Extreme Exploits: Advanced Defenses Against Hardcore Hacks (Hacking Exposed) (Paperback)

~ (Author), Oliver Friedrichs (Author), Brett Watson (Author)

Editorial Reviews

Product Description

This cutting-edge volume takes network security professionals to the next level in protecting networks and web sites. Never-before-published advanced security techniques and concise explanations of core Internet infrastructure explain how to defend against devastating vulnerabilities in systems and the underlying network. With the authors' winning methodology for attack profiling and the theatre of war concept, you'll learn how to architect and prepare your network for threats that don’t yet exist.
By explaining specific in-depth technologies in use by not only the attackers, but also inside the applications they target, this book enables the reader to make better use of the tools available today, and to design new tools, techniques, and operational policies for the future.

From the Back Cover

Protect your network and web sites from malicious attacks with help from this cutting-edge guide. Extreme Exploits is packed with never-before-published advanced security techniques and concise instructions that explain how to defend against devastating vulnerabilities in software and network infrastructure. This book gives you detailed analyses of modern threats and their solutions along with checklists for developing defenses. You’ll also be introduced to a winning methodology for custom vulnerability assessments including attack profiling and the theatre of war concept. Through in-depth explanations of underlying technologies, you’ll learn to prepare your network and software from threats that don’t yet exist. This is a must-have volume for anyone responsible for network security.

• Secure your critical domain name system (DNS) infrastructure
• Ensure reliable Internet connectivity amidst a myriad of attacks
• Implement effective intrusion detection and prevention technologies
• Prevent e-mail abuse using advanced filtering, encryption, and other methods
• Stop data theft and egress exploitation by altering packet filtering rules
• Defend against viruses, worms, bots, Trojans, and other malicious code
• Use IP sinkholes and backscatter analysis to trap and gain knowledge from scanning and infiltration attempts
• Secure wireless networks using a variety of technologies
• Create a customized vulnerability assessment methodology for your organization
• Use proven digital forensics techniques to investigate attacks
• Learn to protect your software from little-known vulnerabilities

About the Authors: Victor Oppleman is an accomplished author, speaker, and patent-holder in the field of network security and a specialized consultant to some of the world’s most admired companies. His open source software is used by thousands of engineers worldwide. Oliver Friedrichs is a Senior Manager in Symantec Security Response, the organization responsible for the delivery of anti-virus definitions, intrusion detection updates, and early warning technologies within Symantec. Mr. Friedrichs also co-founded SecurityFocus and Secure Networks. Brett Watson has 17 years experience in networks and security for some of the world’s largest Internet Service Providers and enterprise networks. He holds a patent for one of the first large-scale content distribution platforms known as Hopscotch.

See all Editorial Reviews

Product Details

• Paperback: 448 pages
• Publisher: McGraw-Hill Osborne Media; 1 edition (July 18, 2005)
• Language: English
• ISBN-10: 0072259558
• ISBN-13: 978-0072259551
• Product Dimensions: 9.1 x 7.4 x 1 inches
• Shipping Weight: 1.6 pounds (View shipping rates and policies)
• Average Customer Review: 4.0 out of 5 stars  See all reviews (5 customer reviews)
• Amazon.com Sales Rank: #696,508 in Books (See Bestsellers in Books)

  Popular in this category: (What's this?)

  #49 in

  Books > Computers & Internet > Networking > Network Programming

Customer Reviews

Most Helpful Customer Reviews

5 of 5 people found the following review helpful:

4.0 out of 5 stars Awesome stuff about infrastructure attacks, December 1, 2005

By	Dr Anton Chuvakin (CA, USA) - See all my reviews

Here is the thing - I am giving this book a high score (4) since it contains unique and fun content related to network infrastructure attacks and defenses, which I have not seen anywhere else. In my view, the good stuff justifies such score, although I suspect that some other reviewers will sledgehammer the book for having too much of routine material covered in other previous books, including the venerable Hacking Exposed.

While I had a general idea of how providers mitigate DDoS attacks, I did not know the specifics of unicast reverse-path forwarding method, described in the book. Similarly, I picked up a lot of material of setting up sinkholes for dropping traffic (and, more specifically, how they are better than ACLs in many cases).

From other topics, I liked their coverage on the evolution of DMZ from simple designs of years past to current security zone design.

The book also presents a lot of up-to-date material, such as the coverage of security information management (SIM), vulnerability management and recent security standards, such as CVSS. It doesn't go into details in some places where I'd wanted it to, but still is interesting to read.

On the other hand, some chapters are disappointing and seem to be in the book for it to appear "comprehensive". Forensics chapter is one of those (it is also mistakenly called "Exploiting Forensics", while no exploitation is taking place)

I recommend the book for most people, from beginners to advanced, since the former will enjoy the breadth of coverage while the latter will likely benefit from the network infrastructure protection (and devastation, of course!) tips. In addition, defense checklists in the end of each chapter are useful for those who do not have time to go and study the material in-depth. The book is slightly biased towards the defense side, with good coverage of the attacking side as well.

