You are previewing Hacking For Dummies®, 2nd Edition.
O'Reilly logo
Hacking For Dummies®, 2nd Edition

Book Description

Are you worried about external hackers and rogue insiders breaking into your systems? Whether it's social engineering, network infrastructure attacks, or application hacking, security breaches in your systems can devastate your business or personal life. In order to counter these cyber bad guys, you must become a hacker yourself—an ethical hacker.

Hacking for Dummies shows you just how vulnerable your systems are to attackers. It shows you how to find your weak spots and perform penetration and other security tests. With the information found in this handy, straightforward book, you will be able to develop a plan to keep your information safe and sound. You'll discover how to:

  • Work ethically, respect privacy, and save your system from crashing

  • Develop a hacking plan

  • Treat social engineers and preserve their honesty

  • Counter war dialing and scan infrastructures

  • Understand the vulnerabilities of Windows, Linux, and Novell NetWare

  • Prevent breaches in messaging systems, web applications, and databases

  • Report your results and managing security changes

  • Avoid deadly mistakes

  • Get management involved with defending your systems

As we enter into the digital era, protecting your systems and your company has never been more important. Don't let skepticism delay your decisions and put your security at risk. With Hacking For Dummies, you can strengthen your defenses and prevent attacks from every angle!

Table of Contents

  1. Copyright
  2. About the Author
  3. Author's Acknowledgments
  4. Publisher's Acknowledgments
  5. Foreword
  6. Introduction
    1. Who Should Read This Book?
    2. About This Book
    3. How to Use This Book
    4. What You Don't Need to Read
    5. Foolish Assumptions
    6. How This Book Is Organized
      1. Part I: Building the Foundation for Ethical Hacking
      2. Part II: Putting Ethical Hacking in Motion
      3. Part III: Hacking the Network
      4. Part IV: Hacking Operating Systems
      5. Part V: Hacking Applications
      6. Part VI: Ethical Hacking Aftermath
      7. Part VII: The Part of Tens
      8. Icons Used in This Book
    7. Where to Go from Here
  7. I. Building the Foundation for Ethical Hacking
    1. 1. Introduction to Ethical Hacking
      1. 1.1. Straightening Out the Terminology
        1. 1.1.1. Defining hacker
        2. 1.1.2. Defining rogue insider
      2. 1.2. How Malicious Attackers Beget Ethical Hackers
      3. 1.3. Understanding the Need to Hack Your Own Systems
      4. 1.4. Understanding the Dangers Your Systems Face
        1. 1.4.1. Nontechnical attacks
        2. 1.4.2. Network infrastructure attacks
        3. 1.4.3. Operating system attacks
        4. 1.4.4. Application and other specialized attacks
      5. 1.5. Obeying the Ethical Hacking Commandments
        1. 1.5.1. Working ethically
        2. 1.5.2. Respecting privacy
        3. 1.5.3. Not crashing your systems
      6. 1.6. The Ethical Hacking Process
        1. 1.6.1. Formulating your plan
        2. 1.6.2. Selecting tools
        3. 1.6.3. Executing the plan
        4. 1.6.4. Evaluating results
        5. 1.6.5. Moving on
    2. 2. Cracking the Hacker Mindset
      1. 2.1. What You're Up Against
      2. 2.2. Who Breaks into Computer Systems
      3. 2.3. Why They Do It
      4. 2.4. Planning and Performing Attacks
