Anti-Hacker Tool Kit, Third Edition
1st Edition
Published on 8. February 2006
1019 pages
978-0-07-148691-0 (ISBN)
Description
Completely revised to include the latest security tools, including wireless tools New tips on how to configure the recent tools on Linux, Windows, and Mac OSX New on the CD-ROM -- Gnoppix, a complete Linux system, ClamAV anti-virus, Cain, a multi-function hacking tool, Bluetooth tools, protocol scanners, forensic tools, and more New case studies in each chapter
More details
Other editions
Additional editions
Mike Shema | Chris Davis
Anti-Hacker Tool Kit, Third Edition
Book
03/2006
3rd Edition
McGraw-Hill Professional
€51.24
Article exhausted; check for reprint
Content
- Cover Page
- Anti-Hacker Tool Kit
- Copyright Page
- Contents
- Acknowledgments
- Introduction
- Part I Multifunctional Tools
- 1 Netcat and Cryptcat
- Netcat
- Implementation
- Netcat6
- Implementation
- Netcat's 101 Uses
- Cryptcat
- SBD
- 2 The X Window System
- Choosing a Window Manager
- A Client/Server Model
- How Remote X Servers and Clients Communicate
- Securing X Hosts with xhost and xauth
- Xhost
- Xauth
- Securing X Communications with Secure Shell
- The Other Important Players
- Xdm
- Xinit and Startx
- Xserver
- Using X on Windows and Mac OS X
- Now You Know.
- 3 Virtual Machines & Emulators
- VMware
- Download and Installation
- Configuration
- Implementation
- Open-Source Alternatives
- Virtual PC
- Configuration
- Implementation
- Gnoppix
- Configuration
- Implementation
- Cygwin
- Download and Installation
- Implementation
- Part II Tools for Auditing and Defending the Hosts
- 4 Port Scanners
- Nmap
- Implementation
- THC-Amap
- Implementation
- IpEye
- Implementation
- WUPS
- Implementation
- ScanLine
- Implementation
- 5 Unix Enumeration Tools
- Samba
- Smbclient
- Nmblookup
- Rpcclient
- Finger
- Implementation
- Rpcinfo
- Implementation
- showmount
- Implementation
- R-tools
- Rlogin, Rsh, and Rcp
- R-tools Insecurity
- Rwho
- Rexec
- who, w, and last
- who
- w
- last
- 6 Windows Enumeration Tools
- Net Tools
- Implementation
- NBTStat
- Implementation
- Retrieving a MAC Address
- Winfingerprint
- Implementation
- Running a Development Build
- Returning to the Command Line
- GetUserInfo
- Implementation
- Enum
- Implementation
- PsTools
- Implementation
- MBSA Version 2
- Implementation
- 7 Web Hacking Tools
- Vulnerability Scanners
- Nikto
- LibWhisker
- All-purpose Tools
- Curl
- OpenSSL
- Stunnel
- Application Inspection
- Paros Proxy
- Burp Proxy
- Wget
- 8 Password Cracking / Brute-Force Tools
- PAM and Unix Password Policies
- Linux Implementation
- OpenBSD login.conf
- Implementation
- John the Ripper
- Implementation
- L0phtCrack
- Implementation
- Grabbing Windows Password Hashes
- Pwdump
- Pwdump3
- Pwdump4
- Lsadump2
- Active Brute-force Tools
- THC-Hydra
- 9 Host Hardening
- Clamav
- Download and Installation
- Implementation
- Titan
- Download and Installation
- Implementation
- Msec
- Implementation
- 10 Backdoors and Remote Access Tools
- VNC
- Implementation
- Netbus
- Implementation
- Back Orifice
- Implementation
- SubSeven
- Implementation
- Loki
- Implementation
- Stcpshell
- Implementation
- Knark
- Implementation
- 11 Simple Source Auditing Tools
- Flawfinder
- Implementation
- RATS
- Implementation
- 12 Combination System Auditing Tools
- Nessus
- Installation
- Implementation
- Cain & Able
- Implementation
- AIDE
- Installation
- Implementation
- Tripwire
- Implementation: The Open-source Edition
- Implementation: The Commercial Edition
- Securing Your Files with Tripwire
- Part III Tools for Auditing and Defending Your Network
- 13 Firewalls
- Firewalls and Packet Filters-The Basics
- What Is a Firewall?
- What's the Difference Between a Firewall and a Packet Filter?
- How Do Firewalls Protect Networks?
- What Type of Packet Characteristics Can You Filter in a Ruleset?
- What's the Difference Between Stateless and Stateful Firewalls?
- Understanding Network Address Translation (NAT) and Port Forwarding
- The Basics of Virtual Private Networks
- Inside the Demilitarized Zones
- When Do We Get to Talk About Actual Firewall Products?
