Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more

Hacking Exposed Paperback – Bargain Price, October 11, 2000

ISBN-13: 978-9574932108 ISBN-10: 9574932109 Edition: 2nd

See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from Collectible from
Paperback, Bargain Price, October 11, 2000
$6.61 $2.33 $7.95

This is a bargain book and quantities are limited. Bargain books are new but could include a small mark from the publisher and an Amazon.com price sticker identifying them as such. Details

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


--This text refers to an out of print or unavailable edition of this title.

Special Offers and Product Promotions


NO_CONTENT_IN_FEATURE

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 703 pages
  • Publisher: McGraw Hill HK; 2nd edition (October 11, 2000)
  • Language: Chinese
  • ISBN-10: 9574932109
  • ISBN-13: 978-9574932108
  • ASIN: B00009B1US
  • Product Dimensions: 9.1 x 7.2 x 1.8 inches
  • Shipping Weight: 3.3 pounds
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (41 customer reviews)
  • Amazon Best Sellers Rank: #4,021,182 in Books (See Top 100 in Books)

Editorial Reviews

Amazon.com Review

A lot of computer-security textbooks approach the subject from a defensive point of view. "Do this, and probably you'll survive a particular kind of attack," they say. In refreshing contrast, Hacking Exposed, Second Edition talks about security from an offensive angle. A Jane's-like catalog of the weaponry that black-hat hackers use is laid out in full. Readers see what programs are out there, get a rundown on what the programs can do, and benefit from detailed explanations of concepts (such as wardialing and rootkits) that most system administrators kind of understand, but perhaps not in detail. The book also walks through how to use the more powerful and popular hacker software, including L0phtCrack. This new edition has been updated extensively, largely with the results of "honeypot" exercises (in which attacks on sacrificial machines are monitored) and Windows 2000 public security trials. There's a lot of new stuff on e-mail worms, distributed denial-of-service (DDoS) attacks, and attacks that involve routing protocols.

The result of all of this familiarity with bad-guy tools is a leg up on defending against them. Hacking Exposed wastes no time in explaining how to implement the countermeasures--where they exist--that will render known attacks ineffective. Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what Unix configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare. They spare no criticism of products with which they aren't impressed, and don't hesitate to point out inherent, uncorrectable security weaknesses where they find them. This book is no mere rehashing of generally accepted security practices. It and its companion Web site are the best way for all of you network administrators to know thine enemies. --David Wall

Topics covered:

  • Security vulnerabilities of operating systems, applications, and network devices
  • Administrative procedures that will help defeat them
  • Techniques for hacking Windows 95, Windows 98, Windows Me, Windows NT 4.0, Windows 2000, Novell NetWare, and Unix
  • Strategies for breaking into (or bringing down) telephony devices, routers, and firewalls
--This text refers to an out of print or unavailable edition of this title.

Review

... Hacking Exposed, the seminal book on white-hat hacking and countermeasures. Hacking Exposed (www.hackingexposed.com) is now in its second edition, and should be required reading for anyone with a server or a network to secure. (Bill Machrone, VP, Technology for ZiffDavis Media) (PC Magazine 2001-06-26)

If you are a computer professional with an eye to the publishing world, you’re probably familiar with a big red book called Hacking Exposed. This bold book with its bold title often appears at the end of the aisle or in other easy-to-reach locations. The reason for all the attention -- and brisk sales -- is that this book really is different. For almost any computer book, you can find a clone. But not this one. Hacking Exposed is a one-of-a-kind study of the art of breaking in. The authors, a trio of security consultants for Foundstone, Inc., take the reader through a spectrum of intrusion tools and strategies. One of the biggest problems with security books is that, when you take out the OS configuration steps, most books offer little more than mundane pronouncements and recycled rules of thumb. Hacking Exposed is one of those rare books that actually show the reader how to think like an intruder. You’ll see the whole picture of the intrusion process from the top--a broad look at the phases of a network attack--to the bottom--examples of obscure Unix commands and discussions of specific hacking tools. And along the way, you’ll pick up valuable insights on how hackers think and how you can protect your network by thinking like a hacker. Hacking Exposed is also an impressive catalog of intrusion tools. You’ll find concise discussions of many tools, including information on how to obtain the tool and how to tell if the tool is currently deployed against you on your network. You’ll also find discussions of well known and lesser known attack methods, such as Trojan horses, buffer overflows, log doctoring, session hijacking, and SSL fraud. Hacking Exposed is divided into four parts. The first part, "Casing the Establishment," describes the footprinting, scanning, and enumeration phases, in which the intruder compiles a detailed map of the target network, including IP addresses, open ports, and relevant network resources. Part II, "System Hacking," describes specific techniques for hacking Windows 95/98/ME, Windows NT, Windows 2000, Novell NetWare, and Unix systems. (Error! Hyperlink reference not valid.) Part III, "Network Hacking," examines topics such as default passwords, SNMP, firewalls, denial of service, and dial-up attacks. Part IV, "Software Hacking," covers remote control vulnerabilities, Web hacking, and several advanced techniques, such as tricks with root kits and imaging tools. The best part of Hacking Exposed is the details. How many security books have you read that told you to beware of Trojan horses and then didn’t offer any specifics on what Trojan horses are out there and what to do about them? Hacking Exposed names at least a dozen specific Trojan horse programs currently operating on Windows, NetWare, and Unix systems. You’ll even find screen captures, URLs, and detection tips for each of the Trojans. This book shows clearly why you can’t assume anything is secure. You’ll learn tricks for compromising "secure" channel protocols such as SSL, IPSec, and PPTP. The details on Windows hacks are a particularly useful part of the book. You’ll learn about Registry hacks, remote access exploits, port redirection, and privilege escalation in Windows. If you ever felt inclined to believe Microsoft’s official version of Windows security, you’ll be interested in what the authors have to say about disabling auditing, clearing the Event Log, and hiding NTFS file resources. As one who has worked with computer books for many years, I can only imagine that Hacking Exposed must have evoked some secret envy from other publishers. This same book has been planned many times in many conference rooms throughout the publishing world, but in the end, it always comes down to the authors. You need creative and experienced authors with lots of energy to deliver this kind of detail and vision. If you spend enough time with Hacking Exposed, you could probably learn enough to start hacking networks yourself, although anyone else who has the book could probably learn enough to stop you. The fact is, if you really want to protect your network, you’ll need more information than any one book can hold. But if you want a head start on keeping your network safe, make sure Hacking Exposed is on your bookshelf. (Unix Review 2001-02-23) --This text refers to an out of print or unavailable edition of this title.

