Atnaujinkite slapukų nuostatas

El. knyga: Hacking For Dummies

3.66/5 (395 ratings by Goodreads)
  • Formatas: EPUB+DRM
  • Išleidimo metai: 22-Mar-2022
  • Leidėjas: For Dummies
  • Kalba: eng
  • ISBN-13: 9781119872214
Kitos knygos pagal šią temą:
Hacking For DummiesDidesnis paveikslėlis
  • Formatas: EPUB+DRM
  • Išleidimo metai: 22-Mar-2022
  • Leidėjas: For Dummies
  • Kalba: eng
  • ISBN-13: 9781119872214
Kitos knygos pagal šią temą:

DRM apribojimai

  • Kopijuoti:

    neleidžiama

  • Spausdinti:

    neleidžiama

  • El. knygos naudojimas:

    Skaitmeninių teisių valdymas (DRM)
    Leidykla pateikė šią knygą šifruota forma, o tai reiškia, kad norint ją atrakinti ir perskaityti reikia įdiegti nemokamą programinę įrangą. Norint skaityti šią el. knygą, turite susikurti Adobe ID . Daugiau informacijos  čia. El. knygą galima atsisiųsti į 6 įrenginius (vienas vartotojas su tuo pačiu Adobe ID).

    Reikalinga programinė įranga
    Norint skaityti šią el. knygą mobiliajame įrenginyje (telefone ar planšetiniame kompiuteryje), turite įdiegti šią nemokamą programėlę: PocketBook Reader (iOS / Android)

    Norint skaityti šią el. knygą asmeniniame arba „Mac“ kompiuteryje, Jums reikalinga  Adobe Digital Editions “ (tai nemokama programa, specialiai sukurta el. knygoms. Tai nėra tas pats, kas „Adobe Reader“, kurią tikriausiai jau turite savo kompiuteryje.)

    Negalite skaityti šios el. knygos naudodami „Amazon Kindle“.

Learn to think like a hacker to secure your own systems and data

Your smartphone, laptop, and desktop computer are more important to your life and business than ever before. On top of making your life easier and more productive, they hold sensitive information that should remain private. Luckily for all of us, anyone can learn powerful data privacy and security techniques to keep the bad guys on the outside where they belong.

Hacking For Dummies takes you on an easy-to-follow cybersecurity voyage that will teach you the essentials of vulnerability and penetration testing so that you can find the holes in your network before the bad guys exploit them. You will learn to secure your Wi-Fi networks, lock down your latest Windows 11 installation, understand the security implications of remote work, and much more.

You’ll find out how to:

  • Stay on top of the latest security weaknesses that could affect your business’s security setup
  • Use freely available testing tools to “penetration test” your network’s security
  • Use ongoing security checkups to continually ensure that your data is safe from hackers

Perfect for small business owners, IT and security professionals, and employees who work remotely, Hacking For Dummies is a must-have resource for anyone who wants to keep their data safe.