      5. 2.5. Maintaining Anonymity
    3. 3. Developing Your Ethical Hacking Plan
      1. 3.1. Getting Your Plan Approved
      2. 3.2. Establishing Your Goals
      3. 3.3. Determining Which Systems to Hack
      4. 3.4. Creating Testing Standards
        1. 3.4.1. Timing
        2. 3.4.2. Specific tests
        3. 3.4.3. Blind versus knowledge assessments
        4. 3.4.4. Location
        5. 3.4.5. Reacting to major vulnerabilities that you find
        6. 3.4.6. Silly assumptions
      5. 3.5. Selecting Tools
    4. 4. Hacking Methodology
      1. 4.1. Setting the Stage
      2. 4.2. Seeing What Others See
        1. 4.2.1. Gathering public information
          1. 4.2.1.1. Web search
          2. 4.2.1.2. Web crawling
            1. 4.2.1.2.1. Web sites
        2. 4.2.2. Mapping the network
          1. 4.2.2.1. Whois
          2. 4.2.2.2. Google groups
          3. 4.2.2.3. Privacy policies
      3. 4.3. Scanning Systems
        1. 4.3.1. Hosts
        2. 4.3.2. Modems and open ports
      4. 4.4. Determining What's Running on Open Ports
      5. 4.5. Assessing Vulnerabilities
      6. 4.6. Penetrating the System
  8. II. Putting Ethical Hacking in Motion
    1. 5. Social Engineering
      1. 5.1. Social Engineering 101
      2. 5.2. Before You Start
      3. 5.3. Why Attackers Use Social Engineering
      4. 5.4. Understanding the Implications
      5. 5.5. Performing Social Engineering Attacks
        1. 5.5.1. Fishing for information
          1. 5.5.1.1. Using the Internet
          2. 5.5.1.2. Dumpster diving
          3. 5.5.1.3. Phone systems
        2. 5.5.2. Building trust
        3. 5.5.3. Exploiting the relationship
          1. 5.5.3.1. Deceit through words and actions
          2. 5.5.3.2. Deceit through technology
      6. 5.6. Social Engineering Countermeasures
        1. 5.6.1. Policies
        2. 5.6.2. User awareness and training
    2. 6. Physical Security
      1. 6.1. Physical Security Vulnerabilities
      2. 6.2. What to Look For
        1. 6.2.1. Building infrastructure
          1. 6.2.1.1. Attack points
          2. 6.2.1.2. Countermeasures
        2. 6.2.2. Utilities
          1. 6.2.2.1. Attack points
          2. 6.2.2.2. Countermeasures
        3. 6.2.3. Office layout and usage
          1. 6.2.3.1. Attack points
          2. 6.2.3.2. Countermeasures
        4. 6.2.4. Network components and computers
          1. 6.2.4.1. Attack points
          2. 6.2.4.2. Countermeasures
    3. 7. Passwords
      1. 7.1. Password Vulnerabilities
        1. 7.1.1. Organizational password vulnerabilities
        2. 7.1.2. Technical password vulnerabilities
      2. 7.2. Cracking Passwords
        1. 7.2.1. Cracking passwords the old-fashioned way
          1. 7.2.1.1. Social engineering
            1. 7.2.1.1.1. Techniques
            2. 7.2.1.1.2. Countermeasures
          2. 7.2.1.2. Shoulder surfing
            1. 7.2.1.2.1. Techniques
            2. 7.2.1.2.2. Countermeasures
          3. 7.2.1.3. Inference
          4. 7.2.1.4. Weak authentication
            1. 7.2.1.4.1. Bypassing authentication
            2. 7.2.1.4.2. Countermeasures
        2. 7.2.2. High-tech password cracking
          1. 7.2.2.1. Password-cracking software
          2. 7.2.2.2. Dictionary attacks
          3. 7.2.2.3. Brute-force attacks
          4. 7.2.2.4. Rainbow attacks
          5. 7.2.2.5. Cracking Windows passwords with pwdump3 and John the Ripper
