COVID-19 Update: We are currently shipping orders daily. However, due to transit disruptions in some geographies, deliveries may be delayed. To provide all customers with timely access to content, we are offering 50% off Science and Technology Print & eBook bundle options. Terms & conditions.
Hack the Stack - 1st Edition - ISBN: 9781597491099, 9780080507743

Hack the Stack

1st Edition

Using Snort and Ethereal to Master The 8 Layers of An Insecure Network

Authors: Michael Gregg Stephen Watkins George Mays Chris Ries Ronald Bandes Brandon Franklin
Paperback ISBN: 9781597491099
eBook ISBN: 9780080507743
Imprint: Syngress
Published Date: 6th November 2006
Page Count: 481
Sales tax will be calculated at check-out Price includes VAT/GST
Price includes VAT/GST

Institutional Subscription

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.


This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack" -- the seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer: The people layer.

This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attacker’s exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur.

What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack.

Key Features

  • Remember being a child and wanting to take something apart, like a phone, to see how it worked? This book is for you then as it details how specific hacker tools and techniques accomplish the things they do.

    * This book will not only give you knowledge of security tools but will provide you the ability to design more robust security solutions

    * Anyone can tell you what a tool does but this book shows you how the tool works


The book has a broader market than most pure hacking books. While pure hacking books focus exclusively on the security market, this book targets the information needed for IT security professionals, those involved in networking, programmers, and general IT specialists. There are many people in the world of IT that may not be full-time security professionals but have the need to understand security and apply it to their job. Anyone that has a basic understanding of networking and security concepts can gain from this book.

Table of Contents

  • Acknowledgments
  • Lead Author
  • Contributing Authors
  • Technical Editor
  • Foreword
  • Chapter 1: Extending OSI to Network Security
    • Introduction
    • Our Approach to This Book
    • Common Stack Attacks
    • Mapping OSI to TCP/IP
    • The Current State of IT Security
    • Using the Information in This Book
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 2: Layer 1: The Physical Layer
    • Introduction
    • Defending the Physical Layer
    • Attacking the Physical Layer
    • Layer 1 Security Project
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 3: Layer 2: The Data Link Layer
    • Introduction
    • Ethernet and the Data Link Layer
    • Understanding PPP and SLIP
    • Working with a Protocol Analyzer
    • Understanding How ARP Works
    • Attacking the Data Link Layer
    • Defending the Data Link Layer
    • Securing Your Network from Sniffers
    • Employing Detection Techniques
    • Data Link Layer Security Project
    • Using the Auditor Security Collection to Crack WEP
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 4: Layer 3: The Network Layer
    • Introduction
    • The IP Packet Structure
    • The ICMP Packet Structure
    • Attacking the Network Layer
    • Defending the Network Layer
    • Network Layer Security Project
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 5: Layer 4: The Transport Layer
    • Introduction
    • Connection-Oriented versus Connectionless Protocols
    • Protocols at the Transport Layer
    • The Hacker’s Perspective
    • Scanning the Network
    • Operating System Fingerprinting
    • Detecting Scans on Your Network
    • Defending the Transport Layer
    • Transport Layer Project — Setting Up Snort
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 6: Layer 5: The Session Layer
    • Introduction
    • Attacking the Session Layer
    • Defending the Session Layer
    • Session Layer Security Project
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 7: Layer 6: The Presentation Layer
    • Introduction
    • The Structure of NetBIOS and SMB
    • Attacking the Presentation Layer
    • Defending the Presentation Layer
    • Presentation Layer Security Project
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 8: Layer 7: The Application Layer
    • Introduction
    • The Structure of FTP
    • Analyzing Domain Name System and Its Weaknesses
    • Other Insecure Application Layer Protocols
    • Attacking the Application Layer
    • Defending the Application Layer
    • Nessus
    • Application-Layer Security Project: Using Nessus to Secure the Stack
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Chapter 9: Layer 8: The People Layer
    • Introduction
    • Attacking the People Layer
    • Defending the People Layer
    • Making the Case for Stronger Security
    • People Layer Security Project
    • Summary
    • Solutions Fast Track
    • Frequently Asked Questions
  • Appendix A: Risk Mitigation: Securing the Stack
    • Introduction
    • Physical
    • Data Link
    • Network
    • Transport
    • Session
    • Presentation
    • Application
    • People
    • Summary
  • Index


