Customer Reviews

Hack Attacks Revealed: A Complete Reference with Custom Security Hacking Toolkit

5 star:		(178)
4 star:		(61)
3 star:		(4)
2 star:		(7)
1 star:		(19)

 

 

Many praise this book but may not recognize its shortcomings. Here is a sampling of specific excerpts of technically incorrect material. Any odd grammar is a result of directly quoting the book.

p. 28: "When a connection is established between two nodes during a TCP session, a three-way handshake is used. The process starts with a one-node TCP request by a SYN/ACK but, and the second node TCP response with a SYN/ACK bit. At this point, as described previously, communication between the two nodes will procede. When there is no more data to send, a TCP node may send a FIN bit, indicating a close control signal. At this intersection, both nodes will close simultaneously."

p. 93: "These first 1,024 ports are reserved for system services; as such, outgoing connections will have port numbers higher than 1023. This means that all incoming packets that communicate via ports higher than 1023 are replies to connections initiated by internal requests."

p. 97: "The crucial issue with port 7's echo service pertains to systems that attempt to process oversized packets... this problem is commonly referred to as the "Ping of Death" attack. Another common deviant to port 7 is known as "Ping Flooding."

p. 19: "Unfortunately, this service [chargen] is vulnerable to a telnet connection that can generate a string of characters with the output redirected to a telnet connection to, for example, port 53 (domain name service (DNS)). In this example, the flood of characters causes an access violation fault in the DNS service, which is then terminated, which, as a result, disrupts name resolution services."

p. 106: "As there are limitations in the development of a standard windows system for UNIX, the word from the Underground indicates that hackers are currently working on exploiting fundamental flaws of this service [news]."

p. 107: "When this port [exec] is active, or listening, more often than not the remote execution server is configured to start automatically. As a rule, this suggests that X-Windows is currently running."

p. 108: "Although this [talk, ntalk] seems harmless, many times it's not. Aside from the obvious -- knowing that this connection establishment sets up a TCP connection via random ports -- exposed these services to a number of remote attacks."

p. 109: "Without the necessary filtration techniques throughout the network span, these ports [klogin, kshell, kerberos] are vulnerable to several remote attacks, including buffer overflows, spoofs, masked sessions, and ticket hijacking."

p. 161: "A stealth scanner never completes the entire SYN/ACK process, therefore bypassing a firewall, and becoming concealed from scan detectors."

The book also offers:

p. 110- 147: 37 pages of trojan tool screenshots

p. 231 - 271: 40 pages on DOS (yes, Disk Operating System) commands

p. 373 - 405: 32 pages on DOS terminate and stay resident (TSR) programming, in case you need your circa 1991 x286 box to run your favorite text-based game

Beyond page 405, at least 250 pages (more than 25% of the book) are nothing more than printouts of C code.

The author says on p. xv: "The difference between this book and other technical manuscripts is that it is written from a hacker's perspective," and on p. xvi: "My goal is to help mold you become a virtuous hacker guru."

If this material is any indication, I have nothing to fear from the legions of "hacker gurus" who will learn from this book. I won't have any trouble weeding them out during technical interviews for job openings, either.

I've heard a lot of cliche's about this book, but the one that I found the most amusing is that it would 'spread like wildfire.' Well, weighing in at over 1300 pages, the first two Hack Attack books certainly could be used as excellent kindling. And this is the best use of these books. You will feel no remorse should you burn each and every page of these wretched books on a cold cold night. Have no pangs of guilt, there's nothing useful in these books at all. Don't be fooled by the thickness, it's very light on content, and heavy on screen shots and source code listings. You can find better references in one fifth the page count.

This book is an excellent reference for networking / protocols etc, with a few scant comments of how these protocols are vulnerable. Most of the info in the appendixes can be found in RFC's and has been pulled straight out. The extensive list of port references as an example. The tiger tool kit looked promising for the out of the box hacker but I was suprised to see that there was only a limited edition (limited by functionality) included. Some interesting scripts and a different approach than other books I have read which was nice. Made me brush up on the network stuff but nothing you cant learn from a good tcp/ip book. All in all interesting, well written but it seems the only way you are ever going to hack anything is to build your own lab and learn it yourself.

Hack Attacks revealed is a good starting point to understand the tools , methods and processes hackers use to attempt to penetrate networks. I would have liked to have seen more details on the descriptions of the attacks. I've just begun using TigerSuite to probe around on my network, but have to found of few of the tools to be quite useful already.

As a network administrator for an Internet Service Provider, I've witnessed numerous types of assaults on our clients as well as our own backbone. Hack Attacks Revealed not only clarified the modus operandi of these attacks but also helped me put a honeypot game plan in place to investigate them. Im enormously grateful for the technology primers, especially the header details and sniffer snapshots. These were significant in my pinpointing the most critical attacks in the debug data. Priceless.

In this day and age, attacks against companies' internal networks are always a threat and virtually any business, government, or educational institution needs to protect itself against this threat. Firewalls offer an excellent protection against such attacks-but it's just not enough.

This new reference offers a lot of information even about veteran techniques. It describes different types of attacks, the tools (both software & hardware), and Internet services (World Wide Web, electronic mail and netnews, FTP, telnet, etc).

There's a lot of good common-sense information in here too, when it talks about how you go about deciding what you should and shouldn't do. I learned quite a bit from this book and anyone who needs to learn about security, even if you have no experience, should get a copy of this book if they already haven't.

Also recommended: Hack Attacks Denied, Hacking Exposed (2nd)

Hack Attacks Revealed is a comprehensive guide to security, hacking, and the underground. This is an amazing book, not only for its content but also its accompanying CD-Rom. There's a real sense, throughout the book, of the author's personality and programming prowess. Some introductory books will only talk about computer ports and exploits, but the focus on this one is to show you by example, tackling advanced issues. It teaches you how to network, internetwork, hack, and to think like a hacker, to really understand the sensitivity of these gurus. The wealth of experience of the author is contained within these pages, and is an invaluable learning tool. I highly recommend this book; this comprehensive guide is an excellent value, and a long lasting reference when working in the field today.

A good book, and I find myself referring to it often. I have learned much.

Most of the security problems we fear are creatively illustrated in this up-and-coming blockbuster. Although I'm partial to operating systems, I focused my attention on port, socket and service vulnerabilities. In short, the example cases were nothing less than informative, and shocking. What would typically fall short of boring, the 80-page internetwork tutorial from a hacker's perspective was technically refreshing. The companion CD was all that the book said it would be, and more. Although some of the links in the Tiger Tool Repository are dead, the 14,000 or so valid resources are critically valuable for any user. Overall the best part about Hack Attacks Revealed is the down-to-earth, layman style the author uses to keep my attention.

With this book I was able to thoroughly examine my network for unwanted open ports and potential security vulnerabilities. When a new vulnerability was discovered, I used Hack Attacks Denied to test and close the hole. Also I'm way too busy to check BugTraq or read my vendor's security advisories regularly. My solution: I went to join the companion website to get daily updates of new advisories for my Win Lin/Unix stations. Very convenient. Thank you.