigured Security Settings
        3. Unsecured Connections
        4. Rogue APs
        5. Promiscuous Clients
        6. Wireless Network Viruses
        7. Countermeasures
      6. Wireless Hacking Tools
        1. Netstumbler
        2. inSSIDer
      7. Protecting Wireless Networks
        1. Default AP Security
        2. Placement
        3. Emanations
        4. Rogue APs
        5. Use Protection for Transmitted Data
        6. MAC Filtering
      8. CHAPTER SUMMARY
      9. KEY CONCEPTS AND TERMS
      10. CHAPTER 8 ASSESSMENT
    5. 9. Web and Database Attacks
      1. Attacking Web Servers
        1. Categories of Risk
        2. Vulnerabilities of Web Servers
        3. Improper or Poor Web Design
        4. Buffer Overflow
        5. Denial of Service (DoS) Attack
        6. Distributed Denial of Service (DDoS) Attack
        7. Banner Information
        8. Permissions
        9. Error Messages
        10. Unnecessary Features
        11. User Accounts
        12. Structured Query Language (SQL) Injections
      2. Examining an SQL Injection
      3. Vandalizing Web Servers
        1. Input Validation
        2. Cross-Site Scripting (XSS)
        3. Anatomy of Web Applications
        4. Insecure Logon Systems
        5. Scripting Errors
        6. Session Management Issues
        7. Encryption Weaknesses
      4. Database Vulnerabilities
        1. A Look at Databases
        2. Vulnerabilities
        3. Locating Databases on the Network
        4. Database Server Password Cracking
        5. Locating Vulnerabilities in Databases
        6. Out of Sight, Out of Mind
      5. CHAPTER SUMMARY
      6. KEY CONCEPTS AND TERMS
      7. CHAPTER 9 ASSESSMENT
    6. 10. Malware, Worms, and Viruses
      1. Malware
        1. Malware's Legality
        2. Types of Malware
        3. Malware's Targets
      2. Viruses and How They Function
        1. Viruses: A History
        2. Types of Viruses
          1. Logic Bombs
          2. Polymorphic Viruses
          3. Multipartite Viruses
          4. Macro Viruses
          5. Hoaxes
        3. Prevention Techniques
          1. Education
          2. Antivirus
          3. Applying Updates
      3. Worms and How They Function
        1. How Worms Work
        2. Stopping Worms
        3. The Power of Education
        4. Antivirus and Firewalls
      4. Spyware
        1. Methods of Infection
        2. Bundling with Software
      5. Adware
      6. Scareware
      7. CHAPTER SUMMARY
      8. KEY CONCEPTS AND TERMS
      9. CHAPTER 10 ASSESSMENT
    7. 11. Trojans and Backdoors
      1. Significance of Trojans
        1. Methods to Get Trojans onto a System
        2. Targets of Trojans
        3. Known Symptoms of an Infection
      2. Detection of Trojans and Viruses
        1. Vulnerability Scanners
        2. Antivirus
      3. Trojan Tools
        1. An In-Depth Look at BO2K
          1. Client Features
          2. Native Server Support
          3. Features Added by Plug-ins
      4. Distribution Methods
        1. Using Wrappers to Install Trojans
      5. Trojan Construction Kits
      6. Backdoors
      7. Covert Communication
        1. The Role of Keyloggers
        2. Software
        3. Port Redirection
      8. Software Protection
      9. CHAPTER SUMMARY
      10. KEY CONCEPTS AND TERMS
      11. CHAPTER 11 ASSESSMENT
    8. 12. Sniffers, Session Hijacking, and Denial of Service Attacks
      1. Sniffers
        1. Passive Sniffing
        2. Active Sniffing
          1. MAC Flooding
          2. Address Resolution Protocol (ARP) Poisoning
        3. Sniffing Tools
        4. What Can Be Sniffed?
      2. Session Hijacking
        1. Identifying an Active Session
        2. Seizing Control of a Session
        3. Session Hijacking Tools
        4. Thwarting Session Hijacking Attacks
      3. Denial of Service (DoS) Attacks
        1. Categories of DoS Attacks
          1. Consumption of Bandwidth
