You are previewing Hacker Techniques, Tools, and Incident Handling, 2nd Edition.
O'Reilly logo
Hacker Techniques, Tools, and Incident Handling, 2nd Edition

Book Description

PART OF THE JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Hacker Techniques, Tools, and Incident Handling begins with an examination of the landscape, key terms, and concepts that a security professional needs to know about hackers and computer criminals who break into networks, steal information, and corrupt data. It goes on to review the technical overview of hacking: how attacks target networks and the methodology they follow. The final section studies those methods that are most effective when dealing with hacking attacks, especially in an age of increased reliance on the Web. Written by a subject matter expert with numerous real-world examples, Hacker Techniques, Tools, and Incident Handling provides readers with a clear, comprehensive introduction to the many threats on our Internet environment and security and what can be done to combat them. Instructor Materials for Hacker Techniques, Tools, and Incident Handling include: PowerPoint Lecture Slides Exam Questions Case Scenarios/Handouts

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright
  4. Contents
  5. Preface
  6. Acknowledgments
  7. About the Author
  8. Part One: Hacker Techniques and Tools
    1. Chapter 1 Hacking: The Next Generation
      1. Profiles of Hackers, Crackers, and Cybercriminals
        1. The Hacker Mindset
      2. A Look Back at the History of Computer Hacking
      3. Ethical Hacking and Penetration Testing
        1. The Role of Ethical Hacking
      4. Common Hacking Methodologies
      5. Performing a Penetration Test
      6. The Role of the Law and Ethical Standards
      7. Chapter Summary
      8. Key Concepts and Terms
      9. Chapter 1 Assessment
    2. Chapter 2 TCP/IP Review
      1. Exploring the OSI Reference Model
        1. The Role of Protocols
        2. Layer 1: Physical Layer
        3. Layer 2: Data Link Layer
        4. Layer 3: Network Layer
        5. Layer 4: Transport Layer
        6. Layer 5: Session Layer
        7. Layer 6: Presentation Layer
        8. Layer 7: Application Layer
        9. Mapping the OSI Model to Functions and Protocols
      2. TCP/IP: A Layer-by-Layer Review
        1. Physical or Network Access Layer
        2. Network or Internet Layer
        3. Host-to-Host Layer
        4. Application Layer
      3. Chapter Summary
      4. Key Concepts and Terms
      5. Chapter 2 Assessment
    3. Chapter 3 Cryptographic Concepts
      1. Cryptographic Basics
        1. Cryptographic History
      2. What Is an Algorithm or Cipher?
      3. Symmetric Encryption
      4. Asymmetric Encryption
        1. Digital Signatures
      5. Purpose of Public Key Infrastructure
        1. The Role of Certificate Authorities (CAs)
        2. PKI Attacks
      6. Hashing
      7. Common Cryptographic Systems
      8. Cryptanalysis
      9. Future Forms of Cryptography
      10. Chapter Summary
      11. Key Concepts and Terms
      12. Chapter 3 Assessment
    4. Chapter 4 Physical Security
      1. Basic Equipment Controls
        1. Hard Drive and Mobile Device Encryption
        2. Fax Machines and Private Branch Exchanges
        3. Voice over IP (VoIP)
      2. Physical Area Controls
        1. Fences
        2. Gates
        3. Bollards
      3. Facility Controls
        1. Doors, Mantraps, and Turnstiles
        2. Walls, Ceilings, and Floors
        3. Windows
        4. Guards and Dogs
        5. Construction
      4. Personal Safety Controls
        1. Lighting
        2. Alarms and Intrusion Detection
        3. Closed-Circuit TV (CCTV)
      5. Physical Access Controls
        1. Locks
        2. Lock Picking
        3. Tokens and Biometrics
      6. Avoiding Common Threats to Physical Security
        1. Natural, Human, and Technical Threats
        2. Physical Keystroke Loggers and Sniffers
        3. Wireless Interception and Rogue Access Points
      7. Defense in Depth
      8. Chapter Summary
      9. Key Concepts and Terms
      10. Chapter 4 Assessment
  9. Part Two: A Technical and Social Overview of Hacking
    1. Chapter 5 Footprinting Tools and Techniques
      1. The Information-Gathering Process
      2. The Information on a Company Web Site
      3. Discovering Financial Information
      4. Google Hacking
      5. Exploring Domain Information Leakage
        1. Manual Registrar Query
        2. Automatic Registrar Query
        3. Whois
        4. Nslookup
        5. Internet Assigned Numbers Authority (IANA)
        6. Determining a Network Range
      6. Tracking an Organization’s Employees
      7. Exploiting Insecure Applications
      8. Using Social Networks
