Hack the Stack: Using Snort and Ethereal to Master The 8 Layers of An Insecure Network
Elsevier, Nov 6, 2006 - Computers - 481 pages
This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack" -- the seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer: The people layer.
This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attacker’s exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur.
What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack.
* Remember being a child and wanting to take something apart, like a phone, to see how it worked? This book is for you then as it details how specific hacker tools and techniques accomplish the things they do.
* This book will not only give you knowledge of security tools but will provide you the ability to design more robust security solutions
* Anyone can tell you what a tool does but this book shows you how the tool works
What people are saying - Write a review
We haven't found any reviews in the usual places.
access control algorithm allows application layer attacks bits buffer overflow Burp Proxy bytes cache capture checksum client command communication configuration connection Data Link layer datagram default designed devices dictionary attack DNS server domain name e-mail employees encryption Ethereal Ethernet execute exploit Figure filter fingerprinting firewall fragments function hackers hash host ICMP ICMP messages implemented install interface Internet IP address IP header IPSec length Linux lock MAC address MITM monitor name server Nessus NetBIOS Nmap operating systems option OSI model packet password payload perform ping port numbers port scan protection query request router routing sequence number session hijacking Session Layer shellcode SMTP sniffing Snort social engineering specific spoofing stack SubSeven Table target TCP/IP Telnet traffic Transport Layer Trojan vulnerabilities Windows wireless
Page viii - Michael Gregg is the president of Superior Solutions, Inc. and has more than 20 years' experience in the IT field. He holds two associate's degrees, a bachelor's degree, and a master's degree and is certified as CISSP, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA.