Atnaujinkite slapukų nuostatas

Hacking the Hacker: Learn From the Experts Who Take Down Hackers [Minkštas viršelis]

3.89/5 (243 ratings by Goodreads)
  • Formatas: Paperback / softback, 320 pages, aukštis x plotis x storis: 224x145x20 mm, weight: 454 g
  • Išleidimo metai: 07-Jul-2017
  • Leidėjas: John Wiley & Sons Inc
  • ISBN-10: 1119396212
  • ISBN-13: 9781119396215
Kitos knygos pagal šią temą:
Hacking the Hacker: Learn From the Experts Who Take Down HackersDidesnis paveikslėlis
  • Formatas: Paperback / softback, 320 pages, aukštis x plotis x storis: 224x145x20 mm, weight: 454 g
  • Išleidimo metai: 07-Jul-2017
  • Leidėjas: John Wiley & Sons Inc
  • ISBN-10: 1119396212
  • ISBN-13: 9781119396215
Kitos knygos pagal šią temą:
Pastovi nuoroda: https://www.kriso.lt/db/9781119396215.html
Raktažodžiai:
Meet the world's top ethical hackers and explore the tools of the trade

Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race. Twenty-six of the world's top white hat hackers, security researchers, writers, and leaders, describe what they do and why, with each profile preceded by a no-experience-necessary explanation of the relevant technology.  Dorothy Denning discusses advanced persistent threats, Martin Hellman describes how he helped invent public key encryption, Bill Cheswick talks about firewalls, Dr. Charlie Miller talks about hacking cars, and other cybersecurity experts from around the world detail the threats, their defenses, and the tools and techniques they use to thwart the most advanced criminals history has ever seen. Light on jargon and heavy on intrigue, this book is designed to be an introduction to the field; final chapters include a guide for parents of young hackers, as well as the Code of Ethical Hacking to help you start your own journey to the top.

Cybersecurity is becoming increasingly critical at all levels, from retail businesses all the way up to national security. This book drives to the heart of the field, introducing the people and practices that help keep our world secure.





Go deep into the world of white hat hacking to grasp just how critical cybersecurity is Read the stories of some of the world's most renowned computer security experts Learn how hackers do what they dono technical expertise necessary Delve into social engineering, cryptography, penetration testing, network attacks, and more

