I would first like to thank the illustrious DJ Jackalope (aka Karen) for all of her encouragement, support, and understanding throughout the writing of this book. Without her, it would have languished in the doldrums, and I don't think I could have done this book without her.

I'd also like to thank Nat Torkington for putting me in touch with Rob, my fearless (and patient) editor for this book, as well as my parents for having the faith to let me have time to tinker with computers and do silly things like read Phrack when I was a kid; if not for that, I might have ended up doing something completely different.


Nowhere is the term hacker more misconstrued than in the network security field. This is understandable because the very same tools that network security professionals use to probe the robustness of their own networks also can be used to launch attacks on any machine on the Internet. The difference between system administrators legitimately testing their own machines and a system cracker attempting to gain unauthorized access isn't so much a question of techniques or tools, but a matter of intent. After all, as with any powerful piece of technology, a security tool isn't inherently good or bad—this determination depends entirely on how it is used. The same hammer can be used to either build a wall or knock it down.

The difference between "white hat" and "black hat" hackers isn't the tools or techniques they use (or even the color of their hats), but their intent. The difference is subtle but important. White hat hackers find that building secure systems presents an interesting challenge, and their security can be truly tested only through a thorough knowledge of how to subvert such systems. Black hat hackers (more appropriately called crackers) pursue precisely the same knowledge, but without regard for the people who built the systems or the servers they attack. They use their knowledge to subvert these systems for their own personal gain, often to the detriment of the systems they infiltrate.

Of course, tales of daring international techno-robberies and black-clad, cigarette-smoking, laptop-wielding evil masterminds tend to sell better than simple tales of the engineer who built a strong network, and so the term hacking has a bad reputation in the popular press. They use it to refer to individuals who break into systems or who wreak havoc using computers as their weapon. Among people who solve problems, though, the term hack refers to a "quick-n-dirty" solution to a problem, or a clever way to get something done. And the term hacker is taken very much as a compliment, referring to someone as being creative, i.e., having the technical chops to get things done. The Hacks series is an attempt to reclaim this word, document the ways people are hacking (in a good way), and pass the hacker ethic of creative participation on to the uninitiated. Seeing how others approach systems and problems is often the quickest way to learn about a new technology. Only by openly discussing security flaws and implementations can we hope to build stronger systems.

Why Network Security Hacks?

Network Security Hacks is a grimoire of 100 powerful security techniques. This volume demonstrates effective methods for defending your servers and networks from a variety of devious and subtle attacks. Within this book are examples of how to detect the presence (and track every keystroke) of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be system crackers. Many important security tools are presented, as well as clever methods for using them to reveal real, useful information about what is happening on your network.