Halting the Hacker
A Practical Guide to Computer Security
Published on 7. January 1997
Book
Mixed media product
224 pages
978-0-13-243718-9 (ISBN)
Description
24371-7 To safeguard your company's data, think like a hacker! When it comes to computer security, your livelihood and your company's future are on the line. It's not enough to simply follow a security "cookbook" : you need to get into the mind of your adversary, the hacker. In Halting the Hacker, a leading Fortune 500 security consultant shows you the approaches and techniques hackers use to gain access, privileges, and control of your UNIX system. You'll learn to look at your system the way a hacker does, identifying potential vulnerabilities. You'll learn what specific countermeasures to take now. Even more important, you'll learn how to recognize and respond to future security concerns-before they become catastrophes.You'll discover: *How hackers transform minor oversights into major security breaches *How hackers cover their tracks while leaving "back doors" into your system *How to protect your system against disgruntled or dishonest insiders *How to detect break-ins-and what to do next Halting the Hacker even includes an exclusive CD-ROM software library of tools to detect and eliminate security problems, and a comprehensive information archive on security and hacker-related topics.
If you're responsible for the security of a UNIX computer system, you're up against some extraordinarily smart and persistent adversaries. You need to even the odds. You need Halting the Hacker.
If you're responsible for the security of a UNIX computer system, you're up against some extraordinarily smart and persistent adversaries. You need to even the odds. You need Halting the Hacker.
More details
Language
English
Place of publication
Upper Saddle River
United States
Publishing group
Pearson Education (US)
Target group
College/higher education
Dimensions
Height: 234 mm
Width: 178 mm
Thickness: 17 mm
Weight
469 gr
ISBN-13
978-0-13-243718-9 (9780132437189)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
New editions
Book
09/2002
2nd Edition
Prentice Hall
€41.44
Article is exhausted; no reprint
Content
1. WHERE THE HACKER STARTS.
1. Understanding Hackers.
Know the Hacker. About the System Manager. Know the System. Know the Law. Computer Crime. Know the Risk. Epilogue.
Sidebar 1: The History of Hacking.
2. Information: The Hacker's Best Tool.
Gathering Information from People. Going On-Site. Gathering Information from the Computer. Gathering Information from the Experts. Gathering Information from Other Hackers. Epilogue.
3. How the Hacker Gains Access.
Serial Line Access. Gaining Network Access. Using Network Access. Epilogue.
Sidebar 2: Understanding Password Cracking.
4. How the Hacker Gains Privileges.
Getting a User's Password. Finding Passwords in Clear Text. Having Another User Run a Program. Exploiting Permission Vulnerabilities. Exploiting Hardware Vulnerabilities. Exploiting Software Vulnerabilities. Epilogue.
2. THE HACKER AT WORK.
5. Watching the Hacker Watch You.
Connection Monitoring. Process Monitoring. Information Monitoring. Security Monitoring. Epilogue.
Sidebar 3: The History of UNIX.
6. How the Hacker Covers His Tracks.
Connection Hiding. Process Hiding. Information Doctoring. Changing Time. Beware of Backups. Epilogue.
7. Backdoors.
Network Services. Loosening Permissions. Modifying Source Code. Software Developers. Security Tools. Epilogue.
Sidebar 4: Understanding UNIX File Permissions.
8. Keeping the Hacker Contained.
Finding Other Systems. Finding Out About Users. Accessing the System over the Network. Epilogue.
9. The Hacker's Goal.
Gathering Information. Compromising Information. Utilizing Resources. Using Malicious Code. Epilogue.
Sidebar 5: Understanding UNIX Accounts.
3. HALTING THE HACKER.
10. Protecting the System.
Limit Information. Restrict Access. Keep the System Current. Remove Tools for Hackers. Epilogue.
11. Detecting Break-Ins.
Determining When a Security Incident Has Occurred. Determining the Severity of a Security Incident. Hacker Profile. Detection Software. System Monitoring. File System Monitoring. Determining the Scope of Damage. Determining the Length of the Security Incident. Epilogue.
Sidebar 6: Creating an Information Security Policy.
12. Responding to a Security Incident.
Restoration of Services. Securing the System. Finding a Hacker. Legal Prosecution. Public Relations. Process Improvement. Epilogue.
APPENDICES.
Appendix A. Computer Security Organizations.
Appendix B. Other Sources of Information.
Printed Periodicals. On-line Periodicals (Mail Lists). News Groups.
Appendix C. About the CD-ROM.
Information Archive. Software Tools.
Glossary.
Index.
1. Understanding Hackers.
Know the Hacker. About the System Manager. Know the System. Know the Law. Computer Crime. Know the Risk. Epilogue.
Sidebar 1: The History of Hacking.
2. Information: The Hacker's Best Tool.
Gathering Information from People. Going On-Site. Gathering Information from the Computer. Gathering Information from the Experts. Gathering Information from Other Hackers. Epilogue.
3. How the Hacker Gains Access.
Serial Line Access. Gaining Network Access. Using Network Access. Epilogue.
Sidebar 2: Understanding Password Cracking.
4. How the Hacker Gains Privileges.
Getting a User's Password. Finding Passwords in Clear Text. Having Another User Run a Program. Exploiting Permission Vulnerabilities. Exploiting Hardware Vulnerabilities. Exploiting Software Vulnerabilities. Epilogue.
2. THE HACKER AT WORK.
5. Watching the Hacker Watch You.
Connection Monitoring. Process Monitoring. Information Monitoring. Security Monitoring. Epilogue.
Sidebar 3: The History of UNIX.
6. How the Hacker Covers His Tracks.
Connection Hiding. Process Hiding. Information Doctoring. Changing Time. Beware of Backups. Epilogue.
7. Backdoors.
Network Services. Loosening Permissions. Modifying Source Code. Software Developers. Security Tools. Epilogue.
Sidebar 4: Understanding UNIX File Permissions.
8. Keeping the Hacker Contained.
Finding Other Systems. Finding Out About Users. Accessing the System over the Network. Epilogue.
9. The Hacker's Goal.
Gathering Information. Compromising Information. Utilizing Resources. Using Malicious Code. Epilogue.
Sidebar 5: Understanding UNIX Accounts.
3. HALTING THE HACKER.
10. Protecting the System.
Limit Information. Restrict Access. Keep the System Current. Remove Tools for Hackers. Epilogue.
11. Detecting Break-Ins.
Determining When a Security Incident Has Occurred. Determining the Severity of a Security Incident. Hacker Profile. Detection Software. System Monitoring. File System Monitoring. Determining the Scope of Damage. Determining the Length of the Security Incident. Epilogue.
Sidebar 6: Creating an Information Security Policy.
12. Responding to a Security Incident.
Restoration of Services. Securing the System. Finding a Hacker. Legal Prosecution. Public Relations. Process Improvement. Epilogue.
APPENDICES.
Appendix A. Computer Security Organizations.
Appendix B. Other Sources of Information.
Printed Periodicals. On-line Periodicals (Mail Lists). News Groups.
Appendix C. About the CD-ROM.
Information Archive. Software Tools.
Glossary.
Index.