search for books and compare prices
Tables of Contents for Hack I.T.--Security Through Penetration Testing
Second-Tier Hackers11
1
Third-Tier Hackers11
2
Information Security Consultants
13
1
Information Security Myths
15
4
Ramifications of Penetration Testing
20
1
Requirements for a Freelance Consultant
21
4
Skill Set21
1
Knowledge22
1
Tool Kit23
1
Hardware23
1
Record Keeping24
1
Ethics24
1
Announced vs. Unannounced Penetration Testing
25
4
Definitions25
1
Pros and Cons of Both Types of Penetration Testing26
1
Documented Compromise27
2
Where the Exposures Lie
29
22
Berkeley Internet Name Domain (BIND) Implementations
32
1
Common Gateway Interface (CGI)
33
1
Domain Name Service (DNS)
34
1
Lack of Monitoring and Intrusion Detection
38
1
Network File System (NFS)
40
1
Poor Passwords and User IDs
41
2
Remote Administration Services
43
1
Remote Procedure Call (RPC)
43
1
Services Started by Default
44
1
Simple Mail Transport Protocol (SMTP)
45
1
Simple Network Management Protocol (SNMP) Community Strings
45
1
Viruses and Hidden Code
46
1
Web Server Sample Files
47
1
Web Server General Vulnerabilities
48
1
Monitoring Vulnerabilities
48
3
Network Enumeration/Discovery
52
7
Whois Query52
2
Zone Transfer54
3
Ping Sweeps57
1
Traceroute58
1
Vulnerability Analysis
59
6
OS Identification60
1
Port Scanning60
3
Application Enumeration63
1
Internet Research63
2
Case Study: Dual-Homed Hosts68
3
Dialing72
1
Login73
1
Login Screens74
1
ToneLoc78
3
THC-Scan81
4
TeleSweep85
1
PhoneSweep86
1
Case Study: War Dialing87
4
Internal Penetration Testing
91
22
Searching for Exploits
104
1
Remotely Installing a Hacker Tool Kit
107
1
Vulnerability Scanning
108
5
Case Study: Snoop the User Desktop109
4
Technical Support114
2
Disgruntled Customer116
2
Get Help Logging In118
1
Additional Methods119
1
Common Countermeasures
123
2
inetd Services127
6
r Services133
1
Remote Procedure Call Services134
2
Buffer Overflow Attacks
136
1
Mail Servers140
2
Web Servers142
2
X Windows144
1
DNS Servers145
1
Datapipe.c147
1
QueSO147
1
Cheops148
4
nfsshell152
1
XSCAN153
1
Case Study: UNIX Penetration154
3
Windows NT Workstation160
1
Linux160
1
Automated Vulnerability Scanners
165
22
Network-Based and Host-Based Scanners
168
1
Network-Based Scanners
171
10
Network Associates CyberCop Scanner171
4
ISS Internet Scanner175
2
Nessus177
3
Symantec (Formerly Axent Technologies) NetRecon180
1
Bindview HackerShield (bv-control for Internet Security)180
1
Symantec (Formerly Axent Technologies) Enterprise Security Manager (ESM)181
3
7th Sphere Port Scanner
237
1
SessionWall-3 (Now eTrust Intrusion Detection)
249
2
Global (``Domain Admins'')
280
1
NetBIOS Auditing Tool (NAT)
287
2
Case Study: Weak Passwords304
6
Case Study: Internal Penetration to Windows310
5
Case Study: Compaq Management Agents Vulnerability325
4
Virtual Network Computing
335
3
Intrusion Detection Systems
347
22
Stealth Port Scanning353
2
Aggressive Techniques355
1
Traits of Effective IDSs
356
6
RealSecure362
1
NetProwler363
1
Secure Intrusion Detection363
1
eTrust Intrusion Detection364
1
Network Flight Recorder365
1
Dragon366
1
Snort366
3
Packet-Filtering Firewalls373
1
Stateful-Inspection Firewalls374
1
Proxy-Based Firewalls375
1
Network Address Translation
375
1
Firewalls and Virtual Private Networks
379
4
Case Study: Internet Information Server Exploit-MDAC380
3
Denial-of-Service Attacks
383
36
Resource Exhaustion Attacks
386
4
Papasmurf386
1
Trash2387
1
Igmpofdeath.c388
1
Fawx388
1
OBSD_fun389
1
Mutilate390
1
Pepsi5391
1
Synful391
1
Synk4392
1
Naptha392
1
IP Fragmentation Attacks
393
3
Jolt2394
1
Teardrop395
1
Syndrop395
1
Newtear396
1
Distributed Denial-of-Service Attacks
396
9
Tribe Flood Network 2000399
1
Trin00400
2
Stacheldraht402
2
Usage404
1
Application-Based DoS Attacks
405
7
Up Yours406
2
Wingatecrash408
1
WinNuke408
1
BitchSlap409
1
DOSNuke410
1
Shutup410
1
Web Server DoS Attacks410
2
Concatenated DoS Tools
412
4
CyberCop412
1
ISS Internet Scanner413
2
Toast415
1
Spike.sh5.3416
1
Web Sites423
1
Maling Lists424
9
Two- and Three-Factor Authentication434
1
Biometrics434
2
Token-Based Authentication436
1
Directory Services436
1
Public Key Infrastructure
438
1
Government Regulation
440
1
Cyber-Crime Insurance
442
3
Appendix A CD-ROM Contents
445
6
Appendix B The Twenty Most Critical Internet Security Vulnerabilities-The Experts' Consensus
451
46
<