- Paperback: 400 pages
- Publisher: McGraw-Hill Education; 3 edition (May 16, 2006)
- Language: English
- ISBN-10: 0072263040
- ISBN-13: 978-0072263046
- Product Dimensions: 7.3 x 0.8 x 9 inches
- Shipping Weight: 1.5 pounds (View shipping rates and policies)
- Average Customer Review: 13 customer reviews
- Amazon Best Sellers Rank: #1,501,969 in Books (See Top 100 in Books)
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Hacker's Challenge 3: 20 Brand New Forensic Scenarios & Solutions (v. 3) 3rd Edition
Use the Amazon App to scan ISBNs and compare prices.
Fulfillment by Amazon (FBA) is a service we offer sellers that lets them store their products in Amazon's fulfillment centers, and we directly pack, ship, and provide customer service for these products. Something we hope you'll especially enjoy: FBA items qualify for FREE Shipping and Amazon Prime.
If you're a seller, Fulfillment by Amazon can help you increase your sales. We invite you to learn more about Fulfillment by Amazon .
Frequently bought together
Customers who bought this item also bought
Customers who viewed this item also viewed
From the Back Cover
The stories about phishing attacks against banks are so true-to-life, it’s chilling.” --Joel Dubin, CISSP, Microsoft MVP in Security
Every day, hackers are devising new ways to break into your network. Do you have what it takes to stop them? Find out in Hacker’s Challenge 3. Inside, top-tier security experts offer 20 brand-new, real-world network security incidents to test your computer forensics and response skills. All the latest hot-button topics are covered, including phishing and pharming scams, internal corporate hacking, Cisco IOS, wireless, iSCSI storage, VoIP, Windows, Mac OS X, and UNIX/Linux hacks, and much more. Each challenge includes a detailed explanation of the incident--how the break-in was detected, evidence and clues, technical background such as log files and network maps, and a series of questions for you to solve. In Part II, you’ll get a detailed analysis of how the experts solved each incident.
Exerpt from “Big Bait, Big Phish”:
About the Author
David Pollino has a strong background in security, wireless, and networking. David is currently a security practitioner working in financial services. During his career, he has worked for an industry-leading security consulting company, a large financial services company, and a tier 1 ISP. David often speaks at security events and has frequently been quoted in online and printed journals regarding security issues. During his career as a consultant and network engineer, David has worked for clients across multiple industries, including financial services, service providers, high technology, manufacturing, and government. He co-authored Wireless Security (RSA Press, 2002) and Hacker's Challenge and Hacker's Challenge 2 (McGraw-Hill/Osborne, 2001 and 2002, respectively).
Bill Pennington, CISSP, has six years of professional experience in information security and eleven years in information technology. His duties at WhiteHat include managing research and development, guiding product and technology direction, managing web application assessment teams, and developing and delivering WhiteHat Security training. Bill has performed web application assessments for more than four years in a variety of industry verticals including financial services, e-commerce, and biotechnology. He is familiar with Mac OS X, Linux, Solaris, Windows, and OpenBSD, and he is a Certified Information Security Systems Practitioner (CISSP) and Certified Cisco Network Administrator (CCNA). He has broad experience in web application security, penetration testing, computer forensics, and intrusion detection systems. Prior to joining WhiteHat, Bill was a principal consultant and technical lead for assessment services at Guardent, a nationwide security services provider.
Tony Bradley, CISSP-ISSAP, MCSE2k, has eight years of computer networking and administration experience, focusing the last four on network security and malware protection. Tony is a network security architect providing design, implementation, and management of network security solutions for a variety of Fortune 500 customers. He is also the editor and writer for the About.com Internet/Network Security website and frequently contributes to a variety of technical and security publications, both in print and on the Web. You can view his writing portfolio at http://www.s3kur3.com.
