From the Back Cover
"The end-all of hacking.... A must-read if you want to secure your networks." --W2Knews
Plug the holes in your Windows infrastructure by seeing it through the eyes of the attacker
Protect your Windows Server 2003 systems from the latest widespread and devastating attacks the tried-and-true Hacking Exposed way. You'll learn, step-by-step, how intruders locate targets, gain super-user access, and ransack compromised networks. Fully updated chapters detail all-new Windows Server 2003 footprinting and scanning methods, IIS6 security flaws, buffer overflow exploits, Terminal Services hacks, and DoS/DDoS vulnerabilities. Real-world cases and code examples demonstrate the most current dangers and spell out countermeasures to stonewall malicious intruders every time.
New and Updated Material:
- All-new Windows footprinting and scanning tools and techniques
- NetBIOS, MSRPC, SMB, DNS, SNMP, and Active Directory enumeration protection
- Updated exploits of Windows-specific services, including the MSRPC interface vulnerability that led to the Blaster worm, SQL Slammer, and eavesdropping attacks on Kerberos
- Details on the new IIS6 security architecture, URLScan, Microsoft Web services source code disclosure exploits, and HTR chunked encoding exploits
- All-new Terminal Services information including new password guessing, privilege escalation, and eavesdropping countermeasures
- New client-side exploits using popular multimedia file formats, and strong new countermeasures using Internet Explorer Enhanced Security Configuration
- The latest countermeasures for Denial of Service (DoS) attacks including bogon filtering and sink holes
- New security features such as Internet Connection Firewall, software restriction policies, and updates to IPSec
About the Authors:
Joel Scambray is Senior Director of Security for Microsoft's MSN and Stuart McClure is President/CTO of Foundstone, Inc., an enterprise security products company. They are co-authors of four editions of Hacking Exposed as well as Hacking Exposed Windows 2000.
About the Author
Stuart McClure is the co-author of all four editions of Hacking Exposed as well as Hacking Exposed Windows 2000. Stuart co-authored "Security Watch," a weekly column in InfoWorld addressing topical security issues, exploits, and vulnerabilities. He is the President/CTO of Foundstone, Inc. Prior to co-founding Foundstone, Stuart was a Senior Manager with Ernst & Young's Security Profiling Services Group, responsible for project management, attack and penetration reviews, and technology evaluations. Stuart trains Foundstone's Ultimate Hacking course, and Hacking Exposed Live for conferences such as Networld + InterOp, Black Hat, RSA, CSI, among others.