Ãëàâíàÿ    Ex Libris    Êíèãè    Æóðíàëû    Ñòàòüè    Ñåðèè    Êàòàëîã    Wanted    Çàãðóçêà    ÕóäËèò    Ñïðàâêà    Ïîèñê ïî èíäåêñàì    Ïîèñê    Ôîðóì   
blank
Àâòîðèçàöèÿ

       
blank
Ïîèñê ïî óêàçàòåëÿì

blank
blank
blank
Êðàñîòà
blank
Wyler N.R., Potter B., Hurley C. — Aggressive Network Self-Defense
Wyler N.R., Potter B., Hurley C. — Aggressive Network Self-Defense



Îáñóäèòå êíèãó íà íàó÷íîì ôîðóìå



Íàøëè îïå÷àòêó?
Âûäåëèòå åå ìûøêîé è íàæìèòå Ctrl+Enter


Íàçâàíèå: Aggressive Network Self-Defense

Àâòîðû: Wyler N.R., Potter B., Hurley C.

Àííîòàöèÿ:

I'm Mad As Hell, and I'm Not Gonna Take it Anymore!

* Analyze the technical, legal, and financial ramifications of revolutionary and controversial network strike-back and active defense techniques.
* Follow the travails of eight system administrators who take cyber law into their own hands.
* See chillingly realistic examples of everything from a PDA to the MD5 hash being used as weapons in cyber dog fights.

There is a certain satisfaction for me in seeing this book published. When I presented my "strike-back" concept to the security community years ago, I was surprised by the ensuing criticism from my peers. I thought they would support our right to defend ourselves, and that the real challenge would be educating the general public. It was the other way around, however. This is why I'm happy to see Aggressive Network Self-Defense published. It shows that people are beginning to consider the reality of today's internet. Many issues are not black and white, right or wrong, legal or illegal. Some of the strike-back approaches in this book I support. Others, I outright disagree with. But that's good — it gives us the chance to truly think about each situation — and thinking is the most important part of the security business. Now is the time to analyze the technologies and consider the stories presented in this book before fiction becomes reality. — Timothy M. Mullen, CIO and Chief Software Architect for AnchorIS.Com

* When the Worm Turns... Analyze the technical and legal implications of "neutralizing" machines that propagate malicious worms across the Internet.
* Are You the Hunter or the Hunted? Discover for yourself how easy it is to cross the line from defender to aggressor, and understand the potential consequences.
* Reverse Engineer Working Trojans, Viruses, and Keyloggers Perform forensic analysis of malicious code attacking a Pocket PC to track down, identify, and strike back against the attacker.
* To Catch a Thief... Track stolen software as it propagates through peer-to-peer networks and learn to bypass MD5 checksum verification to allow multiple generations of attackers to be traced.
* Learn the Definition of "Hostile Corporate Takeover" in Cyberspace Find out who will own the fictional Primulus Corporation as attacker and defender wage war.
* Understand the Active Defense Algorithm Model (ADAM) Analyze the primary considerations of implementing an active defense strategy in your organization: ethical, legal, unintended consequences, and risk validation.
* See What Can Happen when the Virtual World Meets the Real World Use keyloggers, Bluetooth device exploitation, and Windows forensics to discover if your cubicle mate has been stealing more than post-it notes.
* Where the Wild Things Are... Follow along as a real-life "in-the-wild" format string bug is morphed into strike-back code that launches a listening shell on the attacker's own machine.
* Implement Passive Strike-Back Technologies Learn the strategy and implement the tools for responding to footprinting, network reconnaissance, vulnerability scanning, and exploit code.

Your Solutions Membership Gives You Access to: A comprehensive FAQ page that consolidates all of the key points of this book into an easy-to-search Web page "From the Author" forum where the authors post timely updates and links to related sites The complete code listings from the book Downloadable chapters from these best-selling books: Black Hat Physical Device Security Google Hacking for Penetration Testers Buffer Overflow Attacks: Detect, Exploit, Prevent Hacking a Terror Network: The Silent Threat of Covert Channels TABLE OF CONTENTS Part I Fictionalized Cases of Network Strike-Back, Self-Defense, and Revenge Chapter 1 PDA Perils: Revenge from the Palm of Your Hand Chapter 2 The Case of a WLAN Attacker: In the Booth Chapter 3 MD5: Exploiting the Generous Chapter 4 A VPN Victim's Story: Jack's Smirking Revenge Chapter 5 Network Protection: Cyber-Attacks Meet Physical Response Chapter 6 Network Insecurity: Taking Patch Management to the Masses Chapter 7 The Fight for the Primulus Network: Yaseen vs Nathan Chapter 8 Undermining the Network: A Breach of Trust Part II The Technologies and Concepts Behind Network Strike Back Chapter 9 ADAM: Active Defense Algorithm and Model Chapter 10 Defending Your Right to Defend Chapter 11 MD5 to Be Considered Harmful Someday Chapter 12 When the Tables Turn: Passive Strike-Back 339


