Sorry, this item is not available in
Image not available for
Image not available

To view this video download Flash Player

FREE Shipping on orders over $35.

Used - Good | See details
Sold by meinuobooks.
Have one to sell? Sell yours here
Tell the Publisher!
I'd like to read this book on Kindle

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Hacking Exposed: Network Security Secrets & Solutions, Third Edition (Hacking Exposed) [Paperback]

by Joel Scambray, Stuart McClure, George Kurtz
3.9 out of 5 stars  See all reviews (32 customer reviews)

Available from these sellers.

Free Two-Day Shipping for College Students with Amazon Student


Amazon Price New from Used from
Paperback --  
Sell Us Your Books
Get up to 80% back when you sell us your books, even if you didn't buy them at Amazon. Learn more
There is a newer edition of this item:
Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition (Hacking Exposed) Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition (Hacking Exposed) 3.9 out of 5 stars (32)
Out of Print--Limited Availability

Book Description

September 26, 2001 0072193816 978-0072193817 3rd
Learn in-depth insight into how hackers infiltrate e-business and how they can be stopped. The book contains updated hacks and countermeasures, including the latest denial of service attacks, email attacks, viruses, and Web hacks. There is also coverage of Windows XP Server. The CD contains custom scripts created, vendor tools, a default password database, and an electronic outline of the book with live links to all of the tools that are referenced in the book. Authors are proven security experts who are keynote speakers and instructors for world-wide security conferences (Black Hat, RSA, SANS, among others), where they give a "Hacking Exposed Live!" presentation.

Editorial Reviews

From the Inside Flap

"The seminal book on white-hat hacking and countermeasures.... Should be required reading for anyone with a server or a network to secure." --Bill Machrone, PC Magazine

"Reading this book is better than hiring those Sneakers guys to break into your network to tell you where the open doors are, and it doesn't cost nearly as much." --Professional Certification magazine

"A great practical guide for administrators and an eminently readable expose on hacking that should smooth the way for sensible executive policies to protect corporate networks." --Cameron Sturdevant, eWeek

"Will tell you more about what hackers have done and can--and can't--do than anything else I have seen....Chock full of tips on countermeasures and just plain usability tricks. Recommended." --Jerry Pournelle, BYTE Magazine

"For almost any computer book, you can find a clone. But not this one.... A one-of-a-kind study of the art of breaking in." --UNIX Review

New and Updated Material:

* Each part opens with a brand new case study based on real security scenarios
* Brand new chapter covers the latest 802.11 Wireless networking security attacks and countermeasures
* New strategies for proactively defending against dial-up, PBX, voicemail, and VPN hacks
* Completely rewritten enumeration chapter including new SQL Server discovery tools, Windows XP/.NET Server countermeasures, Novell exploits, and network discovery using BGP
* New techniques for gaining unauthorized access to Windows 9x/Me/NT/2000/XP, Novell 6, UNIX, and Linux
* Up-to-date countermeasures for preventing the exploitation of proxy and packet filtering firewall vulnerabilities
* Web hacking chapter completely revised and updated to cover the latest platform-specific vulnerabilities from Apache to IIS, current techniques including cross-site scripting, fuzzing, and SQL injection attacks, and all of the latest tools from Achilles to Nikto
* Hacking Exposed Live! video presentation on DVD --This text refers to an out of print or unavailable edition of this title.

From the Back Cover

"If there was an Encyclopedia Britannica of computer security, it would be Hacking Exposed, Third Edition." --Marty Roesch, creator of the Snort tool

"A critical step to knowing your enemy is first understanding their tools. Hacking Exposed, Third Edition delivers just that...and more." --Lance Spitzner, Sun Microsystems GESS Security Team and the coordinator of the Honeynet Project

"Whether you're a struggling novice or a seasoned pro--Hacking Exposed, Third Edition is required reading." --Barnaby Jack, Win32 Buffer Overflow expert

CD-ROM contains key security tools ready to install on your computer, links to the security tools covered in the book, and a password database.

Harden your computers and networks against compromise by digital marauders today with this fully revised, essential volume. Hacking Exposed: Network Security Secrets ; Solutions, Third Edition shows you how hackers view internetworking technologies, the techniques they use to exploit network security holes, and what you can do to recognize oncoming attacks. Renowned security experts Stuart McClure, Joel Scambray, and George Kurtz provide detailed examples of the latest devious break-ins and destructive attacks and show you, step-by-step, how to protect your systems. You'll get brand-new coverage of technologies like 802.11 Wireless Networking expanded coverage of Denial of Service, VPN, dial-up, and remote access hacks, and all-new security information on Windows XP, Windows.NET Server (code named Whistler), and IIS 5.

New and Updated Material:

  • The latest 802.11 Wireless networking security attacks and countermeasures
  • Fully up-to-date information on the latest Windows, UNIX, Linux, and NetWare hacks and countermeasures in the tried-and-true Hacking Exposed format
  • New techniques used by today's hacker to pinpoint potential targets--ping sweep tools, TCP/UDP scans, traceroutes, whois queries, and zone transfer downloads
  • Significantly revised chapters on analog dial-up and Web attacks
  • Brand-new coverage of Windows XP, Windows.NET Sever (code named Whistler), and IIS 5 vulnerabilities like Code Red
  • New UNIX material including the latest Format String vulnerabilities
  • The latest remote control vulnerabilities in VNC and Terminal Server
  • New strategies for preventing untrusted access to SNMP, Active Directory, and NetBIOS/SMB services using IPSec filters, firewalls, and TCP/IP Security
  • The most recent techniques for securing and managing Microsoft SQL Server and Internet Clients in networked environments

Product Details

  • Series: Consumer One-Off
  • Paperback: 700 pages
  • Publisher: Osborne/McGraw-Hill; 3rd edition (September 26, 2001)
  • Language: English
  • ISBN-10: 0072193816
  • ISBN-13: 978-0072193817
  • Product Dimensions: 9.1 x 7.4 x 1.8 inches
  • Shipping Weight: 3.5 pounds
  • Average Customer Review: 3.9 out of 5 stars  See all reviews (32 customer reviews)
  • Amazon Best Sellers Rank: #2,636,212 in Books (See Top 100 in Books)

More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

3.9 out of 5 stars
3.9 out of 5 stars
Share your thoughts with other customers
Most Helpful Customer Reviews
125 of 133 people found the following review helpful
4.0 out of 5 stars Time to reposition the "Hacking Exposed" series? November 17, 2001
I am a senior engineer for network security operations. I've read and reviewed every edition of the "Hacking Exposed" series since the 1999 original. "Hacking Exposed" is a winner; the authors' powerful example-driven style teaches the tools and tactics of vulnerability assessment and penetration testing. Nevertheless, I've compared this third edition to its "Hacking Linux" and "Hacking Windows 2000" cousins, and I believe the authors should rethink their goals for the "Hacking Exposed" series.

"Hacking Exposed, Third Edition" (HE:3E) describes techniques to attack and defend a wide variety of network assets: Microsoft products (9x, ME, NT, 2000, XP), UNIX variants, Novell's NOS, routers, PBXs, firewalls, and so on. Weaknesses in individual applications are explained, with attention given to remote control tools (VNC, Windows Terminal Server, PCAnywhere), Web technologies (IIS, ColdFusion, ActiveX, Java), and file sharing/chat systems (Napster, IRC). Readers are unlikely to find so many topics given fairly thorough coverage in a single volume.

Unfortunately, at 727 pages, HE:3E has gained too much weight. The 1999 first edition offered 484 pages, and the 2001 (yes, 2001) second edition gave 703 pages. While the authors should be credited for not simply copying and pasting material from their 2001 edition of "Hacking Exposed: Windows 2000," many of the same topics appear in both books. Furthermore, some subjects are redundantly described within HE:3E. For example, why rehash port redirection and rootkits in chapter 14 when they were adequately covered in earlier sections?
Read more ›
Comment | 
Was this review helpful to you?
13 of 13 people found the following review helpful
5.0 out of 5 stars Still the best book for vulnerability assessors August 2, 2003
It's been nearly two years since I reviewed "Hacking Exposed: 3rd Ed" (HE:3E). Since then I've joined Foundstone and contributed the case study on pages 2-7 in "Hacking Exposed: 4th Ed" (HE:4E), on a non-royalty basis. Since my review could still be seen as being biased, I'll mainly discuss changes between HE:3E and HE:4E.

The most noticeable change is the reorganization of the Windows-specific chapters. HE:3E had one 25 page chapter on 9x/ME/XP and two chapters with 172 pages on NT and 2000. HE:4E offers one 22 page chapter on 9x/ME and one 66 page chapter on the "NT family." The authors wisely direct readers to "Hacking Exposed: Windows 2000" and "Hacking Exposed: Web Applications" for more in-depth discussions of attacking Windows. The material in HE:4E is still sufficient to compromise Windows boxes without having to open HE:W2K or HE:WA. This decision allowed HE:4E to grow by only 2 pages since HE:3E. (I criticized HE:3E with a four star review for including too much material best left in topic-specific HE editions.) Pruning the Windows material allows room for a stand-alone wireless hacking chapter in the nitty-gritty HE style, as well as other improvements.

Another major addition to HE:4E is a completely rewritten enumeration chapter. While HE:3E compartmentalized techniques by operating system (Windows, Novell, UNIX), HE:4E offers port-based techniques. For example, if port 179 is open, try BGP-based queries. If port 524 is open or IPX is in use, try Novell attacks. This approach reflects the methods used by assessors who find listening services, and can't be sure what OS is present. The chapter on network devices (ch 9) offers exceptionally devious hacking tricks, such as performing a T-1 "man-in-the-middle" attack.
Read more ›
Comment | 
Was this review helpful to you?
5 of 5 people found the following review helpful
4.0 out of 5 stars Too shallow wireless section. February 19, 2002
Format:Paperback|Verified Purchase
I bought this third edition, mostly because of the claims about covering wireless security area. Well, as it turned out, this 'coverage' includes just three lousy pages !!
The book is very like the second edition. No relevant changes are presented, and therefore several issues are now dated.
If you don't already own the second edition, then buy this new third edition, overall, it is a quite comprehensive and useful book. However, if you are looking for a serious wireless security treatment, then you should better try books like ' Hack Proofing Your Wireless Network' or alike.
Comment | 
Was this review helpful to you?
4 of 4 people found the following review helpful
4.0 out of 5 stars Not too shabby. January 13, 2005
The author does a really nice job talking about network hacks. He sounds like he still hacks into networks on the side since the book contains so much information. The book is not exhaustive (no book can be about this subject) but covers the most important topics about hacking and security. If you want a good introduction with _some_ depth to it this is the book. It's good book to start with if you haven't read anything else. It's a fun read with some good points. After this, you'll want to buy other security books that go into a specific area with a lot of depth to it. Maybe you could go into the specific Hacking Exposed books on Windows or Linux, etc. Definitely should be part of your library.
Comment | 
Was this review helpful to you?
4 of 5 people found the following review helpful
5.0 out of 5 stars great humour April 2, 2002
whatever you use its in here, its a bit short on wireless and xp (the latest ms os release when written) but it covers unix and microsoft.
it covers the theoretical as well as the known bugs. Asks important questions. The lession learned are patch - dont use microsoft, and configure it properly to begin with.
Comment | 
Was this review helpful to you?
Most Recent Customer Reviews
1.0 out of 5 stars Worst Book Ever
Thank God I DID NOT BUY this book. I took 30 minutes to read this book at a bookstore and if you are interested in learning how to hack, then this book is not for you. Read more
Published on April 7, 2005 by Xcaliber
5.0 out of 5 stars Fifth Edition Is Another Winner
George Kurtz, Stuart McClure and Joel Scambray have been a staple of my Information Security library since the first Hacking Exposed book. Read more
Published on February 10, 2005 by sixmonkeyjungle
4.0 out of 5 stars Depends on what you want
This book covers a lot of ground. More than most books. But if you think you can learn to hack or do penetration testing with this book, forget it. Read more
Published on September 9, 2004 by chavruta
1.0 out of 5 stars Save Your Money
I have plenty of experience with computers and have been hacking since the term Hacker wasn't a dirty word. Read more
Published on April 16, 2004 by A Real Hacker
1.0 out of 5 stars RUBBISH
A lot of twaddle - worst book on the subject - no secrets, out of date solutions - a complete waste of time and money
Published on February 14, 2004
1.0 out of 5 stars BAD BOOK
This book will not enhance your knowledge of computer security.
Published on February 11, 2004
5.0 out of 5 stars Fun and educational
I had so much fun hacking my own servers, and exploiting all the lesser known security flaws. I highly recommend this book even for the experienced administrator.
Published on November 12, 2003 by Wyatt Watkins
1.0 out of 5 stars what, are you kidding me?
no, i didn't buy this crap, i got a free copy at the blackhat conference in vegas, and left it there in my hotel room. Read more
Published on October 7, 2003 by James Rothschadl
5.0 out of 5 stars Lots of good, organized information
There are a lot of `hacking' books out there, but none better than Hacking Exposed.
The information is organized and to the point. Read more
Published on August 19, 2003 by Eric Kent
5.0 out of 5 stars What more can you say!
Most comprehensive information on Hacking that you can find in a single book.
Newly added chapter on Wireless Lan was extremely informative.
Published on August 7, 2003 by Ellis C. Y. Wong
Search Customer Reviews
Only search this product's reviews

What Other Items Do Customers Buy After Viewing This Item?

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more


There are no discussions about this product yet.
Be the first to discuss this product with the community.
Start a new discussion
First post:
Prompts for sign-in

Look for Similar Items by Category