Cyber operations : building, defending, and attacking modern computer networks /
Cyber Operations walks you through all the processes to set up, defend, and attack computer networks. This book focuses on networks and real attacks, offers extensive coverage of offensive and defensive techniques, and is supported by a rich collection of exercises and resources. You'll learn h...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
[Berkeley, CA] :
Apress,
[2015]
|
Colección: | Expert's voice in cybersecurity.
|
Temas: | |
Acceso en línea: | Texto completo (Requiere registro previo con correo institucional) |
Tabla de Contenidos:
- Machine generated contents note: ch. 1 System Setup
- Introduction
- Virtualization Tools
- VMWare Workstation
- VirtualBox
- Building Linux Systems
- Configuring Software Repositories
- Virtualization Support
- Networking and Basic Configuration
- Browser Software
- Windows Systems
- Virtualization Support
- Windows SIDs
- Networking and Basic Configuration
- Notes and References
- Introduction
- Virtualization Tools
- Building Linux Systems
- Building Windows Systems
- ch. 2 Basic Offense
- Introduction
- Ethics
- Metasploit
- Vulnerabilities
- Metasploit: Attacking the Browser
- Metasploit Modules for Internet Explorer
- Attack: MS13-055 CAnchorElement
- Metasploit Modules for Firefox
- Attack: Firefox XCS Code Execution
- Metasploit: Attacking Flash
- Attack: Adobe Flash Player Shader Buffer Overflow
- Metasploit: Attacking Java
- Attack: Java JAX-WS Remote Code Execution
- Attack: Java Applet ProviderSkeleton Insecure Invoke Method
- Metasploit and Meterpreter Commands
- Meterpreter
- Armitage
- Notes and References
- Introduction
- Metasploit: Attacking the Browser
- Metasploit: Attacking Flash
- Armitage
- References
- ch. 3 Operational Awareness
- Introduction
- Linux Tools
- Detect: Java JAX-WS Remote Code Execution
- Detect: Firefox XCS Code Execution
- Windows Tools
- Detect: MS13-055 CAnchorElement
- Detect: Adobe Flash Player Shader Buffer Overflow
- Network Tools
- Detect: Java JAX-WS Remote Code Execution
- Notes and References
- Linux Tools
- Windows Tools
- Network Tools
- References
- ch. 4 DNS and BIND
- Introduction
- Namespaces
- Installing BIND
- Basic Master Configuration
- Configuring BIND
- Forward Zone
- Reverse Zone
- Loopbacks
- Root Hints
- Controlling the Nameserver
- Running BIND
- Basic Slave Configuration
- Querying DNS
- Advanced Configuration
- Recursion and DNS Amplification Attacks
- Forwarders
- Notes and References
- References
- ch. 5 Scanning the Network
- Introduction
- NMap
- Network Scanning and Metasploit
- Metasploit Scanning Modules
- Notes and References
- ch. 6 Active Directory
- Introduction
- Installation
- Windows 2012
- Windows 2008
- Windows DNS
- Scripting Windows DNS
- DNS Configuration
- Managing a Domain
- Adding Systems
- Adding Users
- Running Commands Remotely
- Organizing a Domain
- Groups and Delegation
- Remote Administration
- Group Policy
- Adding a Second Domain Controller
- Notes and References
- Installing Active Directory
- DNS
- Managing a Domain
- Organizing a Domain
- ch. 7 Attacking the Domain
- Introduction
- Windows Reconnaissance
- Windows Local Privilege Escalation
- Bypassing Enhanced Protected Mode
- Windows Privilege Escalation to SYSTEM
- Privileged Attacks on a Windows System
- Windows Domain Attacks
- Windows Password Attacks
- Windows Cached Credentials
- Windows Hash Gathering
- Windows Direct Attacks
- Linux Privilege Escalation
- Linux Privilege Escalation with Metasploit
- Linux Direct Privilege Escalation