          6. 7.2.2.6. Cracking UNIX passwords with John the Ripper
          7. 7.2.2.7. Cracking Windows passwords using rainbow tables with ophcrack
          8. 7.2.2.8. Cracking Windows passwords using RainbowCrack Online
          9. 7.2.2.9. Checking for null passwords in NetWare
        3. 7.2.3. Password-protected files
          1. 7.2.3.1. Cracking files
          2. 7.2.3.2. Countermeasures
        4. 7.2.4. Other ways to crack passwords
          1. 7.2.4.1. Keystroke logging
            1. 7.2.4.1.1. Logging tools
            2. 7.2.4.1.2. Countermeasures
          2. 7.2.4.2. Weak password storage
            1. 7.2.4.2.1. Searching
            2. 7.2.4.2.2. Countermeasures
          3. 7.2.4.3. Network analyzer
            1. 7.2.4.3.1. Testing
            2. 7.2.4.3.2. Countermeasures
          4. 7.2.4.4. Weak BIOS passwords
            1. 7.2.4.4.1. Countermeasures
          5. 7.2.4.5. Weak passwords in limbo
            1. 7.2.4.5.1. Weaknesses
            2. 7.2.4.5.2. Countermeasures
          6. 7.2.4.6. Password-reset programs
            1. 7.2.4.6.1. Tools
            2. 7.2.4.6.2. Countermeasures
      3. 7.3. General Password-Cracking Countermeasures
        1. 7.3.1. Storing passwords
        2. 7.3.2. Policy considerations
        3. 7.3.3. Other considerations
      4. 7.4. Securing Operating Systems
        1. 7.4.1. Windows
        2. 7.4.2. Linux and UNIX
  9. III. Hacking the Network
    1. 8. War Dialing
      1. 8.1. Modem Safety
      2. 8.2. General Telephone System Vulnerabilities
      3. 8.3. Attacking Systems by War Dialing
        1. 8.3.1. Gathering information
        2. 8.3.2. Selecting war dialing tools
          1. 8.3.2.1. Software
          2. 8.3.2.2. Modems
        3. 8.3.3. Dialing in from the outside
        4. 8.3.4. Using tools
          1. 8.3.4.1. Configuration
          2. 8.3.4.2. Testing
        5. 8.3.5. Rooting through the systems
      4. 8.4. War Dialing Countermeasures
        1. 8.4.1. Phone numbers
        2. 8.4.2. Modem operation
        3. 8.4.3. Installation
    2. 9. Network Infrastructure
      1. 9.1. Network Infrastructure Vulnerabilities
      2. 9.2. Choosing Tools
        1. 9.2.1. Scanners and analyzers
        2. 9.2.2. Vulnerability assessment
      3. 9.3. Scanning, Poking, and Prodding
        1. 9.3.1. Port scanners
          1. 9.3.1.1. Ping sweeping
          2. 9.3.1.2. Using port scanning tools
            1. 9.3.1.2.1. SuperScan
            2. 9.3.1.2.2. Nmap
            3. 9.3.1.2.3. Gathering network information
          3. 9.3.1.3. Countermeasures against port scanning
            1. 9.3.1.3.1. Traffic restriction
            2. 9.3.1.3.2. Traffic denial
        2. 9.3.2. SNMP scanning
          1. 9.3.2.1. Vulnerabilities
          2. 9.3.2.2. Countermeasures against SNMP attacks
        3. 9.3.3. Banner grabbing
          1. 9.3.3.1. telnet
          2. 9.3.3.2. Netcat
          3. 9.3.3.3. Countermeasures against banner-grabbing attacks
        4. 9.3.4. Firewall rules
          1. 9.3.4.1. Testing
            1. 9.3.4.1.1. All-in-one tools
            2. 9.3.4.1.2. Netcat
          2. 9.3.4.2. Countermeasures against firewall attacks
        5. 9.3.5. Network analyzers
          1. 9.3.5.1. Network analyzer programs
          2. 9.3.5.2. Countermeasures against network analyzer attacks
            1. 9.3.5.2.1. Physical security
            2. 9.3.5.2.2. Network analyzer detection