      9. Using Basic Countermeasures
      10. Chapter Summary
      11. Key Concepts and Terms
      12. Chapter 5 Assessment
    2. Chapter 6 Port Scanning
      1. Determining the Network Range
      2. Identifying Active Machines
        1. Wardialing
        2. Wardriving and Related Activities
        3. Pinging
        4. Port Scanning
      3. Mapping Open Ports
        1. Nmap
        2. Superscan
        3. Scanrand
        4. THC-Amap
      4. OS Fingerprinting
        1. Active OS Fingerprinting
        2. Passive OS Fingerprinting
      5. Mapping the Network
        1. Cheops
        2. SolarWinds
      6. Analyzing the Results
      7. Chapter Summary
      8. Key Concepts and Terms
      9. Chapter 6 Assessment
    3. Chapter 7 Enumeration and Computer System Hacking
      1. Windows Basics
        1. Controlling Access
        2. Users
        3. Groups
        4. Security Identifiers
      2. Commonly Attacked and Exploited Services
      3. Enumeration
        1. NULL Session
        2. Working with Nbtstat
        3. SuperScan
        4. SNScan
      4. System Hacking
      5. Types of Password Cracking
        1. Passive Online Attacks
        2. Active Online Attacks
        3. Offline Attacks
        4. Nontechnical Attacks
      6. Using Password Cracking
        1. Privilege Escalation
        2. Planting Backdoors
      7. Using PsTools
      8. Rootkits
      9. Covering Tracks
        1. Disabling Auditing
        2. Data Hiding
      10. Chapter Summary
      11. Key Concepts and Terms
      12. Chapter 7 Assessment
    4. Chapter 8 Wireless Vulnerabilities
      1. The Importance of Wireless Security
        1. Emanations
        2. Common Support and Availability
      2. A Brief History of Wireless Technologies
        1. 802.11
        2. 802.11b
        3. 802.11a
        4. 802.11g
        5. 802.11n
        6. Other Wireless Technologies
      3. Working with and Securing Bluetooth
        1. Bluetooth Security
      4. Working with Wireless LANs
        1. CSMA/CD Versus CSMA/CA
        2. Role of APs
        3. Service Set Identifier (SSID)
        4. Association with an AP
        5. The Importance of Authentication
        6. Working with RADIUS
        7. Network Setup Options
      5. Threats to Wireless LANs
        1. Wardriving
        2. Misconfigured Security Settings
        3. Unsecured Connections
        4. Rogue APs
        5. Promiscuous Clients
        6. Wireless Network Viruses
        7. Countermeasures
      6. Wireless Hacking Tools
        1. NetStumbler
        2. The inSSIDer Program
      7. Protecting Wireless Networks
        1. Default AP Security
        2. Placement
        3. Dealing with Emanations
        4. Dealing with Rogue APs
        5. Use Protection for Transmitted Data
        6. MAC Filtering
      8. Chapter Summary
      9. Key Concepts and Terms
      10. Chapter 8 Assessment
    5. Chapter 9 Web and Database Attacks
      1. Attacking Web Servers
        1. Categories of Risk
        2. Vulnerabilities of Web Servers
        3. Improper or Poor Web Design
        4. Buffer Overflow
        5. Denial of Service (DoS) Attack
        6. Distributed Denial of Service (DDoS) Attack
        7. Banner Information
        8. Permissions
        9. Error Messages
        10. Unnecessary Features
        11. User Accounts
        12. Structured Query Language (SQL) Injections
      2. Examining a SQL Injection
      3. Vandalizing Web Servers
        1. Input Validation
        2. Cross-Site Scripting (XSS)
        3. Anatomy of Web Applications
        4. Insecure Logon Systems
        5. Scripting Errors
        6. Session Management Issues
        7. Encryption Weaknesses
      4. Database Vulnerabilities
        1. A Look at Databases
        2. Vulnerabilities
        3. Locating Databases on the Network
        4. Database Server Password Cracking
        5. Locating Vulnerabilities in Databases
        6. Out of Sight, Out of Mind
      5. Cloud Computing
      6. Chapter Summary
      7. Key Concepts and Terms
      8. Chapter 9 Assessment
    6. Chapter 10 Malware
      1. Malware
        1. Malware’s Legality
        2. Types of Malware
        3. Malware’s Targets
      2. Viruses and How They Function
        1. Viruses: A History
        2. Types of Viruses
        3. Prevention Techniques
      3. Worms and How They Function
        1. How Worms Work
        2. Stopping Worms
        3. The Power of Education
        4. Antivirus and Firewalls
      4. Significance of Trojans
        1. Methods to Get Trojans onto a System
        2. Targets of Trojans
        3. Known Symptoms of an Infection
      5. Detection of Trojans and Viruses
        1. Vulnerability Scanners
        2. Antivirus
      6. Trojan Tools
        1. An In-Depth Look at BO2K
      7. Distribution Methods
        1. Using Wrappers to Install Trojans
      8. Trojan Construction Kits
      9. Backdoors
      10. Covert Communication
        1. The Role of Keystroke Loggers
        2. Software
        3. Port Redirection
      11. Spyware
        1. Methods of Infection
        2. Bundling with Software
      12. Adware
      13. Scareware
      14. Chapter Summary
      15. Key Concepts and Terms
      16. Chapter 10 Assessment
    7. Chapter 11 Sniffers, Session Hijacking, and Denial of Service Attacks
      1. Sniffers
        1. Passive Sniffing
        2. Active Sniffing
        3. Sniffing Tools
        4. What Can Be Sniffed?
      2. Session Hijacking
        1. Identifying an Active Session
        2. Seizing Control of a Session
        3. Session Hijacking Tools
        4. Thwarting Session Hijacking Attacks
      3. Denial of Service (DoS) Attacks
        1. Categories of DoS Attacks
        2. Tools for DoS Attacks
      4. Distributed Denial of Service (DDoS) Attacks
        1. Some Characteristics of DDoS Attacks
        2. Tools for DDoS Attacks
      5. Botnets
      6. Chapter Summary
      7. Key Concepts and Terms
      8. Chapter 11 Assessment
    8. Chapter 12 Linux and Penetration Testing
      1. Linux
      2. Introducing Kali Linux
      3. Some of the Basics of Working with Linux
        1. A Look at the Interface
        2. Basic Linux Navigation
        3. Important Linux Directories
        4. Commonly Used Commands
        5. The Basic Command Structure of Linux
      4. Live CDs
        1. Special-Purpose Live CDs
      5. Chapter Summary
      6. Key Concepts and Terms
      7. Chapter 12 Assessment
    9. Chapter 13 Social Engineering
      1. What Is Social Engineering?
      2. Types of Social Engineering Attacks
        1. Phone-Based Attacks
        2. Dumpster Diving
        3. Shoulder Surfing
        4. Attacks Through Social Media
        5. Persuasion/Coercion
        6. Reverse Social Engineering
      3. Technology and Social Engineering
        1. Your Browser as a Defense Against Social Engineering
        2. Other Good Practices for Safe Computing
      4. Best Practices with Passwords
        1. Know What the Web Knows About You
        2. Creating and Managing Your Passwords
        3. Invest in a Password Manager
      5. Social Engineering and Social Networking
        1. Questions to Ask Before You Post
        2. An Overview of the Risks in Social Networking
        3. Particular Concerns in a Corporate Setting
        4. Facebook Security
      6. Chapter Summary
      7. Key Concepts and Terms
      8. Chapter 13 Assessment
  10. Part Three: Incident Response and Defensive Technologies
    1. Chapter 14 Incident Response
      1. What Is a Security Incident?
      2. The Incident Response Process
        1. Incident Response Policies, Procedures, and Guidelines
        2. Phases of an Incident and Response
        3. Incident Response Team
      3. Incident Response Plans
        1. The Role of Business Continuity Plans
        2. Recovering Systems
        3. Business Impact Analysis
      4. Planning for Disaster and Recovery
        1. Testing and Evaluation
        2. Preparation and Staging of Testing Procedures
        3. Frequency of Tests
        4. Analysis of Test Results
      5. Evidence Handling and Administration
        1. Evidence Collection Techniques
        2. Security Reporting Options and Guidelines
        3. Affected Party Legal Considerations
      6. Requirements of Regulated Industries
        1. Payment Card Industry Data Security Standard
      7. Chapter Summary
      8. Key Concepts and Terms
      9. Chapter 14 Assessment
    2. Chapter 15 Defensive Technologies
      1. Intrusion Detection Systems
        1. IDS Components
        2. Components of a NIDS
        3. Components of a HIDS
        4. Setting Goals
        5. Accountability
        6. Limitations of an IDS
        7. Investigation of an Event
        8. Analysis of Information Collected
        9. Intrusion Prevention Systems
      2. The Purpose of Firewalls
        1. How Firewalls Work
        2. Firewall Methodologies
        3. Limitations of a Firewall
        4. Implementing a Firewall
        5. Authoring a Firewall Policy
      3. Honeypots/Honeynets
        1. Goals of Honeypots
        2. Legal Issues
      4. The Role of Controls
        1. Administrative Controls
        2. Technical Controls
        3. Physical Controls
      5. Chapter Summary
      6. Key Concepts and Terms
      7. Chapter 15 Assessment
  11. Appendix A: Answer Key
  12. Appendix B: Standard Acronyms
  13. Glossary of Key Terms
  14. References
  15. Index