As a field, cybersecurity is large and multi-facetedyet not historically diverse. With a massive demand for qualified professional that is only going to grow, opportunities are endless. Hacking the Hacker shows you why you should give the field a closer look.
Foreword xxxi
Introduction xxxiii
1 What Type of Hacker Are You? 1(8)
Most Hackers Aren't Geniuses
2(1)
Defenders Are Hackers Plus
3(1)
Hackers Are Special
3(1)
Hackers Are Persistent
4(1)
Hacker Hats
4(5)
2 How Hackers Hack 9(14)
The Secret to Hacking
10(11)
The Hacking Methodology
11(9)
Hacking Is Boringly Successful
20(1)
Automated Malware as a Hacking Tool
20(1)
Hacking Ethically
21(2)
3 Profile: Bruce Schneier 23(4)
For More Information on Bruce Schneier
26(1)
4 Social Engineering 27(6)
Social Engineering Methods
27(3)
Phishing
27(1)
Trojan Horse Execution
28(1)
Over the Phone
28(1)
Purchase Scams
28(1)
In-Person
29(1)
Carrot or Stick
29(1)
Social Engineering Defenses
30(3)
Education
30(1)
Be Careful of Installing Software from Third-Party Websites
30(1)
EV Digital Certificates
31(1)
Get Rid of Passwords
31(1)
Anti-Social Engineering Technologies
31(2)
5 Profile: Kevin Mitnick 33(6)
For More Information on Kevin Mitnick
37(2)
6 Software Vulnerabilities 39(6)
Number of Software Vulnerabilities
39(1)
Why Are Software Vulnerabilities Still a Big Problem?
40(1)
Defenses Against Software Vulnerabilities
41(2)
Security Development Lifecycle
41(1)
More Secure Programming Languages
42(1)
Code and Program Analysis
42(1)
More Secure Operating Systems
42(1)
Third-Party Protections and Vendor Add-Ons
42(1)
Perfect Software Won't Cure All Ills
43(2)
7 Profile: Michael Howard 45(6)
For More Information on Michael Howard
49(2)
8 Profile: Gary McGraw 51(4)
For More Information on Gary McGraw
54(1)
9 Malware 55(6)
Malware Types
55(1)
Number of Malware Programs
56(1)
Mostly Criminal in Origin
57(1)
Defenses Against Malware
58(3)
Fully Patched Software
58(1)
Training
58(1)
Anti-Malware Software
58(1)
Application Control Programs
59(1)
Security Boundaries
59(1)
Intrusion Detection
59(2)
10 Profile: Susan Bradley 61(4)
For More Information on Susan Bradley
63(2)
11 Profile: Mark Russinovich 65(4)
For More on Mark Russinovich
68(1)
12 Cryptography 69(6)
What Is Cryptography?
69(1)
Why Can't Attackers Just Guess All the Possible Keys?
70(1)
Symmetric Versus Asymmetric Keys
70(1)
Popular Cryptography
70(1)
Hashes
71(1)
Cryptographic Uses
72(1)
Cryptographic Attacks
72(3)
Math Attacks
72(1)
Known Ciphertext/Plaintext
73(1)
Side Channel Attacks
73(1)
Insecure Implementations
73(2)
13 Profile: Martin Hellman 75(6)
For More Information on Martin Hellman
79(2)
14 Intrusion Detection/APTs 81(6)
Traits of a Good Security Event Message
82(1)
Advanced Persistent Threats (APTs)
82(1)
Types of Intrusion Detection
83(1)
Behavior-Based
83(1)
Signature-Based
84(1)
Intrusion Detection Tools and Services
84(3)
Intrusion Detection/Prevention Systems
84(1)
Event Log Management Systems
85(1)
Detecting Advanced Persistent Threats (APTs)
85(2)
15 Profile: Dr. Dorothy E. Denning 87(4)
For More Information on Dr. Dorothy E. Denning
90(1)
16 Profile: Michael Dubinsky 91(4)
For More Information on Michael Dubinsky
93(2)
17 Firewalls 95(6)
What Is a Firewall?
95(6)
The Early History of Firewalls
95(2)
Firewall Rules
97(1)
Where Are Firewalls?
97(1)
Advanced Firewalls
98(1)
What Firewalls Protect Against
98(3)
18 Profile: William Cheswick 101(6)
For More Information on William Cheswick
105(2)
19 Honeypots 107(4)
What Is a Honeypot?
107(1)
Interaction
108(1)
Why Use a Honeypot?
108(1)
Catching My Own Russian Spy
109(1)
Honeypot Resources to Explore
110(1)
20 Profile: Lance Spitzner 111(4)
For More Information on Lance Spitzner
114(1)
21 Password Hacking 115(8)
Authentication Components
115(2)
Passwords
116(1)
