Hack Proofing Your Network

Hack Proofing Your Network

2nd Edition - March 26, 2002

Write a review

  • Author: Syngress
  • eBook ISBN: 9780080478166

Purchase options

Purchase options
DRM-free (Mobi, EPub, PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


A new edition the most popular Hack Proofing book around! IT professionals who want to run secure networks, or build secure software, need to know about the methods of hackers. The second edition of the best seller Hack Proofing Your Network, teaches about those topics, including:· The Politics, Laws of Security, Classes of Attack, Methodology, Diffing, Decrypting, Brute Force, Unexpected Input, Buffer Overrun, Sniffing, Session Hijacking, Spoofing, Server Holes, Client Holes, Trojans and Viruses, Reporting Security Problems, Choosing Secure SystemsThe central idea of this book is that it's better for you to find the holes in your network than it is for someone else to find them, someone that would use them against you. The complete, authoritative guide to protecting your Windows 2000 Network.

Key Features

  • Updated coverage of an international bestseller and series flagship
  • Covers more methods of attack and hacker secrets
  • Interest in topic continues to grow - network architects, engineers and administrators continue to scramble for security books
  • Written by the former security manager for Sybase and an expert witness in the Kevin Mitnick trials
  • A great addition to the bestselling "Hack Proofing..." series
  • Windows 2000 sales have surpassed those of Windows NT
  • Critical topic. The security of an organization's data and communications is crucial to its survival and these topics are notoriously difficult to grasp
  • Unrivalled web support at www.solutions@syngress.com

Table of Contents

  • Foreword v 1.5

    Foreword v 1.0

    Chapter 1 How To Hack


    What We Mean by “Hack”

    Why Hack?

    Knowing What To Expect in the Rest of This Book

    Understanding the Current Legal Climate


    Frequently Asked Questions

    Chapter 2 The Laws of Security


    Knowing the Laws of Security

    Client-Side Security Doesn’t Work

    You Cannot Securely Exchange Encryption Keys without a Shared Piece of Information

    Malicious Code Cannot Be 100 Percent Protected against

    Any Malicious Code Can Be Completely Morphed to Bypass Signature Detection

    Firewalls Cannot Protect You 100 Percent from Attack

    Social Engineering

    Attacking Exposed Servers

    Attacking the Firewall Directly

    Client-Side Holes

    Any IDS Can Be Evaded

    Secret Cryptographic Algorithms Are Not Secure

    If a Key Is Not Required,You Do Not Have Encryption—You Have Encoding

    Passwords Cannot Be Securely Stored on the Client Unless There Is Another Password to Protect Them

    In Order for a System to Begin to Be Considered Secure, It Must Undergo an Independent Security Audit

    Security through Obscurity Does Not Work


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 3 Classes of Attack


    Identifying and Understanding the Classes of Attack

    Denial of Service

    Information Leakage

    Regular File Access


    Special File/Database Access

    Remote Arbitrary Code Execution

    Elevation of Privileges

    Identifying Methods of Testing for Vulnerabilities

    Proof of Concept

    Standard Research Techniques


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 4 Methodology


    Understanding Vulnerability Research Methodologies

    Source Code Research

    Binary Research

    The Importance of Source Code Reviews

    Searching Error-Prone Functions

    Reverse Engineering Techniques

    Disassemblers, Decompilers, and Debuggers

    Black Box Testing



    Solutions Fast Track

    Frequently Asked Questions

    Chapter 5 Diffing


    What Is Diffing?

    Why Diff?

