search for books and compare prices
Tables of Contents for Hacking Exposed
Chapter/Section Title
Page #
Page Count
Foreword
xvii
Acknowledgments
xxi
Introduction
xxiii
Part I Casing the Establishment
Case Study: Target Acquisition
2
3
Footprinting
5
28
What Is Footprinting?
6
1
Why Is Footprinting Necessary?
6
1
Internet Footprinting
6
25
Determine the Scope of Your Activities
8
5
Network Enumeration
13
9
DNS Interrogation
22
5
Network Reconnaissance
27
4
Summary
31
2
Scanning
33
38
Scan Types
44
2
Identifying TCP and UDP Services Runing
46
5
Windows-Based Port Scanners
51
6
Port Scanning Breakdown
57
4
Active Stack Fingerprinting
61
4
Passive Stack Fingerprinting
65
2
The Whole Enchilada: Automated Discovery Tools
67
1
Summary
68
3
Enumeration
71
46
Windows NT/2000 Enumeration
72
28
NT/2000 Network Resource Enumeration
76
11
NT/2000 User and Group Enumeration
87
8
NT/2000 Applications and Banner Enumeration
95
4
Let Your Scripts Do the Walking
99
1
Novell Enumeration
100
6
Browsing the Network Neighborhood
100
6
UNIX Enumeration
106
7
Summary
113
3
Part II System Hacking
Case Study: Know Your Enemy
116
1
Hacking Windows 95/98 and ME
117
24
Win 9x Remote Exploits
118
12
Direct Connection to Win 9x Shared Resources
119
5
Win 9x Backdoor Servers and Trojans
124
5
Known Server Application Vulnerabilities
129
1
Win 9x Denial of Service
130
1
Win 9x Local Exploits
130
7
Windows Millennium Edition (ME)
137
1
Summary
138
3
Hacking Windows NT
141
78
Overview
143
1
Where We're Headed
143
1
What About Windows 2000?
143
1
The Quest for Administrator
144
30
Remote Exploits: Denial of Service and Buffer Overflows
160
4
Privilege Escalation
164
10
Consolidation of Power
174
37
Exploiting Trust
185
5
Sniffers
190
4
Remote Control and Back Doors
194
9
Port Redirection
203
4
General Countermeasures to Privileged Compromise
207
4
Rootkit: The Ultimate Compromise
211
3
Covering Tracks
214
2
Disabling Auditing
214
1
Clearing the Event Log
214
1
Hiding Files
215
1
Summary
216
3
Hacking Windows 2000
219
46
Footprinting
221
1
Scanning
221
5
Enumeration
226
3
Penetration
229
4
NetBIOS-SMB Password Guessing
229
1
Eavesdropping on Password Hashes
229
1
Attacks Against IIS 5
229
4
Remote Buffer Overflows
233
1
Denial of Service
233
5
Privilege Escalation
238
3
Pilfering
241
10
Grabbing the Win 2000 Password Hashes
241
5
The Encrypting File System (EFS)
246
3
Exploiting Trust
249
2
Covering Tracks
251
1
Disabling Auditing
251
1
Clearing the Event Log
252
1
Hiding Files
252
1
Back Doors
252
5
Startup Manipulation
252
3
Remote Control
255
2
Keystroke Loggers
257
1
General Countermeasures: New Windows Security Tools
257
4
Group Policy
257
3
runas
260
1
Summary
261
4
Novell NetWare Hacking
265
40
Attaching but Not Touching
267
1
Enumerate Bindery and Trees
268
7
Opening the Unlocked Doors
275
2
Authenticated Enumeration
277
5
Gaining Admin
282
3
Application Vulnerabilities
285
2
Spoofing Attacks (Pandora)
287
3
Once You Have Admin on a Server
290
2
Owning the NDS Files
292
6
Log Doctoring
298
4
Console Logs
299
3
Further Resources
302
1
Web Sites (ftp:/ /ftp.novell.com/pub/updates/nw/nw411/)
302
1
Usenet Groups
303
1
Summary
303
2
Hacking UNIX
305
72
The Quest for Root
306
1
A Brief Review
306
1
Vulnerability Mapping
307
1
Remote Access Versus Local Access
307
1
Remote Access
308
31
Data Driven Attacks
312
5
I Want My Shell
317
5
Common Types of Remote Attacks
322
17
Local Access
339
18
After Hacking Root
357
13
Trojans
358
11
Rootkit Recovery
369
1
Summary
370
4
Part III Network Hacking
Case Study: Sweat the Small Stuff!
