A lot of computer security textbooks approach the subject from a defensive point of view. "Do this, and you'll probably survive a particular kind of attack", they say. In refreshing contrast, Hacking Exposed, Second Edition
talks about security from an offensive angle. A Jane's
-like catalogue of the weaponry that black-hat hackers use is laid out in full. Readers see what programs are out there, get a rundown on what the programs can do, and benefit from detailed explanations of concepts (such as wardialing and rootkits) that most system administrators kind of understand, but perhaps not in detail. The book also walks through how to use the most powerful and popular hacker software, including L0phtCrack. This new edition has been updated extensively, largely with the results of "honeypot" exercises (in which attacks on sacrificial machines are monitored) and Windows 2000 public security trials. There is a lot of new stuff on electronic mail worms, distributed denial of service (DDoS) attacks and attacks that involve routing protocols.
The result of all this familiarity with bad-guy tools is a leg up on defending against them. Hacking wastes no time in explaining how to implement the countermeasures--where they exist--that will render known attacks ineffective. Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what Unix configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare. They spare no criticism of products they aren't impressed with, and hesitate not in pointing out inherent, uncorrectable security weaknesses where they find them. This is no mere rehashing of generally accepted security practices. It and its companion Web site are the best way for all you network administrators to know thy enemies. --David Wall
From the Publisher
Right Now, Who is Breaking Into Your Computer?
Anyone who is connected to the Internet for any stable length of time is a potential victim. From large companies like Yahoo.com, eBay, and Amazon to organisations like universities and even average consumers on a cable modem or DSL connection, Internet security is everybodys business.
Every type of end user can understand and implement ways to prevent attacks by reading the second edition of the worlds most popular network security book, Hacking Exposed, by Stuart McClure, Joel Scambray, and George Kurtz. In addition to being partners in Foundstone, Inc., a premier security consulting and training company, authors McClure, Scambray and Kurtz have promoted information system security over a combined fifteen years for Fortune 500 companies, and in forums including weekly columns in InfoWorld.
Since its release in the autumn of 1999, more than 125,000 copies of the first edition of Hacking Exposed have been sold world-wide making it an international best seller.
Why the need for a second edition? The world of Internet security moves even faster than todays round-the-clock digital economy, and all of the brand-new tools and techniques that have surfaced since the publication of the best-selling first edition are covered here.
In his foreword to the Second Edition, Internet security titan Bruce Schneier, CTO of Counterpane Internet Security Inc., calls Hacking Exposed "
the distilled essence of the full-disclosure movement. Its a comprehensive bible of security vulnerabilities: what they are, how they work, and what to do about them. After reading this, you will know more about your network and how to secure it than any other book I can think of. This book is informational gold." Read a copy today to see what you or your ebusiness may be missing.