Hands-On Ethical Hacking And Network Defense,9780619217082

Hands-On Ethical Hacking And Network Defense

by
Edition: 1st
ISBN13: 9780619217082
ISBN10: 0619217081
Format: Paperback
Pub. Date: 2005-10-19
Publisher(s): Course Technology
Upgraded Edition: Click here!
List Price: $252.49

Buy New

Usually ships in 2 to 3 business days.
$240.47
Add to Cart

Rent Textbook

Select for Price
Add to Cart
There was a problem. Please try again later.

Used Textbook

We're Sorry
Sold Out

eTextbook

We're Sorry
Not Available

Buy from our Marketplace starting at $4.30

How Marketplace Works:

  • This item is offered by an independent seller and not shipped from our warehouse
  • Item details like edition and cover design may differ from our description; see seller's comments before ordering.
  • Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
  • Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
  • Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.

Summary

With cyber-terrorism and corporate espionage threatening the fiber of our world, the need for trained network security professionals continues to grow. This book describes the tools and penetration testing methodologies used by ethical hackers to better understand how to protect computer networks. A thorough discussion is first established outlining what and who an ethical hacker is, and how important they are in protecting corporate and government data from cyber attacks. This title provides a structured knowledge base for preparing security professionals to understand how to protect a network using some of the skills and tools of a penetration or ethical hacker.

