Description

A new edition the most popular Hack Proofing book around! IT professionals who want to run secure networks, or build secure software, need to know about the methods of hackers. The second edition of the best seller Hack Proofing Your Network, teaches about those topics, including: · The Politics, Laws of Security, Classes of Attack, Methodology, Diffing, Decrypting, Brute Force, Unexpected Input, Buffer Overrun, Sniffing, Session Hijacking, Spoofing, Server Holes, Client Holes, Trojans and Viruses, Reporting Security Problems, Choosing Secure Systems The central idea of this book is that it's better for you to find the holes in your network than it is for someone else to find them, someone that would use them against you. The complete, authoritative guide to protecting your Windows 2000 Network.

Key Features

Updated coverage of an international bestseller and series flagship Covers more methods of attack and hacker secrets Interest in topic continues to grow - network architects, engineers and administrators continue to scramble for security books Written by the former security manager for Sybase and an expert witness in the Kevin Mitnick trials · A great addition to the bestselling "Hack Proofing..." series · Windows 2000 sales have surpassed those of Windows NT · Critical topic. The security of an organization's data and communications is crucial to its survival and these topics are notoriously difficult to grasp · Unrivalled web support at www.solutions@syngress.com

Table of Contents

Foreword v 1.5 Foreword v 1.0 Chapter 1 How To Hack Introduction What We Mean by “Hack” Why Hack? Knowing What To Expect in the Rest of This Book Understanding the Current Legal Climate Summary Frequently Asked Questions Chapter 2 The Laws of Security Introduction Knowing the Laws of Security Client-Side Security Doesn’t Work You Cannot Securely Exchange Encryption Keys without a Shared Piece of Information Malicious Code Cannot Be 100 Percent Protected against Any Malicious Code Can Be Completely Morphed to Bypass Signature Detection Firewalls Cannot Protect You 100 Percent from Attack Social Engineering Attacking Exposed Servers Attacking the Firewall Directly Client-Side Holes Any IDS Can Be Evaded Secret Cryptographic Algorithms Are Not Secure If a Key Is Not Required,You Do Not Have Encryption—You Have Encoding Passwords Cannot Be Securely Stored on the Client Unless There Is Another Password to Protect Them In Order for a System to Begin to Be Considered Secure, It Must Undergo an Independent Security Audit Security through Obscurity Does Not Work Summary Solutions Fast Track Frequently Asked Questions Chapter 3 Classes of Attack Introduction Identifying and Understanding the Classes of Attack Denial of Service Information Leakage Regular File Access Misinformation Special File/Database Access Remote Arbitrary Code Execution Elevation of Privileges Identifying Methods of Testing for Vulnerabilities Proof of Concept Standard Research Techniques Summary Solutions Fast Track Frequently Asked Questions Chapter 4 Methodology Introduction Understanding Vulnerability Research Methodologies Source Code Research

Details

No. of pages:
704
Language:
English
Copyright:
© 2002
Published:
Imprint:
Syngress
Print ISBN:
9781928994701
Electronic ISBN:
9780080478166

Reviews

Essential reading for your IT security organization." —Deena Joyce, Director of Information Technology and Network Security, Casino Magic