    Looking to the Source Code

    Exploring Diff Tools

    Using File-Comparison Tools

    Working with Hex Editors

    Utilizing File System Monitoring Tools

    Finding Other Tools


    Problems with Checksums and Hashes

    Problems with Compression and Encryption


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 6 Cryptography


    Understanding Cryptography Concepts


    Encryption Key Types

    Learning about Standard Cryptographic Algorithms

    Understanding Symmetric Algorithms

    Understanding Asymmetric Algorithms

    Understanding Brute Force

    Brute Force Basics

    Using Brute Force to Obtain Passwords

    Knowing When Real Algorithms Are Being Used Improperly

    Bad Key Exchanges

    Hashing Pieces Separately

    Using a Short Password to Generate a Long Key

    Improperly Stored Private or Secret Keys

    Understanding Amateur Cryptography Attempts

    Classifying the Ciphertext

    Monoalphabetic Ciphers

    Other Ways to Hide Information


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 7 Unexpected Input


    Understanding Why Unexpected Data Is Dangerous

    Finding Situations Involving Unexpected Data

    Local Applications and Utilities


    Unexpected Data in SQL Queries

    Application Authentication

    Disguising the Obvious

    Using Techniques to Find and Eliminate Vulnerabilities

    Black-Box Testing

    Use the Source

    Untaint Data by Filtering It

    Escaping Characters Is Not Always Enough


    Cold Fusion/Cold Fusion Markup Language (CFML)



    Protecting Your SQL Queries

    Silently Removing versus Alerting on Bad Data

    Invalid Input Function

    Token Substitution

    Utilizing the Available Safety Features in Your Programming Language



    ColdFusion/ColdFusion Markup Language



    Using Tools to Handle Unexpected Data

    Web Sleuth








    Solutions Fast Track

    Frequently Asked Questions

    Chapter 8 Buffer Overflow


    Understanding the Stack

    The Stack Dump

    Oddities and the Stack

    Understanding the Stack Frame

    Introduction to the Stack Frame

    Passing Arguments to a Function: A Sample Program

    Stack Frames and Calling Syntaxes

    Learning about Buffer Overflows

    A Simple Uncontrolled Overflow: A Sample Program

    Creating Your First Overflow

    Creating a Program with an Exploitable Overflow

    Performing the Exploit

    Learning Advanced Overflow Techniques

    Stack Based Function Pointer Overwrite

    Heap Overflows

    Advanced Payload Design

    Using What You Already Have


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 9 Format Strings


    Understanding Format String Vulnerabilities

    Why and Where Do Format String Vulnerabilities Exist?

    How Can They Be Fixed?

    How Format String Vulnerabilities Are Exploited

    How Format String Exploits Work

    What to Overwrite

    Examining a Vulnerable Program

    Testing with a Random Format String

    Writing a Format String Exploit


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 10 Sniffing


    What Is Sniffing?

    How Does It Work?

    What to Sniff?

    Obtaining Authentication Information

    Capturing Other Network Traffic

    Popular Sniffing Software


    Network Associates Sniffer Pro

    NT Network Monitor








    Additional Resources

    Advanced Sniffing Techniques

    Man-in-the-Middle (MITM) Attacks


    Switch Tricks

    Routing Games

    Exploring Operating System APIs





    Taking Protective Measures

    Providing Encryption

    Secure Sockets Layers (SSL)

    PGP and S/MIME


    Employing Detection Techniques

    Local Detection

    Network Detection


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 11 Session Hijacking


    Understanding Session Hijacking

    TCP Session Hijacking

    TCP Session Hijacking with Packet Blocking

    UDP Hijacking

    Examining the Available Tools





    Storm Watchers

    Playing MITM for Encrypted Communications

    Man-in-the-Middle Attacks


    Other Hijacking


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 12 Spoofing: Attacks on Trusted Identity


    What It Means to Spoof

    Spoofing Is Identity Forgery

    Spoofing Is an Active Attack against Identity Checking Procedures

    Spoofing Is Possible at All Layers of Communication

    Spoofing Is Always Intentional

    Spoofing Is Not the Same Thing as Betrayal

    Spoofing Is Not Necessarily Malicious

    Spoofing Is Nothing New

    Background Theory

    The Importance of Identity

    The Evolution of Trust

    Asymmetric Signatures between Human Beings

    Establishing Identity within Computer Networks

    Return to Sender

    In the Beginning,There Was… a Transmission

    Capability Challenges

    Configuration Methodologies: Building a Trusted Capability Index

    Desktop Spoofs

    The Plague of Auto-Updating Applications

    Impacts of Spoofs

    Subtle Spoofs and Economic Sabotage

    Down and Dirty: Engineering Spoofing Systems

    Spitting into the Wind: Building a Skeleton Router in Userspace

    Bring Out the Halon: Spoofing Connectivity Through Asymmetric Firewalls


    Solution Fast Track

    Frequently Asked Questions

    Chapter 13 Tunneling


    Strategic Constraints of Tunnel Design

    Privacy: “Where Is My Traffic Going?”

    Routability: “Where Can This Go Through?”

