- Paperback: 711 pages
- Publisher: McGraw-Hill Osborne Media; 1 edition (June 25, 2002)
- Language: English
- ISBN-10: 0072222824
- ISBN-13: 978-0072222821
- Product Dimensions: 7.3 x 2 x 9 inches
- Shipping Weight: 3.3 pounds
- Average Customer Review: 13 customer reviews
- Amazon Best Sellers Rank: #3,858,350 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Anti-Hacker Tool Kit 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
There is a newer edition of this item:
The Amazon Book Review
Author interviews, book reviews, editors picks, and more. Read it now
"...is an awesome complement to any security professional's reference set. Recommended." -- Computerworld; October 7, 2002
From the Back Cover
"This book continues the best-selling tradition of Hacking Exposed--only by learning the tools and techniques of malicious hackers can you truly reduce security risk. Arm yourself today with the Anti-Hacker Tool Kit." -- Joel Scambray, Co-author of Hacking Exposed, Hacking Exposed Windows 2000, and Hacking Exposed Web Applications
Stay one step ahead of even the most cunning hackers with help from this invaluable resource. Through proper use and configuration of key security tools, you'll be able to investigate and resolve existing problems within your network infrastructure with precision and a minimum of fuss. Written by experienced security professionals, this resource provides you with comprehensive coverage of the most important and up-to-date security tools in use today, explains their function, and shows you how to use each tool effectively through in-depth implementation examples and case studies. Learn to detect and prevent system misconfigurations and Web server hacks plus, discover best practices for protecting both large and small networks.
Includes best practices for use and configuration of these key tools:
- Port scanners--Nmap, NetScan, SuperScan, IpEye
- Enumeration tools--Enum, PSTools, and User2SID
- BackDoors--NetBus, Back Orifice, and SubSeven
- Password crackers--Pwltool, SMBGrind, Jack the Ripper, and LSADump2
- Sniffers--Snort, BUTTSniffer, WinDump, and Dsniff
- System Audit tools --Nessus, STAT, ISS Internet Scanner
- Denial of Service tools--Tribe Flood network, Shaft, and Mstreams
- WardialersTHC-scan and ToneLoc
- Incident response and forensic tools--TCT, EnCase, FTK, and other file viewers
- Miscellaneous and multi-purpose tools-- Netcat, Getadmin, Fpipe, Fport, VMWare, and many more
Top customer reviews
It is not a theoretical book, it is a real 'learn by understanding how to hack' book. However,even if no too much, you'll need some basic knowledge about the area, to take full advantage of this book.
Needless to say the companion CD is, not only multi platform, but FULL of valuable tools.
I have reviewed a lot of security books (good books), but this one really impressed me very much.The forensic chapters alone, justify buying the book !!
I liked that the authors framed the book as being "about tools" and not "about security". The book will not teach you security concepts, but rather what the current tools are and (to some extent) how to use them.
The book offers coverage of Windows and UNIX, attack and defense (and investigation) tools. As the authors state, it does indeed make a good companion for "Incident Response" by providing a bit more details on the tools. Reading up on the methodologies before starting on the tools is a good idea.
I also liked that they highlighted the changes and new material added for the second edition. However, if the book offers to cover a laundry list of tools, some omissions look pretty suspicious. Where is Bastille in "Host Hardening"? Where is "scanrand" in scanners? Some tools (such as Nessus and Snort as well as commercial scanners) would have justified a bit more details (due to their relative complexity and diverse functionality).
The book will make a valuable addition to a library of a security professional. Although most or even all of the information there is available online after some googling, having it in one place is not a bad idea.
Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
The major additions to AHT:2E include a new chapter on firewalls, which doesn't really add anything new to the common body of security knowledge. A new chapter on host hardening covers Titan and MSec. Tools like THC-Amap, THC-Hydra, HFNetChk, Ettercap, Wellenreiter, and Kismet make appearances as well. Whereas Trinux was only mentioned in the first edition, it gets welcome coverage in the chapter on building live response bootable CDs. Updated material on Nmap, NetScan Tools, SuperScan, Scanline, and commercial forensic suites is included.
The remainder of the book is largely the same. Particularly, chapters on Netcat, X, VMWare, Cygwin, backdoors, source code auditing, port redirection, war dialers, and open source forensics appear very similar to AHT:1E. Deleted from AHT:2E are Whisker, Twwwscan/Arirang, SMBGrind, and Nbaudit. Comparisons with the first edition are somewhat complicated by the rearrangement of tools and chapters in AHT:2E, but I thought the new organization made sense.
Aside from the information on using Trinux, AHT:2E seemed to lack new contributions from an author with real forensic experience. Keith Jones' original material is still present, but advancements in the forensic arena are not covered. For example, AHT:2E should have addressed Keith's tools in the Odessa project, such as Galleta (cookie parsing), Pasco (IE history recovery), and Rifiuti (Recycle Bin examination).
Overall, AHT:2E is an excellent book, but I don't believe a second edition was needed 18 months after the first was published. The AHT look and feel has spawned the "Anti-Spam Tool Kit," which I plan to read and review shortly. Perhaps future AHT books will split out various sections (assessment, forensics, etc.) into separate volumes, making it easier to manage the series.
Most recent customer reviews
I haven't actually read the book, though it seems to be a re-hash of every other...Read more
Being a beginner in the field of computer security, i was a bit apprehensive of goin thru this...Read more