Introduction 1(4)
About This Book
2(1)
Foolish Assumptions
2(1)
Icons Used in This Book
3(1)
Beyond the Book
4(1)
Where to Go from Here
4(1)
Part 1: Building The Foundation For Security Testing 5 (54)
Chapter 1 Introduction to Vulnerability and Penetration Testing
7(18)
Straightening Out the Terminology
7(3)
Hacker
8(1)
Malicious user
9(1)
Recognizing How Malicious Attackers Beget Ethical Hackers
10(2)
Vulnerability and penetration testing versus auditing
11(1)
Policy considerations
11(1)
Compliance and regulatory concerns
12(1)
Understanding the Need to Hack Your Own Systems
12(2)
Understanding the Dangers Your Systems Face
14(2)
Nontechnical attacks
14(1)
Network infrastructure attacks
15(1)
Operating system attacks
15(1)
Application and other specialized attacks
15(1)
Following the Security Assessment Principles
16(2)
Working ethically
16(1)
Respecting privacy
17(1)
Not crashing your systems
17(1)
Using the Vulnerability and Penetration Testing Process
18(7)
Formulating your plan
18(3)
Selecting tools
21(1)
Executing the plan
22(2)
Evaluating results
24(1)
Moving on
24(1)
Chapter 2 Cracking the Hacker Mindset
25(12)
What You're Up Against
25(3)
Who Breaks into Computer Systems
28(3)
Hacker skill levels
28(2)
Hacker motivations
30(1)
Why They Do It
31(3)
Planning and Performing Attacks
34(2)
Maintaining Anonymity
36(1)
Chapter 3 Developing Your Security Testing Plan
37(12)
Establishing Your Goals
38(2)
Determining Which Systems to Test
40(3)
Creating Testing Standards
43(5)
Timing your tests
43(1)
Running specific tests
44(1)
Conducting blind versus knowledge assessments
45(1)
Picking your location
46(1)
Responding to vulnerabilities you find
47(1)
Making silly assumptions
47(1)
Selecting Security Assessment Tools
48(1)
Chapter 4 Hacking Methodology
49(10)
Setting the Stage for Testing
49(2)
Seeing What Others See
51(1)
Scanning Systems
52(2)
Hosts
53(1)
Open ports
53(1)
Determining What's Running on Open Ports
54(2)
Assessing Vulnerabilities
56(2)
Penetrating the System
58(1)
Part 2: Putting Security Testing In Motion 59(70)
Chapter 5 Information Gathering
61(8)
Gathering Public Information
61(4)
Social media
62(1)
Web search
62(1)
Web crawling
63(1)
Websites
64(1)
Mapping the Network
65(4)
WHOIS
65(1)
Privacy policies
66(3)
Chapter 6 Social Engineering
69(18)
Introducing Social Engineering
69(2)
Starting Your Social Engineering Tests
71(1)
Knowing Why Attackers Use Social Engineering
71(1)
Understanding the Implications
72(5)
Building trust
73(1)
Exploiting the relationship
74(3)
Performing Social Engineering Attacks
77(5)
Determining a goal
77(1)
Seeking information
77(5)
Social Engineering Countermeasures
82(5)
Policies
82(1)
User awareness and training
83(4)
Chapter 7 Physical Security
87(12)
Identifying Basic Physical Security Vulnerabilities
88(1)
Pinpointing Physical Vulnerabilities in Your Office
89(10)
Building infrastructure
90(1)
Utilities
91(2)
Office layout and use
93(2)
Network components and computers
95(4)
Chapter 8 Passwords
99(30)
Understanding Password Vulnerabilities
100(2)
Organizational password vulnerabilities
101(1)
Technical password vulnerabilities
101(1)
Cracking Passwords
102(19)
Cracking passwords the old-fashioned way
103(3)
Cracking passwords with high-tech tools
106(9)
Cracking password-protected files
115(1)
Understanding other ways to crack passwords
116(5)
General Password Cracking Countermeasures
121(5)
Storing passwords
122(1)
Creating password policies
122(2)
Taking other countermeasures
124(2)
Securing Operating Systems
126(5)
Windows
126(1)
Linux and Unix
127(2)
Part 3: Hacking Network Hosts 129(76)
Chapter 9 Network Infrastructure Systems
131(34)
Understanding Network Infrastructure Vulnerabilities
132(1)
Choosing Tools
133(2)
Scanners and analyzers
134(1)
Vulnerability assessment
134(1)
Scanning, Poking, and Prodding the Network
135(26)
Scanning ports
135(6)
Scanning SNMP
141(2)
Grabbing banners
143(1)