374
3
Dial-Up, PBX, Voicemail, and VPN Hacking
377
44
Wardialing
380
25
Hardware
380
1
Legal Issues
381
1
Peripheral Costs
382
1
Software
382
21
A Final Note
403
2
PBX Hacking
405
10
Virtual Private Network (VPN) Hacking
415
4
Summary
419
2
Network Devices
421
38
Discovery
422
11
Detection
422
7
SNMP
429
4
Back Doors
433
10
Default Accounts
433
4
Lower the Gates (Vulnerabilities)
437
6
Shared Versus Switched
443
14
Detecting the Media You're On
444
1
Passwords on a Silver Platter: Dsniff
445
3
Sniffing on a Network Switch
448
4
Snmpsniff
452
5
Summary
457
2
Firewalls
459
24
Firewall Landscape
460
1
Firewall Identification
460
9
Advanced Firewall Discovery
465
4
Scanning Through Firewalls
469
4
Packet Filtering
473
4
Application Proxy Vulnerabilities
477
4
WinGate Vulnerabilities
479
2
Summary
481
2
Denial of Service (DoS) Attacks
483
28
Motivation of DoS Attackers
484
1
Types of DoS Attacks
485
3
Bandwidth Consumption
485
1
Resource Starvation
486
1
Programming Flaws
486
1
Routing and DNS Attacks
487
1
Generic DoS Attacks
488
6
Sites Under Attack
491
3
UNIX and Windows NT DoS
494
12
Remote DoS Attacks
495
4
Distributed Denial of Service Attacks
499
5
Local DoS Attacks
504
2
Summary
506
2
Part IV Software Hacking
Case Study: Using All the Dirty Tricks to Get In
508
3
Remote Control Insecurities
511
18
Discovering Remote Control Software
512
1
Connecting
513
1
Weaknesses
514
7
Revealed Passwords
516
1
Uploading Profiles
517
4
What Software Package Is the Best in Terms of Security?
521
6
pcAnywhere
521
1
ReachOut
521
1
Remotely Anywhere
521
2
Remotely Possible/ControIIT
523
1
Timbuktu
523
1
Virtual Network Computing (VNC)
523
3
Citrix
526
1
Summary
527
2
Advanced Techniques
529
36
Session Hijacking
530
3
Back Doors
533
22
Trojans
555
3
Subverting the System Environment: Rootkits and Imaging Tools
558
3
Social Engineering
561
2
Summary
563
2
Web Hacking
565
36
Web Pilfering
566
4
Finding Well-Known Vulnerabilities
570
3
Automated Scripts, for All Those ``Script Kiddies''
570
2
Automated Applications
572
1
Script Inadequacies: Input Validation Attacks
573
17
Active Server Pages (ASP) Vulnerabilities
582
8
Buffer Overflows
590
8
Poor Web Design
598
2
Summary
600
1
Hacking the Internet User
601
66
Malicious Mobile Code
603
20
Microsoft ActiveX
603
11
Java Security Holes
614
4
Beware the Cookie Monster
618
3
Internet Explorer HTML Frame Vulnerabilities
621
2
SSL Fraud
623
3
Email Hacking
626
21
Mail Hacking 101
626
3
Executing Arbitrary Code Through Email
629
8
Outlook Address Books Worms
637
2
File Attachment Attacks
639
8
IRC Hacking
647
2
Napster Hacking with Wrapster
649
1
Global Countermeasures to Internet User Hacking
650
2
Keep Antivirus Signatures Updated
650
1
Guarding the Gateways
651
1
Summary
652
5
Part V Appendixes
A Ports
657
4
B Top 14 Security Vulnerabilities
661
2
C About the Companion Web Site
663
4
Novell
664
1
UNIX
665
1
Windows NT
665
1
Wordlists and Dictionaries
666
1
Wardialing
666
1
Enumeration Scripts
666
1
Index
667