Customer Reviews

Probably one of the scariest books I've read in a long time.
J. J. Kwashnak
This is an overview book, which can't cover everything physically, it is thick enough already, giving a very good general notion of the field.
Yevgeniy Mishchenko
Highly recommend this book if you have even a slight interest in learning the how's of hacking.
Prattle On, Boyo

Most Helpful Customer Reviews

78 of 81 people found the following review helpful By Ben Rothke on December 21, 2000
Format: Paperback
Hardly a week goes by that CNN does not report a high-profile Web site being defiled or an e-commerce site being penetrated. While most people know why these incidents occurred, Hacking Exposed explains how they occurred and, more important, how to prevent them from occurring.
The cover of Hacking Exposed announces that "Network security is Y2K without the deadline." That alarmist statement, however, is the only hype in the book. The work is packed with real-world examples and links to tools needed to assess the security of any type of client/server and Web system. As they detail the myriad vulnerabilities in different types of systems, the authors provide countermeasures for each of them.
Well organized, the book progresses in an orderly fashion. It methodically goes through the process of exploiting a target to penetrate a system--from identification and enumeration to actual penetration. The authors provide detailed instructions and explanations for many security features and flaws in Unix, Linux, Windows, NetWare, routers, firewalls, and more. Topics covered include state-of-the-art computer and network penetration, as viewed by both the attacker and the defender; remote system identification; vulnerability identification; war dialers; firewall circumvention; and denial-of-service attacks. An appendix explores the security characteristics of Windows 2000.
Some may argue that books such as this one only serve to motivate and educate hackers. The truth is that hackers are already aware of the book's contents. This book is designed for system administrators and managers who need to know their systems' risks and vulnerabilities and how to address them. When they are done with this book, system administrators and managers will be familiar with such critical topics as back channels, port redirection, banner grabbing, and buffer overflows. Hacking Exposed is a must-read for anyone who wants to know what is really happening on their network....
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
47 of 50 people found the following review helpful By Richard Bejtlich on April 10, 2001
Format: Paperback
I am a senior engineer for managed network security operations, which includes conducting vulnerability assessments against client networks. I read this second edition to gain insights into ways to better assess a client's security posture, and also to understand some of the attacks I see while monitoring intrusion detection systems. Of the books I've read, Hacking Exposed remains the best guide to systematically assess and (if necessary) compromise hosts. By understanding black hat methods, defenders can better prepare for the tidal wave of exploits washing upon the networking shore.
Parts I (Casing the Establishment), II (System Hacking), and III (Network Hacking) are a tour-de-force of attacker tools and techniques. While explaining how to penetrate systems, the authors spend a fair amount of time explaining how those systems work. From a system administration standpoint, these descriptions are pure gold. Since the authors are fairly operating system-agnostic, they show the pros and cons of Microsoft, UNIX, and Novell products in the harsh light of improved security. For example, the discussion of file handles, file descriptors, and signals in chapter 8 ("Hacking UNIX") helped me understand a little bit of UNIX's guts, while giving a security spin to file system operations.
Thankfully, Hacking Exposed gives Microsoft operating systems plenty of attention. While recognizing that many of us dislike administering these systems, the authors provide helpful and solid chapters on Windows NT and Windows 2000. They also demonstrate many ways to use Windows as an attack platform. They convincingly show that if a scan can be performed in Linux, someone has developed a similar tool for Windows.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
28 of 29 people found the following review helpful By A Customer on October 26, 2000
Format: Paperback
I read the first edition and thought it was a great book that every administrator should have. I didn't think that they would come out with a second edition so quickly. I am impressed that the second edition isn't just a rehash of the same material. It is filled with new information that is a must have for security minded administrators. The application hacking information is the wave of the future.
We have had consultants come in to perform work for our company who have carried the first edition in hand to perform security reviews for us. I can't wait to see how long it takes them to bring in the second edition. Its amazing how the authors share this great information with their competitors. The authors are keeping the competition on their toes and increasing the general knowledge of security for the whole industry.
Keep it coming guys!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
17 of 19 people found the following review helpful By Yevgeniy Mishchenko on June 12, 2001
Format: Paperback
Guys! This is a starter book. Get real!
-(1)- Many readers complain that it does not have enough detail (Specific and new hacks, deep description of protocols, for example). But this piece was not written for this. You can't blame a chicken for not giving you milk. This is an overview book, which can't cover everything physically, it is thick enough already, giving a very good general notion of the field. -(2)- Same readers take stars from the book for "containing only links, not much else". But that's the point! Just follow references, they are very useful. It is the only way to find fresh and profound material. Guys, who expect to find everything in one book are just lazy and unprofessional people, who bought it to play around with neighbour's PC or some box on the web. -(3)- "I bought the book, but it turned out to be useless :( ". Shure it did. You didn't check table of contents and reviews. But that's not the author's fault, don't take off stars.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Product Images from Customers

Most Recent Customer Reviews

Search
ARRAY(0xa70a9e4c)