ßçûê: en

Ðóáðèêà: Òåõíîëîãèÿ/

Ñòàòóñ ïðåäìåòíîãî óêàçàòåëÿ: Ãîòîâ óêàçàòåëü ñ íîìåðàìè ñòðàíèö

ed2k: ed2k stats

Ãîä èçäàíèÿ: 2005

Êîëè÷åñòâî ñòðàíèö: 448

Äîáàâëåíà â êàòàëîã: 15.10.2006

Îïåðàöèè: Ïîëîæèòü íà ïîëêó | Ñêîïèðîâàòü ññûëêó äëÿ ôîðóìà | Ñêîïèðîâàòü ID
blank
Ïðåäìåòíûé óêàçàòåëü
... directory      151
.printer buffer overflow      241 246
200 (success) messages      357—358
Access points, extra      76
Access points, Linux setup      68—69
Access, _vti_pvt      258—259
Action evaluation in ADAM      302—304
Active Defense Algorithm and Model (ADAM), action evaluation      302—304
Active Defense Algorithm and Model (ADAM), algorithm      306—307
Active Defense Algorithm and Model (ADAM), analysis      307—309
Active Defense Algorithm and Model (ADAM), asset evaluation      297
Active Defense Algorithm and Model (ADAM), asset identification      299—300
Active Defense Algorithm and Model (ADAM), description      289 297 309
Active Defense Algorithm and Model (ADAM), escalation ladder      305
Active Defense Algorithm and Model (ADAM), risk identification      301—302 304
Active Defense Algorithm and Model (ADAM), scoring chart      298—299
Active Defense Algorithm and Model (ADAM), threat identification      300
Active Defense Algorithm and Model (ADAM), utility modifier      303—304
Active defense, action      293
Active defense, analogies      341—342
Active defense, analysis      293
Active defense, core stages      290
Active defense, decision      293
Active defense, definition      288 289—290
Active defense, detection      292
Active defense, escalation      294
Active defense, escalation stages      296—297
Active defense, evaluation      292
Active defense, goals      294—295
Active defense, maintenance      294
Active defense, policy      291
ad hoc mode      67
Ad-Aware SE spyware scanner      154 156
Adam      see “Active Defense Algorithm and Model (ADAM)”
Adding code, copy routine      44
Adding code, into bobsvr.exe      26—28
Adding code, virus component      43—44
Agere      68
Airscanner      22 53
Alert message box      38—40
Algorithm of ADAM      306—307
Alkasis Software      195
Allocation slide bar      5
American Registry for Internet Numbers (ARIN)      219
Analysis of ADAM      307—309
Antenna, Yaei      236
Antivirus gateways, abuse of      256—257
APNIC (Asia Pacific Network Information Centre)      219
Applets, Flash      364—368
Applications, Web-based      344 349—350
Aquinas, Saint Thomas      341
ARIN (American Registry for Internet Numbers)      219
ARM processor assembly (ARM ASM) language, CreateFile function      28—32
ARM processor assembly (ARM ASM) language, description      11
ARM processor assembly (ARM ASM) language, learning      10
ARM processor assembly (ARM ASM) language, opcodes      12—15 27—28 36 39
ARM processor assembly (ARM ASM) language, registers      11
Arm-Pit tool      242
Asia Pacific Network Information Centre (APNIC)      219
Assets, evaluation      297
Assets, identification      299—300
Attackers, distinguishing      358
Attacks, denial-of-service (DoS)      137 256—257
Attacks, identifying      315—317
Attacks, records      258 368
Attestation, third-party      331
Auditors      260—263
Authenticode technology      331
Autopsy forensics tools      158 160—163
Axim X30 OEM baseline process listing      7
B (branch) opcodes      13—14
Back Orifice (B02K) trojan      183
Backdoors, copying in PDA      44—48
Backdoors, creating in Linux      82
Banners, changing      238
Banners, control characters      359
Banners, fake server      232
Baseline process listing, Dell Axim X30      7
Batteries in PDAs      4—5
Bawts      274
Belkin gateway router      114
Bending rules      347
Black code haunt      107
Black-holing      314
