1. Book Review
Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition
Authors: Stuart McClure, Joel Scambray, and George Kurtz
Published: February 2003
Paperback, 784 pages plus companion DVD and Web site
"Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition" begins with a case study about the deployment of Network Security Monitoring. NSM consists of the "collection, analysis, and escalation of indications and warnings to detect and respond to intrusions." Based on "signals intelligence collection methods" pioneered by the US Air Force, NSM lets you monitor your network and build a complete picture of suspicious behavior. After reading the case study, readers will understand the consequences that can occur if the correct levels of network security aren't in place.
"Hacking Exposed: Network Security Secrets & Solutions" targets administrators who are charged with the responsibility of securing their corporate network from attack from both malicious and mischievous intruders. Designed to help administrators adopt a proactive approach to security concerns, the book includes strategies for covering all the Windows OSs (i.e., Windows Server 2003, Windows 2000, Windows NT, Windows Me, and Windows 9x), as well as Novell Netware 6, UNIX, and Linux.
The fourth edition contains new material, including a chapter devoted to attacks on 802.11 wireless networks and a review of the latest network hacking methods: tracerouting, dsniff, linsniff, Address Resolution Protocol (ARP), SNMP, and Routing Information Protocol (RIP). Other chapters in the book have been revised or rewritten. For example, Chapter 15, "Web Hacking," has been updated to include new developments that apply to Web server hacking and Web application hacking.
Part I, "Casing the Establishment," discusses an intruder trying to determine whether he can get into the system he's attacking. The attack includes footprinting, in which the intruder attempts to build a comprehensive profile of a company's security procedures. This section of the book discusses network reconnaissance and scanning the system to detect, among other things, its OS.
Parts II, III, and IV are dedicated to three forms of attacks: system hacking, network hacking, and software hacking. Within the system hacking section, chapters investigate hacking the NT family of operating environments, Windows Me, Win9x, NetWare, and UNIX systems.
Intruders don't limit their attacks to large companies and organizations--anyone who uses the Internet can become a victim. To minimize your exposure when surfing the Web, I recommend that you read Chapter 16,"Hacking the Internet User." This chapter describes the vulnerabilities associated with being online. Most of us use Web browsers, email readers, and a variety of Internet client software every day, so learning more about this particular type of attack is vital.
Wireless technology has become increasingly popular in recent years. The book's authors report that in 1999, approximately 1.4 million wireless LAN (WLAN) transceivers were in operation around the globe; only 1 year later, that number had grown to just under 5 million. By 2006, an estimated 56 million WLAN transceivers will be in operation worldwide. To cater to the growing interest in wireless technology, Part III, "Network Hacking," includes a chapter about hacking wireless networks. Other types of attacks discussed include dial-up, PBX, voicemail, and VPN. The authors also discuss firewalls and Denial of Service (DoS) attacks.
The book includes a "Ports" appendix that lists the services or applications associated with ports and protocols; you can use this information to identify holes in a system. Another appendix graphically displays the top 14 security vulnerabilities that companies and organizations face--for example, user or test accounts that have been set up with an excessive number of privileges.
One of the book's highlights is that each part starts with a short case study based on real-life attacks. These case studies, which detail recent attacks, are new to this edition. For example, the case study that begins the book's "Software Hacking" section reveals how a disgruntled exemployee was able to pinpoint weaknesses in a system he was familiar with and gain access to the entire corporate network.
When it comes to network security, you should adopt the approach embodied in the book's opening sentence: "The enemy is ignorance." By reading and carefully studying the advice and techniques contained in this book and, most important, by putting them into practice, you'll be armed with the knowledge you need to keep attackers at bay.
A companion DVD contains presentations the authors have given at conferences around the world. After watching the DVD, you'll better understand the mentality of intruders. When you visit the book's companion Web site (http://www.hackingexposed.com), you can read the book's table of contents by clicking the Contents link. You won't find a sample chapter there, but you’ll find one on the publisher's Web site (http://www.osborne.com). By searching on the book's ISBN number (0072227427), you’ll be able to read Chapter 3, "Enumeration," which describes the process intruders use to look for weaknesses in the online services that they want to attack.
The Tools, Scripts, and Links sections of the companion Web site include other examples of the types of information the book provides. The tools that the book discusses fall into the categories of defensive and hacking tools. The site's Scripts section provides three Perl scripts that automate the process of enumeration and scanning. The Links section contains a handy collection of Web site names and addresses conveniently organized into categories such as conferences, dictionaries, encryption, famous hacks, footprinting, and gateway services.
For readers who might wonder whether attackers can benefit from this book, the authors have this to say: "Face it, hackers already know this stuff; we aren't showing them anything new. Quite simply, we are providing the reader with a glimpse into the mind and mechanics of the hacker."
I agree. After you read this book, you'll know more about malicious attackers, and you'll be better able to counter their attempts to access your network.