Table of Contents

 <  Day Day Up  >  

   
¢   Table of Contents
¢   Index
¢   Reviews
¢   Reader Reviews
¢   Errata
¢   Academic
 
Security Warrior
By Anton  Chuvakin, Cyrus  Peikari
 
Publisher : O'Reilly
Pub Date : January 2004
ISBN : 0-596-00545-8
Pages : 552
   


                             
      Copyright
      Dedication
      Preface
        Organization of This Book
        Part I: Software Cracking
        Part II: Network Stalking
        Part III: Platform Attacks
        Part IV: Advanced Defense
        Part V: Appendix
        Conventions Used in This Book
        Using Code Examples
        Comments and Questions
        Acknowledgments
      Part I:   Software Cracking
          Chapter 1.   Assembly Language
        Section 1.1.   Registers
        Section 1.2.   ASM Opcodes
        Section 1.3.   References
          Chapter 2.   Windows Reverse Engineering
        Section 2.1.   History of RCE
        Section 2.2.   Reversing Tools
        Section 2.3.   Reverse Engineering Examples
        Section 2.4.   References
          Chapter 3.   Linux Reverse Engineering
        Section 3.1.   Basic Tools and Techniques
        Section 3.2.   A Good Disassembly
        Section 3.3.   Problem Areas
        Section 3.4.   Writing New Tools
        Section 3.5.   References
          Chapter 4.   Windows CE Reverse Engineering
        Section 4.1.   Windows CE Architecture
        Section 4.2.   CE Reverse Engineering Fundamentals
        Section 4.3.   Practical CE Reverse Engineering
        Section 4.4.   Reverse Engineering serial.exe
        Section 4.5.   References
          Chapter 5.   Overflow Attacks
        Section 5.1.   Buffer Overflows
        Section 5.2.   Understanding Buffers
        Section 5.3.   Smashing the Stack
        Section 5.4.   Heap Overflows
        Section 5.5.   Preventing Buffer Overflows
        Section 5.6.   A Live Challenge
        Section 5.7.   References
      Part II:   Network Stalking
          Chapter 6.   TCP/IP Analysis
        Section 6.1.   A Brief History of TCP/IP
        Section 6.2.   Encapsulation
        Section 6.3.   TCP
        Section 6.4.   IP
        Section 6.5.   UDP
        Section 6.6.   ICMP
        Section 6.7.   ARP
        Section 6.8.   RARP
        Section 6.9.   BOOTP
        Section 6.10.   DHCP
        Section 6.11.   TCP/IP Handshaking
        Section 6.12.   Covert Channels
        Section 6.13.   IPv6
        Section 6.14.   Ethereal
        Section 6.15.   Packet Analysis
        Section 6.16.   Fragmentation
        Section 6.17.   References
          Chapter 7.   Social Engineering
        Section 7.1.   Background
        Section 7.2.   Performing the Attacks
        Section 7.3.   Advanced Social Engineering
        Section 7.4.   References
          Chapter 8.   Reconnaissance
        Section 8.1.   Online Reconnaissance
        Section 8.2.   Conclusion
        Section 8.3.   References
          Chapter 9.   OS Fingerprinting
        Section 9.1.   Telnet Session Negotiation
        Section 9.2.   TCP Stack Fingerprinting
        Section 9.3.   Special-Purpose Tools
        Section 9.4.   Passive Fingerprinting
        Section 9.5.   Fuzzy Operating System Fingerprinting
        Section 9.6.   TCP/IP Timeout Detection
        Section 9.7.   References
          Chapter 10.   Hiding the Tracks
        Section 10.1.   From Whom Are You Hiding?
        Section 10.2.   Postattack Cleanup
        Section 10.3.   Forensic Tracks
        Section 10.4.   Maintaining Covert Access
        Section 10.5.   References
      Part III:   Platform Attacks
          Chapter 11.   Unix Defense
        Section 11.1.   Unix Passwords
        Section 11.2.   File Permissions
        Section 11.3.   System Logging
        Section 11.4.   Network Access in Unix
        Section 11.5.   Unix Hardening
        Section 11.6.   Unix Network Defense
