Hacking Exposed: Network Security Secrets and Solutions, Sixth Edition

(Author), (Author), (Author)

Editorial Reviews

Product Description

The world's bestselling computer security book--fully expanded and updated

"Right now you hold in your hand one of the most successful security books ever written. Rather than being a sideline participant, leverage the valuable insights Hacking Exposed 6 provides to help yourself, your company, and your country fight cyber-crime." --From the Foreword by Dave DeWalt, President and CEO, McAfee, Inc.

"For security to be successful in any company, you must ‘think evil' and be attuned to your ‘real risk'...Hacking Expose 6 defines both." --Patrick Heim, CISO, Kaiser Permanente

"The definitive resource to understanding the hacking mindset and the defenses against it." --Vince Rossi, CEO & President, St. Bernard Software

"Identity theft costs billions every year and unless you understand the threat, you will be destined to be a victim of it. Hacking Exposed 6 gives you the tools you need to prevent being a victim." --Bill Loesch, CTO, Guard ID Systems

"This book is current, comprehensive, thoughtful, backed by experience, and appropriately free of vendor-bias-prized features for any security practitioner in need of information." --Kip Boyle, CISO, PEMCO Mutual Insurance Company

"The Hacking Exposed series has become the definitive reference for security professionals from the moment it was first released, and the 6th edition maintains its place on my bookshelf," --Jeff Moss, Founder of the popular Black Hat Security Conference

Meet the formidable demands of security in today's hyperconnected world with expert guidance from the world-renowned Hacking Exposed team. Following the time-tested "attack-countermeasure" philosophy, this 10th anniversary edition has been fully overhauled to cover the latest insidious weapons in the hacker's extensive arsenal.

New and updated material:

• New chapter on hacking hardware, including lock bumping, access card cloning, RFID hacks, USB U3 exploits, and Bluetooth device hijacking
• Updated Windows attacks and countermeasures, including new Vista and Server 2008 vulnerabilities and Metasploit exploits
• The latest UNIX Trojan and rootkit techniques and dangling pointer and input validation exploits
• New wireless and RFID security tools, including multilayered encryption and gateways
• All-new tracerouting and eavesdropping techniques used to target network hardware and Cisco devices
• Updated DoS, man-in-the-middle, DNS poisoning, and buffer overflow coverage
• VPN and VoIP exploits, including Google and TFTP tricks, SIP flooding, and IPsec hacking
• Fully updated chapters on hacking the Internet user, web hacking, and securing code

About the Author

Stuart McClure, CISSP, CNE, CCSE, a leading authority on information security, is VP of Operations & Strategy for the Risk & Compliance Business Unit at McAfee.

Joel Scambray, CISSP, is cofounder and CEO of Consciere, provider of strategic security advisory services.

George Kurtz, CISSP, CISA, CPA, is an internationally recognized security expert, author, and entrepreneur. He is currently a senior executive and general manager with McAfee, Inc.

They are the bestselling coauthors of the five previous editions of Hacking Exposed.

Product Details

• Paperback: 720 pages
• Publisher: McGraw-Hill Osborne Media; 6 edition (January 5, 2009)
• Language: English
• ISBN-10: 0071613749
• ISBN-13: 978-0071613743
• Product Dimensions: 9 x 7.2 x 1.7 inches
• Shipping Weight: 2.6 pounds (View shipping rates and policies)
• Average Customer Review: 3.6 out of 5 stars  See all reviews (7 customer reviews)
• Amazon.com Sales Rank: #12,785 in Books (See Bestsellers in Books)

  Popular in these categories: (What's this?)

  #4 in	Books > Computers & Internet > Certification Central > Publisher > Osborne-McGraw-Hill
  #4 in	Books > Computers & Internet > Certification Central > Exams > Security+
  #5 in	Books > Computers & Internet > Business & Culture > Security

Customer Reviews

Most Helpful Customer Reviews

21 of 26 people found the following review helpful:

2.0 out of 5 stars 6Th Edition, why?, June 19, 2009

By	Viken Derderian (Los Angeles, CA) - See all my reviews (REAL NAME)

My first exposure with hacking series was back in 2002 the 2nd edition, in the Foreword of the 2nd edition they summed up the expectation and identified the who should read this book "...But if a computer network has a security vulnerability and no one knows about it, is it insecure?".
In writing this review I like to bring to attention the fact that I am not sure who is the intended audience anymore.
I have seen this book on every network engineer's and self proclaimed security guru's book shelf, many of the one's I have seen were not even used once.
So my question is why do people keep on buying this book, is it the title? The marketing? Or is it a cult think? I was given the 6th edition as a gift. I read most of it out of curiosity, and after a while I realized that this book does not have a true audience.

This book is not written for;
.-The hacker since many of the hacking techniques are either irrelevant or old and most hackers know a better way.
.-The criminal. See previous note.
.-An auditor. If it was, it would have specific processes on how to conduct and audit.
.-Management, they don't care how hping2 works.
.-Those who are concerned about wireless security. There is a "hacking exposed for wireless" book for them.

If we take away the fat, this book has about 200 pages of useful information, most of which can be found using the authors favorite search engine Google
why did I give it a 2 star instead of just 1, I did like the entire 10th Chapter, this section has very relevant information, and it has a purpose, it introduces the concept of governance and use of standards such as ISO17799 which is actually ISO27001:2005 and NIST Publications 800-64 and 800-27. It explains the SDLC although the author calls it SDL combining the Life with Cycle. So if this is your First Hacking Exposed book, buy it with caution, but if you already have one, don't "upgrade".
Best Fishes and thank you for reading.

9 of 13 people found the following review helpful:

5.0 out of 5 stars Hacking Exposed 6 - #1 Best-Selling Computer Security Book, February 9, 2009

By	Tony Bradley "s3kur3.com" (Houston, TX) - See all my reviews

George Kurtz, Stuart McClure and Joel Scambray have been a staple of my Information Security library since the first Hacking Exposed book. Things change quickly in the security world and the authors of Hacking Exposed 6: Network Security Secrets & Solutions have done a tremendous job at taking a great thing and making it better by updating it with new attacks and countermeasures.

Kurtz, McClure, and Scambray have maintained the core of what makes Hacking Exposed indispensible and they have once again added to and updated the information to keep the book current with the latest attacks, exploits and hacker techniques.

The basic format of the book remains the same. The beginning covers footprinting, scanning and enumeration to identify potential target systems. It then moves on to a section regarding system hacking, divided into Windows and Unix sections, then into Infrastructure Hacking with sections on Remote Connectivity or VoIP hacking, Network Devices, Wireless Hacking, and Hacking Hardware.

The appendices list commonly used TCP and UDP ports and the services that use them as well as providing a graphic representation of the Top 14 Security Vulnerabilities.

There are a handful of books that should be "must-reads" for anyone responsible for computer or network security and this is one of them. Learning the information in this book will help you learn current attacks and hacking techniques and develop effective countermeasures to protect your network. Hands down, Hacking Exposed 6 should be on every network or security administrator's desk for quick reference.

Buy this book. Even if you already have a previous edition, the new and updated information in this book are worth the investment.

2 of 7 people found the following review helpful:

3.0 out of 5 stars Too Basic, June 17, 2009

By	Christina Ooi (USA) - See all my reviews (REAL NAME)

A basic overview of attacks. This book lacks sample code but I suppose it would be OK for someone that just wanted to lightly touch upon different cyber attacks worked. In all honesty, I'd stick to wikipedia.