Hacking the Hacker

Hacking the Hacker
Автор книги: id книги: 822115     Оценка: 0.0     Голосов: 0     Отзывы, комментарии: 0 1672,33 руб.     (17,93$) Читать книгу Купить и читать книгу Купить бумажную книгу Электронная книга Жанр: Зарубежная образовательная литература Правообладатель и/или издательство: John Wiley & Sons Limited Дата добавления в каталог КнигаЛит: ISBN: 9781119396222 Возрастное ограничение: 0+ Оглавление Отрывок из книги

Реклама. ООО «ЛитРес», ИНН: 7719571260.

Оглавление

Grimes Roger A.. Hacking the Hacker

Foreword

Introduction

1. What Type of Hacker Are You?

Most Hackers Aren’t Geniuses

Defenders Are Hackers Plus

Hackers Are Special

Hackers Are Persistent

Hacker Hats

2. How Hackers Hack

The Secret to Hacking

Hacking Ethically

3. Profile: Bruce Schneier

For More Information on Bruce Schneier

4. Social Engineering

Social Engineering Methods

Social Engineering Defenses

5. Profile: Kevin Mitnick

For More Information on Kevin Mitnick

6. Software Vulnerabilities

Number of Software Vulnerabilities

Why Are Software Vulnerabilities Still a Big Problem?

Defenses Against Software Vulnerabilities

Perfect Software Won’t Cure All Ills

7. Profile: Michael Howard

For More Information on Michael Howard

8. Profile: Gary McGraw

For More Information on Gary McGraw

9. Malware

Malware Types

Number of Malware Programs

Mostly Criminal in Origin

Defenses Against Malware

10. Profile: Susan Bradley

For More Information on Susan Bradley

11. Profile: Mark Russinovich

For More on Mark Russinovich

12. Cryptography

What Is Cryptography?

Why Can’t Attackers Just Guess All the Possible Keys?

Symmetric Versus Asymmetric Keys

Popular Cryptography

Hashes

Cryptographic Uses

Cryptographic Attacks

13. Profile: Martin Hellman

For More Information on Martin Hellman

14. Intrusion Detection/APTs

Traits of a Good Security Event Message

Advanced Persistent Threats (APTs)

Types of Intrusion Detection

Intrusion Detection Tools and Services

15. Profile: Dr. Dorothy E. Denning

For More Information on Dr. Dorothy E. Denning

16. Profile: Michael Dubinsky

For More Information on Michael Dubinsky

17. Firewalls

What Is a Firewall?

18. Profile: William Cheswick

For More Information on William Cheswick

19. Honeypots

What Is a Honeypot?

Interaction

Why Use a Honeypot?

Catching My Own Russian Spy

Honeypot Resources to Explore

20. Profile: Lance Spitzner

For More Information on Lance Spitzner

21. Password Hacking

Authentication Components

Hacking Passwords

Password Defenses

22. Profile: Dr. Cormac Herley

For More Information on Dr. Cormac Herley

23. Wireless Hacking

The Wireless World

Types of Wireless Hacking

Some Wireless Hacking Tools

Wireless Hacking Defenses

24. Profile: Thomas d’Otreppe de Bouvette

For More Information on Thomas d’Otreppe de Bouvette

25. Penetration Testing

My Penetration Testing Highlights

How to Be a Pen Tester

26. Profile: Aaron Higbee

For More Information on Aaron Higbee

27. Profile: Benild Joseph

For More Information on Benild Joseph

28. DDoS Attacks

Types of DDoS Attacks

DDoS Tools and Providers

DDoS Defenses

29. Profile: Brian Krebs

For More Information on Brian Krebs

30. Secure OS

How to Secure an Operating System

Security Consortiums

31. Profile: Joanna Rutkowska

For More Information on Joanna Rutkowska

32. Profile: Aaron Margosis

For More Information on Aaron Margosis

33. Network Attacks

Types of Network Attacks

Network Attack Defenses

34. Profile: Laura Chappell

For More Information on Laura Chappell

35. IoT Hacking

How Do Hackers Hack IoT?

IoT Defenses

36. Profile: Dr. Charlie Miller

For More Information on Dr. Charlie Miller

37. Policy and Strategy

Standards

Policies

Procedures

Frameworks

Regulatory Laws

Global Concerns

Systems Support

38. Profile: Jing de Jong‐Chen

For More Information on Jing de Jong‐Chen

39. Threat Modeling

Why Threat Model?

Threat Modeling Models

Threat Actors

40. Profile: Adam Shostack

For More Information on Adam Shostack

41. Computer Security Education

Computer Security Training Topics

Training Methods

42. Profile: Stephen Northcutt

For More Information on Stephen Northcutt

43. Privacy

Privacy Organizations

Privacy‐Protecting Applications

44. Profile: Eva Galperin

For More Information on Eva Galperin

45. Patching

Patching Facts

Common Patching Problems

46. Profile: Window Snyder

For More Information on Window Snyder

47. Writing as a Career

Computer Security Writing Outlets

Professional Writing Tips

48. Profile: Fahmida Y. Rashid

For More Information on Fahmida Y. Rashid

49. Guide for Parents with Young Hackers

Signs Your Kid Is Hacking

Not All Hacking Is Bad

How to Turn Around Your Malicious Hacker

50. Hacker Code of Ethics

Hacker Code of Ethics

(ISC)2®

About the Author

Credits

Acknowledgments

Отрывок из книги

Roger Grimes has worked in the computer security industry for nearly three decades, and I’ve had the pleasure of knowing him for roughly half that time. He’s one of a select few professionals I’ve met who clearly has security in his bones – an intuitive grasp of the subject that, coupled with his deep experience catching bad guys and rooting out weaknesses in security defenses, makes him uniquely qualified to write this book.

Roger first began writing for InfoWorld in 2005 when he sent an email criticizing the work of a security writer, a critique that carried so much weight we immediately asked him to contribute to the publication. Since then he has written hundreds of articles for InfoWorld, all of which exhibit a love of the subject as well as a psychological understanding of both malicious hackers and the people who defend against them. In his weekly “Security Adviser” column for InfoWorld, Roger shows a unique talent for focusing on issues that matter rather than chasing ephemeral threats or overhyped new technologies. His passion for convincing security defenders and their C‐suite bosses to do the right thing has been steadfast, despite the unfortunate inclination of so many organizations to neglect the basics and flock to the latest shiny new solution.

.....

Both zero‐days and regular software vulnerabilities come down to insecure software coding practices. Software vulnerabilities will be covered in Chapter 6.

Malicious programs are known as malware, and the traditional types are known as viruses, Trojan horse programs, and worms, but today’s malware is often a hybrid mixture of multiple types. Malware allows a hacker to use an exploit method to more easily attack victims or to reach a greater number of victims more quickly. When a new exploit method is discovered, defenders know that malware writers will use automated malware to spread the exploit faster in a process known as “weaponization.” While any exploit is something to be avoided, it is often the weaponization of the exploit that creates the most risk to end‐users and society. Without malware, an attacker is forced to implement an attack one victim at a time. With malware, millions of victims can be exploited in minutes. Malware will be covered in more detail in Chapter 9.

.....

Добавление нового отзыва

Комментарий Поле, отмеченное звёздочкой  — обязательно к заполнению

Отзывы и комментарии читателей

Нет рецензий. Будьте первым, кто напишет рецензию на книгу Hacking the Hacker
Подняться наверх