Hack Attacks Revealed: A Complete Reference with Custom Security Hacking Toolkit [Illustrated] [Paperback]

John Chirillo (Author)

Book Description

ISBN-10: 047141624X | ISBN-13: 978-0471416241 | Publication Date: April 5, 2001 | Edition: 1

The #1 menace for computer systems worldwide, network hacking can result in mysterious server crashes, data loss, and other problems that are not only costly to fix but difficult to recognize. Author John Chirillo knows how these can be prevented, and in this book he brings to the table the perspective of someone who has been invited to break into the networks of many Fortune 1000 companies in order to evaluate their security policies and conduct security audits. He gets inside every detail of the hacker's world, including how hackers exploit security holes in private and public networks and how network hacking tools work. As a huge value-add, the author is including the first release of a powerful software hack attack tool that can be configured to meet individual customer needs.

Editorial Reviews

Review

"Hack Attacks Revealed completely blows the other security books out of the water. It was the book I was looking for when I bought all the others!"
(Kelly M. Larsen , C2Protect, DoD Security Instructor)

"Speaking for the Air Force Computer Emergency Response Team, these books vastly facilitate our operations involving intrusion detection, incident response, and vulnerability assessment of Air Force automated information systems."
(L. Peterson, AFCERT)

"[Hack Attacks Denied] is quite extensive in providing the information that the users may need to prevent hack attacks." (HiTech Review)

"Whoever "you" are--sysadmin, internetworking engineer, or hacker (disaffected or otherwise), you'll find that Chirillo is selling authentic goods." (Bill Camarda, Slashdot)

From the Author

The primary objective of this book is to lay a solid foundation from which to explore the world of security. This book tells the truth to bring awareness about the Underground, the hacker’s community, and to provide the tools for doing so.

The difference between this book and other manuscripts is that it is written from a hacker’s perspective. The internetworking primers in Parts 1 and 2, coupled with Chapter 6, “The Hacker’s Technology Handbook, will educate you about the technologies required to delve into security and hacking. These chapters can be skimmed if your background is technically sound, and later used as references. Part 3 reviews the tools and vulnerability exploits that rule “hackerdom.” Part 4 continues by describing covert techniques used by hackers, crackers, phreaks, and cyberpunks to penetrate security weaknesses. Part 5 reveals hacking secrets of gateways, routers, Internet server daemons, operating systems, proxies, and firewalls. Part 6 concludes with the software and construction necessary for compiling a TigerBox, used by security professionals and hackers for sniffing, spoofing, cracking, scanning, spying, and penetrating vulnerabilities. Throughout this book you will also encounter In! tuitive Intermissions, real-life interludes about hacking and the Underground. Through them you’ll explore a hacker’s chronicles, including a complete technology guide.

Who Should Read This Book

Evaluators of this book have suggested that this book it may become a required reference for managers, network administrators, network engineers, internetworking engineers, even interested laypeople—the hacking enthusiast and admirer of such films as Sneakers, The Matrix, and Hackers.

See all Editorial Reviews

Product Details

• Paperback: 800 pages
• Publisher: Wiley; 1 edition (April 5, 2001)
• Language: English
• ISBN-10: 047141624X
• ISBN-13: 978-0471416241
• Product Dimensions: 9.1 x 7.5 x 2.6 inches
• Shipping Weight: 3.6 pounds
• Average Customer Review: 4.4 out of 5 stars  See all reviews (269 customer reviews)
• Amazon Best Sellers Rank: #2,171,910 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

76 of 77 people found the following review helpful:

2.0 out of 5 stars You'll like the book if you think these quotes are correct, August 14, 2001

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: Hack Attacks Revealed: A Complete Reference with Custom Security Hacking Toolkit (Paperback)

Many praise this book but may not recognize its shortcomings. Here is a sampling of specific excerpts of technically incorrect material. Any odd grammar is a result of directly quoting the book.

p. 28: "When a connection is established between two nodes during a TCP session, a three-way handshake is used. The process starts with a one-node TCP request by a SYN/ACK but, and the second node TCP response with a SYN/ACK bit. At this point, as described previously, communication between the two nodes will procede. When there is no more data to send, a TCP node may send a FIN bit, indicating a close control signal. At this intersection, both nodes will close simultaneously."