Testing firewall rules
144(2)
Analyzing network data
146(7)
The MAC-daddy attack
153(4)
Testing denial of service attacks
157(4)
Detecting Common Router, Switch, and Firewall Weaknesses
161(1)
Finding unsecured interfaces
161(1)
Uncovering issues with SSL and TLS
162(1)
Putting Up General Network Defenses
162(3)
Chapter 10 Wireless Networks
165(28)
Understanding the Implications of Wireless Network Vulnerabilities
166(1)
Choosing Your Tools
166(2)
Discovering Wireless Networks
168(3)
Checking for worldwide recognition
168(1)
Scanning your local airwaves
169(2)
Discovering Wireless Network Attacks and Taking Countermeasures
171(22)
Encrypted traffic
173(4)
Countermeasures against encrypted traffic attacks
177(2)
Wi-Fi Protected Setup
179(2)
Countermeasures against the WPS PIN flaw
181(1)
Rogue wireless devices
181(4)
Countermeasures against rogue wireless devices
185(1)
MAC spoofing
185(4)
Countermeasures against MAC spoofing
189(1)
Physical security problems
189(1)
Countermeasures against physical security problems
190(1)
Vulnerable wireless workstations
190(1)
Countermeasures against vulnerable wireless workstations
191(1)
Default configuration settings
191(1)
Countermeasures against default configuration settings exploits
191(2)
Chapter 11 Mobile Devices
193(12)
Sizing Up Mobile Vulnerabilities
193(1)
Cracking Laptop Passwords
194(5)
Choosing your tools
194(4)
Applying countermeasures
198(1)
Cracking Phones and Tablets
199(8)
Cracking iOS passwords
200(3)
Taking countermeasures against password cracking
203(2)
Part 4: Hacking Operating Systems 205(52)
Chapter 12 Windows
207(26)
Introducing Windows Vulnerabilities
208(1)
Choosing Tools
209(2)
Free Microsoft tools
209(1)
All-in-one assessment tools
210(1)
Task-specific tools
210(1)
Gathering Information About Your Windows Vulnerabilities
211(6)
System scanning
211(3)
NetBIOS
214(3)
Detecting Null Sessions
217(5)
Mapping
217(1)
Gleaning information
218(3)
Countermeasures against null-session hacks
221(1)
Checking Share Permissions
222(2)
Windows defaults
222(1)
Testing
223(1)
Exploiting Missing Patches
224(7)
Using Metasploit
225(6)
Countermeasures against missing patch vulnerability exploits
231(1)
Running Authenticated Scans
231(2)
Chapter 13 Linux and macOS
233(24)
Understanding Linux Vulnerabilities
234(1)
Choosing Tools
235(1)
Gathering Information About Your System Vulnerabilities
235(5)
System scanning
235(3)
Countermeasures against system scanning
238(2)
Finding Unneeded and Unsecured Services
240(4)
Searches
240(2)
Countermeasures against attacks on unneeded services
242(2)
Securing the .rhosts and hosts.equiv Files
244(3)
Hacks using the hosts.equiv and .rhosts files
244(1)
Countermeasures against .rhosts and hosts.equiv file attacks
245(2)
Assessing the Security of NFS
247(1)
NFS hacks
247(1)
Countermeasures against NFS attacks
248(1)
Checking File Permissions
248(2)
File permission hacks
248(1)
Countermeasures against file permission attacks
248(2)
Finding Buffer Overflow Vulnerabilities
250(1)
Attacks
250(1)
Countermeasures against buffer overflow attacks
250(1)
Checking Physical Security
251(1)
Physical security hacks
251(1)
Countermeasures against physical security attacks
251(1)
Performing General Security Tests
252(1)
Patching
253(6)
Distribution updates
254(1)
Multiplatform update managers
255 (2)
Part 5: Hacking Applications 257(64)
Chapter 14 Communication and Messaging Systems
259(24)
Introducing Messaging System Vulnerabilities
259(1)
Recognizing and Countering Email Attacks
260(16)
Email bombs
261(3)
Banners
264(2)
SMTP attacks
266(9)
General best practices for minimizing email security risks
275(1)
Understanding VoIP
276(7)
VoIP vulnerabilities
277(5)
Countermeasures against VoIP vulnerabilities
282(1)
Chapter 15 Web Applications and Mobile Apps
283(26)
Choosing Your Web Security Testing Tools
284(1)
Seeking Out Web Vulnerabilities
285(20)
Directory traversal
285(4)
