The Hacker's Handbook: The Strategy Behind Breaking into and Defending Networks (Hardcover)

by Susan Young (Author), Dave Aitel (Author) "In many ways, this is almost the hardest chapter to pen in this book; in writing this, I am forced to relive the many occasions..." (more)
Key Phrases: forensics evasion, hacking client, backdoor listeners, Active Directory, Consolidating Gains, Back Orifice (more...)

Editorial Reviews

Review
By the author’s providing a ‘hacker’ perspective, readers will more fully understand the ramifications of having an insecure computer, server, network, program, database and or policy. The book [includes] … a good table of contents that is extensive, very organized and thorough … . … [T]here are important discussions of the non-technical kind [of insecurity] like policy, which is too often overlooked in many organizations. … What is most impressive about the book is its outlines of specific exploits and attacks with prescribed defenses. … Coupled with good illustrations and detailed explanations[,] this is a great resource for both academic and public libraries.
— E-Streams, Vol. 7, No. 9, Sept. 2004
Awesome work!
—Anton Chuvakin, Ph.D., GCIA, GCIH, netForensics
Promo Copy

Awesome work!
-Anton Chuvakin, Ph.D., GCIA, GCIH, netForensics

By the author's providing a 'hacker' perspective, readers will more fully understand the ramifications of having an insecure computer, server, network, program, database and or policy. The book [includes] … a good table of contents that is extensive, very organized and thorough … . … [T]here are important discussions of the non-technical kind [of insecurity] like policy, which is too often overlooked in many organizations. … What is most impressive about the book is its outlines of specific exploits and attacks with prescribed defenses. … Coupled with good illustrations and detailed explanations[,] this is a great resource for both academic and public libraries.
- E-Streams, Vol. 7, No. 9, Sept. 2004

Product Description
The Hacker's Handbook: The Strategy Behind Breaking Into and Defending Networks, moves ahead of the pack of books about digital security by revealing the technical aspects of hacking that are least understood by network administrators. This is accomplished by analyzing subjects through a hacking/security dichotomy that details hacking maneuvers and defenses in the same context. Chapters are organized around specific technical components and administrative tasks, providing theoretical background that prepares network defenders for the always-changing and creative tools and techniques of intruders.This book is divided into three parts. Part I introduces programming, protocol, and attack concepts. Part II addresses subject areas (protocols, services, technologies, etc.) that may be vulnerable. Part III details consolidation activities that hackers may use following penetration. Each section provides a "path" to hacking/security Web sites and other resources that augment existing content. Referencing these supplemental and constantly-updated resources ensures that this volume remains timely and enduring. By informing IT professionals how to think like hackers, this book serves as a valuable weapon in the fight to protect digital assets.

Product Details

• Hardcover: 896 pages
• Publisher: Auerbach Publications; 1 edition (November 24, 2003)
• Language: English
• ISBN-10: 0849308887
• ISBN-13: 978-0849308888
• Product Dimensions: 9.5 x 6.2 x 2.1 inches
• Shipping Weight: 3 pounds (View shipping rates and policies)
• Average Customer Review: 4.2 out of 5 stars See all reviews (5 customer reviews)
• Amazon.com Sales Rank: #928,528 in Books (See Bestsellers in Books)

Customer Reviews

Most Helpful Customer Reviews

11 of 11 people found the following review helpful:

4.0 out of 5 stars Good solid work, February 26, 2004

By	Dr Anton Chuvakin (CA, USA) - See all my reviews

"The Hacker's Handbook" is a comprehensive and entertaining volume on security. It has most of the defining traits of a great book, such as clearly stated goal (authors realize that lots of security books are out there and one needs to differentiate) as well as some unique content on application attacks.

The book is a technically sound volume, I found very few factual mistakes. I found some interesting content on central auth servers such as radius, which I haven't seen described well elsewhere. Defensive tool info is a bit jumbled and not new. For example, IDS coverage is too non-specific to be useful. I also found a couple of other chapters a bit weak on interesting content.

The book covers the security field on many levels - from concepts to scripts - and can be successfully used by entry-level people as well as experts. The book is better suited for technologists rather than managers. Security analysts/admins, hands-on security managers, security savvy system and network admins, students of computer security can benefuit from a book.

Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org

8 of 9 people found the following review helpful:

5.0 out of 5 stars Make sure you have a copy of this handbook close at hand!, April 15, 2004

By	amazingoffers (Aurora, IL United States) - See all my reviews

...This book covers a wide array of topics, focusing on three aspects of each topic: technical background, hacking, and security. The coverage is both comprehensive and practical. The book explains the technical and conceptual foundations of computer security. Its information is organized in a way that makes it easy to find material relevant to any questions you may have regarding hacking and security. And every chapter points to additional materials if you want to investigate further.

You'll learn all about the anatomy of various types of attacks, including the five elements of attack strategy: reconnaissance, mapping targets, system or network penetration, denial-of-service, and consolidation. You'll also learn about the tools you'll need to defend your network, how they all work within a security framework, and the strengths and weaknesses of each. Included are tools for the purposes of access control, authentication, auditing, privacy, intrusion detection, data integrity, and more.

If you are a network or security administrator, protecting your network's integrity is one of your most important tasks. Before you begin your chess match with the world's hackers, make sure you know the rules, the tools, and the possibilities of the game. Make sure you understand the strategies that will be used against you and that you can use against your opponents. Make sure you have a copy of The Hacker's Handbook close at hand. Hey, I do! - Raffiudeen Illahideen, IL, USA

5 of 5 people found the following review helpful:

5.0 out of 5 stars The Definitive Guide to Computer Security, September 3, 2004

By	George C. Huntington "gchjr" (Simsbury, CT United States) - See all my reviews (REAL NAME)

Susan has presented a thorough guide to computer security and how to guard against internal and external vulnerabilities. She allows the reader to get inside the mind of both the nefarious hacker and the seasoned defender.

Recommended for the beginner through the advanced security consultant.....