Sign in  |  Register
Advanced search
Publication Cover

CITATION

ISECOM. Hacking Exposed Linux. US: McGraw-Hill Osborne Media, 2008.

Hacking Exposed Linux

Authors: ISECOM

Published:  July 2008

eISBN: 9780071596428 0071596429 | ISBN: 9780072262575
Open eBook
  • Contents
  • Foreword
  • Acknowledgments
  • Introduction
  • Part I: Security and Controls
  • 1 Applying Security
  • Case Study
  • Free from Risk
  • The Four Comprehensive Constraints
  • The Elements of Security
  • Summary
  • 2 Applying Interactive Controls
  • Case Study
  • The Five Interactive Controls
  • Summary
  • 3 Applying Process Controls
  • Case Study
  • The Five Process Controls
  • Summary
  • Part II: Hacking the System
  • 4 Local Access Control
  • Case Study
  • Physical Access to Linux Systems
  • Console Access
  • Privilege Escalation
  • File Permissions and Attributes
  • Physical Access, Encryption, and Password Recovery
  • Volatile Data
  • Summary
  • 5 Data Networks Security
  • Case Study
  • Network Visibility
  • Network and Systems Profiling
  • Network Architecture
  • Covert Communications and Clandestine Administration
  • Summary
  • 6 Unconventional Data Attack Vectors
  • Case Study
  • Overview of PSTN, ISDN, and PSDN Attack Vectors
  • Communication Network Attacks
  • Tests to Perform
  • Tools to Use
  • PSDN Testing Tools
  • Common Banners
  • How X.25 Networks Work
  • Key Points for Getting X.25 Access
  • Summary
  • 7 Voice over IP
  • Case Study
  • VoIP Attack Taxonomy
  • Network Attacks
  • System Attacks
  • Signaling Attacks
  • Transport Attacks
  • VoIP Security Challenges
  • Summary
  • 8 Wireless Networks
  • Case Study
  • The State of the Wireless
  • Wireless Hacking Physics: Radio Frequency
  • RF Spectrum Analysis
  • Exploiting 802.11 The Hacker Way
  • Wireless Auditing Activities and Procedures
  • Summary
  • 9 Input/Output devices
  • Case Study
  • About Bluetooth
  • Summary
  • 10 RFID—Radio Frequency Identification
  • Case Study
  • History of RFID: Leon Theremin and “The Thing”
  • RFID Components
  • RFID Uses
  • RFID Frequency Standards
  • RFID Technology Standards
  • RFID Attacks
  • RFID Hacker’s Toolkit
  • Implementing RFID Systems Using Linux
  • Linux and RFID-Related Projects and Products
  • Summary
  • 11 Emanation Attacks
  • Case Study
  • Van Eck Phreaking
  • Other “Side-Channel” Attacks
  • Summary
  • 12 Trusted Computing
  • Case Study
  • Introduction to Trusted Computing
  • Platform Attack Taxonomy
  • Hardware Attacks
  • Low-Level Software Attacks
  • System Software Attacks
  • Application Attacks
  • General Support for Trusted Computing Applications
  • Examples of Trusted Computing Applications
  • Summary
  • Part III: Hacking the Users
  • 13 Web Application Hacking
  • Case Study
  • Enumeration
  • Access and Controls Exploitation
  • Insufficient Data Validation
  • Web 2.0 Attacks
  • Trust Manipulation
  • Man-in-the-Middle
  • Web Infrastructure Attacks
  • Summary
  • 14 Mail Services
  • Case Study
  • SMTP Basics
  • SMTP Attack Taxonomy
  • Summary
  • 15 Name Services
  • Case study
  • DNS Basics
  • The Social Aspect: DNS and Phishing
  • WHOIS and Domain Registration and Domain Hijacking
  • The Technical Aspect: Spoofing, Cache Poisoning, and Other Attacks
  • Bind Hardening
  • Summary
  • Part IV: Care and Maintenance
  • 16 Reliability: Static Analysis of C Code
  • Case Study
  • Formal vs. Semiformal Methods
  • Static Analysis
  • C Code Static Analysis
  • Some C Analysis Tools
  • Additional References
  • Summary
  • 17 Security Tweaks in the Linux Kernel
  • Linux Security Modules
  • CryptoAPI
  • NetFilter Enhancements
  • Enhanced Wireless Stack
  • File System Enhancement
  • Additional Kernel Resources
  • Part V: Appendixes
  • A: Management and Maintenance
  • Best Practices Node Setup
  • Best Practices Network Environment Setup
  • Additional Helpful Tools
  • Replace Legacy Applications
  • Automating System Administration
  • B: Linux Forensics and Data Recovery
  • Hardware: The Forensic Workstation
  • Hardware: Other Valuable Tools
  • Software: Operating System
  • Software: Tools
  • So, Where Should You Start From?
  • Handling Electronic Evidence
  • C: BSD
  • Overview of BSD Projects
  • Security Features Found in All BSDs
  • FreeBSD
  • NetBSD
  • OpenBSD
  • BSD Security Advisories
  • Additional BSD Resources
  • Index