- Series: The Radia Perlman Series in Computer Networking and Security
- Paperback: 592 pages
- Publisher: Prentice Hall PTR; 1 edition (July 23, 2001)
- Language: English
- ISBN-10: 0130332739
- ISBN-13: 978-0130332738
- Product Dimensions: 7 x 1.6 x 9.3 inches
- Shipping Weight: 2.5 pounds
- Average Customer Review: 27 customer reviews
- Amazon Best Sellers Rank: #811,223 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses (The Radia Perlman Series in Computer Networking and Security) 1st Edition
Use the Amazon App to scan ISBNs and compare prices.
There is a newer edition of this item:
All Books, All the Time
Read author interviews, book reviews, editors picks, and more at the Amazon Book Review. Read it now
Customers who bought this item also bought
What other items do customers buy after viewing this item?
In defending your systems against intruders and other meddlers, a little knowledge can be used to make the bad guys--particularly the more casual among them--seek out softer targets. Counter Hack aims to provide its readers with enough knowledge to toughen their Unix and Microsoft Windows systems against attacks in general, and with specific knowledge of the more common sorts of attacks that can be carried out by relatively unskilled "script kiddies." The approach author Ed Skoudis has chosen is effective, in that his readers accumulate the knowledge they need and generally enjoy the process.
The best part of this book may be two chapters, one each for Windows and Unix, that explain the essential security terms, conventions, procedures, and behaviors of each operating system. This is the sort of information that readers need--a Unix person getting into Windows administration for the first time needs an introduction to the Microsoft security scheme, and vice versa. A third chapter explains TCP/IP with focus on security. With that groundwork in place, Skoudis explains how (with emphasis on tools) attackers look for vulnerabilities in systems, gain access, and maintain their access for periods of time without being discovered. You'll probably want to search online resources for more specific information--Skoudis refers to several--but this book by itself will provide you with the vocabulary and foundation knowledge you need to get the details you want. --David Wall
Topics covered: How black-hat hackers work, what tools and techniques they use, and how to assess and improve your systems' defenses. The author explains how Windows, Unix, and TCP/IP can be exploited for nefarious purposes, and details a modus operandi that's typical of the bad guys.
From the Back Cover
The Next Generation Hacker Book
The step-by-step guide to defending against hacker intrusions!
- Defend against today's most powerful hacker attacks!
- Hands-on, step-by-step techniques for UNIX/Linux and Windows environments
- Intrusion detection: New evasion techniquesand countermeasures
- By the security expert who demonstrated hacking to the U.S. Senate!
This easy-to-use, step-by-step guide will empower network and system administrators to defend their information and computing assetswhether or not they have security experience. In Counter Hack, leading network security expert Edward Skoudis presents comprehensive, insider's explanations of today's most destructive hacker tools and tactics-and specific, proven countermeasures for both UNIX and Windows environments. Skoudis covers all this and more:
- Know your adversary: from script kiddies to elite attackers
- A hacker's view of networks, TCP/IP protocols, and their vulnerabilities
- Five phases of hacking: reconnaissance, scanning, gaining access, maintaining access, and preventing detection
- The most dangerous and widespread attack scenariosexplained in depth
- Key hacker tools: port scanners, firewall scanners, sniffers, session hijackers, RootKits, and more
- How hackers build elegant attacks from simple building blocks
- Detecting and preventing IP spoofing, covert channels, denial of service attacks, and other key attacks
- How hackers cover their tracksand how you can uncover their handiwork
- A preview of tomorrow's hacker tools, attacks, and countermeasures
Whatever your role in protecting network infrastructure and data, Counter Hack delivers proven solutions you can implement right nowand long-term strategies that will improve security for years to come.
Top customer reviews
I'm well into the book now and can tell you that it definitely lives up to all those 5 star ratings. As others have said, it is an easy, enjoyable, and very informative read. Depending on your ultimate objectives you may eventually want to get even deeper into the technical aspects of security but for starters and for a good long term reference this book is excellent.
Buy it. You won't be disappointed.
The STEVENS 'Tcp/Ip Illustrated Vol I', is (as you surely know) a very special book. 'Counter Hack' deserves the same qualification.
