book: Hacking Exposed: Network Security Secrets and Solutions

[mea culpa <jericho () DIMENSIONAL COM>]

From: Darek Milewski <Darek_Milewski/ABS/Price_Waterhouse () notes pw com>


Hacking Exposed: Network Security Secrets and Solutions
by George Kurtz , Stuart McClure and Joel Scambray
<Osborne /McGraw-Hill>
Type: book   ISBN: 0072121270   Year: 1999 Buy it!

Defend your network against the sneakiest hacks and latest attacks. In
this must-have handbook, security experts Stuart McClure, Joel Scambray,
and George Kurtz give you the full scoop on some of the most highly
publicized and insidious break-ins and show you how to implement
bulletproof security on your system. All aspects of network security are
included from informational scans and probes to password vulnerabilities,
dialup networking insecurities, buffer overflows, Web and email
insecurities, trojans, and back doors. Hacking Exposed: Network Security
Secrets and Solutions covers all security, auditing, and intrusion
detection procedures for UNIX (including Linux), Windows NT/95/98, and
Novell networks.

The bonus companion web site (www.hackingexposed.com) contains custom
scanning scripts and links to security tools.

Foreword by industry expert Marcus Ranum, CEO of Network Flight Recorder
(NFR).

Here's what security experts are saying about "Hacking Exposed".

"Understanding how to mount and create attacks is the only way you can
protect against existing and, more importantly, future attacks. The
information contained herein arms those on the defensive (security admin,
network architects, software developers, etc) with this knowledge. It is
refreshing to see this sort of material finally being made available to
the general public."  - Dr. Mudge of Lopht security research group,
developers of the Lophtcrack NT password auditing tool

"My experience in securing systems is that most users are shocked when
they find out how vulnerable they really are. Perhaps this book will shock
you. No matter what, it will educate you."  - Marcus Ranum, CEO of Network
Flight Recorder

"The authors have put together an excellent up-to-date resource on modern
security vulnerabilities. Rather than simply documenting a few case
studies and talking about problems on a macro scale, the authors build up
a robust framework and dissect the security issues completely. Each
vulnerability covered has detailed countermeasure information. More than a
how-to manual, it's a how-to-do-it-right manual. A book like this has been
needed for quite some time now."  - Mike D. Schiffman ("Route"), Security
Researcher and Author of the Firewalk tool

"Hacking Exposed is a gut wrenching look at the security techniques used
in computer penetration. The authors provide an up to date and
comprehensive view of the methods that hackers use to compromise your
networks. If this book doesn't scare and motivate you to take security
seriously, nothing will."  - Aleph One, Moderator of the Bugtraq Security
Mailing List

"This book is destined to be a classic. Unlike most other security books,
this explains details on hacker tools - why they are used, how they work,
and how best to protect yourself from them. The underground already knows
this stuff, and this book helps the sys admin see their systems through
the intruder's eyes."  - Simple Nomad, Renowned Security Researcher and
Author of The Hack FAQ

Learn to:

Find, exploit, and apply countermeasures for security holes in Unix,
Linux, Windows NT/95/98, and Novell networks Repair email and Web security
holes (CGI, Perl, ASP, browsers, and hostile mobile code) Understand how
back channels and port redirection are used to circumvent firewalls Locate
and scan for vulnerable systems using Whois, Domain Name System queries,
Ping Sweeps, Port Scans, and OS detection Enumerate users, groups, shares,
file systems, and services with no authentication. Crack accounts and
passwords, escalate privilege, and exploit trusts Find and eliminate back
doors, Trojan horses, viruses, and buffer overflows Implement auditing and
intrusion detection solutions Recognize vulnerabilities from dialup
modems, modem pools, and RAS servers.

ISN is sponsored by Security-Focus.COM