Hacking For Dummies [Paperback]

Kevin Beaver (Author)

Book Description

ISBN-10: 0470550937 | ISBN-13: 978-0470550939 | Publication Date: January 12, 2010 | Edition: 3

A new edition of the bestselling guide-now updated to cover the latest hacks and how to prevent them!

It's bad enough when a hack occurs-stealing identities, bank accounts, and personal information. But when the hack could have been prevented by taking basic security measures-like the ones described in this book-somehow that makes a bad situation even worse. This beginner guide to hacking examines some of the best security measures that exist and has been updated to cover the latest hacks for Windows 7 and the newest version of Linux.

Offering increased coverage of Web application hacks, database hacks, VoIP hacks, and mobile computing hacks, this guide addresses a wide range of vulnerabilities and how to identify and prevent them. Plus, you'll examine why ethical hacking is oftentimes the only way to find security flaws, which can then prevent any future malicious attacks.

• Explores the malicious hackers's mindset so that you can counteract or avoid attacks completely
• Covers developing strategies for reporting vulnerabilities, managing security changes, and putting anti-hacking policies and procedures in place
• Completely updated to examine the latest hacks to Windows 7 and the newest version of Linux
• Explains ethical hacking and why it is essential

Hacking For Dummies, 3rd Edition shows you how to put all the necessary security measures in place so that you avoid becoming a victim of malicious hacking.

Editorial Reviews

Review

‘…it is easy to read, the presentation is clear and uncluttered, it caters for a variety of audiences…' (BCS.org, February 2010).

From the Back Cover

Get out your white hat and learn where your systems may be vulnerable

You're a good guy or gal, so why do you need to learn how to hack? Because the only way to be sure your systems are secure is to find out how the bad guys work and examine your defenses from their point of view. This guide shows you how, explains common attacks, tells you what to look for, and gives you the tools to safeguard your sensitive business information.

• Build the foundation — understand the value of ethical hacking, what's involved, and the malicious hacker's mindset

• Games people play — discover how hackers use social engineering to breach security and what to do about it

• It's the network — explore common network vulnerabilities and the creative ways they're exploited

• Down and dirty OS hacking — learn how Windows, Linux, and Novell NetWare are being attacked and how to scan for vulnerabilities

• Sneak attacks — see why applications, especially Web apps, are vulnerable and how to protect them

• Get the message — prepare for attacks on e-mail, IM, and VoIP systems

• Tools of the trade — learn about Metasploit, BackTrack, and other important security testing tools

• Now what? — find out how to use the information you gather to minimize business risks

Open the book and find:

• What makes a hacker hack

• Why you need to hack your systems

• How to gain management's approval for your ethical hacking tests

• Countermeasures to common attacks

• Linux and Novell NetWare risks

• Techniques for defending databases

• How wireless LANs are compromised

• Ten deadly mistakes to avoid

Learn to:

• Use the latest ethical hacking methods and tools

• Test your Windows or Linux systems

• Hack databases, VoIP systems, and Web applications

• Report vulnerabilities and improve information security

See all Editorial Reviews

Product Details

• Paperback: 408 pages
• Publisher: For Dummies; 3 edition (January 12, 2010)
• Language: English
• ISBN-10: 0470550937
• ISBN-13: 978-0470550939
• Product Dimensions: 9.2 x 7.4 x 0.9 inches
• Shipping Weight: 1.2 pounds (View shipping rates and policies)
• Average Customer Review: 4.5 out of 5 stars  See all reviews (26 customer reviews)
• Amazon Best Sellers Rank: #32,191 in Books (See Top 100 in Books)
  • #31 in Books > Computers & Technology > Business & Culture > Hacking
  • #64 in Books > Computers & Technology > Security & Encryption
  • #68 in Books > Computers & Technology > Programming > Introductory & Beginning

More About the Author

I'm an independent information security consultant, keynote speaker, and expert witness with Atlanta, GA-based Principle Logic, LLC. I'm also the creator/producer of the Security On Wheels audio programs and blog providing security learning for IT professionals on the go. See more about me at www.principlelogic.com and securityonwheels.com.

Customer Reviews

Most Helpful Customer Reviews

79 of 84 people found the following review helpful:

5.0 out of 5 stars Good Place to Get Started, January 29, 2005

By 

John Matlock "Gunny" (Winnemucca, NV) - See all my reviews
(REAL NAME)   

This review is from: Hacking for Dummies (Paperback)

I used to wonder why anyone would want to break into my computer, there's not much there of any interest. Even I don't find it all that interesting. Then one day I was puzzled when my ISP asked why my machine was putting out millions of bytes of stuff to the point where it was bogging down their T1 line. I didn't know. We unpluged the machine from the network and it stopped sending. We plugged it back in and it wasn't sending. But the next day it was.