        6. 9.3.6. The MAC-daddy attack
          1. 9.3.6.1. ARP spoofing
          2. 9.3.6.2. Using Cain and Abel for ARP poisoning
          3. 9.3.6.3. MAC address spoofing
            1. 9.3.6.3.1. UNIX-based systems
            2. 9.3.6.3.2. Windows
          4. 9.3.6.4. Countermeasures against ARP poisoning and MAC address spoofing attacks
            1. 9.3.6.4.1. Prevention
            2. 9.3.6.4.2. Detection
        7. 9.3.7. Denial of service
          1. 9.3.7.1. DoS attacks
            1. 9.3.7.1.1. Individual attacks
            2. 9.3.7.1.2. Distributed attacks
            3. 9.3.7.1.3. Testing
          2. 9.3.7.2. Countermeasures against DoS attacks
      4. 9.4. General Network Defenses
    3. 10. Wireless LANs
      1. 10.1. Understanding the Implications of Wireless Network Vulnerabilities
      2. 10.2. Choosing Your Tools
      3. 10.3. Wireless LAN Discovery
        1. 10.3.1. Checking for worldwide recognition
        2. 10.3.2. Scanning your local airwaves
      4. 10.4. Wireless Network Attacks
        1. 10.4.1. Encrypted traffic
        2. 10.4.2. Countermeasures against encrypted traffic attacks
        3. 10.4.3. Rogue wireless devices
        4. 10.4.4. Countermeasures against rogue wireless devices
        5. 10.4.5. MAC spoofing
        6. 10.4.6. Countermeasures against MAC spoofing
        7. 10.4.7. Queensland DoS attack
        8. 10.4.8. Countermeasures against DoS attacks
        9. 10.4.9. Physical security problems
        10. 10.4.10. Countermeasures against physical security problems
        11. 10.4.11. Vulnerable wireless workstations
        12. 10.4.12. Countermeasures against vulnerable wireless workstations
        13. 10.4.13. Default configuration settings
        14. 10.4.14. Countermeasures against default configuration settings exploits
  10. IV. Hacking Operating Systems
    1. 11. Windows
      1. 11.1. Windows Vulnerabilities
      2. 11.2. Choosing Tools
        1. 11.2.1. Essential tools
        2. 11.2.2. Free Microsoft tools
        3. 11.2.3. All-in-one assessment tools
        4. 11.2.4. Task-specific tools
      3. 11.3. Information Gathering
        1. 11.3.1. System scanning
          1. 11.3.1.1. Testing
          2. 11.3.1.2. Countermeasures against system scanning
            1. 11.3.1.2.1. Information
            2. 11.3.1.2.2. Fingerprinting
        2. 11.3.2. NetBIOS
          1. 11.3.2.1. Hacks
            1. 11.3.2.1.1. Unauthenticated enumeration
          2. 11.3.2.2. Shares
          3. 11.3.2.3. Countermeasures against NetBIOS attacks
            1. 11.3.2.3.1. Limit traffic
            2. 11.3.2.3.2. Passwords
      4. 11.4. RPC
        1. 11.4.1. Enumeration
        2. 11.4.2. Countermeasures against RPC enumeration
      5. 11.5. Null Sessions
        1. 11.5.1. Hacks
          1. 11.5.1.1. Mapping
          2. 11.5.1.2. Gleaning information
            1. 11.5.1.2.1. net view
          3. 11.5.1.3. Configuration and user information
            1. 11.5.1.3.1. Walksam
            2. 11.5.1.3.2. Network Users
        2. 11.5.2. Countermeasures against null session hacks
          1. 11.5.2.1. Secure versions
          2. 11.5.2.2. Blocking NetBIOS
          3. 11.5.2.3. Registry
            1. 11.5.2.3.1. Windows 2000
            2. 11.5.2.3.2. Windows NT
      6. 11.6. Share Permissions
        1. 11.6.1. Windows defaults
          1. 11.6.1.1. Windows 2000/NT
          2. 11.6.1.2. Windows 2003 Server and XP