Authentication Databases
116(1)
Password Hashes
116(1)
Authentication Challenges
116(1)
Authentication Factors
117(1)
Hacking Passwords
117(2)
Password Guessing
117(1)
Phishing
118(1)
Keylogging
118(1)
Hash Cracking
118(1)
Credential Reuse
119(1)
Hacking Password Reset Portals
119(1)
Password Defenses
119(4)
Complexity and Length
120(1)
Frequent Changes with No Repeating
120(1)
Not Sharing Passwords Between Systems
120(1)
Account Lockout
121(1)
Strong Password Hashes
121(1)
Don't Use Passwords
121(1)
Credential Theft Defenses
121(1)
Reset Portal Defenses
122(1)
22 Profile: Dr. Cormac Herley 123(4)
For More Information on Dr. Cormac Herley
126(1)
23 Wireless Hacking 127(6)
The Wireless World
127(1)
Types of Wireless Hacking
127(2)
Attacking the Access Point
128(1)
Denial of Service
128(1)
Guessing a Wireless Channel Password
128(1)
Session Hijacking
128(1)
Stealing Information
129(1)
Physically Locating a User
129(1)
Some Wireless Hacking Tools
129(1)
Aircrack-Ng
130(1)
Kismet
130(1)
Fern Wi-Fi Hacker
130(1)
Firesheep
130(1)
Wireless Hacking Defenses
130(3)
Frequency Hopping
130(1)
Predefined Client Identification
131(1)
Strong Protocols
131(1)
Long Passwords
131(1)
Patching Access Points
131(1)
Electromagnetic Shielding
131(2)
24 Profile: Thomas d'Otreppe de Bouvette 133(4)
For More Information on Thomas d'Otreppe de Bouvette
135(2)
25 Penetration Testing 137(10)
My Penetration Testing Highlights
137(2)
Hacked Every Cable Box in the Country
137(1)
Simultaneously Hacked a Major Television Network and Pornography
138(1)
Hacked a Major Credit Card Company
138(1)
Created a Camera Virus
139(1)
How to Be a Pen Tester
139(8)
Hacker Methodology
139(1)
Get Documented Permission First
140(1)
Get a Signed Contract
140(1)
Reporting
140(1)
Certifications
141(4)
Be Ethical
145(1)
Minimize Potential Operational Interruption
145(2)
26 Profile: Aaron Higbee 147(4)
For More Information on Aaron Higbee
149(2)
27 Profile: Benild Joseph 151(4)
For More Information on Benild Joseph
153(2)
28 DDoS Attacks 155(6)
Types of DDoS Attacks
155(3)
Denial of Service
155(1)
Direct Attacks
156(1)
Reflection Attacks
156(1)
Amplification
156(1)
Every Layer in the OSI Model
157(1)
Escalating Attacks
157(1)
Upstream and Downsteam Attacks
157(1)
DDoS Tools and Providers
158(1)
Tools
158(1)
DDoS as a Service
158(1)
DDoS Defenses
159(2)
Training
159(1)
Stress Testing
159(1)
Appropriate Network Configuration
159(1)
Engineer Out Potential Weak Points
159(1)
Anti-DDoS Services
160(1)
29 Profile: Brian Krebs 161(4)
For More Information on Brian Krebs
164(1)
30 Secure OS 165(6)
How to Secure an Operating System
166(3)
Secure-Built OS
166(2)
Secure Guidelines
168(1)
Secure Configuration Tools
169(1)
Security Consortiums
169(2)
Trusted Computing Group
169(1)
FIDO Alliance
169(2)
31 Profile: Joanna Rutkowska 171(4)
For More Information on Joanna Rutkowska
173(2)
32 Profile: Aaron Margosis 175(6)
For More Information on Aaron Margosis
179(2)
33 Network Attacks 181(4)
Types of Network Attacks
181(2)
Eavesdropping
182(1)
Man-in-the-Middle Attacks
182(1)
Distributed Denial-of-Service Attacks
183(1)
Network Attack Defenses
183(2)
Domain Isolation
183(1)
Virtual Private Networks
183(1)
Use Secure Protocols and Applications
183(1)
Network Intrusion Detection
184(1)
Anti-DDoS Defenses
184(1)
Visit Secure Web Sites and Use Secure Services
184(1)
34 Profile: Laura Chappell 185(4)
For More Information on Laura Chappell
188(1)
35 loT Hacking 189(4)
How Do Hackers Hack loT?
189(1)
IoT Defenses
190(3)
36 Profile: Dr. Charlie Miller 193(8)
For More Information on Dr. Charlie Miller
198(3)
37 Policy and Strategy 201(4)
Standards
201(1)
Policies
202(1)
Procedures
203(1)
Frameworks
203(1)
Regulatory Laws
203(1)
Global Concerns
203(1)
Systems Support
204(1)
38 Profile: Jing de Jong-Chen 205(6)
