Sign in
|
Register
|
Mobile
Home
Browse
About us
Help/FAQ
Advanced search
Home
>
Browse
>
Hacking Exposed
>
Hacking Exposed Linux
CITATION
ISECOM
.
Hacking Exposed Linux
.
US
: McGraw-Hill Osborne Media, 2008.
Add to Favorites
Email to a Friend
Download Citation
Hacking Exposed Linux
Authors:
ISECOM
Published:
July 2008
eISBN:
9780071596428 0071596429
|
ISBN:
9780072262575
Open eBook
Book Description
Table of Contents
Contents
Foreword
Acknowledgments
Introduction
Part I: Security and Controls
1 Applying Security
Case Study
Free from Risk
The Four Comprehensive Constraints
The Elements of Security
Summary
2 Applying Interactive Controls
Case Study
The Five Interactive Controls
Summary
3 Applying Process Controls
Case Study
The Five Process Controls
Summary
Part II: Hacking the System
4 Local Access Control
Case Study
Physical Access to Linux Systems
Console Access
Privilege Escalation
File Permissions and Attributes
Physical Access, Encryption, and Password Recovery
Volatile Data
Summary
5 Data Networks Security
Case Study
Network Visibility
Network and Systems Profiling
Network Architecture
Covert Communications and Clandestine Administration
Summary
6 Unconventional Data Attack Vectors
Case Study
Overview of PSTN, ISDN, and PSDN Attack Vectors
Communication Network Attacks
Tests to Perform
Tools to Use
PSDN Testing Tools
Common Banners
How X.25 Networks Work
Key Points for Getting X.25 Access
Summary
7 Voice over IP
Case Study
VoIP Attack Taxonomy
Network Attacks
System Attacks
Signaling Attacks
Transport Attacks
VoIP Security Challenges
Summary
8 Wireless Networks
Case Study
The State of the Wireless
Wireless Hacking Physics: Radio Frequency
RF Spectrum Analysis
Exploiting 802.11 The Hacker Way
Wireless Auditing Activities and Procedures
Summary
9 Input/Output devices
Case Study
About Bluetooth
Summary
10 RFID—Radio Frequency Identification
Case Study
History of RFID: Leon Theremin and “The Thing”
RFID Components
RFID Uses
RFID Frequency Standards
RFID Technology Standards
RFID Attacks
RFID Hacker’s Toolkit
Implementing RFID Systems Using Linux
Linux and RFID-Related Projects and Products
Summary
11 Emanation Attacks
Case Study
Van Eck Phreaking
Other “Side-Channel” Attacks
Summary
12 Trusted Computing
Case Study
Introduction to Trusted Computing
Platform Attack Taxonomy
Hardware Attacks
Low-Level Software Attacks
System Software Attacks
Application Attacks
General Support for Trusted Computing Applications
Examples of Trusted Computing Applications
Summary
Part III: Hacking the Users
13 Web Application Hacking
Case Study
Enumeration
Access and Controls Exploitation
Insufficient Data Validation
Web 2.0 Attacks
Trust Manipulation
Man-in-the-Middle
Web Infrastructure Attacks
Summary
14 Mail Services
Case Study
SMTP Basics
SMTP Attack Taxonomy
Summary
15 Name Services
Case study
DNS Basics
The Social Aspect: DNS and Phishing
WHOIS and Domain Registration and Domain Hijacking
The Technical Aspect: Spoofing, Cache Poisoning, and Other Attacks
Bind Hardening
Summary
Part IV: Care and Maintenance
16 Reliability: Static Analysis of C Code
Case Study
Formal vs. Semiformal Methods
Static Analysis
C Code Static Analysis
Some C Analysis Tools
Additional References
Summary
17 Security Tweaks in the Linux Kernel
Linux Security Modules
CryptoAPI
NetFilter Enhancements
Enhanced Wireless Stack
File System Enhancement
Additional Kernel Resources
Part V: Appendixes
A: Management and Maintenance
Best Practices Node Setup
Best Practices Network Environment Setup
Additional Helpful Tools
Replace Legacy Applications
Automating System Administration
B: Linux Forensics and Data Recovery
Hardware: The Forensic Workstation
Hardware: Other Valuable Tools
Software: Operating System
Software: Tools
So, Where Should You Start From?
Handling Electronic Evidence
C: BSD
Overview of BSD Projects
Security Features Found in All BSDs
FreeBSD
NetBSD
OpenBSD
BSD Security Advisories
Additional BSD Resources
Index