Programming Books C Java PHP Python Learn more Browse Programming Books

Sorry, this item is not available in
Image not available for
Image not available

To view this video download Flash Player


Sign in to turn on 1-Click ordering
Sell Us Your Item
For a $11.00 Gift Card
Trade in
More Buying Choices
Have one to sell? Sell yours here
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Hack the Stack: Using Snort and Ethereal to Master The 8 Layers of An Insecure Network [Illustrated] [Paperback]

by Michael Gregg, Stephen Watkins, George Mays, Chris Ries, Ronald M. Bandes, Brandon Franklin
3.6 out of 5 stars  See all reviews (8 customer reviews)

List Price: $54.95
Price: $40.73 & FREE Shipping. Details
You Save: $14.22 (26%)
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 1 left in stock (more on the way).
Ships from and sold by Gift-wrap available.
Want it Monday, April 28? Choose One-Day Shipping at checkout. Details
Free Two-Day Shipping for College Students with Amazon Student

Shop the new
New! Introducing the, a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Book Description

December 27, 2006 1597491098 978-1597491099 1
This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack" -- the seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer: The people layer.

This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attacker's exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur.

What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack.

* Remember being a child and wanting to take something apart, like a phone, to see how it worked? This book is for you then as it details how specific hacker tools and techniques accomplish the things they do.

* This book will not only give you knowledge of security tools but will provide you the ability to design more robust security solutions

* Anyone can tell you what a tool does but this book shows you how the tool works

Frequently Bought Together

Hack the Stack: Using Snort and Ethereal to Master The 8 Layers of An Insecure Network + Network Forensics: Tracking Hackers through Cyberspace + Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Price for all three: $124.81

Buy the selected items together

Editorial Reviews

About the Author

Michael Gregg is the President of Superior Solutions, Inc. and has more than 20 years' experience in the IT field. He holds two associate's degrees, a bachelor's degree, and a master's degree and is certified as CISSP, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA. Michael's primary duty is to serve as project lead for security assessments, helping businesses and state agencies secure their IT resources and assets. Michael has authored four books, including Inside Network Security Assessment, CISSP Prep Questions, CISSP Exam Cram2, and Certified Ethical Hacker Exam Prep2. He has developed four high-level security classes, including Global Knowledge's Advanced Security Boot Camp, Intense School's Professional Hacking Lab Guide, ASPE's Network Security Essentials, and Assessing Network Vulnerabilities. He has written over 50 articles featured in magazines and Web sites, including Certification Magazine, GoCertify, The El Paso Times, and SearchSecurity. Michael is also a faculty member of Villanova University and creator of Villanova's college-level security classes, including Essentials of IS Security, Mastering IS Security, and Advanced Security Management. He also serves as a site expert for four TechTarget sites, including SearchNetworking, SearchSecurity, SearchMobileNetworking, and SearchSmallBiz. He is a member of the TechTarget Editorial Board.

Stephen Watkins (CISSP) is an Information Security Professional with more than 10 years of relevant technology experience, devoting eight of these years to the security field. He currently serves as Information Assurance Analyst at Regent University in southeastern Virginia. Before coming to Regent, he led a team of security professionals, providing in-depth analysis for a global-scale government network. Over the last eight years, he has cultivated his expertise with regard to perimeter security and multilevel security architecture. His Check Point experience dates back to 1998 with FireWall-1 version 3.0b. He earned his B.S. in Computer Science from Old Dominion University and his M.S. in Computer Science, with Concentration in InfoSec, from James Madison University.

George Mays (CISSP, CCNA, A+, Network+, Security+, INet+) is an independent consultant with 35 years' experience in computing, data communications, and network security. He holds a B.S. in Systems Analysis. He is a member of the IEEE, CompTIA, and Internet Society.

Chris Ries is a Security Research Engineer for VigilantMinds Inc., a managed security services provider and professional consulting organization based in Pittsburgh. His research focuses on the discovery, exploitation, and remediation of software vulnerabilities, analysis of malicious code, and evaluation of security software. Chris has published a number of advisories and technical white papers based on his research and has contributed to several books on information security. Chris holds a bachelor's degree in Computer Science with a Mathematics Minor from Colby College, where he completed research involving automated malicious code detection. Chris has also worked as an analyst at the National Cyber-Forensics & Training Alliance (NCFTA), where he conducted technical research to support law enforcement.

Ronald M. Bandes (CISSP, CCNA, MCSE, Security+) is an independent security consultant. Before becoming an independent consultant, he performed security duties for Fortune 100 companies such as JP Morgan, Dun and Bradstreet, and EDS. Ron holds a B.A. in Computer Science.

Brandon Franklin (GCIA, MCSA, Security+) is a network administrator with KIT Solutions, Inc. KIT (Knowledge Based Inormation Technology) Solutions, Inc. creates intelligent systems for the health and human services industry that monitor and measure impact and performance outcomes and provide knowledge for improved decision making. A KIT system enables policy makers, government agencies, private foundations, researchers, and field practitioners to implement best practices and science-based programs, demonstrate impacts, and continuously improve outcomes. Brandon formerly served as the Team Lead of Intrusion Analysis at VigilantMinds Inc., a Pittsburgh-based managed security services provider.