p. 93: "These first 1,024 ports are reserved for system services; as such, outgoing connections will have port numbers higher than 1023. This means that all incoming packets that communicate via ports higher than 1023 are replies to connections initiated by internal requests."

p. 97: "The crucial issue with port 7's echo service pertains to systems that attempt to process oversized packets... this problem is commonly referred to as the "Ping of Death" attack. Another common deviant to port 7 is known as "Ping Flooding."

p. 19: "Unfortunately, this service [chargen] is vulnerable to a telnet connection that can generate a string of characters with the output redirected to a telnet connection to, for example, port 53 (domain name service (DNS)). In this example, the flood of characters causes an access violation fault in the DNS service, which is then terminated, which, as a result, disrupts name resolution services."

p. 106: "As there are limitations in the development of a standard windows system for UNIX, the word from the Underground indicates that hackers are currently working on exploiting fundamental flaws of this service [news]."

p. 107: "When this port [exec] is active, or listening, more often than not the remote execution server is configured to start automatically. As a rule, this suggests that X-Windows is currently running."

p. 108: "Although this [talk, ntalk] seems harmless, many times it's not. Aside from the obvious -- knowing that this connection establishment sets up a TCP connection via random ports -- exposed these services to a number of remote attacks."

p. 109: "Without the necessary filtration techniques throughout the network span, these ports [klogin, kshell, kerberos] are vulnerable to several remote attacks, including buffer overflows, spoofs, masked sessions, and ticket hijacking."

p. 161: "A stealth scanner never completes the entire SYN/ACK process, therefore bypassing a firewall, and becoming concealed from scan detectors."

The book also offers:

p. 110- 147: 37 pages of trojan tool screenshots

p. 231 - 271: 40 pages on DOS (yes, Disk Operating System) commands

p. 373 - 405: 32 pages on DOS terminate and stay resident (TSR) programming, in case you need your circa 1991 x286 box to run your favorite text-based game

Beyond page 405, at least 250 pages (more than 25% of the book) are nothing more than printouts of C code.

The author says on p. xv: "The difference between this book and other technical manuscripts is that it is written from a hacker's perspective," and on p. xvi: "My goal is to help mold you become a virtuous hacker guru."

If this material is any indication, I have nothing to fear from the legions of "hacker gurus" who will learn from this book. I won't have any trouble weeding them out during technical interviews for job openings, either.

28 of 31 people found the following review helpful:

1.0 out of 5 stars Spread like Wildfire? Don't think so., August 27, 2001

By 

Arden Barnes (EL CAMO, TX USA) - See all my reviews

This review is from: Hack Attacks Revealed: A Complete Reference with Custom Security Hacking Toolkit (Paperback)

I've heard a lot of cliche's about this book, but the one that I found the most amusing is that it would 'spread like wildfire.' Well, weighing in at over 1300 pages, the first two Hack Attack books certainly could be used as excellent kindling. And this is the best use of these books. You will feel no remorse should you burn each and every page of these wretched books on a cold cold night. Have no pangs of guilt, there's nothing useful in these books at all. Don't be fooled by the thickness, it's very light on content, and heavy on screen shots and source code listings. You can find better references in one fifth the page count.

23 of 25 people found the following review helpful:

2.0 out of 5 stars Slightly disapointed, August 28, 2001

By A Customer

This review is from: Hack Attacks Revealed: A Complete Reference with Custom Security Hacking Toolkit (Paperback)

This book is an excellent reference for networking / protocols etc, with a few scant comments of how these protocols are vulnerable. Most of the info in the appendixes can be found in RFC's and has been pulled straight out. The extensive list of port references as an example. The tiger tool kit looked promising for the out of the box hacker but I was suprised to see that there was only a limited edition (limited by functionality) included. Some interesting scripts and a different approach than other books I have read which was nice. Made me brush up on the network stuff but nothing you cant learn from a good tcp/ip book. All in all interesting, well written but it seems the only way you are ever going to hack anything is to build your own lab and learn it yourself.