Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2/E
Edward Skoudis, with
Tom Liston

ISBN-10: 0131481045
ISBN-13: 9780131481046

Publisher: Prentice Hall
Copyright: 2006
Format: Paper; 784 pp
Published: 12/23/2005

Suggested retail price: $59.99
Buy from myPearsonStore



For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security experts Ed Skoudis and Tom Liston have thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks.

Major revision to the best-selling, step-by-step guide to defending against hacker intrusions--more than 45% new material.

° Contains more than 45% new material including coverage devoted to the steps of scanning, gaining and maintaining access, and preventing detection

° All new scenarios in the anatomy of an attack chapter and tools to battle them

° Author is a huge name in security. The first edition is touted as "outstanding" and the "best of its kind"

Important features of this new edition include

  • All-new "anatomy-of-an-attack" scenarios and tools
  • All-new section on wireless hacking: wardriving, warchalking, WEP attacks, and more
  • Fully updated coverage of reconnaissance tools, including Nmap port scanning and "Google hacking"
  • New coverage of tools for gaining access, including uncovering Windows vulnerabilities with Mediasploit
  • New information on dangerous, hard-to-detect, kernel-level rootkits

(NOTE: Each chapter concludes with Summary).

Foreword.

Preface Reloaded.

About the Authors.

 1. Introduction.

    The Computer World and the Golden Age of Hacking.

    Why This Book?

    The Threat: Never Underestimate Your Adversary.

    A Note on Terminology and Iconography.

    Caveat: These Tools Could Hurt You.

    Organization of Rest of the Book.

 2. Networking Overview: Pretty Much Everything You Need to Know About Networking to Follow the Rest of This Book.

    The OSI Reference Model and Protocol Layering.

    How Does TCP/IP Fit In?

    Understanding TCP/IP.

    Transmission Control Protocol (TCP).

    User Datagram Protocol (UDP).

    Internet Protocol (IP) and Internet Control Message Protocol (ICMP).

    ICMP.

    Other Network-Level Issues.

    Don’t Forget About the Data Link and Physical Layers!

    Security Solutions for the Internet.

    Conclusion.

 3. Linux and UNIX Overview: Pretty Much Everything You Need to Know About Linux and UNIX to Follow the Rest of This Book.

    Introduction.

    Architecture.

    Accounts and Groups.

    Linux and UNIX Permissions.

    Linux and UNIX Trust Relationships.

    Common Linux and UNIX Network Services.

    Conclusion.

 4. Windows NT/000/XP/00 Overview: Pretty Much Everything You Need to Know About Windows to Follow the Rest of This Book.

    Introduction.

    A Brief History of Time.

    The Underlying Windows Operating System Architecture.

    How Windows Password Representations Are Derived.

    Kernel Mode.

    From Service Packs and Hotfixes to Windows Update and Beyond.

    Accounts and Groups.

    Privilege Control.

    Policies

    Trust.

    Auditing.

    Object Access Control and Permissions.

    Network Security.

    Windows 2000 and Beyond: Welcome to the New Millennium.

    Conclusion.

 5. Phase 1: Reconnaissance.

    Low-Technology Reconnaissance: Social Engineering, Caller ID Spoofing, Physical Break-In, and Dumpster Diving.

    Search the Fine Web (STFW).

    Who is Databases: Treasure Chests of Information.

    The Domain Name System.

    General-Purpose Reconnaissance Tools.

    Conclusion.

 6. Phase 2: Scanning.

    War Driving: Finding Wireless Access Points.

    War Dialing: Looking for Modems in All the Right Places.

    Network Mapping.

    Determining Open Ports Using Port Scanners.

    Vulnerability-Scanning Tools.

    Intrusion Detection System and Intrusion Prevention System Evasion.

    Conclusion.

 7. Phase 3: Gaining Access Using Application and Operating System Attacks.

    Script Kiddie Exploit Trolling.

    Pragmatism for More Sophisticated Attackers.

    Buffer Overflow Exploits.

    Password Attacks.

    Web Application Attacks.

    Exploiting Browser Flaws.

    Conclusion.

 8. Phase 4: Gaining Access Using Network Attacks.

    Sniffing.

    IP Address Spoofing.

    Session Hijacking.

    Netcat: A General-Purpose Network Tool.

    Conclusion.

 9. Phase 3: Denial-of-Service Attacks.

    Locally Stopping Services.

    Locally Exhausting Resources.