Product Details

  • Paperback: 481 pages
  • Publisher: Syngress; 1 edition (December 27, 2006)
  • Language: English
  • ISBN-10: 1597491098
  • ISBN-13: 978-1597491099
  • Product Dimensions: 10 x 7.1 x 1.1 inches
  • Shipping Weight: 1.4 pounds (View shipping rates and policies)
  • Average Customer Review: 3.6 out of 5 stars  See all reviews (8 customer reviews)
  • Amazon Best Sellers Rank: #1,496,253 in Books (See Top 100 in Books)

More About the Author

Michael Gregg is COO of Superior Solutions, Inc. (, a Houston based information security assessment, penetration testing, and IT security training firm. Mr. Gregg is responsible for helping corporations establish and validate enterprise wide information security programs and controls. He is an expert on cyber security, networking, and Internet technologies.

While consulting consumes a large amount of Michael's time, he has contributed to more than 10 books and has spoken at security, technology, and educational conferences such as ISC2's Security Leadership Conference, Hacker Halted, Government Technology Conference (GTC), National Credit Union Administration (NCUA) IT Conference, and The American College of Forensic Examiners.

Michael has appeared in numerous media outlets including The New York Times, Fox News, Canadian News (BNN), Kiplinger as well as NPR, ESPN, and other major networks. He holds two associate's degrees, a bachelor's degree, and a master's degree. He presently maintains many certifications including CISSP, CISA, CISM, etc.

Customer Reviews

Most Helpful Customer Reviews
28 of 31 people found the following review helpful
3.0 out of 5 stars Good idea, inadequate execution November 5, 2006
I teach a course called "TCP/IP Weapons School" that involves walking students up the OSI model. We look at network traces generated by tools and techniques to defeat security measures. When I saw "Hack the Stack" (HTS) I thought it might make a good resource for my class, since HTS seemed to advocate a similar approach. Unfortunately, technical errors, shoddy production, internal repetition and poor organization, and a lack of original material make me question the value of HTS.

A critical aspect of a security book is technical accuracy, but HTS does not deliver. In some cases the book is half-right, or it omits important elements. For example, p 9 implies only port 20 TCP is used for TCP data; that's true for the server in active FTP, but passive FTP uses arbitrary ports. p 15 says SOCKS is "Windows Sockets," when SOCKS is a proxy protocol. p 71 says CSMA/CA (wireless) is similar to CSMA/CD (traditional Ethernet), but the two protocols are very different; CSMA/CA is much more complex. p 115 should say IP proto 41 is "IPv6 in IPv4", and not imply that IP proto 41 is somehow "IPv6". p 118 says "ICMP messages cannot be sent in response to other ICMP messages." That's not true; otherwise, ICMP echo would not be able to elicit an ICMP echo reply. (The authors meant ICMP error messages cannot elicit ICMP errors.)

Several times the book makes odd statements. p 14 says the first virus concept appeared in 1984, but non-PC viruses existed in the 1970s and the first PC virus (Elk Cloner) was in the wild in 1982. p 3 says "IDS has a short history" by citing Dorothy Denning's work in 1983, but ignores James Anderson's 1980 work for the Air Force as the first real IDS pioneer.
Read more ›
Comment | 
Was this review helpful to you?
3 of 3 people found the following review helpful
4.0 out of 5 stars Unique Concept - Good Introduction to Topics February 9, 2007
Hack the Stack is a Syngress title that primarily focuses on security topics layer by layer. The book takes a concept most people know, the OSI model, and uses that approach to discuss security exploits, vulnerabilities, and defenses. I liked the concept and the manner in which the material was presented. The books takes the 7 layer model and adds one more for people, this made sense to me.

The book starts out with the physical layer and continues up through each layer. The final chapter is a kind of checklist that reviews the material covered in the other chapters. Each chapter provides a hands-on security project. The ones on Snort and Bluetooth were my favorites. The book uses a number of Open Source or free tools like Snort and Wireshark to explain concepts I often wondered about. The authors seem to know the material but as others have said I wish they would have provided more resources and a glossary. With that in mind I rated this book four stars.
Comment | 
Was this review helpful to you?
4 of 5 people found the following review helpful
3.0 out of 5 stars Now exactly what I expected, but a good reference starter December 12, 2006
I anticipated the book going more in depth in certain areas, but the overview it provided for each section was a great starter. I do agree with another reviewer that stated it was missing references to certain website links or direction to where to gather more information. This was a downside, mainly in dealing with large technical references such as this book. An index or glossary, noting the pages used and full definitions would have gone a long way.

I did like some of the directions on testing and building of products, scripts or other methods to verify your own environment however. I do realize you can only fit so much detail, but some definition areas needed more explanation that a simple paragraph. I would have looked to eliminate those and expand on others to give the feeling of deeper information.

Now saying all that, I appreciated the adding of the 8th layer that is not mentioned anywhere else. The reading was fairly straightforward and simple for the intermediate level technical administrator. Some of the references are not for the basic entry level, as it jumps right into topics that assume basic knowledge of networks, protocols and even mail and messaging.

I shared this with some staff in the office for reading of particular areas and will be keeping it on the bookshelf (which means it is a keeper)
Comment | 
Was this review helpful to you?
1 of 1 people found the following review helpful
5.0 out of 5 stars Good approach April 6, 2010
Format:Paperback|Verified Purchase
I've read other reviews saying the book isn't perfect, however I do like the approach through the OSI Model etc which makes the book worth it and something which has become a permanent part of my skill set/approach. A good value.
Comment | 
Was this review helpful to you?

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more


There are no discussions about this product yet.
Be the first to discuss this product with the community.
Start a new discussion
First post:
Prompts for sign-in

Look for Similar Items by Category