Blooover tool      176
Bluejacking      166 168
Bluetooth Devices      166—170
Bobsvr.exe, adding code into      26—28
Bobsvr.exe, code summary      32
Bobsvr.exe, converting to trojanbob.exe      33—37
Bobsvr.exe, disassembling      15
Bobsvr.exe, finding      8
Bobsvr.exe, FTP connection to      22
Bobsvr.exe, inspecting      9
Bobsvr.exe, live debugger verification      19
Books, Google Hacking      138
Books, Summa Theologicae      341
Books, The Art of War      288
Books, The Hacker Manifesto      2
Brador trojan      44—45
Browser shunning      368
BTTrayCE.exe      7
Buffer overflow, .printer      241 246
C++ knowledge      16
CAB (cabinet) files      4
Cabwiz.exe      4
Cache snooping      92—94
Cache, Google      90
Calculator, launching as distraction      43 49—53
Cemgrc.exe      7
Cepwcli.exe      7
CGI scanners      357—358
CMP (compare) opcodes      12
Co-lo equipment      314
Code tracking      15—16
CODE XREF (code cross-references)      18
Coding, polymorphic      50—51
Configuraton, wireless access card      60
Connection layer, OSI      349
Connmgr.exe      7
Construction, Merkle — Damgard      326
Control characters in banners      359
Cookies, tracking      155
Coordinating trojaned hosts      96
Copy routine, adding      44
Core stages of active defense      290
CR worm      315—318
CreateFile function      28—32
CreateFileW call      29—31 33—36
CreateProcess function      49
Credit cards, cancelling      280—281
credit cards, fraud      75—76
Credit cards, script      70—72
Crypsis      341
dd utility      159
Debuggers      9 19
Dell, Axim X30 OEM baseline process listing      7
Dell, Truemobile 1150 Mini-PCI card      61
denial-of-service (DoS) attacks      137 256—257
Detection, active defense      292
Detection, credit-card fraud      75—76
Detection, home network connection, tracking      106
Detection, PDA payback      55
Detection, vulnerability discovery      344
DHCP (Dynamic Host Configuration Protocol) server      65—67
dialers      155
Digital rights management (DRM)      331
Direct sequence spread spectrum modulation      167
Directories, hiding      151—152
Disassemblers      9
Discovery      see “”Detection
Disinformation      342 350
Distraction, launching calculator as      43 49—53
DNS      see “Domain name server (DNS)”
DNStrikeback traps      238—239
Domain name server (DNS), as information source      222
Domain name server (DNS), cache snooping      92—94
Domain name server (DNS), description      91
Domain name server (DNS), forward entries      225
Domain name server (DNS), names      219
Domain name server (DNS), reverse DNS entries      222 228
Domain name server (DNS), type of      225
DoS attacks      see “Denial-of-service (DoS) attacks”
DRM (Digital Rights Management)      331
Dust virus      43—44
Dynamic Host Configuration Protocol (DHCP) server      65—67
Embedded null session vulnerability      261
eMbedded Visual C++ 4.0 package (MVC)      7 19—20 23
Encryption, Secure Sockets Layer (SSL)      62—63
Engineering, reverse      9—10
Escalation, active defense      294
Escalation, ladder      305
Escalation, stages      296—297
Ethereal sniffer      61 82 109—110 272—273
Evaluation in active defense      292
Evidence, inadmissible      83—84
Exploit code, strike-back action      362—364
Exploit code, strike-back on attack tools      361
Exploit code, strike-back strategy      361—362
Exploit code, strike-back tools      362
Fake signup page      64—65
Filesys.exe      7
Find Large Files option      5
Fingerprinting      98
firewalk tool      229 252
Firewall, Windows XP SP2      97
Flash applets      364—368
Flattened computers      263 270
Fogie, Seth      2
Foo@10.255.255.255      126
Footprinting      343 352—355
Force, minimal      320
Forensics tools, Autopsy      158 160—163