    Remotely Stopping Services.

    Remotely Exhausting Resources.

    Conclusion.

10. Phase 4: Maintaining Access: Trojans, Backdoors, and Rootkits ... Oh My!

    Trojan Horses.

    Backdoors.

    The Devious Duo: Backdoors Melded into Trojan Horses.

    Nasty: Application-Level Trojan Horse Backdoor Tools.

    Also Nasty: The Rise of the Bots.

    Additional Nastiness: Spyware Everywhere!

    Defenses Against Application-Level Trojan Horse Backdoors, Bots, and Spyware.

    Even Nastier: User-Mode Rootkits.

    Defending Against User-Mode Rootkits.

    Nastiest: Kernel-Mode Rootkits.

    Defending Against Kernel-Mode Rootkits.

    Conclusion.

11. Phase 5: Covering Tracks and Hiding.

    Hiding Evidence by Altering Event Logs.

    Defenses Against Log and Accounting File Attacks.

    Creating Difficult-to-Find Files and Directories.

    Hiding Evidence on the Network: Covert Channels.

    Defenses Against Covert Channels.

    Conclusion.

12. Putting It All Together: Anatomy of an Attack.

    Scenario 1: Crouching Wi-Fi, Hidden Dragon.

    Scenario 2: Death of a Telecommuter.

    Scenario 3: The Manchurian Contractor.

    Conclusion.

13. The Future, References, and Conclusions.

    Where Are We Heading?

    Keeping Up to Speed.

    Final Thoughts ... Live Long and Prosper.

Index.

 

Ed Skoudis is a founder and senior security consultant for the Washington, D.C.-based network security consultancy, Intelguardians Network Intelligence, LLC. His expertise includes hacker attacks and defenses, the information security industry, and computer privacy issues. He has performed numerous security assessments, designed information security governance and operations teams for Fortune 500 companies, and responded to computer attacks for clients in financial, high technology, health care, and other industries. Ed has demonstrated hacker techniques for the U.S. Senate and is a frequent speaker on issues associated with hacker tools and defenses. He was also awarded 2004 and 2005 Microsoft MVP awards for Windows Server Security and is an alumnus of the Honeynet Project. Prior to Intelguardians, Ed served as a security consultant with International Network Services (INS), Predictive Systems, Global Integrity, SAIC, and Bell Communications Research (Bellcore).

Tom Liston is a senior analyst for the Washington, D.C.-based network security consultancy, Intelguardians Network Intelligence, LLC. He is the author of the popular open source network tarpit, LaBrea, for which he was a finalist for eWeek and PC Magazine’s Innovations In Infrastructure (i3) award in 2002. He is one of the handlers at the SANS Institute’s Internet Storm Center, where he deals daily with cutting edge security issues and authors a popular series of articles under the title “Follow the Bouncing Malware.” Mr. Liston resides in the teeming metropolis of Johnsburg, Illinois, and has four beautiful children (who demanded to be mentioned): Mary, Maggie, Erin, and Victoria.



“I finally get it! I used to hear words like rootkit, buffer overflow, and idle scanning, and they just didn’t make any sense. I asked other people and they didn’t seem to know how these things work, or at least they couldn’t explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!”
—Stephen Northcutt, CEO, SANS Institute
“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery
“Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It’s technically intriguing and very clear. . . . A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field.”
—From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World
“What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks.”
—Lenny Zeltser, coauthor of Malware: Fighting Malicious Code
“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery
“In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis’s real strength is in his ability to show complex topics in an understandable form. By the time he’s done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar. This book is your best source for understanding attack strategies, attack tools, and the defenses against both.”
—William Stearns, network security expert, www.stearns.org
“This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written.”
—Warwick Ford, coauthor of Secure Electronic Commerce

For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today’s newest, most sophisticated, and most destructive attacks.

For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic. You’ll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments.

Important features of this new edition include

  • All-new “anatomy-of-an-attack” scenarios and tools
  • An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more
  • Fully updated coverage of reconnaissance tools, including Nmap port scanning and “Google hacking”
  • New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit
  • New information on dangerous, hard-to-detect, kernel-mode rootkits


View a Sample Chapter PDF:

Pearson Higher Education offers special pricing when you choose to package your text with other student resources. If you're interested in creating a cost-saving package for your students, contact your Pearson Higher Education representative for pricing and ordering information.