No. of pages:
© Syngress 2006
6th November 2006
Paperback ISBN:
eBook ISBN:

About the Authors

Michael Gregg

Michael Gregg is the President of Superior Solutions, Inc. and has more than 20 years' experience in the IT field. He holds two associate’s degrees, a bachelor’s degree, and a master’s degree and is certified as CISSP, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA. Michael's primary duty is to serve as project lead for security assessments, helping businesses and state agencies secure their IT resources and assets. Michael has authored four books, including Inside Network Security Assessment, CISSP Prep Questions, CISSP Exam Cram2, and Certified Ethical Hacker Exam Prep2. He has developed four high-level security classes, including Global Knowledge's Advanced Security Boot Camp, Intense School's Professional Hacking Lab Guide, ASPE's Network Security Essentials, and Assessing Network Vulnerabilities. He has written over 50 articles featured in magazines and Web sites, including Certification Magazine, GoCertify, The El Paso Times, and SearchSecurity. Michael is also a faculty member of Villanova University and creator of Villanova's college-level security classes, including Essentials of IS Security, Mastering IS Security, and Advanced Security Management. He also serves as a site expert for four TechTarget sites, including SearchNetworking, SearchSecurity, SearchMobileNetworking, and SearchSmallBiz. He is a member of the TechTarget Editorial Board.

Affiliations and Expertise

President, Superior Solutions, Inc.

Stephen Watkins

Stephen Watkins (CISSP) is an Information Security Professional with more than 10 years of relevant technology experience, devoting eight of these years to the security field. He currently serves as Information Assurance Analyst at Regent University in southeastern Virginia. Before coming to Regent, he led a team of security professionals, providing in-depth analysis for a global-scale government network. Over the last eight years, he has cultivated his expertise with regard to perimeter security and multilevel security architecture. His Check Point experience dates back to 1998 with FireWall-1 version 3.0b. He earned his B.S. in Computer Science from Old Dominion University and his M.S. in Computer Science, with Concentration in InfoSec, from James Madison University.

Affiliations and Expertise

CISSP, Information Assurance Analyst at Regent University

George Mays

George Mays (CISSP, CCNA, A+, Network+, Security+, INet+) is an independent consultant with 35 years' experience in computing, data communications, and network security. He holds a B.S. in Systems Analysis. He is a member of the IEEE, CompTIA, and Internet Society.

Affiliations and Expertise

CISSP, CCNA, A+, Network+, Security+, INet+

Chris Ries

Chris Ries is a Security Research Engineer for VigilantMinds Inc., a managed security services provider and professional consulting organization based in Pittsburgh. His research focuses on the discovery, exploitation, and remediation of software vulnerabilities, analysis of malicious code, and evaluation of security software. Chris has published a number of advisories and technical white papers based on his research and has contributed to several books on information security. Chris holds a bachelor’s degree in Computer Science with a Mathematics Minor from Colby College, where he completed research involving automated malicious code detection. Chris has also worked as an analyst at the National Cyber-Forensics & Training Alliance (NCFTA), where he conducted technical research to support law enforcement.

Affiliations and Expertise

Security Research Engineer for VigilantMinds Inc.

Ronald Bandes

Ronald M. Bandes (CISSP, CCNA, MCSE, Security+) is an independent security consultant. Before becoming an independent consultant, he performed security duties for Fortune 100 companies such as JP Morgan, Dun and Bradstreet, and EDS. Ron holds a B.A. in Computer Science.

Affiliations and Expertise

CISSP, CCNA, MCSE, Security+, Independent security consultant

Brandon Franklin

Brandon Franklin (GCIA, MCSA, Security+) is a network administrator with KIT Solutions, Inc. KIT (Knowledge Based Inormation Technology) Solutions, Inc. creates intelligent systems for the health and human services industry that monitor and measure impact and performance outcomes and provide knowledge for improved decision making. A KIT system enables policy makers, government agencies, private foundations, researchers, and field practitioners to implement best practices and science-based programs, demonstrate impacts, and continuously improve outcomes. Brandon formerly served as the Team Lead of Intrusion Analysis at VigilantMinds Inc., a Pittsburgh-based managed security services provider.

Affiliations and Expertise

GCIA, MCSA, Security+

Ratings and Reviews