It wasn't until we got an e-mail telling us to stop sending out copyrighted movies that we realized what had happened. It wasn't anything in my computer they wanted, it was the bandwidth. Knowing what to look for it wasn't all that hard to stop. Google quickly provided links on this problem.

This book is aimed at people just like me. It gives an overall, if fairly light, view of the overall security problem. Like the other For Dummies books it has a writing style that doesn't (quite) put you to sleep. It has enough humor to enable you to get through it. It won't make you an expert, but it will point out the problem areas so that you can go deeper into those that are important to you. It's a good introduction.

56 of 65 people found the following review helpful:

5.0 out of 5 stars Excellent introduction to hacking for beginners, September 3, 2004

By 

Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews
(REAL NAME)   

This review is from: Hacking for Dummies (Paperback)

The media often mistakenly characterize hackers as bored technical geniuses. In truth, most hackers, as the media use the term, are not geniuses; they are simply adept at downloading hacking tools that do all of the dirty work for them. These so-called script kiddies often do not know what they are doing until the damage is done.

From the perspective of the victimized company, however, it's not really important who is doing the attacking; all that matters is how organizations can protect themselves from myriad attacks and tools. Hacking for Dummies is written on the premise that to catch a hacker, you have to think and behave like one. This is a well-written and engrossing book that helps the reader understand how hackers compromise computer systems and networks. Its clear, easy-to-read style won't intimidate readers unfamiliar with abstruse security terms and concepts.

The 19 chapters progress from the basics of security to the hardening of an operating system and the hacking of Web applications. While the reader is not expected to have a deep technical background, the book does go into some detail, as it must to provide a hands-on approach. For a high-level theoretical approach to network defense, look elsewhere. This is a down-and-dirty tool for ensuring that the organization's systems and network are secure.

87 of 108 people found the following review helpful:

1.0 out of 5 stars Very Limited, January 5, 2005

By 

Alan Mead (Lockport, IL United States) - See all my reviews
(REAL NAME)   

This review is from: Hacking for Dummies (Paperback)

Update (11/2008): My review below is based on the first (2004) edition. In a comment, the author calls the second, 2006 edition substantially different. So, I reviewed the 2006 edition table of contents, except, and index available on amazon. The excerpt and table of contents did not seem substantially different to me. The primary substantive change in the excerpt (Chapter 1) are the bits about the "rogue insider"; much of the writing is word-for-word identical to the 2004 edition. Maybe the other chapters are "substantially" reworked (the index suggests many changes) but the chapters' titles, order and lengths are not much different in the 2006 edition.

This book should be titled "penetration testing" with the subtitle "without any actual information on how to go about penetration testing, per se".

There are two schools of thought about disseminating detailed information on exploiting security vulnerabilities (that "it's a necessary evil" and "it's immoral"). So, the author is in good company to be in the later group.

Only, why then WRITE A BOOK entitled "Hacking"? The title seems close to fraudulent to me. Anyone hoping to find out how to crack from this book is going to be sorely disappointed. For example, while password cracking is passably well-covered, there isn't even a mention of how crackers get their hands on password files. The author spends only two paragraphs and a few bullets on rootkits--treating them like viruses or worms--despite the fact that they are critical cracker tools. There is a lot of discussion of portscanning without any discussion of how to penetrate the systems you've scanned.

So, you say, "Who cares about would-be criminals!?" Ok, but this book is not going to provide much real value to would-be white-hats either. You will find very little concrete advice on penetrating client systems from this book. However, the book does have quite a bit of advice and a number of tips about setting-up the gig (e.g., "Agree in writing"), general issues (e.g., "Don't test production systems during business hours."), and how to write the report (e.g., "prioritize vulnerabilities").

Actual admins will find very, very little of value. The "Plugging security holes" chapter is only five pages long! The tips sprinkled around are often poor or abstract (or common sense). The book provides little information on how attacks will occur. And it's quite marginal in describing the hacker psyche.

The book is full of links to software. But then so is Google and this book won't help much in choosing between most of them (i.e., my favorite tools were barely mentioned :).

I did (finally) identify a group who might benefit from this book: people who HIRE penetration testers--by educating you about how the process works. (Without giving away any of the trade secrets that might allow you to be self-sufficient!) It might also be a broad (shallow) introduction for the complete novice to security in abstract.