Inhaltsverzeichnis von Security Warrior

- Weitere Informationen zu diesem Buch:
  Inhaltsverzeichnis | Index | Probekapitel | Kolophon | Rezensionen |

Security Warrior

Cyrus Peikari & Anton Chuvakin

First Edition Januar 2004
ISBN 978-0-596-00545-0

Seiten 552

EUR43.00, SFR71.90

Weitere Informationen zu diesem Buch

Buch weiterempfehlen

Inhaltsverzeichnis

Preface

Part I. Software Cracking

1. Assembly Language
Registers
ASM Opcodes
References

2. Windows Reverse Engineering
History of RCE
Reversing Tools
Reverse Engineering Examples
References

3. Linux Reverse Engineering
Basic Tools and Techniques
A Good Disassembly
Problem Areas
Writing New Tools
References

4. Windows CE Reverse Engineering
Windows CE Architecture
CE Reverse Engineering Fundamentals
Practical CE Reverse Engineering
Reverse Engineering serial.exe
References

5. Overflow Attacks
Buffer Overflows
Understanding Buffers
Smashing the Stack
Heap Overflows
Preventing Buffer Overflows
A Live Challenge
References

Part II. Network Stalking

6. TCP/IP Analysis
A Brief History of TCP/IP
Encapsulation
TCP
IP
UDP
ICMP
ARP
RARP
BOOTP
DHCP
TCP/IP Handshaking
Covert Channels
IPv6
Ethereal
Packet Analysis
Fragmentation
References

7. Social Engineering
Background
Performing the Attacks
Advanced Social Engineering
References

8. Reconnaissance
Online Reconnaissance
Conclusion
References

9. OS Fingerprinting
Telnet Session Negotiation
TCP Stack Fingerprinting
Special-Purpose Tools
Passive Fingerprinting
Fuzzy Operating System Fingerprinting
TCP/IP Timeout Detection
References

10. Hiding the Tracks
From Whom Are You Hiding?
Postattack Cleanup
Forensic Tracks
Maintaining Covert Access
References

Part III. Platform Attacks

11. Unix Defense
Unix Passwords
File Permissions
System Logging
Network Access in Unix
Unix Hardening
Unix Network Defense
References

12. Unix Attacks
Local Attacks
Remote Attacks
Unix Denial-of-Service Attacks
References

13. Windows Client Attacks
Denial-of-Service Attacks
Remote Attacks
Remote Desktop/Remote Assistance
References

14. Windows Server Attacks
Release History
Kerberos Authentication Attacks
Kerberos Authentication Review
Defeating Buffer Overflow Prevention
Active Directory Weaknesses
Hacking PKI
Smart Card Hacking
Encrypting File System Changes
Third-Party Encryption
References

15. SOAP XML Web Services Security
XML Encryption
XML Signatures
Reference

Part IV. Advanced Defense

16. SQL Injection
Introduction to SQL
SQL Injection Attacks
SQL Injection Defenses
PHP-Nuke Examples
References

17. Wireless Security
Reducing Signal Drift
Problems with WEP
Cracking WEP
Practical WEP Cracking
VPNs
TKIP
SSL
Airborne Viruses
References

18. Audit Trail Analysis
Log Analysis Basics
Log Examples
Logging States
When to Look at the Logs
Log Overflow and Aggregation
Challenge of Log Analysis
Security Information Management
Global Log Aggregation
References

19. Intrusion Detection Systems
IDS Examples
Bayesian Analysis
Hacking Through IDSs
The Future of IDSs
Snort IDS Case Study
IDS Deployment Issues
References

20. Honeypots
Motivation
Building the Infrastructure
Capturing Attacks
References

21. Incident Response
Case Study: Worm Mayhem
Definitions
Incident Response Framework
Small Networks
Medium-Sized Networks
Large Networks
References

22. Forensics and Antiforensics
Hardware Review
Information Detritus
Forensics Tools
Bootable Forensics CD-ROMs
Evidence Eliminator
Forensics Case Study: FTP Attack
References

Part V. Appendix

Appendix: Useful SoftICE Commands and Breakpoints

Index

Zurück zu Security Warrior

O’Reilly Verlag

Inhaltsverzeichnis

Themen

Buchreihen

Special Interest

International Sites