Well written and structured, this book covers all classic issues about computer security, as well as very actual and interesting topics like 'IDS Evasion' and 'Rootkits'.
The summary of chapter 4 (Windows NT/2000 Overview) and the whole Chapter 12 (Anatomy of an Attack) are both masterpieces.
Chapter 11 (Covering Tracks and Hiding) is a welcome extra (rarely found in similar books), and in every chapter several useful security tools are discussed in detail (and the related URL shown).
From beginners to experts, this book is a valuable reference for everyone. I own about 30 'computer security' books, and actually could discard 25 with no significant losses (aging and excessive repetition). Of course, if this were the case, 'Counter Hack' would be one of the 5 survivors.
Another worthy title is Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses. The self-described Next Generation Hacker Book promises to be "a step-by-step guide to defending against hacker intrusions." Rather than focusing on a single technology to secure, Skoudis shows readers how to design and defend their networks against myriad threats. His step-by-step approach is to partition the hacking process into five phases (Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks, and Hiding) and to detail the steps within each phase.
As noted by Anderson in Security Engineering, most systems are designed to keep out the "good guys" --those who follow the rules but may occasionally bypass them. Hackers and other adversaries -- who do not follow the rules -- require a unique set of constraints to keep them out of corporate networks.
The book opens with a crucial topic: knowing your threats and not underestimating your adversary. Although most people may put all adversaries under the blanket class of "hackers," there are a number of antagonistic groups, each of which possesses a unique set of threats. Unless an organization knows who its adversaries are -- whether internal employees (the true cause of most security incidents), organized crime, disgruntled consultants, remote hackers, customers, suppliers, or hactivists -- there is no way its network can be appropriately secured. Counter Hack details what course of action to take in order to protect against attacks, whether they originate from a low-level script kiddy or a world-class hacker.
Skoudis' step-by-step approach to effectively securing a network begins with an introduction to the operations of TCP/IP. Most experienced readers can bypass this section. The next two chapters provide an overview of Unix and Windows NT/2000, which are the most commonly installed operating systems in corporate America. Although most security books address Windows NT/2000 and Windows PPTP (Point-to-Point Tunneling Protocol), Skoudis astutely notes the huge security ramifications of running them.
The following sections detail how hackers perform reconnaissance and scanning attacks against networks in order to penetrate them. Skoudis details the fundamentals of port scanning and the use of scanning tools such as nmap.
Chapter 7 covers applications and operating-system-level attacks. It includes an excellent overview of buffer-overflow attacks and how to obviate them. This is a crucial point for programmers who are often unaware of the specific dangers of buffer overflows.
The book details the dangers of Trojan horses, backdoors, and root kits, which are often difficult to detect once they are installed. Skoudis covers the nastiest backdoor, kernel-level root kits, and execution redirection in particular. The danger of execution redirection is that the hacker can intercept a call to run a certain application and map that call to another application . It is basically a bait-and-switch attack, except that the victims do not know that they are being attacked.
Skoudis has an easy-to-read style. When he mentions a hacking tool, he effectively describes how the tool works and how it can be employed to secure a system. Skoudis also includes a number of stories written in the first-person. It is a pleasure to read a security book written by a professional who has in-the-trenches experience, as opposed to someone who thinks copying RFC's makes for an original book.
If you have a network connected to the Internet, you will inevitably be hacked. This book shows how to avert such attacks with a counter hack. For a wide-ranging overview of how to secure a system against myriad adversaries, do yourself, your employer, and your networks a favor and read Counter Hack.
While I am a huge fan of the entire Hacking Exposed series of books, and I highly recommend Hacking Exposed- 5th Edition, I feel that Counter Hack Reloaded does a better job at putting the attacks and countermeasures in context and illustrating the bigger picture of how they would or could be used rather than just giving a list of attacks and mitigations in a vacuum. The book is by no means intended for a computer novice, but for someone who is comfortable with computers and networking and wants to expand their knowledge of security, Counter Hack Reloaded is an excellent choice.
As in the original Counter Hack, the book ends with a section called Putting It All Together which provides some short story scenarios that illustrate the attack beginning to end and help to pull the information together so that the reader can understand it better.