Security Power Tools

Name: Security Power Tools
Author: Bryan Burns

Specificaties

Paperback, 822 blz. | Engels

O'Reilly | 1e druk, 2007

ISBN13: 9780596009632

Rubricering

Hoofdrubriek : Computer en informatica

Juridisch : Computer en informatica

O'Reilly 1e druk, 2007 9780596009632

Gratis verzonden | Verwachte levertijd ongeveer 16 werkdagen

68,46

In winkelwagen

Samenvatting

What if you could sit down with some of the most talented security engineers in the world and ask any network security question you wanted? 'Security Power Tools' lets you do exactly that! Members of Juniper Networks' Security Engineering team and a few guest experts reveal how to use, tweak, and push the most popular network security applications, utilities, and tools available using Windows, Linux, Mac OS X, and Unix platforms.

Designed to be browsed, 'Security Power Tools' offers you multiple approaches to network security via 23 cross-referenced chapters that review the best security tools on the planet for both black hat techniques and white hat defense tactics. It's a must-have reference for network administrators, engineers and consultants with tips, tricks, and how-to advice for an assortment of freeware and commercial tools, ranging from intermediate level command-line operations to advanced programming of self-hiding exploits.

'Security Power Tools' details best practices for:
- Reconnaissance - including tools for network scanning such as nmap; vulnerability scanning tools for Windows and Linux; LAN reconnaissance; tools to help with wireless reconnaissance; and custom packet generation
- Penetration - such as the Metasploit framework for automated penetration of remote computers; tools to find wireless networks; exploitation framework applications; and tricks and tools to manipulate shellcodes
- Control - including the configuration of several tools for use as backdoors; and a review of known rootkits for Windows and Linux
- Defense - including host-based firewalls; host hardening for Windows and Linux networks; communication security with ssh; email security and anti-malware; and device security testing
- Monitoring - such as tools to capture, and analyze packets; network monitoring with Honeyd and snort; and host monitoring of production servers for file changes
- Discovery - including The Forensic Toolkit, SysInternals and other popular forensic tools; application fuzzer and fuzzing techniques; and the art of binary reverse engineering using tools like Interactive Disassembler and Ollydbg

A practical and timely network security ethics chapter written by a Stanford University professor of law completes the suite of topics and makes this book a goldmine of security information. Save yourself a ton of headaches and be prepared for any network security dilemma with Security Power Tools.

Specificaties

ISBN13:9780596009632

Taal:Engels

Bindwijze:paperback

Aantal pagina's:822

Uitgever:O'Reilly

Druk:1

Hoofdrubriek:Computer en informatica

Inhoudsopgave

Foreword
Credits
Preface

Part 1: Legal and Ethics
1. Legal and Ethics Issues
1.1 Core Issues
1.2 Computer Trespass Laws: No "Hacking" Allowed
1.3 Reverse Engineering
1.4 Vulnerability Reporting
1.5 What to Do from Now On

Part 2: Reconnaissance
2. Network Scanning
2.1 How Scanners Work
2.2 Superuser Privileges
2.3 Three Network Scanners to Consider
2.4 Host Discovery
2.5 Port Scanning
2.6 Specifying Custom Ports
2.7 Specifying Targets to Scan
2.8 Different Scan Types
2.9 Tuning the Scan Speed
2.10 Application Fingerprinting
2.11 Operating System Detection
2.12 Saving Nmap Output
2.13 Resuming Nmap Scans
2.14 Avoiding Detection
2.15 Conclusion
3. Vulnerability Scanning
3.1 Nessus
3.2 Nikto
3.3 WebInspect
4. LAN Reconnaissance
4.1 Mapping the LAN
4.2 Using ettercap and arpspoof on a Switched Network
4.3 Dealing with Static ARP Tables
4.4 Getting Information from the LAN
4.5 Manipulating Packet Data
5. Wireless Reconnaissance
5.1 Get the Right Wardriving Gear
5.2 802.11 Network Basics
5.3 802.11 Frames
5.4 How Wireless Discovery Tools Work
5.5 Netstumbler
5.6 Kismet at a Glance
5.7 Using Kismet
5.8 Sorting the Kismet Network List
5.9 Using Network Groups with Kismet
5.10 Using Kismet to Find Networks by Probe Requests
5.11 Kismet GPS Support Using gpsd
5.12 Looking Closer at Traffic with Kismet
5.13 Capturing Packets and Decrypting Traffic with Kismet
5.14 Wireshark at a Glance
5.15 Using Wireshark
5.16 AirDefense Mobile
5.17 AirMagnet Analyzers
5.18 Other Wardriving Tools
6. Custom Packet Generation
6.1 Why Create Custom Packets?
6.2 Hping
6.3 Scapy
6.4 Packet-Crafting Examples with Scapy
6.5 Packet Mangling with Netfilter
6.6 References

