Halting the Hacker: A Practical Guide to Computer Security (2nd Edition)
Halting the Hacker: A Practical Guide to Computer Security (2nd Edition)
ISBN: 0130464163
EAN: 2147483647
EAN: 2147483647
Year: 2002
Pages: 210
Pages: 210
Authors: Donald L. Pipkin
- Main Page
- Table of content
- Copyright
- Foreword
- First Edition Foreword
- Preface
- About the Author
- Acknowledgments
- Part I: Understanding Hackers
- Chapter 1. Who Hackers Are
- Internal Hackers
- External Hackers
- Categorizing Hackers
- Demographics
- Classified by Skill Level
- Chapter 2. Hacker Motives
- Intellectually Motivated
- Personally Motivated
- Socially Motivated
- Politically Motivated
- Financially Motivated
- Motivated by Ego
- Chapter 3. What Hackers Do
- Modern Day Robin Hood
- Digital Dillinger
- Chapter 4. How Hackers Do What They Do
- Malicious Code
- Modified Source Code
- Exploiting Network Protocols
- Exploiting Vulnerabilities
- Password Crackers
- Part II: The Hacking Process
- Chapter 5. Gathering Information
- Public Sources
- People
- Going On Site
- Computer Systems
- Security Experts
- Other Hackers
- Chapter 6. Limiting Information Disclosure
- Public Information Sources
- Announcements
- Restricting the Scope of the Service
- Polling
- Eavesdropping
- Misinformation
- Chapter 7. Gaining Access
- Outsiders
- Insiders
- Back Doors
- Anonymously
- Active Sessions
- Stolen Credentials
- Subverting Protocols
- Chapter 8. Limiting Access
- Physical System Access
- Restricting Users
- Over the Network
- Restricting Services
- File System Access
- Chapter 9. Getting Credentials
- Identity Management
- Account Management
- Repositories
- Monitoring the Network
- Social Engineering
- Monitoring User Input
- Chapter 10. Controlling Authentication
- Authentication Management
- Cracking Passwords
- Finding Passwords in Clear Text
- The Future of Passwords
- Implementing Strong Authentication
- Chapter 11. Gaining Privileges
- Having Another User Run a Program
- Exploiting Permission Vulnerabilities
- Exploiting Hardware Vulnerabilities
- Exploiting Software Vulnerabilities
- Chapter 12. Controlling Authorizations
- User Authorizations
- Program Authorizations
- Compartmentalization
- Protecting Files
- Exploiting Permission Vulnerabilities
- Read-only File Systems
- Chapter 13. Avoiding Detection
- Monitoring Connections
- Monitoring Processes
- Monitoring Information
- Increasing Security
- Not Making Tracks
- Removing Tracks
- Misdirection
- Changing Time
- Chapter 14. Increasing Monitoring
- Monitoring Files
- Monitoring Users
- Monitoring Resources
- The Logging System
- Consolidated Logging Server
- Log File Monitoring
- Part III: Legal Recourse
- Chapter 15. Computer Crimes
- Traditional Offenses Using Computers
- Computer-specific Offenses
- Intellectual Property Offenses
- Content-related Offenses
- Privacy Offenses
- Chapter 16. Legal Prosecution
- Computer Crime
- Law Enforcement Agencies
- Chapter 17. Obstacles to Prosecution
- Identifying the Hacker
- Jurisdiction
- Extradition
- Evidence
- Cost of Prosecution
- Corporate Concerns
- Personal Concerns
- Chapter 18. Improving Successful Prosecution
- Enforcing Security Policy
- Fair Notice
- Marking Information
- Proper Evidence Preservation
- Trusted Time
- Part IV: Halting the Hacker
- Chapter 19. Preparation
- Define What Needs Protection
- Define How Much Protection Is Required
- Decide How Much Protection Is Afforded
- Define What You Have
- Define How to Protect It
- Chapter 20. Installation
- Software Structure
- Install Minimum Base Operating System
- Remove Any Unneeded Software
- Install Additional Products
- Install Standard Patches
- Install Security Patches
- Remove Software Remnants
- Chapter 21. Proactive Protection
- Remove What Is Not Needed
- Disable What Is Not Used
- Restrict the Rest
- Host Hardening Systems
- Chapter 22. Security Testing
- Evaluate Current Status
- Compliance with Security Program
- Integrity of Installed Software
- Integrity of Configuration
- Security Scanners
- Chapter 23. Security Monitoring
- Monitoring for New Vulnerabilities
- Intrusion Methods
- Determining When a Security Incident Has Occurred
- System Monitoring Techniques
- Comprehensive Monitoring
- Chapter 24. Reactive Security
- Review the Incident Response Plan
- Preserve the State of the Computer
- Reporting the Incident
- Contain the Incident
- Gather Information
- Countermeasures
- Chapter 25. Recovery
- Assess the Scope
- Setting Priorities
- Secure the System
- Repair the Vulnerability
- System Recovery
- Data Recovery
- Monitor for Additional Signs of Attack
- Restoration of Confidence
- Chapter 26. Review
- Determine the Cost of the Incident
- Evaluate the Response Process
- Improve the Safeguards
- Update Detection
- Process Improvement
- Postmortem Documentation
- Follow-up Communication
- Glossary
- Index
- Index SYMBOL
- Index A
- Index B
- Index C
- Index D
- Index E
- Index F
- Index G
- Index H
- Index I
- Index J
- Index K
- Index L
- Index M
- Index N
- Index O
- Index P
- Index Q
- Index R
- Index S
- Index T
- Index U
- Index V
- Index W
- Index X
Halting the Hacker: A Practical Guide to Computer Security (2nd Edition)
ISBN: 0130464163
EAN: 2147483647
EAN: 2147483647
Year: 2002
Pages: 210
Pages: 210
Authors: Donald L. Pipkin