        2. 11.6.2. Testing
          1. 11.6.2.1. DumpSec
          2. 11.6.2.2. LANguard Network Security Scanner
      7. 11.7. Hardcore Vulnerability Exploitation
        1. 11.7.1. Using Metasploit
        2. 11.7.2. Using CORE IMPACT
        3. 11.7.3. Countermeasures against hardcore vulnerability exploits
      8. 11.8. Authenticated Scans
        1. 11.8.1. General OS vulnerabilities
        2. 11.8.2. Rooting out sensitive text in network files
    2. 12. Linux
      1. 12.1. Linux Vulnerabilities
      2. 12.2. Choosing Tools
      3. 12.3. Information Gathering
        1. 12.3.1. System scanning
        2. 12.3.2. Countermeasures against system scanning
      4. 12.4. Unneeded Services
        1. 12.4.1. Searches
          1. 12.4.1.1. Vulnerabilities
          2. 12.4.1.2. Tools
        2. 12.4.2. Countermeasures against attacks on unneeded services
          1. 12.4.2.1. Disabling unneeded services
            1. 12.4.2.1.1. inetd.conf
            2. 12.4.2.1.2. chkconfig
          2. 12.4.2.2. Access control
      5. 12.5. .rhosts and hosts.equiv Files
        1. 12.5.1. Hacks using the .rhosts and hosts.equiv files
          1. 12.5.1.1. hosts.equiv
          2. 12.5.1.2. .rhosts
        2. 12.5.2. Countermeasures against .rhosts and hosts.equiv file attacks
          1. 12.5.2.1. Disabling commands
          2. 12.5.2.2. Blocking access
      6. 12.6. NFS
        1. 12.6.1. NFS hacks
        2. 12.6.2. Countermeasures against NFS attacks
      7. 12.7. File Permissions
        1. 12.7.1. File permission hacks
        2. 12.7.2. Countermeasures against file permission attacks
          1. 12.7.2.1. Manual testing
          2. 12.7.2.2. Automatic testing
      8. 12.8. Buffer Overflows
        1. 12.8.1. Attacks
        2. 12.8.2. Countermeasures against buffer-overflow attacks
      9. 12.9. Physical Security
        1. 12.9.1. Physical security hacks
        2. 12.9.2. Countermeasures against physical security attacks
      10. 12.10. General Security Tests
      11. 12.11. Patching Linux
        1. 12.11.1. Distribution updates
          1. 12.11.1.1. Red Hat
          2. 12.11.1.2. Debian
          3. 12.11.1.3. Slackware
          4. 12.11.1.4. SUSE
        2. 12.11.2. Multiplatform update managers
    3. 13. Novell NetWare
      1. 13.1. NetWare Vulnerabilities
      2. 13.2. Choosing Tools
      3. 13.3. Getting Started
        1. 13.3.1. Server access methods
        2. 13.3.2. Port scanning
        3. 13.3.3. NCPQuery
        4. 13.3.4. Countermeasures against enumeration
      4. 13.4. Authentication
        1. 13.4.1. rconsole
          1. 13.4.1.1. rconsole attacks
          2. 13.4.1.2. Countermeasures against rconsole attacks
        2. 13.4.2. Server-console access
        3. 13.4.3. Intruder detection
          1. 13.4.3.1. Testing for intruders
          2. 13.4.3.2. Countermeasures against intruders
        4. 13.4.4. Rogue NLMs
          1. 13.4.4.1. Testing for rogue NLMs
            1. 13.4.4.1.1. Modules command
            2. 13.4.4.1.2. Tcpcon
            3. 13.4.4.1.3. Admin utilities
          2. 13.4.4.2. Countermeasures against rogue NLM attacks
            1. 13.4.4.2.1. Documentation
            2. 13.4.4.2.2. Unauthorized logins
        5. 13.4.5. Cleartext packets
          1. 13.4.5.1. Packet capture
          2. 13.4.5.2. Countermeasures against packet capture
      5. 13.5. Solid Practices for Minimizing NetWare Security Risks
        1. 13.5.1. Rename admin