Format string bug      127
Forwarding Ipv4 packets      72—73
Frequency hopping      167
FTP servers, ftpsrv.exe      10
FTP servers, hidden      2—3
ftp-list.c      358—359 370
Games, as infection agents      2—3
Games, sharing      4
Gateway router, Belkin      114
geth SMB share scanner      186—192
Goals of active defense      294—295
Google Hacking book      138
Google, cache      90
Google, keys      142—143
Google, mapping      138—142
grep      22
Gwes.exe      7
Hackers, mistakes by      346
Hacking, as data analysis      346
Hacking, trends in      345—346
Hardware keyboard logger      164—165
Hashed Message Authentication Code (HMAC)      332—334
Hashing      see “MD5 hashing; SHA-1 hashing”
hcitool utility      169
hex editors      5 9 33
Hex values, subtracting      34
Hidden FTP servers      2—3
Hiding directories      151—152
Hijackers, Web site      155
HMAC (Hashed Message Authentication Code)      332—334
Home network connection, tracking      106
Honey farms      215
Honey pots      122 194—196 235
Host mapping      343
hping tool      252
Human detector daemon      365—366
IDA Pro disassembler, CODE XREF (code cross-references)      18
IDA Pro disassembler, display      27
IDA Pro disassembler, mark/jump feature      27
IDA Pro disassembler, repeated use      35
IDA Pro disassembler, use of      10 15
IDA Pro disassembler, Web site      9
Identifying, attacks      315—317
Identifying, users      78—79
IDS scanners, attack records      258 368
IDS scanners, hiding from      19 233 243
IDS scanners, logs      257
IDS scanners, process logic      369
IDS scanners, strike-back      350
IE (Internet Explorer)      91 331
ifconfig — a command      76
IIS (Internet Information Services)      243 258 359—360
IM (Instant Messaging)      264
Immunization, spy ware      157
Import subroutine      40—42
Inadmissible evidence      83—84
Infected systems, owners of      314
Installers, spying      97—101
Instant messaging (IM)      264
Intelligence Reform Act      144
Internal Revenue Service (IRS), spoofing      279—280
Internet Explorer (IE)      91 331
Internet Information Services (IIS)      243 258 359—360
Internet Numbers, American Registry for (ARIN)      219
Internet Relay Chat (IRC) traffic      120 264 266
Invisible text in title bar      241
IPSec rule injection      319
iptables      72
Ipv4 packet forwarding      72—73
IRC (Internet Relay Chat) traffic      120 264 266
IRS (Internal Revenue Service), spoofing      279—280
ISS (Security Scanner)      263
iwconfig command      76
JavaScript      90—91 361 369
Jnamed daemon      370
Joux, Antoine      324 332 337
Jump boxes      106 111—113
Justification of war      341
KaZaA      98—100
kernel, LInux      80—81
Keyloggers, bobsvr.exe      8
Keyloggers, description      155
Keyloggers, disabling      23
Keyloggers, finding      22—23
Keyloggers, hardware      164—165
Keyloggers, infecting PDA with      2—3
Keyloggers, LttLogger      156
Keyloggers, Optix Pro      115
Keyloggers, SC-keylog2      170—173
Keyloggers, timestamped      171
Keys, Google      142—143
Kismet sniffer      61
Knoppix STD platform      108—109
kzhash      99
laptops      268
Latin American and Caribbean Internet Addresses Registry (LACNIC)      219
LDR (load) opcodes      14—15 36
LexTalionis      342
Linux kernel      80—81
Listing 1      7
Live debugger      19
Log files, finding      22
Log files, Linux front-end server      117—118
Log files, PDA key log      5 53
Logical shift left (LSL) opcode      39
Login page, fake      64—65
LSASS exploit      203—205
1 2 3
blank
Ðåêëàìà
blank
blank
HR
@Mail.ru
       © Ýëåêòðîííàÿ áèáëèîòåêà ïîïå÷èòåëüñêîãî ñîâåòà ìåõìàòà ÌÃÓ, 2004-2024
Ýëåêòðîííàÿ áèáëèîòåêà ìåõìàòà ÌÃÓ | Valid HTML 4.01! | Valid CSS! Î ïðîåêòå