Cargando…

Hack proofing your network /

A new edition the most popular Hack Proofing book around! IT professionals who want to run secure networks, or build secure software, need to know about the methods of hackers. The second edition of the best seller Hack Proofing Your Network, teaches about those topics, including: The Politics, Laws...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Otros Autores: Ahmad, David R. Mirza, Russell, Ryan, 1969-
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Rockland, MA : Syngress, �2002.
Edición:2nd ed.
Temas:
Acceso en línea:Texto completo

MARC

LEADER 00000cam a2200000 a 4500
001 SCIDIR_ocm51564102
003 OCoLC
005 20231117015034.0
006 m o d
007 cr cn|||||||||
008 030203s2002 enka o 001 0 eng d
040 |a N$T  |b eng  |e pn  |c N$T  |d OCLCQ  |d OCLCG  |d OCLCQ  |d TUU  |d OCLCQ  |d TNF  |d ZCU  |d B24X7  |d OPELS  |d MERUC  |d CCO  |d E7B  |d VVN  |d EBLCP  |d REDDC  |d BAKER  |d DKDLA  |d NNM  |d FVL  |d OCLCQ  |d OCLCO  |d OCLCF  |d UMI  |d OCLCQ  |d DEBBG  |d NLGGC  |d OCLCQ  |d DEBSZ  |d YDXCP  |d AU@  |d OCLCQ  |d COO  |d AZK  |d AGLDB  |d MOR  |d PIFBR  |d OCLCQ  |d WY@  |d OCLCA  |d ROC  |d MNS  |d RCC  |d STF  |d BRL  |d WRM  |d D6H  |d OCLCQ  |d VTS  |d CEF  |d NRAMU  |d ICG  |d OCLCQ  |d VT2  |d TOF  |d OCLCQ  |d UWO  |d G3B  |d C6I  |d OCLCQ  |d UAB  |d LEAUB  |d UKMGB  |d OCLCQ  |d K6U  |d ZGM  |d UKCRE  |d BRF  |d EYM  |d TUHNV  |d OCLCO  |d OCLCQ  |d OCLCO 
015 |a GBA1U5485  |2 bnb 
015 |a GBB975135  |2 bnb 
016 7 |a 017581707  |2 Uk 
016 7 |a 1928994709  |2 Uk 
019 |a 50121224  |a 50689170  |a 56673426  |a 70751032  |a 162598479  |a 474435490  |a 507200984  |a 559510895  |a 646706628  |a 722109244  |a 728006367  |a 856952195  |a 878966386  |a 961580799  |a 961636079  |a 962678798  |a 962719975  |a 988406439  |a 991907190  |a 991953102  |a 1020544404  |a 1035648793  |a 1037484661  |a 1038569659  |a 1045575702  |a 1055347297  |a 1057260213  |a 1060197681  |a 1066966130  |a 1081255880  |a 1103256360  |a 1129143821  |a 1153045233  |a 1153049478  |a 1179560283  |a 1192348278  |a 1194818789  |a 1202539777  |a 1228557017  |a 1240525963  |a 1243578491  |a 1252731121  |a 1262677316  |a 1262690787 
020 |a 1932266186  |q (electronic bk.) 
020 |a 9781932266184  |q (electronic bk.) 
020 |a 9781928994701 
020 |a 1928994709 
020 |a 9780080478166 
020 |a 0080478166 
035 |a (OCoLC)51564102  |z (OCoLC)50121224  |z (OCoLC)50689170  |z (OCoLC)56673426  |z (OCoLC)70751032  |z (OCoLC)162598479  |z (OCoLC)474435490  |z (OCoLC)507200984  |z (OCoLC)559510895  |z (OCoLC)646706628  |z (OCoLC)722109244  |z (OCoLC)728006367  |z (OCoLC)856952195  |z (OCoLC)878966386  |z (OCoLC)961580799  |z (OCoLC)961636079  |z (OCoLC)962678798  |z (OCoLC)962719975  |z (OCoLC)988406439  |z (OCoLC)991907190  |z (OCoLC)991953102  |z (OCoLC)1020544404  |z (OCoLC)1035648793  |z (OCoLC)1037484661  |z (OCoLC)1038569659  |z (OCoLC)1045575702  |z (OCoLC)1055347297  |z (OCoLC)1057260213  |z (OCoLC)1060197681  |z (OCoLC)1066966130  |z (OCoLC)1081255880  |z (OCoLC)1103256360  |z (OCoLC)1129143821  |z (OCoLC)1153045233  |z (OCoLC)1153049478  |z (OCoLC)1179560283  |z (OCoLC)1192348278  |z (OCoLC)1194818789  |z (OCoLC)1202539777  |z (OCoLC)1228557017  |z (OCoLC)1240525963  |z (OCoLC)1243578491  |z (OCoLC)1252731121  |z (OCoLC)1262677316  |z (OCoLC)1262690787 
050 4 |a TK5105.59  |b .H33 2002eb 
072 7 |a COM  |x 060040  |2 bisacsh 
072 7 |a COM  |x 043050  |2 bisacsh 
072 7 |a COM  |x 053000  |2 bisacsh 
082 0 4 |a 005.8  |2 21 
245 0 0 |a Hack proofing your network /  |c David R. Mirza Ahmad [and others] ; Ryan Russell, technical editor. 