This title is a member of the Radia Perlman Series in Computer Networking and Security, which also contains the titles below . You can also visit the Radia Perlman Series in Computer Networking and Security page.

    For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security experts Ed Skoudis and Tom Liston have thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks.

  • 0131481045Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, 2/E
    Skoudis & Liston
    © 2006 | Prentice Hall | Paper; 784 pages | Instock
    ISBN-10: 0131481045 | ISBN-13: 9780131481046
    Brief Description | Buy from myPearsonStore

    • An administrator's guide to setting up and managing a wireless LAN. Will cover: speeds and feeds (802.11b vs 11a vs 11g) configuring an 802.11 NIC (network information center) in a Windows and Linux environment.

  • 0131014064Field Guide to Wireless LANs for Administrators and Power Users, A
    Maufer
    © 2004 | Prentice Hall | Paper; 368 pages | Out of Stock
    ISBN-10: 0131014064 | ISBN-13: 9780131014060
    Brief Description

    • Internet Denial of Service provides an in-depth look at the history and future of DDoS attacks. The authors draw on their extensive experience with actual DDoS attacks to offer practical methods for defending against and responding to such crimes. They also survey the commercial DDoS defense tools currently available and share the pros and cons of various defense strategies.
  • 0131475738Internet Denial of Service: Attack and Defense Mechanisms
    Mirkovic, Dietrich, Dittrich & Reiher
    © 2005 | Prentice Hall | Paper; 400 pages | Instock
    ISBN-10: 0131475738 | ISBN-13: 9780131475731
    Brief Description | Buy from myPearsonStore

    • Malicious code is a set of instructions that runs on your computer and makes

    your system do something that you do not want it to do. For example, it can

    delete sensitive configuration files from your hard drive, rendering your

    computer completely inoperable; infect your computer and use it as a jumpingoff

    point to spread to all of your buddies' computers; and steal files from your

    machine. Malicious code in the hands of a crafty attacker is indeed powerful.

    It's becoming even more of a problem because many of the very same factors

    fueling the evolution of the computer industry are making our systems even

    more vulnerable to malicious code. Specifically, malicious code writers benefit

    from the trends toward mixing static data and executable instructions,

    increasingly homogenous computing environments, unprecedented

    connectivity, an ever-larger clueless user base, and an unfriendly world. Skoudis

    addressed malicious code in just one chapter of his previous book. Here, a

    dozen chapters focus on one of the most interesting and rapidly developing

    areas of computer attacks.

    *Chapter 11, "Defender's Toolbox," rolls together the defensive strategies

    described in the book. As a bonus, Skoudis gives recipes for creating your own

    malicious code analysis laboratory using cheap hardware and software.

    *Foreword by Gene Schultz, security inspector for Global Integrity.

  • 0131014056Malware: Fighting Malicious Code
    Skoudis & Zeltser
    © 2004 | Prentice Hall | Paper; 672 pages | Instock
    ISBN-10: 0131014056 | ISBN-13: 9780131014053
    Brief Description | Buy from myPearsonStore

    • The book will focus on mobile networks which use IP or the Internet Protodol. Author is on IETF (Internet Eng Task Force) Group which has standardized Mobile IP and has worked inthis field at Motorola for many years. A good chunck of this book will focus on mobile IP routing and advanced mobile IP features. Author will also cover: security and firewalls in mobile IP nets, IPv6 mobility, multicasting, multi-protocol support, applications (intranet LAN to LAN, wireless LANS, conferencing, commercial wireless products).

  • 0138562466Mobile IP: The Internet Unplugged
    Solomon
    © 1998 | Prentice Hall | Paper; 384 pages | Instock
    ISBN-10: 0138562466 | ISBN-13: 9780138562465
    Brief Description | Buy from myPearsonStore

    • Appropriate for all graduate-level and upper-level courses in network or computer security.

    Widely regarded as the most comprehensive yet comprehensible guide to network security, the First Edition of Network Security received critical acclaim for its lucid and witty explanations of the inner workings of network security protocols. Now, in the Second Edition, this books exceptionally distinguished author team draws on its hard-won experience to illuminate every facet of information security, from the basics to advanced cryptography and authentication; secure Web and email services; and emerging security standards. Highlights of the books extensive new coverage include Advanced Encryption Standard (AES), IPsec, SSL, X.509 and related PKI standards, and Web security. The authors go far beyond documenting standards and technology: they contrast competing schemes, explain strengths and weaknesses, and identify the crucial errors most likely to compromise secure systems.

