Hacking Exposed: Network Security Secrets & Solutions (Hacking Exposed) (Paperback)

by Stuart McClure (Author), Joel Scambray (Author), George Kurtz (Author)

Editorial Reviews

Amazon.com Review
Whenever Hollywood does a movie in which someone breaks into a computer, the hacking scenes are completely laughable to anyone who knows the first thing about computer security. Think of Hacking Exposed: Network Security Secrets and Solutions as a computer thriller for people with a clue. This is a technical book, certainly--URLs, procedures, and bits of advice take the place of plot and characters--but the information about hackers' tools will leave you wondering exactly how vulnerable your system is. More to the point, the explicit instructions for stealing supposedly secure information (a Windows NT machine's Security Access Manager file, for example) will leave you absolutely certain that your computers have gaping holes in their armor.

The book describes the security characteristics of several computer-industry pillars, including Windows NT, Unix, Novell NetWare, and certain firewalls. It also explains what sorts of attacks against these systems are feasible, which are popular, and what tools exist to make them easier. The authors walk the reader through numerous attacks, explaining exactly what attackers want, how they defeat the relevant security features, and what they do once they've achieved their goal. In what might be called after-action reports, countermeasures that can help steer bad buys toward less-well-defended prey are explained. If you run Linux, you may want to supplement the Unix information in this book with Maximum Linux Security, another practical-minded and very popular security text. --David Wall

Topics covered: The state of the art in breaking into computers and networks, as viewed from the vantage point of the attacker and the defender. There's information on surveying a system remotely, identifying weak points, and exploiting weaknesses in specific operating systems (Windows NT, Unix, and Novell NetWare, mostly). Coverage also includes war dialers, circumventing firewalls, denial-of-service attacks, and remote-control software. There's a cool appendix on the security characteristics of Windows 2000.

Review
"Destined to be a classic! The underground already knows this stuff, and now the sys admins will see their systems through the intruder's eyes." -- Simple Nomad, Renowned Security Researcher and Author of The Hack FAQ

"If this book doesn't scare and motivate you to take security seriously, nothing will." -- AlephOne, Bugtraq Moderator

"My experience in securing systems is that most users are shocked when they find out how vulnerable they really are. Perhaps this book will shock you. No matter what, it will educate you." -- Marcus Ranum, CEO of Network Flight Recorder

"The authors have put together an excellent up-to-date resource on modern security vulnerabilities. More than a how-to manual, it's a *how to do it right manual*. A book like this has been needed for quite some time now." -- Mike D. Schiffman ("Route"), security researcher and author of the Firewalk tool

"Understanding how to mount and create attacks is the only way you can protect against existing and, more importantly, future attacks. The information contained herein arms those on the defensive (security admin, network architects, software developers, etc) with this knowledge. It is refreshing to see this sort of material finally being made available to the general public." -- Mudge of the L0pht security research group, developers of the L0phtcrack NT password auditing tool

See all Editorial Reviews

Product Details

• Paperback: 484 pages
• Publisher: Computing Mcgraw-Hill (September 10, 1999)
• Language: English
• ISBN-10: 0072121270
• ISBN-13: 978-0072121278
• Product Dimensions: 9 x 8.5 x 1.3 inches
• Shipping Weight: 2.2 pounds
• Average Customer Review: 4.2 out of 5 stars See all reviews (59 customer reviews)
• Amazon.com Sales Rank: #885,069 in Books (See Bestsellers in Books)

Customer Reviews

Most Helpful Customer Reviews

57 of 57 people found the following review helpful:

5.0 out of 5 stars Everyone who owns a computer should have this book, June 18, 2000

By	Ryan Rhea (The Dalles, OR) - See all my reviews (REAL NAME)

This is an excellent book on computer and network security. I thought I new a lot about the subject, but after reading this book from cover to cover I know how much work I need to do to secure my networks. The book is packed with real-world scenarios and up to date information and tools (or links to tools) needed to hack into virtually any type of system. Fortunately, the authors wisely chose to provide countermeasures for each hack listed, which is invaluable to anyone who's livelihood involves maintaining networks. The organization of the book is excellent - it takes you through the steps needed to hack a system, from identification and enumeration to actual penetration, but also allows the advanced reader to quickly find system specific information or methods. Several appendixes are loaded with links to security sites and tools, legal information, and even common port lists. A must read for anyone who owns a computer; you will realize how vulnerable you really are.

48 of 48 people found the following review helpful:

5.0 out of 5 stars About time someone knew what they were writing about, September 14, 2000

By	Travis M. Owens (Rochester, NY USA) - See all my reviews (REAL NAME)

I've read about 4 security books and this book was far better than the rest. Instead of simply telling you not to run a certain service cuz it might have a hole, it actually tells you what the hole is, how to exploit it, and where to get the tools you need to exploit it. This isn't a list of programs and their holes though, it starts at the begining teaching you how to enumarate (get info) from a computer from all kinds of different methods, such as trying to find out OSs, their versions, services that are running and who is currently on the system. It talks about scanning groups of computers to find the few that are exploitable. It then goes on to explain specific Windows9X holes, then NT, to Novell, and then to Unix. Spending upto 60 pages on each operating system (very in depth and all of it usefull). There are also chapters just on dialup and VPNs (virtual private networks), firewalls, network hardware (routers) and an entire chapter just about DoS's (Denial of Services). It then goes into Advance Techniques, problems with PHP and ASP, and then onto a chapter on Windows2000 (talk about being up to date). As far as my book collection goes, this definetly gets my Top5 rating of the 100+ books I've read. Theres alot of meat to eat in this book.

44 of 45 people found the following review helpful:

5.0 out of 5 stars It Hacks it, February 24, 2000

By A Customer

Hacking exposed is one of the best books that I have come across. It is good for network administrators and new hackers alike. Hacking exposed takes you from the beginning to the end of a hack. It shows you how to catch the hacker, and it shows the hacker how not to get caught. I highly recommend this book if you have a network or are interested in network security.