250 |a 2nd ed. 
260 |a Rockland, MA :  |b Syngress,  |c �2002. 
300 |a 1 online resource (xxxiv, 787 pages) :  |b illustrations 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
347 |a data file 
500 |a Includes index. 
520 |a A new edition the most popular Hack Proofing book around! IT professionals who want to run secure networks, or build secure software, need to know about the methods of hackers. The second edition of the best seller Hack Proofing Your Network, teaches about those topics, including: The Politics, Laws of Security, Classes of Attack, Methodology, Diffing, Decrypting, Brute Force, Unexpected Input, Buffer Overrun, Sniffing, Session Hijacking, Spoofing, Server Holes, Client Holes, Trojans and Viruses, Reporting Security Problems, Choosing Secure Systems The central idea of this book is that it's better for you to find the holes in your network than it is for someone else to find them, someone that would use them against you. The complete, authoritative guide to protecting your Windows 2000 Network. Updated coverage of an international bestseller and series flagship Covers more methods of attack and hacker secrets Interest in topic continues to grow - network architects, engineers and administrators continue to scramble for security books Written by the former security manager for Sybase and an expert witness in the Kevin Mitnick trials A great addition to the bestselling "Hack Proofing ..." series Windows 2000 sales have surpassed those of Windows NT Critical topic. The security of an organization's data and communications is crucial to its survival and these topics are notoriously difficult to grasp Unrivalled web support at www.solutions@syngress.com 
588 0 |a Print version record. 
505 0 |a Foreword v 1.5</br><br>Foreword v 1.0</br><br>Chapter 1 How To Hack</br><br> Introduction</br><br> What We Mean by "Hack#x94;</br><br> Why Hack?</br><br> Knowing What To Expect in the Rest of This Book</br><br> Understanding the Current Legal Climate</br><br> Summary</br><br> Frequently Asked Questions</br><br>Chapter 2 The Laws of Security</br><br> Introduction</br><br> Knowing the Laws of Security</br><br> Client-Side Security Doesn't Work</br><br> You Cannot Securely Exchange Encryption Keys without a Shared Piece of Information</br><br> Malicious Code Cannot Be 100 Percent Protected against</br><br> Any Malicious Code Can Be Completely Morphed to Bypass Signature Detection</br><br> Firewalls Cannot Protect You 100 Percent from Attack</br><br> Social Engineering</br><br> Attacking Exposed Servers</br><br> Attacking the Firewall Directly</br><br> Client-Side Holes</br><br> Any IDS Can Be Evaded</br><br> Secret Cryptographic Algorithms Are Not Secure</br><br> If a Key Is Not Required, You Do Not Have Encryption-You Have Encoding</br><br> Passwords Cannot Be Securely Stored on the Client Unless There Is Another Password to Protect Them</br><br> In Order for a System to Begin to Be Considered Secure, It Must Undergo an Independent Security Audit</br><br> Security through Obscurity Does Not Work</br><br> Summary </br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Chapter 3 Classes of Attack</br><br> Introduction</br><br> Identifying and Understanding the Classes of Attack </br><br> Denial of Service</br><br> Information Leakage</br><br> Regular File Access</br><br> Misinformation</br><br> Special File/Database Access</br><br> Remote Arbitrary Code Execution</br><br> Elevation of Privileges</br><br> Identifying Methods of Testing for Vulnerabilities</br><br> Proof of Concept</br><br> Standard Research Techniques</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Chapter 4 Methodology</br><br> Introduction</br><br> Understanding Vulnerability Research Methodologies</br><br> Source Code Research</br><br> Binary Research</br><br> The Importance of Source Code Reviews</br><br> Searching Error-Prone Functions</br><br> Reverse Engineering Techniques</br><br> Disassemblers, Decompilers, and Debuggers</br><br> Black Box Testing</br><br> Chips</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Chapter 5 Diffing</br><br> Introduction</br><br> What Is Diffing?</br><br> Why Diff?