Table of Contents

Preface ix
Ethical Hacking Overview
1(18)
Introduction to Ethical Hacking
2(5)
The Role of Security and Penetration Testers
2(1)
Penetration-Testing Methodologies
3(1)
Certification Programs for Network Security Personnel
4(3)
What You Can Do Legally
7(4)
Laws of the Land
8(1)
Is Port Scanning Legal?
9(2)
Federal Laws
11(1)
What You Cannot Do Legally
11(2)
Get It in Writing
12(1)
Ethical Hacking in a Nutshell
13(1)
Chapter Summary
13(1)
Key Terms
14(1)
Review Questions
15(2)
Case Projects
17(2)
TCP/IP Concepts Review
19(20)
Overview of TCP/IP
20(9)
The Application Layer
21(1)
The Transport Layer
21(7)
The Internet Layer
28(1)
IP Addressing
29(2)
Planning IP Address Assignments
30(1)
Overview of Numbering Systems
31(4)
Reviewing the Binary Numbering System
31(2)
Reviewing the Octal Numbering System
33(1)
Reviewing the Hexadecimal Numbering System
34(1)
Chapter Summary
35(1)
Key Terms
35(1)
Review Questions
36(2)
Case Projects
38(1)
Network and Computer Attacks
39(22)
Malicious Software (Malware)
40(9)
Viruses
40(4)
Macro Viruses
44(1)
Worms
45(2)
Trojan Programs
47(1)
Spyware
48(1)
Adware
49(1)
Protecting Against Malware Attacks
49(1)
Educating Your Users
50(1)
Intruder Attacks on Networks and Computers
50(4)
Denial-of-Service Attacks
51(1)
Distributed Denial-of-Service Attacks
51(1)
Buffer Overflow Attacks
52(1)
Ping of Death Attacks
53(1)
Session Hijacking
53(1)
Addressing Physical Security
54(2)
Keyloggers
54(1)
Behind Locked Doors
55(1)
Chapter Summary
56(1)
Key Terms
57(1)
Review Questions
57(3)
Case Projects
60(1)
Footprinting and Social Engineering
61(28)
Using Web Tools for Footprinting
62(1)
Conducting Competitive Intelligence
63(12)
Analyzing a Company's Web Site
64(2)
Using Other Footprinting Tools
66(2)
Using E-mail Addresses
68(2)
Using HTTP Basics
70(2)
Other Methods of Gathering Information
72(3)
Using Domain Name Service (DNS) Zone Transfers
75(1)
Introduction to Social Engineering
76(7)
The Art of Shoulder Surfing
80(1)
The Art of Dumpster Diving
81(1)
The Art of Piggybacking
82(1)
Chapter Summary
83(1)
Key Terms
83(1)
Review Questions
84(2)
Case Projects
86(3)
Port Scanning
89(20)
Introduction to Port Scanning
90(1)
Types of Port Scans
91(1)
Using Port-Scanning Tools
92(6)
Nmap
92(2)
Unicornscan
94(1)
NetScanTools Pro 2004
95(1)
Nessus
96(2)
Conducting Ping Sweeps
98(4)
Fping
98(1)
Hping
99(2)
Crafting IP Packets
101(1)
Understanding Shell Scripting
102(2)
Scripting Basics
102(2)
Chapter Summary
104(1)
Key Terms
104(1)
Review Questions
105(2)
Case Projects
107(2)
Enumeration
109(28)
Introduction to Enumeration
110(3)
Enumerating Microsoft Operating Systems
113(11)
NetBIOS Basics
115(1)
NetBIOS Enumeration Tools
116(2)
Additional Enumeration Tools
118(6)
Enumerating the NetWare Operating System
124(6)
NetWare Enumeration Tools
125(5)
Enumerating the *NIX Operating System
130(3)
UNIX Enumeration
131(2)
Chapter Summary
133(1)
Key Terms
133(1)
Review Questions
133(3)
Case Projects
136(1)
Programming for Security Professionals
137(30)
Introduction to Computer Programming
138(2)
Computer Programming Fundamentals
138(2)
Learning the C Language
140(7)
Anatomy of a C Program
141(6)
Understanding HTML Basics
147(2)
Creating a Web Page Using HTML
147(2)
Understanding Practical Extraction and Report Language (Perl)
149(9)
Background on Perl
149(4)
Understanding the Basics of Perl
153(1)
Understanding the BLT of Perl
154(4)
Understanding Object-Oriented Programming Concepts
158(4)
Components of Object-Oriented Programming
159(3)
Chapter Summary
162(1)
Key Terms
162(1)
Review Questions
163(2)
Case Projects
165(2)
Microsoft Operating System Vulnerabilities
167(28)
Tools to Identify Vulnerabilities on Microsoft Systems
168(6)
Built-in Microsoft Tools
168(6)
Microsoft OS Vulnerabilities
174(9)
Remote Procedure Call (RPC)
175(1)
NetBIOS
176(1)
Server Message Block (SMB)
177(1)
Common Internet File System (CIFS)
177(1)
Understanding Samba
178(2)
Closing SMB Ports
180(1)
Null Sessions
181(1)
Default Installations of Microsoft OSs
181(1)
Passwords and Authentication
181(2)
Vulnerabilities in Microsoft Services
183(2)
Web Services
183(1)
SQL Server
184(1)
Best Practices for Hardening Microsoft Systems
185(3)
Patching Systems
185(1)
Antivirus Solutions
186(1)
Enable Logging and Review Logs Regularly
186(1)
Disable Unused or Unneeded Services
187(1)
Other Security Best Practices
187(1)
Chapter Summary
188(1)
Key Terms
189(1)
Review Questions
190(2)
Case Projects
192(3)
Linux Operating System Vulnerabilities
195(36)
Review of Linux Fundamentals
196(6)
Linux Directory Structure
196(1)
Linux File System
197(2)
Linux File System Commands
199(3)
Linux OS Vulnerabilities
202(9)
Remote Access Attacks on Linux Systems
211(14)
Footprinting an Attacked System
211(2)
Using Social Engineering to Attack Remote Linux Systems
213(1)
Installing Trojan Programs
213(8)
Creating Buffer Overflow Programs
221(2)
Using Sniffers to Gain Access to Remote Linux Systems
223(2)
Countermeasures Against Linux Remote Attacks
225(2)
User Awareness Training
225(1)
Keeping Current
225(2)
Chapter Summary
227(1)
Key Terms
227(1)
Review Questions
228(2)
Case Projects
230(1)
Hacking Web Servers
231(38)
Understanding Web Applications
232(16)
Web Application Components
232(11)
Using Scripting Languages
243(3)
Connecting to Databases
246(2)
Understanding Web Application Vulnerabilities
248(11)
Application Vulnerabilities and Countermeasures
248(6)
Assessing Web Applications
254(5)
Tools of Web Attackers and Security Testers
259(4)
Web Tools
259(4)
Chapter Summary
263(1)
Key Terms
264(1)
Review Questions
265(2)
Case Projects
267(2)
Hacking Wireless Networks
269(24)
Understanding Wireless Technology
270(6)
Components of a Wireless Network
270(6)
Understanding Wireless Network Standards
276(4)
Institute of Electrical and Electronics Engineers (IEEE) Standards
276(2)
An Overview of Wireless Technologies
278(1)
IEEE Additional 802.11 Projects
278(2)
Understanding Authentication
280(3)
The 802.1X Standard
280(3)
Understanding Wardriving
283(4)
How It Works
283(4)
Understanding Wireless Hacking
287(2)
Tools of the Trade
287(1)
Countermeasures for Wireless Attacks
288(1)
Chapter Summary
289(1)
Key Terms
290(1)
Review Questions
290(2)
Case Projects
292(1)
Cryptography
293(28)
Understanding Cryptography Basics
294(1)
History of Cryptography
294(1)
Understanding Symmetric and Asymmetric Algorithms
295(11)
Symmetric Cryptography Algorithms
296(3)
Asymmetric Cryptography Algorithms
299(1)
Digital Signatures
300(5)
Hashing Algorithms
305(1)
Understanding Public Key Infrastructure (PKI)
306(5)
Components of PKI
306(5)
Understanding Cryptography Attacks
311(5)
Birthday Attack
312(1)
Mathematical Attacks
312(1)
Brute Force Attack
312(1)
Man-in-the-Middle Attack
313(1)
Dictionary Attack
313(1)
Replay Attack
313(1)
Understanding Password Cracking
314(2)
Chapter Summary
316(1)
Key Terms
316(2)
Review Questions
318(2)
Case Projects
320(1)
Protecting Networks with Security Devices
321(30)
Understanding Network Security Devices
322(8)
Understanding Routers
322(1)
Understanding Basic Hardware Routers
322(4)
Understanding Access Control Lists
326(4)
Understanding Firewalls
330(12)
Understanding Firewall Technology
330(2)
Implementing a Firewall
332(1)
Understanding the Private Internet Exchange (PIX) Firewall
333(4)
Understanding Microsoft ISA
337(5)
Understanding Intrusion Detection Systems (IDSs)
342(1)
Network-Based and Host-Based IDSs
343(1)
Understanding Honeypots
343(2)
How They Work
344(1)
Chapter Summary
345(1)
Key Terms
346(1)
Review Questions
347(2)
Case Projects
349(2)
APPENDIX A Legal Resources
351(8)
National Computer Fraud and Abuse Act of 1986
355(4)
Sec. 1030. Fraud and related activity in connection with computers
355(4)
APPENDIX B Resources
359(10)
Resource Books
364(1)
Resource Web Sites
364(5)
APPENDIX C Documentation Forms for Penetration Tests
369(60)
Glossary 429(8)
Index 437

An electronic version of this book is available through VitalSource.

This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.

By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.

Digital License

You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.

More details can be found here.

A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.

Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.

Please view the compatibility matrix prior to purchase.