    Deployability: “How Painful Is This to Get Up and Running?”

    Flexibility: “What Can We Use This for,Anyway?”

    Quality: “How Painful Will This System Be to Maintain?”

    Designing End-to-End Tunneling Systems

    Drilling Tunnels Using SSH

    Open Sesame: Authentication

    Basic Access: Authentication by Password

    Transparent Access: Authentication by Private Key

    Command Forwarding: Direct Execution for Scripts and Pipes

    Port Forwarding: Accessing Resources on Remote Networks

    Local Port Forwards

    Dynamic Port Forwards

    Remote Port Forwards

    When in Rome:Traversing the Recalcitrant Network

    Crossing the Bridge: Accessing Proxies through ProxyCommands

    No Habla HTTP? Permuting thy Traffic

    Show Your Badge: Restricted Bastion Authentication

    Bringing the Mountain: Exporting SSHD Access

    Echoes in a Foreign Tongue: Cross-Connecting Mutually Firewalled Hosts

    Not In Denver, Not Dead: Now What?

    Standard File Transfer over SSH

    Incremental File Transfer over SSH

    CD Burning over SSH

    Acoustic Tubing: Audio Distribution over TCP and SSH


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 14 Hardware Hacking


    Understanding Hardware Hacking

    Opening the Device: Housing and Mechanical Attacks

    Types of Tamper Mechanisms

    External Interfaces

    Protocol Analysis

    Electromagnetic Interference and Electrostatic Discharge

    Analyzing the Product Internals: Electrical Circuit Attacks

    Reverse-engineering the Device

    Basic Techniques: Common Attacks

    Advanced Techniques: Epoxy Removal and IC Delidding

    Cryptanalysis and Obfuscation Methods

    What Tools Do I Need?

    Starter Kit

    Advanced Kit

    Example: Hacking the iButton Authentication Token

    Experimenting with the Device

    Reverse-engineering the “Random” Response

    Example: Hacking the NetStructure 7110 E-commerce Accelerator

    Opening the Device

    Retrieving the Filesystem

    Reverse-engineering the Password Generator


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 15 Viruses, Trojan Horses, and Worms


    How Do Viruses,Trojans Horses, and Worms Differ?



    Macro Virus

    Trojan Horses


    Anatomy of a Virus



    Other Tricks of the Trade

    Dealing with Cross-platform Issues


    Macro Viruses


    Shockwave Flash

    Proof that We Need to Worry

    The Morris Worm


    Melissa and I Love You

    Sadmind Worm

    Code Red Worms

    Nimda Worm

    Creating Your Own Malware

    New Delivery Methods

    Faster Propagation Methods

    Other Thoughts on Creating New Malware

    How to Secure Against Malicious Software

    Anti-Virus Software

    Updates and Patches

    Web Browser Security

    Anti-Virus Research


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 16 IDS Evasion


    Understanding How Signature-Based IDSs Work

    Judging False Positives and Negatives

    Alert Flooding

    Using Packet Level Evasion

    IP Options

    IP Fragmentation

    TCP Header

    TCP Synchronization

    Using Fragrouter and Congestant


    Using Application Protocol Level Evasion

    Security as an Afterthought

    Evading a Match

    Web Attack Techniques


    Using Code Morphing Evasion


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 17 Automated Security Review and Attack Tools


    Learning about Automated Tools

    Exploring the Commercial Tools

    Exploring the Free Tools

    Using Automated Tools for Penetration Testing

    Testing with the Commercial Tools

    Testing the Free Tools

    Knowing When Tools Are Not Enough

    The New Face of Vulnerability Testing


    Solutions Fast Track

    Frequently Asked Questions

    Chapter 18 Reporting Security Problems


    Understanding Why Security Problems Need to Be Reported

    Full Disclosure

    Determining When and to Whom to Report the Problem

    Whom to Report Security Problems to?

    Deciding How Much Detail to Publish

    Publishing Exploit Code



    Solutions Fast Track

    Frequently Asked Questions


Product details

  • No. of pages: 704
  • Language: English
  • Copyright: © Syngress 2002
  • Published: March 26, 2002
  • Imprint: Syngress
  • eBook ISBN: 9780080478166

About the Author


Ratings and Reviews

Write a review

There are currently no reviews for "Hack Proofing Your Network"