Countermeasures against directory traversals
289(1)
Input-filtering attacks
290(7)
Countermeasures against input attacks
297(2)
Default script attacks
299(1)
Countermeasures against default script attacks
299(1)
Unsecured login mechanisms
300(3)
Countermeasures against unsecured login systems
303(1)
Performing general security scans for web application vulnerabilities
304(1)
Minimizing Web Security Risks
305(2)
Practicing security by obscurity
305(1)
Putting up firewalls
306(1)
Analyzing source code
306(1)
Uncovering Mobile App Flaws
307(2)
Chapter 16 Databases and Storage Systems
309(12)
Diving Into Databases
309(4)
Choosing tools
310(1)
Finding databases on the network
310(1)
Cracking database passwords
311(1)
Scanning databases for vulnerabilities
312(1)
Following Best Practices for Minimizing Database Security Risks
313(1)
Opening Up About Storage Systems
314(5)
Choosing tools
315(1)
Finding storage systems on the network
315(1)
Rooting out sensitive text in network files
316(3)
Following Best Practices for Minimizing Storage Security Risks
319(2)
Part 6: Security Testing Aftermath 321(24)
Chapter 17 Reporting Your Results
323(6)
Pulling the Results Together
323(2)
Prioritizing Vulnerabilities
325(2)
Creating Reports
327(2)
Chapter 18 Plugging Your Security Holes
329(8)
Turning Your Reports into Action
329(1)
Patching for Perfection
330(2)
Patch management
331(1)
Patch automation
331(1)
Hardening Your Systems
332(2)
Assessing Your Security Infrastructure
334(3)
Chapter 19 Managing Security Processes
337(8)
Automating the Security Assessment Process
337(1)
Monitoring Malicious Use
338(2)
Outsourcing Security Assessments
340(2)
Instilling a Security-Aware Mindset
342(1)
Keeping Up with Other Security Efforts
343(2)
Part 7: The Part Of Tens 345(18)
Chapter 20 Ten Tips for Getting Security Buy-In
347(6)
Cultivate an Ally and a Sponsor
347(1)
Don't Be a FUDdy-Duddy
348(1)
Demonstrate That the Organization Can't Afford to Be Hacked
348(1)
Outline the General Benefits of Security Testing
349(1)
Show How Security Testing Specifically Helps the Organization
350(1)
Get Involved in the Business
350(1)
Establish Your Credibility
351(1)
Speak on Management's Level
351(1)
Show Value in Your Efforts
352(1)
Be Flexible and Adaptable
352(1)
Chapter 21 Ten Reasons Hacking Is the Only Effective Way to Test
353(4)
The Bad Guys Think Bad Thoughts, Use Good Tools, and Develop New Methods
353(1)
IT Governance and Compliance Are More Than High-Level Audits
354(1)
Vulnerability and Penetration Testing Complements Audits and Security Evaluations
354(1)
Customers and Partners Will Ask How Secure Your Systems Are
354(1)
The Law of Averages Works Against Businesses
355(1)
Security Assessments Improve Understanding of Business Threats
355(1)
If a Breach Occurs, You Have Something to Fall Back On
355(1)
In-Depth Testing Brings Out the Worst in Your Systems
356(1)
Combined Vulnerability and Penetration Testing Is What You Need
356(1)
Proper Testing Can Uncover Overlooked Weaknesses
356(1)
Chapter 22 Ten Deadly Mistakes
357(6)
Not Getting Approval
357(1)
Assuming That You Can Find All Vulnerabilities
358(1)
Assuming That You Can Eliminate All Vulnerabilities
358(1)
Performing Tests Only Once
359(1)
Thinking That You Know It All
359(1)
Running Your Tests Without Looking at Things from a Hacker's Viewpoint
359(1)
Not Testing the Right Systems
360(1)
Not Using the Right Tools
360(1)
Pounding Production Systems at the Wrong Time
360(1)
Outsourcing Testing and Not Staying Involved
361(2)
Appendix: Tools And Resources 363(16)
Index 379
Kevin Beaver is an information security guru and has worked in the industry for more than three decades as a consultant, writer, and speaker. He earned his masters degree in Management of Technology at Georgia Tech.
Daugiau apie elektronines knygas Daugiau apie elektronines knygas
Pastovi nuoroda: https://www.kriso.lt/db/97811198722146e.html
Raktažodžiai: