Hacking For Dummies
John Wiley & Sons Inc (Verlag)
978-1-119-48547-6 (ISBN)
In order to outsmart a would-be hacker, you need to get into the hacker’s mindset. And with this book, thinking like a bad guy has never been easier. In Hacking For Dummies, expert author Kevin Beaver shares his knowledge on penetration testing, vulnerability assessments, security best practices, and every aspect of ethical hacking that is essential in order to stop a hacker in their tracks.
Whether you’re worried about your laptop, smartphone, or desktop computer being compromised, this no-nonsense book helps you learn how to recognize the vulnerabilities in your systems so you can safeguard them more diligently—with confidence and ease.
Get up to speed on Windows 10 hacks
Learn about the latest mobile computing hacks
Get free testing tools
Find out about new system updates and improvements
There’s no such thing as being too safe—and this resourceful guide helps ensure you’re protected.
Kevin Beaver is an independent information security consultant with more than three decades of experience. Kevin specializes in performing vulnerability and penetration testing and security consulting work for Fortune 1000 corporations, product vendors, independent software developers, universities, and government organizations. He has appeared on CNN and been quoted in The Wall Street Journal.
Introduction 1
About This Book 1
Foolish Assumptions 2
Icons Used in This Book 3
Beyond the Book 3
Where to Go from Here 4
Part 1: Building the Foundation for Security Testing 5
Chapter 1: Introduction to Vulnerability and Penetration Testing 7
Straightening Out the Terminology 7
Hacker 8
Malicious user 9
Recognizing How Malicious Attackers Beget Ethical Hackers 10
Vulnerability and penetration testing versus auditing 10
Policy considerations 11
Compliance and regulatory concerns 12
Understanding the Need to Hack Your Own Systems 12
Understanding the Dangers Your Systems Face 14
Nontechnical attacks 14
Network infrastructure attacks 15
Operating system attacks 15
Application and other specialized attacks 15
Following the Security Assessment Principles 16
Working ethically 16
Respecting privacy 17
Not crashing your systems 17
Using the Vulnerability and Penetration Testing Process 18
Formulating your plan 18
Selecting tools 20
Executing the plan 22
Evaluating results 23
Moving on 23
Chapter 2: Cracking the Hacker Mindset 25
What You’re Up Against 25
Who Breaks into Computer Systems 28
Hacker skill levels 28
Hacker motivations 30
Why They Do It 30
Planning and Performing Attacks 33
Maintaining Anonymity 35
Chapter 3: Developing Your Security Testing Plan 37
Establishing Your Goals 37
Determining Which Systems to Test 40
Creating Testing Standards 43
Timing your tests 43
Running specific tests 44
Conducting blind versus knowledge assessments 45
Picking your location 46
Responding to vulnerabilities you find 46
Making silly assumptions 46
Selecting Security Assessment Tools 47
Chapter 4: Hacking Methodology 49
Setting the Stage for Testing 49
Seeing What Others See 51
Scanning Systems 52
Hosts 53
Open ports 53
Determining What’s Running on Open Ports 54
Assessing Vulnerabilities 56
Penetrating the System 58
Part 2: Putting Security Testing in Motion 59
Chapter 5: Information Gathering 61
Gathering Public Information 61
Social media 62
Web search 62
Web crawling 63
Websites 64
Mapping the Network 64
WHOIS 65
Privacy policies 66
Chapter 6: Social Engineering 67
Introducing Social Engineering 67
Starting Your Social Engineering Tests 68
Knowing Why Attackers Use Social Engineering 69
Understanding the Implications 70
Building trust 71
Exploiting the relationship 72
Performing Social Engineering Attacks 74
Determining a goal 75
Seeking information 75
Social Engineering Countermeasures 80
Policies 80
User awareness and training 80
Chapter 7: Physical Security 83
Identifying Basic Physical Security Vulnerabilities 84
Pinpointing Physical Vulnerabilities in Your Office 85
Building infrastructure 85
Utilities 87
Office layout and use 88
Network components and computers 90