        2. 13.5.2. Disable eDirectory browsing
          1. 13.5.2.1. NetWare Administrator
          2. 13.5.2.2. Novell ConsoleOne
        3. 13.5.3. Remove bindery contexts
        4. 13.5.4. Audit the system
        5. 13.5.5. TCP/IP parameters
        6. 13.5.6. Patch
  11. V. Hacking Applications
    1. 14. Messaging Systems
      1. 14.1. Messaging System Vulnerabilities
      2. 14.2. E-Mail Attacks
        1. 14.2.1. E-mail bombs
          1. 14.2.1.1. Attachments
            1. 14.2.1.1.1. Attacks using e-mail attachments
            2. 14.2.1.1.2. Countermeasures against e-mail attachment attacks
          2. 14.2.1.2. Connections
            1. 14.2.1.2.1. Attacks using floods of e-mails
            2. 14.2.1.2.2. Countermeasures against connection attacks
          3. 14.2.1.3. Automatic e-mail security
            1. 14.2.1.3.1. Tarpitting
            2. 14.2.1.3.2. E-mail firewalls
            3. 14.2.1.3.3. Perimeter protection
        2. 14.2.2. Banners
          1. 14.2.2.1. Gathering information
          2. 14.2.2.2. Countermeasures against banner attacks
        3. 14.2.3. SMTP attacks
          1. 14.2.3.1. Account enumeration
            1. 14.2.3.1.1. Attacks using account enumeration
            2. 14.2.3.1.2. Countermeasures against account enumeration
          2. 14.2.3.2. Relay
            1. 14.2.3.2.1. Automatic testing
            2. 14.2.3.2.2. Manual testing
            3. 14.2.3.2.3. Countermeasures against SMTP relay attacks
          3. 14.2.3.3. E-mail header disclosures
            1. 14.2.3.3.1. Testing
            2. 14.2.3.3.2. Countermeasures against header disclosures
          4. 14.2.3.4. Capturing traffic
          5. 14.2.3.5. Malware
            1. 14.2.3.5.1. Eicar test string
            2. 14.2.3.5.2. GFI's Email Security Testing Zone
        4. 14.2.4. General best practices for minimizing e-mail security risks
          1. 14.2.4.1. Software solutions
          2. 14.2.4.2. Operating guidelines
      3. 14.3. Instant Messaging
        1. 14.3.1. IM vulnerabilities
          1. 14.3.1.1. Sharing network drives
          2. 14.3.1.2. Log files
        2. 14.3.2. Countermeasures against IM vulnerabilities
          1. 14.3.2.1. Detecting IM traffic
          2. 14.3.2.2. Maintenance and configuration
      4. 14.4. Voice over IP
        1. 14.4.1. VoIP vulnerabilities
          1. 14.4.1.1. Scanning for vulnerabilities
          2. 14.4.1.2. Capturing and recording voice traffic
        2. 14.4.2. Countermeasures against VoIP vulnerabilities
    2. 15. Web Applications and Databases
      1. 15.1. Choosing Your Web Application Tools
      2. 15.2. Web Application Vulnerabilities
        1. 15.2.1. Unsecured login mechanisms
        2. 15.2.2. Countermeasures against unsecured login systems
        3. 15.2.3. Directory traversal
          1. 15.2.3.1. robots.txt
          2. 15.2.3.2. Filenames
          3. 15.2.3.3. Crawlers
          4. 15.2.3.4. Google
        4. 15.2.4. Countermeasures against directory traversals
        5. 15.2.5. Input filtering attacks
          1. 15.2.5.1. Buffer overflows
          2. 15.2.5.2. Automated input
          3. 15.2.5.3. Code injection and SQL injection
          4. 15.2.5.4. Hidden field manipulation
          5. 15.2.5.5. Cross-site scripting
        6. 15.2.6. Countermeasures against input attacks
        7. 15.2.7. Memory attacks
        8. 15.2.8. Countermeasures against memory attacks
