Save Big On Open-Box & Preowned: Buy "Hack Proofing Your Network (Second Edition)” from Amazon Warehouse Deals and save 53% off the $52.95 list price. Product is eligible for Amazon's 30-day returns policy and Prime or FREE Shipping. See all Open-Box & Preowned offers from Amazon Warehouse Deals.
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your email address or mobile phone number.
Hack Proofing Your Network (Second Edition) 2nd Edition
Use the Amazon App to scan ISBNs and compare prices.
Special Offers and Product Promotions
About the Author
Dan Effugas Kaminsky (CISSP) worked for two years at Cisco Systems designing security infrastructure for large-scale network monitoring systems. Dan has delivered presentations at several major industry conferences including Linuxworld, DEF CON, and the Black Hat Briefings, and he also contributes actively to OpenSSH, one of the more significant cryptographic systems in use today.He is based in Silicon Valley, presently studying Operation and Management of Information Systems at Santa Clara University in California.
Rain Forest Puppy is a security research and development consultant for a Midwest-based security consulting company. RFP has been working in R&D and coding in various languages for over seven years. While the Web is his primary hobby focus point, he has also played in other realms including: Linux kernel security patches, lockdown of various Windows and UNIX operating systems, and the development of honeypots and other attack alert tools. In the past he's reported on SQL tampering and common CGI problems, and has contributed security tools (like whisker) to the information security community.
More About the Author
Top Customer Reviews
Still the idea was very interesting (information directly from the real experts), and I kept waiting for a new edition.
Well the second edition is now out, and not only fulfills, but exceeds all my original expectations !!
Let's take a look:
Understanding attacks and vulnerabilities, by understanding 'how to hack' (good hacking of course. . . .ahem )
Rewritten, expanded and improved, the book consists of 800+ pages well structured into 18 chapters (against 450+ pages and 15 chapters of the first edition).
Well written, well presented, with a real fancy table of contents, the chapters include url's, a FAQ section and a SOLUTIONS FAST TRACK one.
A lot of CLEVER code is included as well as helpful 'Tool & Traps' and 'Notes from the Underground. . . ' outlines.
The new sections (all outstanding) include:
- Hardware Hacking (otherwise only found in papers)
- Tunneling (excellent)
- IDS evasion (very easily explained)
- Format strings attacks
The Intended Audience:
People willing to become network security pros.
- Introduction to Security, Attacks and related Methodologies.
- Unexpected Input, Buffer Overflow, Format Strings.
- Sniffing, Hijacking and Spoofing.
- Tunneling, Hardware Hacking, Viruses (et al.).
- IDS Evasion.
- Automated Tools.
- Reporting Security Problems.Read more ›
HPYN2E shines in many respects. The "laws of security" in chapter 2 are accurate and enlightening. Chapter 4 helps teach secure programming techniques by comparing insecure and secure code snippets. Chapter 4 also demonstrates debugging and disassembling code, usually not seen in security texts. Chapter 8 probably contains the most advanced coverage of buffer overflows I've read in a book. By actually showing and explaining stack traces, the authors share a level of detail sufficient to satisfy all but the most elite coders. Chapters on "diffing" (5) and format strings (9) are robust. Hardware hacking, thoroughly described in chapter 14, is fascinating. The author cared enough to include numerous clear photographs of disassembled equipment, and mentioned many helpful external web references.
While these great chapters comprise more than half of HPYN2E, the remainder is not exceptional. I was not happy with the rambling, wordy chapters on spoofing (12) and tunneling (13). Spare us the quotes from Dante's "Divine Comedy"! Still, this material is easily skimmed.
Because HPYN2E is written more from an intruder's point of view, the title doesn't seem to reflect the material. The book isn't exactly a "how to hack" manual, but it expertly illuminates many facets of compromising information resources.
* Spoofing SSL by using web graphics to simulate the appearance of an SSL encrypted connection. After all, the user doesn't know what's on the wire, only what's on the screen.
* Routing packets in userspace using libnet and libpcap- a step by step tutorial
* Establishing a TCP connection between two firewalled and NATted hosts by setting a low time-to-live on a connection request and having some broker on the internet spoof a connection response.
This book is an absolute must to own...
Most Recent Customer Reviews
The books offers some basic theory and knowledge. Not very practical though. Good starting point and reference book.Published on October 14, 2004 by Konstantin Ivanov