</br><br> Looking to the Source Code</br><br> Exploring Diff Tools</br><br> Using File-Comparison Tools</br><br> Working with Hex Editors</br><br> Utilizing File System Monitoring Tools</br><br> Finding Other Tools</br><br> Troubleshooting</br><br> Problems with Checksums and Hashes</br><br> Problems with Compression and Encryption</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Chapter 6 Cryptography</br><br> Introduction</br><br> Understanding Cryptography Concepts</br><br> History</br><br> Encryption Key Types</br><br> Learning about Standard Cryptographic Algorithms</br><br> Understanding Symmetric Algorithms</br><br> Understanding Asymmetric Algorithms</br><br> Understanding Brute Force</br><br> Brute Force Basics</br><br> Using Brute Force to Obtain Passwords</br><br> Knowing When Real Algorithms Are Being Used Improperly</br><br> Bad Key Exchanges</br><br> Hashing Pieces Separately</br><br> Using a Short Password to Generate a Long Key</br><br> Improperly Stored Private or Secret Keys</br><br> Understanding Amateur Cryptography Attempts</br><br> Classifying the Ciphertext</br><br> Monoalphabetic Ciphers</br><br> Other Ways to Hide Information</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Chapter 7 Unexpected Input</br><br> Introduction</br><br> Understanding Why Unexpected Data Is Dangerous</br><br> Finding Situations Involving Unexpected Data</br><br> Local Applications and Utilities</br><br> HTTP/HTML</br><br> Unexpected Data in SQL Queries</br><br> Application Authentication</br><br> Disguising the Obvious</br><br> Using Techniques to Find and Eliminate Vulnerabilities</br><br> Black-Box Testing</br><br> Use the Source</br><br> Untaint Data by Filtering It</br><br> Escaping Characters Is Not Always Enough</br><br> Perl</br><br> Cold Fusion/Cold Fusion Markup Language (CFML)</br><br> ASP</br><br> PHP</br><br> Protecting Your SQL Queries</br><br> Silently Removing versus Alerting on Bad Data</br><br> Invalid Input Function</br><br> Token Substitution</br><br> Utilizing the Available Safety Features in Your Programming Language</br><br> Perl</br><br> PHP</br><br> ColdFusion/ColdFusion Markup Language</br><br> ASP</br><br> MySQL</br><br> Using Tools to Handle Unexpected Data</br><br> Web Sleuth</br><br> CGIAudit</br><br> RATS</br><br> Flawfinder</br><br> Retina</br><br> Hailstorm</br><br> Pudding</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Chapter 8 Buffer Overflow</br><br> Introduction</br><br> Understanding the Stack</br><br> The Stack Dump</br><br> Oddities and the Stack</br><br> Understanding the Stack Frame</br><br> Introduction to the Stack Frame</br><br> Passing Arguments to a Function: A Sample Program</br><br> Stack Frames and Calling Syntaxes</br><br> Learning about Buffer Overflows</br><br> A Simple Uncontrolled Overflow: A Sample Program</br><br> Creating Your First Overflow</br><br> Creating a Program with an Exploitable Overflow</br><br> Performing the Exploit</br><br> Learning Advanced Overflow Techniques </br><br> Stack Based Function Pointer Overwrite</br><br> Heap Overflows</br><br> Advanced Payload Design</br><br> Using What You Already Have</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Chapter 9 Format Strings</br><br> Introduction</br><br> Understanding Format String Vulnerabilities</br><br> Why and Where Do Format String Vulnerabilities Exist?</br><br> How Can They Be Fixed?</br><br> How Format String Vulnerabilities Are Exploited</br><br> How Format String Exploits Work</br><br> What to Overwrite</br><br> Examining a Vulnerable Program</br><br> Testing with a Random Format String</br><br> Writing a Format String Exploit</br><br> Summary</br><br> Solutions Fast Track</br><br> Frequently Asked Questions</br><br>Chapter 10 Sniffing</br><br> Introduction</br><br> What Is Sniffing?</br><br> How Does It Work?</br><br> What to Sniff?</br><br> Obtaining Authentication Information</br><br> Capturing Other Network Traffic</br><br> Popular Sniffing Software</br><br> Ethereal</br><b 
650 0 |a Computer networks  |x Security measures. 
650 0 |a Computer security. 
650 2 |a Computer Security  |0 (DNLM)D016494 
650 6 |a R&#xFFFD;eseaux d'ordinateurs  |x S&#xFFFD;ecurit&#xFFFD;e  |x Mesures.  |0 (CaQQLa)201-0263812 
650 6 |a S&#xFFFD;ecurit&#xFFFD;e informatique.  |0 (CaQQLa)201-0061152 
650 7 |a COMPUTERS  |x Internet  |x Security.  |2 bisacsh 
650 7 |a COMPUTERS  |x Networking  |x Security.  |2 bisacsh 
650 7 |a COMPUTERS  |x Security  |x General.  |2 bisacsh 
650 7 |a Computer networks  |x Security measures  |2 fast  |0 (OCoLC)fst00872341 
650 7 |a Computer security  |2 fast  |0 (OCoLC)fst00872484 
700 1 |a Ahmad, David R. Mirza. 
700 1 |a Russell, Ryan,  |d 1969- 
776 0 8 |i Print version:  |t Hack proofing your network.  |b 2nd ed.  |d Rockland, MA : Syngress, &#xFFFD;2002  |z 1928994709  |w (OCoLC)48468640 
856 4 0 |u https://sciencedirect.uam.elogim.com/science/book/9781928994701  |z Texto completo