        Section 11.7.   References
          Chapter 12.   Unix Attacks
        Section 12.1.   Local Attacks
        Section 12.2.   Remote Attacks
        Section 12.3.   Unix Denial-of-Service Attacks
        Section 12.4.   References
          Chapter 13.   Windows Client Attacks
        Section 13.1.   Denial-of-Service Attacks
        Section 13.2.   Remote Attacks
        Section 13.3.   Remote Desktop/Remote Assistance
        Section 13.4.   References
          Chapter 14.   Windows Server Attacks
        Section 14.1.   Release History
        Section 14.2.   Kerberos Authentication Attacks
        Section 14.3.   Kerberos Authentication Review
        Section 14.4.   Defeating Buffer Overflow Prevention
        Section 14.5.   Active Directory Weaknesses
        Section 14.6.   Hacking PKI
        Section 14.7.   Smart Card Hacking
        Section 14.8.   Encrypting File System Changes
        Section 14.9.   Third-Party Encryption
        Section 14.10.   References
          Chapter 15.   SOAP XML Web Services Security
        Section 15.1.   XML Encryption
        Section 15.2.   XML Signatures
        Section 15.3.   Reference
          Chapter 16.   SQL Injection
        Section 16.1.   Introduction to SQL
        Section 16.2.   SQL Injection Attacks
        Section 16.3.   SQL Injection Defenses
        Section 16.4.   PHP-Nuke Examples
        Section 16.5.   References
          Chapter 17.   Wireless Security
        Section 17.1.   Reducing Signal Drift
        Section 17.2.   Problems with WEP
        Section 17.3.   Cracking WEP
        Section 17.4.   Practical WEP Cracking
        Section 17.5.   VPNs
        Section 17.6.   TKIP
        Section 17.7.   SSL
        Section 17.8.   Airborne Viruses
        Section 17.9.   References
      Part IV:   Advanced Defense
          Chapter 18.   Audit Trail Analysis
        Section 18.1.   Log Analysis Basics
        Section 18.2.   Log Examples
        Section 18.3.   Logging States
        Section 18.4.   When to Look at the Logs
        Section 18.5.   Log Overflow and Aggregation
        Section 18.6.   Challenge of Log Analysis
        Section 18.7.   Security Information Management
        Section 18.8.   Global Log Aggregation
        Section 18.9.   References
          Chapter 19.   Intrusion Detection Systems
        Section 19.1.   IDS Examples
        Section 19.2.   Bayesian Analysis
        Section 19.3.   Hacking Through IDSs
        Section 19.4.   The Future of IDSs
        Section 19.5.   Snort IDS Case Study
        Section 19.6.   IDS Deployment Issues
        Section 19.7.   References
          Chapter 20.   Honeypots
        Section 20.1.   Motivation
        Section 20.2.   Building the Infrastructure
        Section 20.3.   Capturing Attacks
        Section 20.4.   References
          Chapter 21.   Incident Response
        Section 21.1.   Case Study: Worm Mayhem
        Section 21.2.   Definitions
        Section 21.3.   Incident Response Framework
        Section 21.4.   Small Networks
        Section 21.5.   Medium-Sized Networks
        Section 21.6.   Large Networks
        Section 21.7.   References
          Chapter 22.   Forensics and Antiforensics
        Section 22.1.   Hardware Review
        Section 22.2.   Information Detritus
        Section 22.3.   Forensics Tools
        Section 22.4.   Bootable Forensics CD-ROMs
        Section 22.5.   Evidence Eliminator
        Section 22.6.   Forensics Case Study: FTP Attack
        Section 22.7.   References
      Part V:   Appendix
          Appendix A.   Useful SoftICE Commands and Breakpoints
        Section A.1.   SoftICE Commands
        Section A.2.   Breakpoints
      Colophon
      Index
 <  Day Day Up  >  


Security Warrior
Security Warrior
ISBN: 0596005458
EAN: 2147483647
Year: 2004
Pages: 211

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net