- Freeware Firewalls
- Ipchains
- Iptables (Netfilter)
- IPFW2
- Still Others
- Commercial Firewalls
- Linksys SOHO Firewall Units
- SonicWALL
- Cisco PIX
- Still Others
- 14 Network Reconnaissance Tools
- whois/fwhois
- Implementation
- Host, Dig, and Nslookup
- Implementation
- Ping
- Implementation
- Fping
- Implementation
- Traceroute
- Implementation
- Hping
- Implementation
- 15 Port Redirection
- Datapipe
- Implementation
- FPipe
- Implementation
- WinRelay
- Implementation
- 16 Sniffers
- Sniffers Overview
- BUTTSniffer
- Implementation
- Disk Dump Mode
- Tcpdump and WinDump
- Installation
- Implementation
- Ethereal
- Implementation
- Dsniff
- Installation
- Implementation: The Tools
- Dangerous Tools
- Ettercap
- Installation
- Implementation
- Potential for Disaster
- Snort: An Intrusion-detection System
- Installation and Implementation
- Snort Plug-ins
- So Much More.
- 17 Wireless Tools
- NetStumbler
- Implementation
- AiroPeek
- Implementation
- Wellenreiter
- Implementation
- Kismet
- Implementation
- Expanding Kismet's Capabilities
- 18 War Dialers
- ToneLoc
- Implementation: Creating the tl.cfg file
- Implementation: Running a Scan
- Implementation: Navigating the ToneLoc Interface
- .dat File Techniques
- THC-Scan
- Implementation: Configuring THC-Scan
- Implementation: Running THC-Scan
- Implementation: Navigating THC-Scan
- Implementation: Manipulating THC-Scan .dat Files
- Shokdial
- Implementation
- Beyond the Connect String
- 19 TCP/IP Stack Tools
- ISIC: IP Stack Integrity Checker
- Implementation
- Tips and Tricks
- Iptest
- Implementation
- Nemesis: Packet-Weaving
- Implementation
- Beyond the Command Line
- Part IV Tools for Computer Forensics and Incident Response
- 20 Creating a Bootable Environment and Live Response Tool Kit
- Trinux
- Implementation
- Windows Live Response Tool Kit
- cmd.exe
- Fport
- netstat
- Nbtstat
- ARP
- PsList
- kill
- dir
- Auditpol
- PsLoggedOn
- NTLast
- Dump Event Log (dumpel)
- Regdmp
- SFind
- Md5sum
- Unix Live Response Tool Kit
- bash
- netstat
- ARP
- ls
- w
- last and lastb
- lsof
- ps
- kill
- Md5sum
- Carbonite
- Chkrootkit
- 21 Commercial Forensic Image Tool Kits
- EnCase
- Implementation
- Format: Creating a Trusted Boot Disk
- Implementation
- PDBLOCK: Write Blocking Your Source Drives
- Implementation
- SafeBack
- Implementation
- SnapBack
- Implementation
- FTK Imager
- Implementation
- Ghost
- Implementation
- SMART
- Implementation
- 22 Open-Source Forensic Duplication Tool Kits
- dd: A Forensic Duplication Tool
- Implementation
- dcfldd
- split: Breaking Up Images on the Fly
- dd: A Hard Drive Cleansing Tool
- Implementation
- Losetup: Transforming a Regular File into a Device on Linux
- Implementation
- The Enhanced Linux Loopback Device
- Implementation
- Vnode: Transforming a Regular File into a Device on FreeBSD
- Implementation
- Md5sum and md5: Validating the Evidence Collected
- Implementation
- 23 Tool Kits to Aid in Forensic Analysis
- The Forensic Toolkit
- Implementation
- EnCase
- Implementation
- The Coroner's Toolkit
- Implementation
- 24 Tools to Aid in Internet Activity Reconstruction
- Client- and Web-based E-mail
- Outlook
- Implementation
- ReadPST and ReadDBX
- Implementation
- Paraben's E-mail Examiner
- Implementation
- Unix Mailboxes
- Implementation
- Guidance Software's EnCase Forensic Edition
- Implementation
- AccessData's FTK
- Implementation
- Searching for Internet History
- NetAnalysis
- Implementation
- IE History
- Implementation
- X-Ways Trace
- Implementation
- Web Historian
- Implementation
- 25 Generalized Editors and Viewers
- The file Command
- Implementation
- Hexdump
- Implementation
- Hexedit
- Implementation
- Vi
- Implementation
- Frhed
- Implementation
- WinHex
- Implementation
- Quick View Plus
- Implementation
- Midnight Commander
- Implementation
- 26 Reverse Engineering Binaries
- The Anatomy of a Computer Program
- Determining a Binary File Type
- Black Box Analysis
- Viewing the Text Strings in a Binary
- Using LSOF to Determine What Files and Ports a Binary Uses
- Determining Ports Using NMAP
- Using a Sniffer to Determine Network Traffic
- Looking at the System Calls
- Identifying Kernel-hiding Techniques
- Creating a Sandbox Machine
- Getting Your Hands Dirty: Working with the Code
- Getting at the Memory
- Working with objdump
- IDA Pro
- GNU DeBugger (GDB)
- Java Programs
- Obfuscation
- Decompiling a Java Program
- Part V Appendixes
- A Useful Charts and Diagrams
- Protocol Headers
- Ethernet Headers
- Address Resolution Protocol (ARP) Headers
- Internet Protocol (IP) Headers
- Transmission Control Protocol (TCP) Headers
- User Datagram Protocol (UDP) Headers
- Internet Control Message Protocol (ICMP) Headers
- ASCII Table
- B Command-line Reference
- Directory Navigation
- Text File Manipulation
- Archive File Manipulation
- Miscellaneous
- Index