- Linux Password Attacks
- Notes and References
- Windows Local Privilege Escalation
- Windows Domain Attacks
- Windows Password Attacks
- Linux Privilege Escalation
- ch. 8 Logging
- Introduction
- Logging in Linux
- Spoofing Log Messages
- Remote Logging
- Log Rotation
- Logging in Windows
- Rotating Windows Logs
- Remote Windows Logs
- Integrating Windows and Linux Logs
- Notes and References
- ch. 9 Network Services
- Introduction
- SSH
- Installing OpenSSH Server on Linux
- Configuring OpenSSH Server on Linux
- OpenSSH Clients on Windows
- Man in the Middle Attack against SSHv1
- Brute Force Attacks against SSH
- Securing SSH
- FTP Servers
- Connecting to FTP Servers
- Windows File Sharing
- Windows Server 2012
- Windows Server 2008
- Accessing Windows File Shares
- Individual File Shares
- Samba Servers
- Remote Desktop
- Notes and References
- OpenSSH Server
- FTP Servers
- Windows File Shares
- ch. 10 Malware and Persistence
- Introduction
- Document-Based Malware
- Creating Malware
- Persistence
- Kerberos Golden Tickets
- Sticky Keys
- Persistence on Linux Systems
- Malware Analysis
- Detecting Persistence
- Mandiant Redline
- Notes and References
- Malware Defense
- ch. 11 Apache and ModSecurity
- Introduction
- Apache Installation
- Apache Configuration
- Enabling Apache Status
- Enabling Individual User Directories
- Directory Aliases
- CGI Scripts
- Logs and Logging
- Virtual Hosts
- SSL and TLS
- Signing Certificates
- Redirection
- Basic Authentication
- ModSecurity
- Installing ModSecurity
- Starting ModSecurity
- ModSecurity Rules
- Notes and References
- ch. 12 IIS and ModSecurity
- Introduction
- Installation
- IIS Configuration
- Web Sites
- Basic Settings
- Command-Line Tools
- Access Control
- SSL/TLS
- Redirection
- Logging
- ModSecurity
- Notes and References
- ch. 13 Web Attacks
- Introduction
- Pillaging the Browser
- Man in the Middle
- Password Attacks
- Burp Suite Web Proxy
- Burp Suite Brute Force Password Attacks
- Custom Password Attacks
- Defending Against Password Attacks
- Server Reconnaissance
- Slowloris
- Heartbleed
- Notes and References
- ch. 14 Firewalls
- Introduction
- Network Firewalls
- Virtual Networking
- IPFire
- Installing IPFire
- IPFire Initial Configuration
- Network Traffic Rules
- Configuring the Network
- Egress Filters and Proxies
- IPFire Features
- Attacks through a Network Firewall
- Attacks from the DMZ
- Attacking the Internal Network
- Reconnaissance of the Internal Network
- Bypassing the Firewall
- Notes and References
- ch. 15 MySQL and MariaDB
- Introduction
- Installation
- Using MySQL
- Users and Privileges
- mysql Database
- Managing MySQL
- Configuration
- Attacking MySQL
- Notes and References
- ch. 16 Snort
- Introduction
- Installation
- Snort as a Packet Sniffer
- Snort as an Intrusion Detection System
- Tuning Snort
- Barnyard2
- Configuring the Database
- Configuring the Sensor
- Starting Barnyard Automatically
- Querying the Database
- Notes and References
- ch. 17 PHP
- Introduction
- Installation
- XAMPP
- PHP on IIS
- PHP Applications, Configuration, and Security
- Register Globals
- Include Vulnerabilities
- Configuring PHP
- Attacking PHP
- Notes and References
- ch. 18 Web Applications
- Introduction
- Snort Report
- BASE
- phpMyAdmin
- Installing phpMyAdmin
- Attacking phpMyAdmin
- Defending phpMyAdmin
- Joomla
- Installing Joomla
- Attacking Joomla
- Defending Joomla
- WordPress
- Installing WordPress
- Attacking WordPress
- Defending WordPress
- Zen Cart
- Installing Zen Cart
- Attacking Zen Cart
- Notes and References.