Hack Proofing Your Network: Internet Tradecraft [Paperback]

Ryan Russell (Author)

Book Description

ISBN-10: 1928994156 | ISBN-13: 978-1928994152 | Publication Date: January 15, 2000 | Edition: 1

The politics; laws of security; classes of attack; methodology; diffing; decrypting; brute force; unexpected input; buffer overrun; sniffing; session hijacking; spoofing; server holes; client holes; trojans and viruses; reporting security problems; choosing secure systems.

Editorial Reviews

Amazon.com Review

Too many network administrators depend on the "big sky" principle of network security--they believe that the large number of Internet-connected machines out there will keep black-hat hackers away. Hack Proofing Your Network: Internet Tradecraft points out that statistics are no defense, and that such an attitude is irresponsible. The book shows steps that you can take to harden your resources against attack. Although most of the material in this book isn't up-to-the-minute (how could it be, when the tactics of attackers change daily), you can discourage hackers by implementing the strategies that it describes.

Many antihacking texts assume a fair bit of knowledge, but this one doesn't. Ryan Russell and coauthors explain many terms and concepts, such as traffic sniffing, cryptography, and file differentiation ("diffing"), and the tools that evildoers use to wreak havoc on the systems that they attack--complete with Internet addresses from which you can download them. The book walks you through sample attacks, too, such as hijacking a connection by using a tool called Hunt. Overall, this is a fine introductory-to-intermediate antihacking volume that leads well into more current and advanced resources. You might want to supplement it with two other practical computer-security books: Hacking Exposed catalogues many of the tools that bad guys use, while Network Intrusion Detection helps you analyze security logs and spot attacks in progress. --David Wall

Topics covered:

• Modes of attack, and means of defending against them
• Political environment governing software and networking
• Laws and policies springing from that environment
• Approaches to the problem of breaking into systems or denying their services to legitimate users
• Spoofing
• Sniffing
• Transmission interception
• Several other popular tactics

From the Publisher

Kevin Mitnick's quote on the Hack Proofing cover says it nicely:

“Ryan Russell has an important message for us all: "What you don't know *will* hurt you." In his book, "Hack Proofing Your Network: Internet Tradecraft" Ryan reveals the "how to" of systems penetration techniques that intruders may use against you! While "full disclosure" is a two-edged sword, the benefits include forcing software manufacturers to quickly fix security holes and informing potential victims of the vulnerabilities that exist in their infrastructures.”—Kevin Mitnick

This book brings together some of the most talented IPSec professionals and prominent grey-hat hackers to tell you how to protect your systems from attack. The focus is on the practical and the objective is to leave you with the know-how and tools to deal with virus, session hijacking, client holes, spoofing, and more.

Learn from the best: Mudge, advisor to the WHite House and Congress; Rain Forest Puppy; Elisa Levy, BUGTRAQ moderator; Blue Boar, Vuln-Dev moderator; Dan “Effugas” Kaminsky, Advanced Network Services division, Cisco Systems; Oliver Friedrichs, Co-founder, SecurityFocus.com; Riley "Caezar" Eller, Senior Security Engineer, Internet Security Advisors; Greg Hoglund, Founder, Click To Secure

See all Editorial Reviews

Product Details

• Paperback: 450 pages
• Publisher: Syngress; 1 edition (January 15, 2000)
• Language: English
• ISBN-10: 1928994156
• ISBN-13: 978-1928994152
• Product Dimensions: 9 x 7.2 x 1.2 inches
• Shipping Weight: 1.9 pounds
• Average Customer Review: 4.1 out of 5 stars  See all reviews (17 customer reviews)
• Amazon Best Sellers Rank: #2,146,186 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

17 of 19 people found the following review helpful:

2.0 out of 5 stars Incomplete, shallow and too diverse, October 19, 2000

By 

R. van den Berg (Netherlands) - See all my reviews

This review is from: Hack Proofing Your Network: Internet Tradecraft (Paperback)

If you know nothing about hacking, this book might be a good start. However, there are plenty of web sites that will do a better job (and they are free).
The reputation of the authors made me hope for a much more in depth look at hacking techniques. Instead, they touch on most subjects way too lightly, and making several failed attempts in explaining some basic networking concepts.
What I thought to be the most value when reading, was the promise of a website with all the links mentioned in the book. As of today, this site is "under construction" without any useful information at all! (www.internettradecraft.com)
In short, if you want to get a basic feel for what hacking is about, and want to get it without using a webbrowser, read this book. If you're looking to expand your knowledge or get definate answers, look elsewhere.

8 of 8 people found the following review helpful:

4.0 out of 5 stars Good start, well rounded, September 6, 2000

By 

Keith Tokash "twigles" (Laguna Niguel, CA United States) - See all my reviews
(REAL NAME)   

Amazon Verified Purchase

This review is from: Hack Proofing Your Network: Internet Tradecraft (Paperback)

This book was obviously not meant to inspire any crackers, nor to educate the hardcores. What it does is bring the rest of us up to speed without us having to learn the hard way. While some arrogant hackers/crackers may think that this book is a sissy-handbook, not all of us care to spend endless hours of our precious free time trying to reinvent the wheel.

Having said that, this book covers a lot of ground, and balances the technical details of hacking with the overall picture of what security truly is: a process.

Example-Do you know what a buffer overflow REALLY is? I kind of did, but now I know exactly how it works.

Example2-Why is physical security so important? This is part of the overall process, but it ties directly into the previous example.

My conclusion is that if you work in the field, you should buy the book. This goes for the techie-oriented businessman too, because you'll learn how to cry BS. Not everything you'll read in there will be useful to you, but much of it will be applicable and some things might prevent you from making some really naive decisions (like trusting patches).

11 of 15 people found the following review helpful:

5.0 out of 5 stars Full disclosure *is* the only way, August 15, 2000

By 

John Talbot (San Diego) - See all my reviews

This review is from: Hack Proofing Your Network: Internet Tradecraft (Paperback)

I'm an experienced system administrator with a very strong background in security, and I was honestly on the fence with regards to full disclosure prior to reading this book. I knew it was necessary for me to know everything to protect my systems, but I was terrified by the thought of the uninitiated being able to by a book or surf the web and then hack my network. But afer reading this book, I really don't think there is any other way. The authors repsonsibly and accurately detail the techniques and tools used to hack into systems, always with an eye towards preventing such catastrophies.