Part 3: Penetration
7. Metasploit
7.1 Metasploit Interfaces
7.2 Updating Metasploit
7.3 Choosing an Exploit
7.4 Choosing a Payload
7.5 Setting Options
7.6 Running an Exploit
7.7 Managing Sessions and Jobs
7.8 The Meterpreter
7.9 Security Device Evasion
7.10 Sample Evasion Output
7.11 Evasion Using NOPs and Encoders
7.12 In Conclusion
8. Wireless Penetration
8.1 WEP and WPA Encryption
8.2 Aircrack
8.3 Installing Aircrack-ng
8.4 Running Aircrack-ng
8.5 Airpwn
8.6 Basic Airpwn Usage
8.7 Airpwn Configuration Files
8.8 Using Airpwn on WEP-Encrypted Networks
8.9 Scripting with Airpwn
8.10 Karma
8.11 Conclusion
9. Exploitation Framework Applications
9.1 Task Overview
9.2 Core Impact Overview
9.3 Network Reconnaissance with Core Impact
9.4 Core Impact Exploit Search Engine
9.5 Running an Exploit
9.6 Running Macros
9.7 Bouncing Off an Installed Agent
9.8 Enabling an Agent to Survive a Reboot
9.9 Mass Scale Exploitation
9.10 Writing Modules for Core Impact
9.11 The Canvas Exploit Framework
9.12 Porting Exploits Within Canvas
9.13 Using Canvas from the Command Line
9.14 Digging Deeper with Canvas
9.15 Advanced Exploitation with MOSDEF
9.16 Writing Exploits for Canvas
9.17 Exploiting Alternative Tools
10. Custom Exploitation
10.1 Understanding Vulnerabilities
10.2 Analyzing Shellcode
10.3 Testing Shellcode
10.4 Creating Shellcode
10.5 Disguising Shellcode
10.6 Execution Flow Hijacking
10.7 References

Part 4: Control
11. Backdoors
11.1 Choosing a Backdoor
11.2 VNC
11.3 Creating and Packaging a VNC Backdoor
11.4 Connecting to and Removing the VNC Backdoor
11.5 Back Orifice 2000
11.6 Configuring a BO2k Server
11.7 Configuring a BO2k Client
11.8 Adding New Servers to the BO2k Workspace
11.9 Using the BO2k Backdoor
11.10 BO2k Powertools
11.11 Encryption for BO2k Communications
11.12 Concealing the BO2k Protocol
11.13 Removing BO2k
11.14 A Few Unix Backdoors
12. Rootkits
12.1 Windows Rootkit: Hacker Defender
12.2 Linux Rootkit: Adore-ng
12.3 Detecting Rootkits Techniques
12.4 Windows Rootkit Detectors
12.5 Linux Rootkit Detectors
12.6 Cleaning an Infected System
12.7 The Future of Rootkits

