Hack Attacks Revealed: A Complete Reference with Custom Security Hacking Toolkit (Paperback)

by John Chirillo (Author) "Approximately 30 years ago, communication protocols were developed so that individual stations could be connected to form a local area network (LAN)..." (more)
Key Phrases: targ addr, src prt, static void interrupt, Hack State, Token Ring, United States (more...)

Editorial Reviews

Review
"Hack Attacks Revealed completely blows the other security books out of the water. It was the book I was looking for when I bought all the others!"
(Kelly M. Larsen , C2Protect, DoD Security Instructor)

"Speaking for the Air Force Computer Emergency Response Team, these books vastly facilitate our operations involving intrusion detection, incident response, and vulnerability assessment of Air Force automated information systems."
(L. Peterson, AFCERT)

"[Hack Attacks Denied] is quite extensive in providing the information that the users may need to prevent hack attacks." (HiTech Review)

"Whoever "you" are--sysadmin, internetworking engineer, or hacker (disaffected or otherwise), you'll find that Chirillo is selling authentic goods." (Bill Camarda, Slashdot)

Product Description
Beat hackers at their own game — The world of a hacker revealed by a corporate hack master
Hack Attacks Revealed

Take a technogothic journey inside the world of a hacker as seen by security expert John Chirillo. Drawing on his own experience as a hacking consultant for Fortune 1000 companies, Chirillo shows how hackers can exploit network security holes and how you can recognize an oncoming threat to your security. The book features details of the powerful Tiger Box® system, used by hackers to penetrate vulnerable networks, and teaches you how to use that same tool to your advantage.

In this highly provocative work, you’ll discover:

• The hacker’s perspective on networking protocols and communication technologies

• A complete hacker’s technology handbook, illustrating techniques used by hackers, crackers, phreaks, and cyberpunks

• Information discovery and scanning tools for hacking into known and unknown ports and service vulnerabilities

• Detailed instructions for customizing the Tiger Box for your needs and using it to search hack attacks

See all Editorial Reviews

Product Details

• Paperback: 800 pages
• Publisher: John Wiley & Sons; Bk&CD-Rom edition (April 5, 2001)
• Language: English
• ISBN-10: 047141624X
• ISBN-13: 978-0471416241
• Product Dimensions: 9.2 x 7.5 x 2.1 inches
• Shipping Weight: 3.5 pounds
• Average Customer Review: 4.4 out of 5 stars See all reviews (269 customer reviews)
• Amazon.com Sales Rank: #1,141,117 in Books (See Bestsellers in Books)

Customer Reviews

Most Helpful Customer Reviews

74 of 75 people found the following review helpful:

2.0 out of 5 stars You'll like the book if you think these quotes are correct, August 14, 2001

By	Richard Bejtlich "TaoSecurity.com" (Metro Washington, DC) - See all my reviews (TOP 500 REVIEWER)    (REAL NAME)

Many praise this book but may not recognize its shortcomings. Here is a sampling of specific excerpts of technically incorrect material. Any odd grammar is a result of directly quoting the book.

p. 28: "When a connection is established between two nodes during a TCP session, a three-way handshake is used. The process starts with a one-node TCP request by a SYN/ACK but, and the second node TCP response with a SYN/ACK bit. At this point, as described previously, communication between the two nodes will procede. When there is no more data to send, a TCP node may send a FIN bit, indicating a close control signal. At this intersection, both nodes will close simultaneously."

p. 93: "These first 1,024 ports are reserved for system services; as such, outgoing connections will have port numbers higher than 1023. This means that all incoming packets that communicate via ports higher than 1023 are replies to connections initiated by internal requests."

p. 97: "The crucial issue with port 7's echo service pertains to systems that attempt to process oversized packets... this problem is commonly referred to as the "Ping of Death" attack. Another common deviant to port 7 is known as "Ping Flooding."

p. 19: "Unfortunately, this service [chargen] is vulnerable to a telnet connection that can generate a string of characters with the output redirected to a telnet connection to, for example, port 53 (domain name service (DNS)). In this example, the flood of characters causes an access violation fault in the DNS service, which is then terminated, which, as a result, disrupts name resolution services."

p. 106: "As there are limitations in the development of a standard windows system for UNIX, the word from the Underground indicates that hackers are currently working on exploiting fundamental flaws of this service [news]."

p. 107: "When this port [exec] is active, or listening, more often than not the remote execution server is configured to start automatically. As a rule, this suggests that X-Windows is currently running."

p. 108: "Although this [talk, ntalk] seems harmless, many times it's not. Aside from the obvious -- knowing that this connection establishment sets up a TCP connection via random ports -- exposed these services to a number of remote attacks."

p. 109: "Without the necessary filtration techniques throughout the network span, these ports [klogin, kshell, kerberos] are vulnerable to several remote attacks, including buffer overflows, spoofs, masked sessions, and ticket hijacking."

p. 161: "A stealth scanner never completes the entire SYN/ACK process, therefore bypassing a firewall, and becoming concealed from scan detectors."

The book also offers:

p. 110- 147: 37 pages of trojan tool screenshots

p. 231 - 271: 40 pages on DOS (yes, Disk Operating System) commands

p. 373 - 405: 32 pages on DOS terminate and stay resident (TSR) programming, in case you need your circa 1991 x286 box to run your favorite text-based game

Beyond page 405, at least 250 pages (more than 25% of the book) are nothing more than printouts of C code.

The author says on p. xv: "The difference between this book and other technical manuscripts is that it is written from a hacker's perspective," and on p. xvi: "My goal is to help mold you become a virtuous hacker guru."

If this material is any indication, I have nothing to fear from the legions of "hacker gurus" who will learn from this book. I won't have any trouble weeding them out during technical interviews for job openings, either.

28 of 31 people found the following review helpful:

1.0 out of 5 stars Spread like Wildfire? Don't think so., August 27, 2001

By	Arden Barnes (EL CAMO, TX USA) - See all my reviews

I've heard a lot of cliche's about this book, but the one that I found the most amusing is that it would 'spread like wildfire.' Well, weighing in at over 1300 pages, the first two Hack Attack books certainly could be used as excellent kindling. And this is the best use of these books. You will feel no remorse should you burn each and every page of these wretched books on a cold cold night. Have no pangs of guilt, there's nothing useful in these books at all. Don't be fooled by the thickness, it's very light on content, and heavy on screen shots and source code listings. You can find better references in one fifth the page count.

23 of 25 people found the following review helpful:

2.0 out of 5 stars Slightly disapointed, August 28, 2001

By A Customer

This book is an excellent reference for networking / protocols etc, with a few scant comments of how these protocols are vulnerable. Most of the info in the appendixes can be found in RFC's and has been pulled straight out. The extensive list of port references as an example. The tiger tool kit looked promising for the out of the box hacker but I was suprised to see that there was only a limited edition (limited by functionality) included. Some interesting scripts and a different approach than other books I have read which was nice. Made me brush up on the network stuff but nothing you cant learn from a good tcp/ip book. All in all interesting, well written but it seems the only way you are ever going to hack anything is to build your own lab and learn it yourself.