Hacking the hackers

The new edition of Hacking Exposed is not for the faint-hearted. It talks about security from an offensive angle, with a Jane’s-like catalogue of the weaponry that black-hat hackers use.

Hacking Exposed – Network Security Secrets & Solutions, Third Edition, by Stuart McClure, Joel Scambray, George Kurtz (Osborne McGraw-Hill). Paperback, 700 pages.

List Price: $49.99. Buy it now at Amazon for $29.99

A lot of computer-security textbooks approach the subject from a defensive point of view. “Do this, and probably you’ll survive a particular kind of attack,”” they say.

In refreshing contrast, Hacking Exposed, Second Edition talks about security from an offensive angle. A Jane’s-like catalogue of the weaponry that black-hat hackers use is laid out in full. Readers see what programs are out there, get a rundown on what the programs can do, and benefit from detailed explanations of concepts (such as wardialing and rootkits) that most system administrators kind of understand, but perhaps not in detail.

The book also walks through how to use the more powerful and popular hacker software, including L0phtCrack. This new edition has been updated extensively, largely with the results of “”honeypot”” exercises (in which attacks on sacrificial machines are monitored) and Windows 2000 public security trials. There’s a lot of new stuff on e-mail worms, distributed denial-of-service (DDoS) attacks, and attacks that involve routing protocols.

The result of all of this familiarity with bad-guy tools is a leg up on defending against them. Hacking Exposed wastes no time in explaining how to implement the countermeasures – where they exist – that will render known attacks ineffective.

Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what Unix configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare. They spare no criticism of products with which they aren’t impressed, and don’t hesitate to point out inherent, uncorrectable security weaknesses where they find them.

This book is no mere rehashing of generally accepted security practices. It and its companion Web site are the best way for all of you network administrators to know thine enemies.

Click here to buy Hacking Exposed from Amazon.com

email this to a friend tt tt printer friendly version

“”,””body-href””:””””}]”