Part 5: Defense
13. Proactive Defense: Firewalls
13.1 Firewall Basics
13.2 Network Address Translation
13.3 Securing BSD Systems with ipfw/natd
13.4 Securing GNU/Linux Systems with netfilter/iptables
13.5 Securig Windows Systems with Windows Firewall/Internet Connection Sharing
13.6 Verifying Your Coverage
14. Host Hardening
14.1 Controlling Services
14.2 Turning Off What You Do Not Need
14.3 Limiting Access
14.4 Limiting Damage
14.5 Bastille Linux
14.6 SELinux
14.7 Password Cracking
14.8 Chrooting
14.9 Sandboxing with OS Virtualization
15. Securing Communications
15.1 The SSH-2 Protocol
15.2 SSH Configuration
15.3 SSH Authentication
15.4 SSH Shortcomings
15.5 SSH Troubleshooting
15.6 Remote File Access with SSH
15.7 SSH Advanced Use
15.8 Using SSH Under Windows
15.9 File and Email Signing and Encryption
15.10 GPG
15.11 Create Your GPG Keys
15.12 Encryption and Signature with GPG
15.13 PGP Versus GPG Compatibility
15.14 Encryption and Signature with S/MIME
15.15 Stunnel
15.16 Disk Encryption
15.17 Windows Filesystem Encryption with PGP Disk
15.18 Linux Filesystem Encryption with LUKS
15.19 Conclusion
16. Email Security and Anti-Spam
16.1 Norton Antivirus
16.2 The ClamAV Project
16.3 ClamWin
16.4 Freshclam
16.5 Clamscan
16.6 clamd and clamdscan
16.7 ClamAV Virus Signatures
16.8 Procmail 16.9 Basic Procmail Rules
16.10 Advanced Procmail Rules
16.11 ClamAV with Procmail
16.12 Unsolicited Email
16.13 Spam Filtering with Bayesian Filters
16.14 SpamAssassin
16.15 SpamAssassin Rules
16.16 Plug-ins for SpamAssassin
16.17 SpamAssassin with Procmail
16.18 Anti-Phishing Tools
16.19 Conclusion
17. Device Security Testing
17.1 Replay Traffic with Tcpreplay
17.2 Traffic IQ Pro
17.3 ISIC Suite
17.4 Protos

Part 6 : Monitoring
18. Network Capture
18.1 tcpdump
18.2 Ethereal/Wireshark
18.3 pcap Utilities: tcpflow and Netdude
18.4 Python/Scapy Script Fixes Checksums
18.5 Conclusion
19. Network Monitoring
19.1 Snort
19.2 Implementing Snort
19.3 Honeypot Monitoring
19.4 Gluing the Stuff Together
20. Host Monitoring
20.1 Using File Integrity Checkers
20.2 File Integrity Hashing
20.3 The Do-It-Yourself Way with rpmverify
20.4 Comparing File Integrity Checkers
20.5 Prepping the Environment for Samhain and Tripwire
20.6 Database Initialization with Samhain and Tripwire
20.7 Securing the Baseline Storage with Samhain and Tripwire
20.8 Running Filesystem Checks with Samhain and Tripwire
20.9 Managing File Changes and Updating Storage Database with Samhain and Tripwire
20.10 Recognizing Malicious Activity with Samhain and Tripwire
20.11 Log Monitoring with Logwatch
20.12 Improving Logwatch's Filters
20.13 Host Monitoring in Large Environments with Prelude-IDS
20.14 Conclusion

Part 7 : Discovery
21. Forensics
21.1 Netstat
21.2 The Forensic ToolKit
21.3 Sysinternals
22. Application Fuzzing
22.1 Which Fuzzer to Use
22.2 Different Types of Fuzzers for Different Tasks
22.3 Writing a Fuzzer with Spike
22.4 The Spike API
22.5 File-Fuzzing Apps
22.6 Fuzzing Web Applications
22.7 Configuring WebProxy
22.8 Automatic Fuzzing with WebInspect
22.9 Next-Generation Fuzzing
22.10 Fuzzing or Not Fuzzing
23. Binary Reverse Engineering
23.1 Interactive Disassembler
23.2 Sysinternals
23.3 OllyDbg
23.4 Other Tools

Index