          2. Consumption of Resources
          3. Exploitation of Programming Defects
        2. Tools for DoS
      4. Distributed Denial of Service (DDoS) Attacks
        1. Some Characteristics of DDoS Attacks
        2. Tools for DDoS
      5. Botnets
      6. CHAPTER SUMMARY
      7. KEY CONCEPTS AND TERMS
      8. CHAPTER 12 ASSESSMENT
    9. 13. Linux, Live CDs, and Automated Assessment Tools
      1. Linux
        1. A Look at the Interface
        2. Basic Linux Navigation
        3. Important Linux Directories
      2. Users, Groups, and Special Accounts
      3. Working with Permissions
      4. Commonly Used Commands
        1. Basic Command Structure
      5. Ipchains and Iptables
        1. Ipchains
        2. IPtables
      6. Live CDs
        1. Special Purpose Live CDs
        2. Trinity
        3. Caine
        4. Astaro
        5. Damn Vulnerable Linux
        6. Network Security Toolkit (NST)
      7. Automated Assessment Tools
        1. Source Code Scanners
        2. Application Level Scanners
        3. System-Level Scanners
      8. CHAPTER SUMMARY
      9. KEY CONCEPTS AND TERMS
      10. CHAPTER 13 ASSESSMENT
  7. THREE. Incident Response and Defensive Technologies
    1. 14. Incident Response
      1. What Is a Security Incident?
      2. The Incident Response Process
        1. Incident Response Policies, Procedures, and Guidelines
        2. Phases of an Incident and Response
        3. Incident Response Team
      3. Incident Response Plans (IRPs)
        1. The Role of Business Continuity Plans (BCPs)
          1. Techniques That Support Business Continuity and Disaster Recovery
        2. Recovering Systems
          1. Recovering From a Security Incident
          2. Loss Control and Damage Assessment
        3. Business Impact Analysis
      4. Planning for Disaster and Recovery
          1. Testing and Evaluation
        1. Preparation and Staging of Testing Procedures
          1. Structured Walkthrough
          2. Checklist
          3. Simulations
          4. Full Interruption
        2. Frequency of Tests
        3. Analysis of Test Results
      5. Evidence Handling and Administration
        1. Evidence Collection Techniques
          1. Evidence Types
          2. Chain of Custody
          3. Computer Removal
          4. Rules of Evidence
        2. Security Reporting Options and Guidelines
          1. Reporting a Security Incident
        3. Affected Party Legal Considerations
          1. Customers
          2. Business Partners
      6. Requirements of Regulated Industries
        1. Payment Card Industry Data Security Standard (PCI DSS)
      7. CHAPTER SUMMARY
      8. KEY CONCEPTS AND TERMS
      9. CHAPTER 14 ASSESSMENT
    2. 15. Defensive Technologies
      1. Intrusion Detection Systems (IDSs)
        1. IDS Components
        2. Components of NIDS
        3. Components of HIDS
        4. Setting Goals
        5. Accountability
        6. Limitations of an IDS
          1. It Is Not the Only Problem Solver
          2. Failed Hardware
        7. Investigation of an Event
        8. Analysis of Information Collected
        9. Intrusion Prevention Systems (IPSs)
      2. The Purpose of Firewalls
        1. How Firewalls Work
        2. Firewall Methodologies
        3. Limitations of a Firewall
        4. Implementing a Firewall
        5. Authoring a Firewall Policy
          1. Network Connectivity Policy
          2. Contracted Worker Statement
          3. Firewall Administrator Statement
          4. Firewall Policy
      3. Honeypots/Honeynets
        1. Goals of Honeypots
        2. Legal Issues
      4. Role of Controls
        1. Administrative Controls
        2. Technical Controls
        3. Physical Controls
      5. CHAPTER SUMMARY
      6. KEY CONCEPTS AND TERMS
      7. CHAPTER 15 ASSESSMENT
  8. A. Answer Key
  9. B. Standard Acronyms
  10. Glossary of Key Terms
  11. References