        9. 15.2.9. Default script attacks
        10. 15.2.10. Countermeasures against default script attacks
        11. 15.2.11. URL filter bypassing
        12. 15.2.12. Countermeasures against URL filter bypassing
        13. 15.2.13. General security scans for Web application vulnerabilities
      3. 15.3. Database Vulnerabilities
        1. 15.3.1. Finding database servers on the network
        2. 15.3.2. Cracking database server passwords
        3. 15.3.3. Scanning databases for vulnerabilities
      4. 15.4. General Best Practices for Minimizing Security Risks
        1. 15.4.1. Obscurity
        2. 15.4.2. Firewalls
  12. VI. Ethical Hacking Aftermath
    1. 16. Reporting Your Results
      1. 16.1. Pulling the Results Together
      2. 16.2. Prioritizing Vulnerabilities
      3. 16.3. Reporting Methods
    2. 17. Plugging Security Holes
      1. 17.1. Turning Your Reports into Action
      2. 17.2. Patching for Perfection
        1. 17.2.1. Patch management
        2. 17.2.2. Patch automation
          1. 17.2.2.1. Commercial tools
          2. 17.2.2.2. Free tools
      3. 17.3. Hardening Your Systems
      4. 17.4. Assessing Your Security Infrastructure
    3. 18. Managing Security Changes
      1. 18.1. Automating the Ethical Hacking Process
      2. 18.2. Monitoring Malicious Use
      3. 18.3. Outsourcing Ethical Hacking
      4. 18.4. Instilling a Security-Aware Mindset
      5. 18.5. Keeping Up with Other Security Issues
  13. VII. The Part of Tens
    1. 19. Ten Tips for Getting Upper Management Buy-In
      1. 19.1. Cultivate an Ally and Sponsor
      2. 19.2. Don't Be a FUDdy Duddy
      3. 19.3. Demonstrate How the Organization Can't Afford to Be Hacked
      4. 19.4. Outline the General Benefits of Ethical Hacking
      5. 19.5. Show How Ethical Hacking Specifically Helps the Organization
      6. 19.6. Get Involved in the Business
      7. 19.7. Establish Your Credibility
      8. 19.8. Speak on Their Level
      9. 19.9. Show Value in Your Efforts
      10. 19.10. Be Flexible and Adaptable
    2. 20. Ten Deadly Mistakes
      1. 20.1. Not Getting Prior Approval in Writing
      2. 20.2. Assuming that You Can Find All Vulnerabilities during Your Tests
      3. 20.3. Assuming That You Can Eliminate All Security Vulnerabilities
      4. 20.4. Performing Tests Only Once
      5. 20.5. Thinking That You Know It All
      6. 20.6. Running Your Tests without Looking at Things from a Hacker's Viewpoint
      7. 20.7. Not Testing the Right Systems
      8. 20.8. Not Using the Right Tools
      9. 20.9. Pounding Production Systems at the Wrong Time
      10. 20.10. Outsourcing Testing and Not Staying Involved
  14. A. Tools and Resources
    1. A.1. Awareness and Training
    2. A.2. Bluetooth
    3. A.3. Certifications
    4. A.4. Dictionary Files and Word Lists
    5. A.5. Exploit Tools
    6. A.6. General Research Tools
    7. A.7. Hacker Stuff
    8. A.8. Linux
    9. A.9. Log Analysis
    10. A.10. Malware
    11. A.11. Messaging
    12. A.12. NetWare
    13. A.13. Networks
    14. A.14. Password Cracking
    15. A.15. Patch Management
    16. A.16. Source Code Analysis
    17. A.17. Security Standards
    18. A.18. Security Education
    19. A.19. Storage
    20. A.20. Risk Analysis and Threat Modeling
    21. A.21. Voice over IP
    22. A.22. War Dialing
    23. A.23. Web Applications and Databases
    24. A.24. Windows
    25. A.25. Wireless Networks