Hacking For Dummies
Description
Think like a hacker to protect your sensitive information
To safeguard your private data from prying eyes, it helps to understand how hackers do what they do. Hacking For Dummies gives you the tools you need to step into a hacker's shoes and discover the best strategies to secure your data. You won't learn how to steal your neighbors' Wi-Fi, but you will gain the skills to keep nosy hackers out of your systems and applications. With clear, jargon-free explanations, you'll learn to recognize cyberthreats and keep your information safe. This updated edition includes new content on AI, the Internet of Things (IoT), and the security implications of hybrid work.
- Understand the tools hackers use to steal sensitive data from individuals and businesses
- Discover methods of protecting your information-including improving your security, recognizing phishing scams, and more
- Assess your current network and cloud configurations from a hacker's perspective using proven vulnerability and penetration testing techniques
- Defend against AI-generated scams, lost devices, and other common threats
Hacking For Dummies is for anyone looking to protect their devices from hacking-at home, at the office, or anywhere in-between.
More details
Other editions
Additional editions
Person
Kevin Beaver is an information security consultant, writer, and professional speaker with nearly four decades of experience in information technology. He's the founder of Principle Logic, LLC, an independent information security company that focuses on vulnerability and penetration testing, security operations reviews, and virtual CISO consulting services.
Content
Introduction 1
Part 1: Building the Foundation for Security Testing 5
Chapter 1: Introduction to Vulnerability and Penetration Testing 7
Chapter 2: Cracking the Hacker Mindset 27
Chapter 3: Developing Your Security Testing Plan 41
Chapter 4: Hacking Methodology 55
Part 2: Putting Security Testing in Motion 67
Chapter 5: Information Gathering 69
Chapter 6: Social Engineering 79
Chapter 7: Physical Security 97
Chapter 8: Passwords 109
Part 3: Hacking Network Hosts 141
Chapter 9: Network Infrastructure Systems 143
Chapter 10: Wireless Networks 175
Chapter 11: Mobile Devices 203
Part 4: Hacking Operating Systems 217
Chapter 12: Windows 219
Chapter 13: Linux and macOS 247
Part 5: Hacking Applications 271
Chapter 14: Email Systems 273
Chapter 15: Web Applications and Mobile Apps 293
Chapter 16: Databases and Storage Systems 321
Part 6: Security Testing Aftermath 233
Chapter 17: Reporting Your Results 335
Chapter 18: Plugging Your Security Holes 343
Chapter 19: Managing Security Processes 351
Part 7: The Part of Tens 259
Chapter 20: Ten Tips for Getting Security Buy-In 361
Chapter 21: Ten Reasons Hacking Is the Only Effective Way to Test 367
Chapter 22: Ten Deadly Mistakes. 371
Index 377
Chapter 1
Introduction to Vulnerability and Penetration Testing
IN THIS CHAPTER
Understanding hackers' and malicious users' objectives
Examining how the security testing process came about
Recognizing what endangers your computer systems
Understanding how artificial intelligence can help
Starting to use the process for security testing
This book is about testing your computers and networks for security vulnerabilities and plugging the holes you find before the bad guys get a chance to exploit them. Understanding the concepts in this chapter is your first step in this process.
Straightening Out the Terminology
Everyone has heard of hackers and malicious users. Many people have even suffered the consequences of their criminal actions. Who are these people, and why do you need to know about them? The next few sections give you the lowdown on these attackers.
In this book, I use the following terminology:
- Hackers (or external attackers, often called black-hat hackers) try to compromise computers, sensitive information, and even entire networks for ill-gotten gains - usually from the outside - as unauthorized users. Hackers go for almost any system they think they can compromise. Some prefer prestigious, well-protected systems, but hacking into anyone's system increases an attacker's status in hacker circles.
-
Malicious users (internal attackers) try to compromise computers and sensitive information from the inside as authorized and trusted users. Malicious users go for systems that they believe they can compromise for ill-gotten gains or revenge, because they may have access or knowledge of a system that gives them a leg up. Plus, they know that their efforts will often go undetected because they usually already have credentials into the systems they wish to exploit.
Malicious attackers are, generally speaking, both hackers and malicious users. For the sake of simplicity, I refer to both as hackers and specify hacker or malicious user only when I need to differentiate and drill down further into their unique tools, techniques, and ways of thinking.
- Ethical hackers (or good guys), often referred to as white-hat hackers or penetration testers, hack systems to discover vulnerabilities to protect against unauthorized access, abuse, and misuse. Information security researchers, consultants, and internal staff fall into this category. These ethical hackers often work as part of a red team within an organization whose purpose is to find and exploit vulnerabilities across the entire network, companywide. Sometimes red team security professionals will work in conjunction with what's referred to as a blue team that specializes in security defense or a purple team that does both to provide a unified approach to security offense and defense.