For More Information on Jing de Jong-Chen
209(2)
39 Threat Modeling 211(6)
Why Threat Model?
211(1)
Threat Modeling Models
212(1)
Threat Actors
213(4)
Nation-States
213(1)
Industrial Hackers
213(1)
Financial Crime
213(1)
Hacktivists
214(1)
Gamers
214(1)
Insider Threats
214(1)
Ordinary, Solitary Hackers or Hacker Groups
214(3)
40 Profile: Adam Shostack 217(4)
For More Information on Adam Shostack
220(1)
41 Computer Security Education 221(6)
Computer Security Training Topics
222(2)
End-User/Security Awareness Training
222(1)
General IT Security Training
222(1)
Incident Response
222(1)
OS and Application-Specific Training
223(1)
Technical Skills
223(1)
Certifications
223(1)
Training Methods
224(3)
Online Training
224(1)
Break into My Website
224(1)
Schools and Training Centers
224(1)
Boot Camps
225(1)
Corporate Training
225(1)
Books
225(2)
42 Profile: Stephen Northcutt 227(4)
For More Information on Stephen Northcutt
230(1)
43 Privacy 231(4)
Privacy Organizations
232(1)
Privacy-Protecting Applications
233(2)
44 Profile: Eva Galperin 235(4)
For More Information on Eva Galperin
237(2)
45 Patching 239(6)
Patching Facts
240(1)
Most Exploits Are Caused by Old Vulnerabilities That Patches Exist For
240(1)
Most Exploits Are Caused by a Few Unpatched Programs
240(1)
The Most Unpatched Program Isn't Always the Most Exploited Program
241(1)
You Need to Patch Hardware Too
241(1)
Common Patching Problems
241(4)
Detecting Missing Patching Isn't Accurate
241(1)
You Can't Always Patch
242(1)
Some Percentage of Patching Always Fails
242(1)
Patching Will Cause Operational Issues
242(1)
A Patch Is a Globally Broadcasted Exploit Announcement
243(2)
46 Profile: Window Snyder 245(4)
For More Information on Window Snyder
248(1)
47 Writing as a Career 249(10)
Computer Security Writing Outlets
250(5)
Blogs
250(1)
Social Media Sites
250(1)
Articles
250(1)
Books
251(2)
Newsletters
253(1)
Whitepapers
254(1)
Technical Reviews
254(1)
Conferences
254(1)
Professional Writing Tips
255(4)
The Hardest Part Is Starting
255(1)
Read Differently
255(1)
Start Out Free
255(1)
Be Professional
256(1)
Be Your Own Publicist
256(1)
A Picture Is Worth a Thousand Words
256(3)
48 Profile: Fahmida Y. Rashid 259(4)
For More Information on Fahmida Y. Rashid
262(1)
49 Guide for Parents with Young Hackers 263(8)
Signs Your Kid Is Hacking
264(2)
They Tell You They Hack
264(1)
Overly Secretive About Their Online Activities
264(1)
They Have Multiple Email/Social Media Accounts You Can't Access
265(1)
You Find Hacking Tools on the System
265(1)
People Complain You Are Hacking
265(1)
You Catch Them Switching Screens Every Time You Walk into the Room
265(1)
These Signs Could Be Normal
265(1)
Not All Hacking Is Bad
266(1)
How to Turn Around Your Malicious Hacker
266(5)
Move Their Computers into the Main Living Area and Monitor
267(1)
Give Guidance
267(1)
Give Legal Places to Hack
267(2)
Connect Them with a Good Mentor
269(2)
50 Hacker Code of Ethics 271(4)
Hacker Code of Ethics
272(3)
Be Ethical, Transparent, and Honest
273(1)
Don't Break the Law
273(1)
Get Permission
273(1)
Be Confidential with Sensitive Information
273(1)
Do No Greater Harm
273(1)
Conduct Yourself Professionally
274(1)
Be a Light for Others
274(1)
Index 275
ROGER A. GRIMES has worked in the field of computer security for over 27 years. As a professional penetration tester, he successfully broke into every company he was hired to hack within an hour, with a single exception that took three hours. He consults worldwide and has been the InfoWorld magazine (www.infoworld.com) computer security columnist since 2005.

(ISC)2 books published by Wiley provide aspiring and experienced cybersecurity professionals with unique insights and advice for delivering on (ISC)2's vision of inspiring a safe and secure world.