Himanshu Dwivedi is a founding partner of iSEC Partners, an independent provider of information security services and tools. He has 12 years of experience in security and IT. Before forming iSEC, he was Technical Director for @stake's Bay Area security practice. Himanshu's professional focus includes strategic security services, which leverages his experience with software development, infrastructure security, application security, tool development, and secure product design. He is considered an industry expert in storage security, specifically Fibre Channel/iSCSI SANs and CIFS/NFS NAS systems. Himanshu has presented at major security conferences throughout the world, including Black Hat, Storage Networking World, Syscan Singapore, and Bellua Indonesia. Himanshu also has a patent pending for a storage security design architecture that can be implemented on enterprise storage products for Fibre Channel networks. Himanshu has also authored two additional security books, including Securing Storage: A Practical Guide to SAN and NAS Security (Addison-Wesley, 2005) and Implementing SSH: Strategies for Optimizing the Secure Shell (Wiley, 2003).
Top customer reviews
There was a problem filtering reviews right now. Please try again later.
The 'challenges' that are described in the book cover a range of different methods that have been used to breach the security of various computer networks. Each challenge provides a all of the essential pieces of information that would be available to be examined by security experts dealing with the problem (trimmed of much of the irrelevant logs). Sufficient information is actually provided to enable someone with a sufficient knowledge of security to work out both what type of attack has taken place and how the attack was done. They should then have no trouble in answering the series of questions about the particular attack that appear at the end of each challenge before turning to the solutions section to check their answers.
The challenges also provide excellent tutorials for novice security staff to find out how to extract and interpret information in order to determine what has happened.
I always thought of computer security as a necessary but boring subject but the authors of this book have managed to make it both informative and entertaining. If you are a security specialist looking to take the "hacker's Challenge" and test how much you know or if you are just someone wanting to learn more about some of the latest security threats then this book will provide you with many hours of interesting reading and investigating.
In addition, you get information related to other newer attacks like phishing, VoIP vulnerabilities and social engineering. This is a great book and MUST be in every security technician's library.
Tom Carpenter, Author: Wireless@ Certification Official Study Guide, CWSP Certification Official Study Guide, and Foundations of Effectiveness.
The 20 challenges cover the following: phishing, DNS cache poisoning, Web app hacking (multiple), anonymous FTP abuse, wireless misconfigurations and abuse, social engineering, disgruntled soon-to-be-ex-employees, malware, password reuse, p2p abuse, router exploitation, XSS, and an iSCSI compromise. The last of these was my favorite because I have not seen this in the field yet. Almost all of the other exploits will seem familiar to anyone performing security consulting.
I believe all of the HC books are wonderful learning and discussion tools for junior security analysts. I would caution them to not accept the "approved solutions" as the proper way to conduct incident response and forensics, however. In 4 or perhaps 5 of the 20 cases, the IR process commenced with direct examination of suspected systems. In other words, admins or security folks jumped right onto possibly compromised hosts and began searching for clues of intrusion.
This is not the proper way to perform IR, yet I saw it demonstrated in Chs 4, 6, 9, and 12. Ch 12, p 119 was especially disappointing -- "the obvious place to begin the investigation is the Oracle server." Wrong -- unless you want to contaminate evidence, tip off the intruder, or introduce other problems into the security equation.
One of Anton Chuvakin's cases demonstrated a better way to approach the IR problem -- look for application logs, firewall records, and network traces first. Avoid touching suspected victims until there is no other option, and then do so carefully.
I do not intend to say through my comments that this process was universally ignored in HC3. Several times proper host-based IR procedures are followed, when using forensic live CDs or obtaining hard drive images. However, please keep my comments in mind while reading HC3. Since the book claims to be based on real events, it's possible the authors are retelling flawed investigations by their customers!
Overall, I definitely recommend reading HC3 if you are new to security or if you need to quiz your newer employees. The book is technically sound (except for a mention of Windows 2002 on p 265) and entertaining. Kudos for the HC3 team for sharing their creative ideas with us.