Hacker
Hacker has two meanings:
- Traditionally, hackers like to tinker with software or electronic systems. Hackers enjoy exploring and learning how computer systems operate. They love discovering new ways to work - both mechanically and electronically.
-
Over the years, hacker has taken on a new meaning: someone who maliciously breaks into systems for personal gain. Technically, these criminals are crackers (criminal hackers). These "crackers" break into - or crack - systems with malicious intent. They seek fame, intellectual property, profit, or even revenge. They modify, delete, and steal critical information, and they spread ransomware and take entire networks offline, often bringing large corporations and government agencies to their knees.
Don't get me started on how pop culture and the media have hijacked the word hack, from life hacking to so-called election meddling. Marketers, politicians, and media strategists know that the average person doesn't understand the term hacking, so many of them use it however they desire to achieve their goals. Don't be distracted.
The good-guy (white-hat) hackers don't like being lumped in the same category as the bad-guy (black-hat) hackers. (In case you're curious, the white hat and black hat come from old Western TV shows in which the good guys wore white cowboy hats and the bad guys wore black cowboy hats.) Gray-hat hackers are a bit of both. Whatever the case, the word hacker often has a negative connotation.
Many malicious hackers claim that they don't cause damage but help others for the greater good of society. Yeah, whatever. Malicious hackers are electronic miscreants and deserve the consequences of their actions.
Be careful not to confuse criminal hackers with security researchers. Researchers not only hack aboveboard and develop the amazing tools that we get to use in our work, but they also (usually) take responsible steps to disclose their findings and publish their code. Unfortunately, a war is going on against legitimate information security research, and the tools and techniques are often questioned by government agencies. Some people are even forced to remove these tools from their websites.
Malicious user
A malicious user - meaning a rogue employee, contractor, intern, or other user who abuses their trusted privileges - is a common term in security circles and in headlines about information breaches. The issue isn't necessarily users hacking internal systems but users who abuse the computer access privileges they've been given. Users ferret through critical database systems to glean sensitive information, email confidential client information to the competition or elsewhere to the cloud to save for later, or delete sensitive files from servers that they probably didn't need to have access to in the first place.
Sometimes, an innocent (or ignorant) insider whose intent isn't malicious still causes security problems by moving, deleting, or corrupting sensitive information. Even an innocent fat finger on the keyboard can have dire consequences in the business world. Think about all the ransomware infections affecting businesses around the world. All it takes is one click by a careless user for your entire network to be affected.
Malicious users are often the worst enemies of IT and information security professionals because they know exactly where to go to get the goods and don't need to be computer-savvy to compromise sensitive information. These users have the access they need, and management trusts them - often without question.
Recognizing How Malicious Attackers Beget Ethical Hackers
You need protection from hacker shenanigans. Along the lines of what my father taught me about being smarter than the machine you're working on, you have to become as savvy as the guys who are trying to attack your systems. A true IT or security professional possesses the skills, mindset, and tools of a hacker but is trustworthy. They perform hacks as security tests against systems based on how hackers think and work and make tireless efforts to protect the organizations' network and information assets.
Ethical hacking (more commonly known as vulnerability and penetration testing in the business world) involves the same tools, tricks, and techniques that criminal hackers use, with one major difference: It's performed with the target's permission in a professional setting. The intent of this testing is to discover vulnerabilities from a malicious attacker's viewpoint to better secure systems. Vulnerability and penetration testing is part of an overall information risk management program that allows for ongoing security improvements. This security testing can also ensure that vendors' claims about the security of their products are legitimate.
SECURITY TESTING CERTIFICATIONS
If you perform vulnerability and penetration tests and want to add another certification to your credentials, you may want to consider becoming a Certified Ethical Hacker (C|EH) through a certification program by EC-Council. See www.eccouncil.org for more information. Like Certified Information Systems Security Professional (CISSP), the C|EH certification is a well-known, respected certification in the industry, accredited by the American National Standards Institute (ANSI 17024).
Other options include the SANS Global Information Assurance Certification (GIAC) program and the Offensive Security Certified Professional (OSCP) program, a hands-on security testing certification. I love the approach of the certifications, as all too often, people who perform this type of work don't have the proper hands-on experience with the tools and techniques to do it well. See www.giac.org, and www.offsec.com for more information.
Vulnerability and penetration testing versus auditing
Many people confuse security testing via vulnerability and penetration testing with security auditing, but big differences exist in the objectives. Security auditing involves comparing a company's security policies (or compliance requirements) with what's actually taking place. The intent of security auditing is to validate that...
