When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm. What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle. Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works.
Preface Part I. Software Cracking 1. Assembly Language Registers ASM Opcodes References 2. Windows Reverse Engineering History of RCE Reversing Tools Reverse Engineering Examples References 3. Linux Reverse Engineering Basic Tools and Techniques A Good Disassembly Problem Areas Writing New Tools References 4. Windows CE Reverse Engineering Windows CE Architecture CE Reverse Engineering Fundamentals Practical CE Reverse Engineering Reverse Engineering serial.exe References 5. Overflow Attacks Buffer Overflows Understanding Buffers Smashing the Stack Heap Overflows Preventing Buffer Overflows A Live Challenge References Part II. Network Stalking 6. TCP/IP Analysis A Brief History of TCP/IP Encapsulation TCP IP UDP ICMP ARP RARP BOOTP DHCP TCP/IP Handshaking Covert Channels IPv6 Ethereal Packet Analysis Fragmentation References 7. Social Engineering Background Performing the Attacks Advanced Social Engineering References 8. Reconnaissance Online Reconnaissance Conclusion References 9. OS Fingerprinting Telnet Session Negotiation TCP Stack Fingerprinting Special-Purpose Tools Passive Fingerprinting Fuzzy Operating System Fingerprinting TCP/IP Timeout Detection References 10. Hiding the Tracks From Whom Are You Hiding? Postattack Cleanup Forensic Tracks Maintaining Covert Access References Part III. Platform Attacks 11. Unix Defense Unix Passwords File Permissions System Logging Network Access in Unix Unix Hardening Unix Network Defense References 12. Unix Attacks Local Attacks Remote Attacks Unix Denial-of-Service Attacks References 13. Windows Client Attacks Denial-of-Service Attacks Remote Attacks Remote Desktop/Remote Assistance References 14. Windows Server Attacks Release History Kerberos Authentication Attacks Kerberos Authentication Review Defeating Buffer Overflow Prevention Active Directory Weaknesses Hacking PKI Smart Card Hacking Encrypting File System Changes Third-Party Encryption References 15. SOAP XML Web Services Security XML Encryption XML Signatures Reference Part IV. Advanced Defense 16. SQL Injection Introduction to SQL SQL Injection Attacks SQL Injection Defenses PHP-Nuke Examples References 17. Wireless Security Reducing Signal Drift Problems with WEP Cracking WEP Practical WEP Cracking VPNs TKIP SSL Airborne Viruses References 18. Audit Trail Analysis Log Analysis Basics Log Examples Logging States When to Look at the Logs Log Overflow and Aggregation Challenge of Log Analysis Security Information Management Global Log Aggregation References 19. Intrusion Detection Systems IDS Examples Bayesian Analysis Hacking Through IDSs The Future of IDSs Snort IDS Case Study IDS Deployment Issues References 20. Honeypots Motivation Building the Infrastructure Capturing Attacks References 21. Incident Response Case Study: Worm Mayhem Definitions Incident Response Framework Small Networks Medium-Sized Networks Large Networks References 22. Forensics and Antiforensics Hardware Review Information Detritus Forensics Tools Bootable Forensics CD