Dr Anton Chuvakin, GCIA, GCIH, GCFA is a recognized security expert and book author. In his current role as a Security Strategist with netForensics, a security information management company, he is involved with defining future features and conducting security research. A frequent conference speaker, he also represents the company at various security meetings and standard organizations. He is an author of a book "Security Warrior" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and the upcoming "Hacker's Challenge 3". Anton also published numerous papers on a broad range of security subjects. In his spare time he maintains his security portal at info-secure.org and a blog at O'Reilly"

3 of 3 people found the following review helpful:

4.0 out of 5 stars For going from the basics to the advanced..., October 30, 2005

By	Thomas Duff "Duffbert" (Portland, OR United States) - See all my reviews (TOP 50 REVIEWER)    (REAL NAME)

Regardless of how many steps you take to secure your organizational computing environment, there's always some new exploit waiting to nail you. The best you can do is to understand your network and stay on top of the technology. Extreme Exploits - Advanced Defenses Against Hardcore Hacks by Victor Oppleman, Oliver Friedrichs, and Brett Watson can help you in that pursuit, especially in the networking realm...

Contents:
Part 1 - Core Internet Infrastructure for Security Professionals: Internet Infrastructure for Security Professionals; ISP Security Practices - Separating Fact from Fiction; Securing the Domain Name System
Part 2 - Defending Your Perimeter and Critical Internet Infrastructure: Reliable Connectivity; Securing the Perimeter; Redefining the DMZ - Securing Critical Systems; Intrusion Detection and Prevention; E-mail Gateways, Filtering, and Redundancy; Data Leaks - Exploiting Egress; Sinkholes and Backscatter; Securing Wireless Networks
Part 3 - Network Vulnerability Assessments: Vulnerability and Patch Management; A Winning Methodology for Vulnerability Assessments; Performing the Assessment - Part 1, Performing the Assessment - Part 2
Part 4 - Designing Countermeasures for Tomorrow's Threats: Exploiting Digital Forensics; Viruses, Worms, Trojans, and Other Malicious Code; Exploiting Software
Index

The authors of this book are real gurus when it comes to networking technology. I worked with Brett Watson at a prior place of employment, and I can attest to the fact that he really knows his trade. In the first part of this book, they go into networking and security probably deeper than any other book I've had the opportunity to review. To get the most out of the material, it helps to be firmly grounded in networking technology. If you're not a network administrator or if you're just starting out, you'll probably struggle to keep up. Parts 2 and 3 are also valuable sections. Part 2 continues the in-depth analysis of how best to protect your network from attack, along with software recommendations to implement your security plans. And if you aren't already using a formal methodology to continuously review your network security, Part 3 will help you set up the necessary framework to implement a solid security review. Part 4 probably is the weakest part of the book, in that most of the material is available from multiple other sources, and doesn't necessarily fit into the "extreme exploits" flavor of the rest of the book. It's good information, to be sure... Just not all that unique or special if you've read more than one other security book.

One feature at the end of each chapter stood out and works well... It's a "Checklist for Developing Defenses" along with a recommended reading list. Using the checklist allows you to make sure you understood what each chapter was getting at, as well as giving you a roadmap for implementing security in the particular area that was just discussed. And if a particular chapter was really applicable to your organization, the follow-up reading can help you get even deeper into the material. Good practical technique for helping the reader move from theory to application...

If you have the basics of network security down, it's time to pick up a copy of this book. While you may have to work at understanding the material, it will pay off in a system network that is much more secure than most...

2 of 2 people found the following review helpful:

4.0 out of 5 stars Good broad coverage, November 27, 2005

By	Mark R. Lindsey (Valdosta, GA, USA) - See all my reviews (REAL NAME)

The book has two major sections: (a) configuration and maintenance practices, and (b) techniques for vulnerability assessment. The breadth of coverage of many modern techniques and terminology is very good; they go in-depth on a few topics here and there.

The basic assumption of section (a) is that you're trying to defend against unknown/unfixable threats. This is basically the current (2001-2005-) school of thought on security and leads to default-deny policies. This book has lots of good information on how to implement default-deny. The book convinced me that it's much more difficult than a default-deny firewall rule.

The book has many contributing authors; this probably contributes to its strength.
Many books are focused on ISPs, or on enterprises (read: "windows clients and servers with a firewall"), or on software developers, or VoIP carriers. This book has some good material for all of those types.

It's written from a Unix perspective. It does have some coverage of analyzing threats to Windows-based systems, but you'll get the most value from the book as an analyst/administrator if you use some sort of Unix. They have a BSD bias.

The authors also have an bias towards open-source software.

But it's not perfectly integrated, and the organization isn't ideal everywhere. For example, there are two sections of the book that discuss buffer overflows, apparently contributed by two different authors.

The index is only minimal; it only covers one of the sections on stack overflows. Bad indexes are a common problem in technical books from some publishers.