  • 0130460192Network Security: Private Communication in a Public World, 2/E
    Kaufman, Perlman & Speciner
    © 2003 | Prentice Hall | Cloth; 752 pages | Instock
    ISBN-10: 0130460192 | ISBN-13: 9780130460196
    Brief Description | Buy from myPearsonStore

  • 0137155883Network Security:Private Communications in a Public World, Safari, 2/E
    Kaufman, Perlman & Speciner
    © 2003 | Prentice Hall | On-line Supplement; 752 pages | Instock
    ISBN-10: 0137155883 | ISBN-13: 9780137155880
    URL: http://www.safari.informit.com


    • An implementation guide to optical networking from 2 cisco engineers. Topics covered will include: optical networking standards, optical technologies, Dense Wave Division Multiplexing, net generation intelligent optical networks, optical wavelength routing, routing with rsvp, dynamic packet transport and intelligent protection switching.

  • 013028226XNext Generation Optical Networks: The Convergence of IP Intelligence and Optical Technologies
    Tomsu & Schmutzer
    © 2002 | Prentice Hall | Paper; 352 pages | Instock
    ISBN-10: 013028226X | ISBN-13: 9780130282262
    Brief Description | Buy from myPearsonStore

    • PLEASE PROVIDE COURSE INFORMATION

    PLEASE PROVIDE

  • 0131014684Optimizing Network Performance with Content Switching: Server, Firewall and Cache Load Balancing
    Syme & Goldie
    © 2004 | Prentice Hall | Paper; 288 pages | Instock
    ISBN-10: 0131014684 | ISBN-13: 9780131014688
    Brief Description | Buy from myPearsonStore

  • 013233352XPowerPoint Slides
    Skoudis
    © 2007 | Prentice Hall | Slides | Estimated Availability: 09/25/2006
    ISBN-10: 013233352X | ISBN-13: 9780132333528


    • Appropriate for all courses in network or information security.

    This book teaches students how to secure any network, large or small. More than other books, it reflects the realities network administrators actually face on the front lines, where they are constantly under attack, and don't always get the support they need from their organizations. Former UUNet network architect Allan Liska addresses every facet of network security, including defining security models, access control, Web/DNS/email security, remote access and VPNs, wireless LAN/WAN security, day-to-day monitoring and logging, attack response, and more. He systematically identifies today's most widespread security mistakes and vulnerabilities, offering realistic and up-to-date solutions. He then integrates these techniques in an end-to-end case study, showing how to redesign an insecure enterprise network for maximum security, one step at a time.

  • 0130462233Practice of Network Security, The: Deployment Strategies for Production Environments
    Liska
    © 1996 | Prentice Hall | Paper; 416 pages | Instock
    ISBN-10: 0130462233 | ISBN-13: 9780130462237
    Brief Description | Buy from myPearsonStore

    • This book is the complete reference to today’s only Internet-based document

    authoring and management standard: WebDAV (Web-based Distributed

    Authoring and Versioning). If your work involves collaborative document

    authoring, document management or Web or print publishing, WebDAV is

    beginning to change the way you share documents with others.

    Until recently, the Web has been limited to download and display capabilities.

    HTTP editing functions do not allow multiple authors to work on the same

    document remotely and in a secure manner. Much Web content authoring is

    collaborative and occurs remotely. WebDAV is the first standard protocol to

    address this need. It builds on and extends HTTP to bring the same benefits to

    authoring that the Web has already brought to viewing content.

    The Web is finally becoming a true authoring medium.

    In the past year, support for WebDAV has greatly accelerated. Authors can

    now use WebDAV in products such as Dreamweaver and Adobe products

    such as Photoshop, GoLive and in the recently released version of

    Framemaker WebDAV is also being supported in the operating systems

    including MAC OS X and Windows XP.

  • 0130652083WebDAV: Next-Generation Collaborative Web Authoring
    Dusseault
    © 2004 | Prentice Hall | Paper; 480 pages | Instock
    ISBN-10: 0130652083 | ISBN-13: 9780130652089
    Brief Description | Buy from myPearsonStore

Pearson Higher Education offers special pricing when you choose to package your text with other student resources. If you're interested in creating a cost-saving package for your students, browse our available packages below, or contact your Pearson Higher Education representative to create your own package.



Copyright ©2008 Pearson Education. All rights reserved. Legal Notice | Privacy Policy | Permissions