Chapter 8: Passwords 95
Understanding Password Vulnerabilities 96
Organizational password vulnerabilities 97
Technical password vulnerabilities 97
Cracking Passwords 98
Cracking passwords the old-fashioned way 99
Cracking passwords with high-tech tools 102
Cracking password-protected files 110
Understanding other ways to crack passwords 112
General Password Cracking Countermeasures 117
Storing passwords 118
Creating password policies 118
Taking other countermeasures 120
Securing Operating Systems 121
Windows 121
Linux and Unix 122
Part 3: Hacking Network Hosts 123
Chapter 9: Network Infrastructure Systems 125
Understanding Network Infrastructure Vulnerabilities 126
Choosing Tools 127
Scanners and analyzers 128
Vulnerability assessment 128
Scanning, Poking, and Prodding the Network 129
Scanning ports 129
Scanning SNMP 135
Grabbing banners 137
Testing firewall rules 138
Analyzing network data 140
The MAC-daddy attack 147
Testing denial of service attacks 152
Detecting Common Router, Switch, and Firewall Weaknesses 155
Finding unsecured interfaces 155
Uncovering issues with SSL and TLS 156
Putting Up General Network Defenses 156
Chapter 10: Wireless Networks 159
Understanding the Implications of Wireless Network Vulnerabilities 159
Choosing Your Tools 160
Discovering Wireless Networks 162
Checking for worldwide recognition 162
Scanning your local airwaves 163
Discovering Wireless Network Attacks and Taking Countermeasures 165
Encrypted traffic 167
Countermeasures against encrypted traffic attacks 170
Wi-Fi Protected Setup 172
Countermeasures against the WPS PIN flaw 175
Rogue wireless devices 175
Countermeasures against rogue wireless devices 179
MAC spoofing 179
Countermeasures against MAC spoofing 183
Physical security problems 183
Countermeasures against physical security problems 184
Vulnerable wireless workstations 185
Countermeasures against vulnerable wireless workstations 185
Default configuration settings 185
Countermeasures against default configuration settings exploits 186
Chapter 11: Mobile Devices 187
Sizing Up Mobile Vulnerabilities 187
Cracking Laptop Passwords 188
Choosing your tools 188
Applying countermeasures 193
Cracking Phones and Tablets 193
Cracking iOS passwords 194
Taking countermeasures against password cracking 197
Part 4: Hacking Operating Systems 199
Chapter 12: Windows 201
Introducing Windows Vulnerabilities 202
Choosing Tools 203
Free Microsoft tools 203
All-in-one assessment tools 204
Task-specific tools 204
Gathering Information About Your Windows Vulnerabilities 205
System scanning 205
NetBIOS 208
Detecting Null Sessions 210
Mapping 211
Gleaning information 212
Countermeasures against null-session hacks 214
Checking Share Permissions 215
Windows defaults 216
Testing 216
Exploiting Missing Patches 217
Using Metasploit 220
Countermeasures against missing patch vulnerability exploits 224
Running Authenticated Scans 225
Chapter 13: Linux and macOS 227
Understanding Linux Vulnerabilities 228
Choosing Tools 229
Gathering Information About Your System Vulnerabilities 229
System scanning 229
Countermeasures against system scanning 233
Finding Unneeded and Unsecured Services 234
Searches 234
Countermeasures against attacks on unneeded services 236
Securing the rhosts and hosts.equiv Files 238
Hacks using the hosts.equiv and rhosts files 239
Countermeasures against rhosts and hosts.equiv file attacks 240
Assessing the Security of NFS 241
NFS hacks 241
Countermeasures against NFS attacks 242
Checking File Permissions 242
File permission hacks 243
Countermeasures against file permission attacks 243
Finding Buffer Overflow Vulnerabilities 244
Attacks 244
Countermeasures against buffer overflow attacks 245
Checking Physical Security 245
Physical security hacks 245
Countermeasures against physical security attacks 245
Performing General Security Tests 246
Patching 248
Distribution updates 248
Multiplatform update managers 249
Part 5: Hacking Applications 251
Chapter 14: Communication and Messaging Systems 253
Introducing Messaging System Vulnerabilities 253
Recognizing and Countering Email Attacks 254
Email bombs 255
Banners 258
SMTP attacks 260
General best practices for minimizing email security risks 269
Understanding VoIP 270
VoIP vulnerabilities 271
Countermeasures against VoIP vulnerabilities 275
Chapter 15: Web Applications and Mobile Apps 277
Choosing Your Web Security Testing Tools 278
Seeking Out Web Vulnerabilities 279
Directory traversal 279
Countermeasures against directory traversals 283
Input-filtering attacks 283
Countermeasures against input attacks 290
Default script attacks 291
Countermeasures against default script attacks 293
Unsecured login mechanisms 293
Countermeasures against unsecured login systems 297
Performing general security scans for web application vulnerabilities 297
Minimizing Web Security Risks 298
Practicing security by obscurity 299
Putting up firewalls 300
Analyzing source code 300
Uncovering Mobile App Flaws 301
Chapter 16: Databases and Storage Systems 303
Diving Into Databases 303
Choosing tools 304
Finding databases on the network 304
Cracking database passwords 305
Scanning databases for vulnerabilities 306
Following Best Practices for Minimizing Database Security Risks 307
Opening Up About Storage Systems 308
Choosing tools 309
Finding storage systems on the network 309
Rooting out sensitive text in network files 310
Following Best Practices for Minimizing Storage Security Risks 312
Part 6: Security Testing Aftermath 315
Chapter 17: Reporting Your Results 317
Pulling the Results Together 317
Prioritizing Vulnerabilities 319
Creating Reports 321
Chapter 18: Plugging Your Security Holes 323
Turning Your Reports into Action 323
Patching for Perfection 324
Patch management 325
Patch automation 325
Hardening Your Systems 326
Assessing Your Security Infrastructure 328
Chapter 19: Managing Security Processes 331
Automating the Security Assessment Process 331
Monitoring Malicious Use 332
Outsourcing Security Assessments 334
Instilling a Security-Aware Mindset 336
Keeping Up with Other Security Efforts 337
Part 7: The Part of Tens 339
Chapter 20: Ten Tips for Getting Security Buy-In 341
Cultivate an Ally and a Sponsor 341
Don’t Be a FUDdy-Duddy 342
Demonstrate That the Organization Can’t Afford to Be Hacked 342
Outline the General Benefits of Security Testing 343
Show How Security Testing Specifically Helps the Organization 344
Get Involved in the Business 344
Establish Your Credibility 345
Speak on Management’s Level 345
Show Value in Your Efforts 346
Be Flexible and Adaptable 346
Chapter 21: Ten Reasons Hacking Is the Only Effective Way to Test 347
The Bad Guys Think Bad Thoughts, Use Good Tools, and Develop New Methods 347
IT Governance and Compliance Are More Than High-Level Checklist Audits 348
Vulnerability and Penetration Testing Complements Audits and Security Evaluations 348
Customers and Partners Will Ask How Secure Your Systems Are 348
The Law of Averages Works Against Businesses 349
Security Assessments Improve Understanding of Business Threats 349
If a Breach Occurs, You Have Something to Fall Back On 349
In-Depth Testing Brings Out the Worst in Your Systems 350
Combined Vulnerability and Penetration Testing Is What You Need 350
Proper Testing Can Uncover Overlooked Weaknesses 350
Chapter 22: Ten Deadly Mistakes 351
Not Getting Approval 351
Assuming That You Can Find All Vulnerabilities 352
Assuming That You Can Eliminate All Vulnerabilities 352
Performing Tests Only Once 353
Thinking That You Know It All 353
Running Your Tests Without Looking at Things from a Hacker’s Viewpoint 353
Not Testing the Right Systems 354
Not Using the Right Tools 354
Pounding Production Systems at the Wrong Time 354
Outsourcing Testing and Not Staying Involved 355
Appendix: Tools and Resources 357
Index 375
Erscheinungsdatum | 11.07.2018 |
---|---|
Verlagsort | New York |
Sprache | englisch |
Maße | 188 x 233 mm |
Gewicht | 574 g |
Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
ISBN-10 | 1-119-48547-9 / 1119485479 |
ISBN-13 | 978-1-119-48547-6 / 9781119485476 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich