Customer Reviews

Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition (Hacking Exposed)

5 star:		(57)
4 star:		(25)
3 star:		(9)
2 star:		(2)
1 star:		(7)

 

 

Hardly a week goes by that CNN does not report a high-profile Web site being defiled or an e-commerce site being penetrated. While most people know why these incidents occurred, Hacking Exposed explains how they occurred and, more important, how to prevent them from occurring.

The cover of Hacking Exposed announces that "Network security is Y2K without the deadline." That alarmist statement, however, is the only hype in the book. The work is packed with real-world examples and links to tools needed to assess the security of any type of client/server and Web system. As they detail the myriad vulnerabilities in different types of systems, the authors provide countermeasures for each of them.

Well organized, the book progresses in an orderly fashion. It methodically goes through the process of exploiting a target to penetrate a system--from identification and enumeration to actual penetration. The authors provide detailed instructions and explanations for many security features and flaws in Unix, Linux, Windows, NetWare, routers, firewalls, and more. Topics covered include state-of-the-art computer and network penetration, as viewed by both the attacker and the defender; remote system identification; vulnerability identification; war dialers; firewall circumvention; and denial-of-service attacks. An appendix explores the security characteristics of Windows 2000.

Some may argue that books such as this one only serve to motivate and educate hackers. The truth is that hackers are already aware of the book's contents. This book is designed for system administrators and managers who need to know their systems' risks and vulnerabilities and how to address them. When they are done with this book, system administrators and managers will be familiar with such critical topics as back channels, port redirection, banner grabbing, and buffer overflows. Hacking Exposed is a must-read for anyone who wants to know what is really happening on their network....

I am a senior engineer for network security operations. I've read and reviewed every edition of the "Hacking Exposed" series since the 1999 original. "Hacking Exposed" is a winner; the authors' powerful example-driven style teaches the tools and tactics of vulnerability assessment and penetration testing. Nevertheless, I've compared this third edition to its "Hacking Linux" and "Hacking Windows 2000" cousins, and I believe the authors should rethink their goals for the "Hacking Exposed" series.

"Hacking Exposed, Third Edition" (HE:3E) describes techniques to attack and defend a wide variety of network assets: Microsoft products (9x, ME, NT, 2000, XP), UNIX variants, Novell's NOS, routers, PBXs, firewalls, and so on. Weaknesses in individual applications are explained, with attention given to remote control tools (VNC, Windows Terminal Server, PCAnywhere), Web technologies (IIS, ColdFusion, ActiveX, Java), and file sharing/chat systems (Napster, IRC). Readers are unlikely to find so many topics given fairly thorough coverage in a single volume.

Unfortunately, at 727 pages, HE:3E has gained too much weight. The 1999 first edition offered 484 pages, and the 2001 (yes, 2001) second edition gave 703 pages. While the authors should be credited for not simply copying and pasting material from their 2001 edition of "Hacking Exposed: Windows 2000," many of the same topics appear in both books. Furthermore, some subjects are redundantly described within HE:3E. For example, why rehash port redirection and rootkits in chapter 14 when they were adequately covered in earlier sections?

I strongly recommend the authors remove the UNIX- and Windows-specific material from a future fourth edition of "Hacking Exposed," directing readers to "Hacking Linux" and "Hacking Windows" when necessary. The authors should briefly describe general UNIX and Windows vulnerabilities in "HE:4E," and devote most of the book to their methodology and systems not covered in other books. This overhaul will give the authors a chance to remove some dated material from "Hacking Exposed," like a reference to ISS RealSecure v3.0 (6.0 is now in use).

I recommend readers who have not read previous "Hacking Exposed" titles buy this book. Despite my concerns, I still learned something new (wireless issues, format string vulnerabilities) and re-acquainted myself with material mentioned in earlier editions (RIP spoofing, enumeration techniques). If you've read "Hacking Exposed, Second Edition," wait for a revamped fourth edition.

(Disclaimer: I received a free review copy from the publisher.)

I am a senior engineer for managed network security operations, which includes conducting vulnerability assessments against client networks. I read this second edition to gain insights into ways to better assess a client's security posture, and also to understand some of the attacks I see while monitoring intrusion detection systems. Of the books I've read, Hacking Exposed remains the best guide to systematically assess and (if necessary) compromise hosts. By understanding black hat methods, defenders can better prepare for the tidal wave of exploits washing upon the networking shore.

Parts I (Casing the Establishment), II (System Hacking), and III (Network Hacking) are a tour-de-force of attacker tools and techniques. While explaining how to penetrate systems, the authors spend a fair amount of time explaining how those systems work. From a system administration standpoint, these descriptions are pure gold. Since the authors are fairly operating system-agnostic, they show the pros and cons of Microsoft, UNIX, and Novell products in the harsh light of improved security. For example, the discussion of file handles, file descriptors, and signals in chapter 8 ("Hacking UNIX") helped me understand a little bit of UNIX's guts, while giving a security spin to file system operations.

Thankfully, Hacking Exposed gives Microsoft operating systems plenty of attention. While recognizing that many of us dislike administering these systems, the authors provide helpful and solid chapters on Windows NT and Windows 2000. They also demonstrate many ways to use Windows as an attack platform. They convincingly show that if a scan can be performed in Linux, someone has developed a similar tool for Windows.

My favorite issues in the book involved describing Windows rootkits (a recent development) and UNIX loadable kernel modules. On the negative side, I felt the book lost steam in section IV (Software Hacking), spending too much time repeating earlier material. Also, unless you're a relative newbie to security, you may become bored with the litany of historic deficiencies and required patches discussed in section IV.

Overall, the second edition of Hacking Exposed remains a must-read book for security professionals. I recommend it as the sort of book one reads after gaining an overall sense of the security field and learning about TCP/IP. With those foundations in place, it's time to learn how black hats operate. If you're a system administrator, you'll learn how to fortify your network assets. If you're an intrusion detector, you'll learn what to watch for. If you're a pen-tester, you'll learn how to compromise hosts. Who could ask for more?

I read the first edition and thought it was a great book that every administrator should have. I didn't think that they would come out with a second edition so quickly. I am impressed that the second edition isn't just a rehash of the same material. It is filled with new information that is a must have for security minded administrators. The application hacking information is the wave of the future.

We have had consultants come in to perform work for our company who have carried the first edition in hand to perform security reviews for us. I can't wait to see how long it takes them to bring in the second edition. Its amazing how the authors share this great information with their competitors. The authors are keeping the competition on their toes and increasing the general knowledge of security for the whole industry.

Keep it coming guys!

It's been nearly two years since I reviewed "Hacking Exposed: 3rd Ed" (HE:3E). Since then I've joined Foundstone and contributed the case study on pages 2-7 in "Hacking Exposed: 4th Ed" (HE:4E), on a non-royalty basis. Since my review could still be seen as being biased, I'll mainly discuss changes between HE:3E and HE:4E.

The most noticeable change is the reorganization of the Windows-specific chapters. HE:3E had one 25 page chapter on 9x/ME/XP and two chapters with 172 pages on NT and 2000. HE:4E offers one 22 page chapter on 9x/ME and one 66 page chapter on the "NT family." The authors wisely direct readers to "Hacking Exposed: Windows 2000" and "Hacking Exposed: Web Applications" for more in-depth discussions of attacking Windows. The material in HE:4E is still sufficient to compromise Windows boxes without having to open HE:W2K or HE:WA. This decision allowed HE:4E to grow by only 2 pages since HE:3E. (I criticized HE:3E with a four star review for including too much material best left in topic-specific HE editions.) Pruning the Windows material allows room for a stand-alone wireless hacking chapter in the nitty-gritty HE style, as well as other improvements.

Another major addition to HE:4E is a completely rewritten enumeration chapter. While HE:3E compartmentalized techniques by operating system (Windows, Novell, UNIX), HE:4E offers port-based techniques. For example, if port 179 is open, try BGP-based queries. If port 524 is open or IPX is in use, try Novell attacks. This approach reflects the methods used by assessors who find listening services, and can't be sure what OS is present. The chapter on network devices (ch 9) offers exceptionally devious hacking tricks, such as performing a T-1 "man-in-the-middle" attack.

HE:3E represents a significant upgrade from HE:3E, with nearly two years between the two books. I wasn't happy with the changes between HE:2E and HE:3E, as both were published in 2001. I would like to see HE:5E add a single chapter on attacking Cisco routers, with discussions of the overflows, tunnels, and remote sniffing pioneered by Phenoelit's FX. A chapter on attacking embedded devices and PDAs would be helpful. I recommend following the lead of frequently-updated hardware books like Scott Mueller's "Upgrading and Repairing PCs": print the latest and greatest, and archive the rest to CD-ROM. I think the chapters on Win 9x/ME and Novell could make way for more exciting discussions in HE:5E. Along with Ed Skoudis' "Counter Hack," HE:4E is one of the books I recommend as absolutely essential reading for all security professionals.

The book is not bad, but needs serious rewriting. The "fifth edition" is a joke-it looks more like an attempt to beat some more money out of the book's reputation than a serious release.

Some parts of the book are dated and should be left out or rewritten. Half of the URLs mentioned in the book does not work, because the websites have died a long time ago. Some nmap switches described in the text are not usable anymore, because the authors used an old version of nmap. A good deal of the text speaks about Windows NT, which is an OS almost unused today. There is a lot of typos in the book, which is quite unusal for a fifth edition. The HE website lists corrections for the first issue of the book, which is not very useful.

That said, I have learned a lot of interesting things from the book. It's a good book if you are trying to get the big picture-if you are looking for in-depth explanations and fresh information, I think you'd better look elsewhere. It's worth reading, I just wouldn't say it's a computer security Bible.

Guys! This is a starter book. Get real!

-(1)- Many readers complain that it does not have enough detail (Specific and new hacks, deep description of protocols, for example). But this piece was not written for this. You can't blame a chicken for not giving you milk. This is an overview book, which can't cover everything physically, it is thick enough already, giving a very good general notion of the field. -(2)- Same readers take stars from the book for "containing only links, not much else". But that's the point! Just follow references, they are very useful. It is the only way to find fresh and profound material. Guys, who expect to find everything in one book are just lazy and unprofessional people, who bought it to play around with neighbour's PC or some box on the web. -(3)- "I bought the book, but it turned out to be useless :( ". Shure it did. You didn't check table of contents and reviews. But that's not the author's fault, don't take off stars.

You might expect a massive book about computer hacking to be tedious reading, but - surprise - this one is actually fun. You'll be impressed by the quality of the writing and the clarity with which the authors explain complicated matters. Why have these clever writers gone public with information on how to hack into computers? They figure that hackers learn how to penetrate systems anyway. It's the network administrators and other professionals that need to understand hacking to protect their own vulnerabilities. The book, which is detailed almost to a fault, explains how to defend and attack specific programs, Web sites, voicemail, firewalls and even individual Internet users. We at getAbstract.com recommend this as an essential reference for businesspeople who want to know why system administrators always look twitchy. It's also a good tool for any computer professional whose day - or career - might be ruined by a single moment of system weakness.

This book is a good introduction to script kiddies, programmers who want to know about tools to attack systems and novice system administrators. It is a compendium of most of the attacks known. I did not like the way the attacks are classified according to the operating system rather than based on the bugs involved. For each attack mentioned in the book, they describe the tools needed to carry out the attack, a high level description of the attack strategy using the tools and ways to protect against the attack. However the book fails to explain the flaws in the protocols or programs that allow these attacks. I would recommend this book to someone who doesn't care how an attack works, but is just interested in knowing about various attacks. Definitely not recommended for someone working in this area or someone with basic OS knowlege.

i have been in the comminications field for 13 years now. this book reviewed like it was one of the best out there for hacking methods and vulnerabilities and i thought it would compliment my library. after going through about a third of the book, i now know it is poor. this book is nothing more than a internet directory listing for hack sites and software. it gives no detail at all. it explains next to nothing. where as i was looking for actual mechanics for attacks, to include protocols and logic, this book simply references web site, after site, after site. i would not even recommend this book for a beginner due to no depth. you could do better pointing your browser to the internet than read this book (well, the book does pretty much tell you to go to the internet). look elsewhere, even if you are looking for a starter book on the topic.