by Kevin Beaver
Building the Foundation for Security Testing
Putting Security Testing in Motion
Hacking Network Hosts
Hacking Operating Systems
Hacking Applications.
Security Testing Aftermath
The Part of Tens
Purchase Now !
Just with Paypal
Just with Paypal
Book Details
Price
|
5.00 USD |
|---|---|
Pages
| 411 p |
File Size
|
11,535 KB |
File Type
|
PDF format |
ISBN
| 978-1-119-48547-6 (pbk) 978-1-119-48554-4 (ebk) 978-1-119-48551-3 (ebk) |
Copyright
| 2018 by John Wiley & Sons, Inc |
Welcome to Hacking For Dummies, 6th Edition. This book outlines — in
plain English — computer hacking tricks and techniques that you can
use to assess the security of your information systems, find the vulnerabilities
that matter, and fix the weaknesses before criminal hackers and malicious
insiders take advantage of them. This hacking is the professional, aboveboard, and
legal type of security testing — which I refer to as ethical hacking or vulnerability
and penetration testing throughout the book.
Computer and network security is a complex subject and an ever-moving target.
You must stay on top of it to ensure that your information is protected from the
bad guys. The techniques and tools outlined in this book can help.
You could implement all the security technologies and other best practices possible,
and your network environment might be secure — as far as you know. But unless and
until you understand how malicious attackers think, apply that knowledge, and use
the right tools to assess your systems from their point of view, it’s practically
impossible to have a true sense of how secure your systems and information really are.
Ethical hacking (or, more simply, security assessments), which encompasses formal
and methodical vulnerability and penetration testing, is necessary to find
security flaws and to validate that your information systems are truly secure on an
ongoing basis. This book provides you the knowledge you need to successfully
implement a security assessment program, perform proper security checks, and
put the proper countermeasures in place to keep external hackers and malicious
users in check.
About This Book
Hacking For Dummies is a reference guide on hacking your systems to improve
security and minimize business risks. The security testing techniques are based on
written and unwritten rules of computer system penetration testing, vulnerability
testing, and information security best practices. This book covers everything from
establishing your testing plan to assessing your systems to plugging the holes and
managing an ongoing security testing program.
Realistically, for most networks, operating systems, and applications, thousands
of possible vulnerabilities exist. I don’t cover them all, but I do cover the big ones
on various platforms and systems that I believe contribute to most security problems
in business today. I cover basic Pareto principle (80/20 rule) stuff, with the
goal of helping you find the 20 percent of the issues that create 80 percent of your
security risks. Whether you need to assess security vulnerabilities on a small
home-office network, a medium-size corporate network, or large enterprise systems,
Hacking For Dummies provides the information you need.
This book includes the following features:
»»Various technical and nontechnical tests and their detailed methodologies.
»»Specific countermeasures to protect against hacking and breaches.
Before you start testing your systems, familiarize yourself with the information in
Part 1 so that you’re prepared for the tasks at hand. The adage “If you fail to plan,
you plan to fail” rings true for the security assessment process. You must have a
solid game plan in place if you’re going to be successful.
Table of Contents
INTRODUCTION. 1
About This Book. 1
Foolish Assumptions. 2
Icons Used in This Book. 3
Beyond the Book. 3
Where to Go from Here. 4
PART 1: BUILDING THE FOUNDATION FOR
SECURITY TESTING. 5
CHAPTER 1: Introduction to Vulnerability and Penetration Testing. 7
Straightening Out the Terminology . 7
Hacker. 8
Malicious user . 9
Recognizing How Malicious Attackers Beget Ethical Hackers. 10
Vulnerability and penetration testing versus auditing. 10
Policy considerations . 11
Compliance and regulatory concerns. 12
Understanding the Need to Hack Your Own Systems. 12
Understanding the Dangers Your Systems Face. 14
Nontechnical attacks. 14
Network infrastructure attacks. 15
Operating system attacks. 15
Application and other specialized attacks. 15
Following the Security Assessment Principles .16
Working ethically. 16
Respecting privacy. 17
Not crashing your systems. 17
Using the Vulnerability and Penetration Testing Process. 18
Formulating your plan . 18
Selecting tools . 20
Executing the plan. 22
Evaluating results . 23
Moving on. 23
CHAPTER 2: Cracking the Hacker Mindset . 25
What You’re Up Against. 25
Who Breaks into Computer Systems. 28
Hacker skill levels. 28
Hacker motivations. 30
Why They Do It. 30
Planning and Performing Attacks. 33
Maintaining Anonymity .35
CHAPTER 3: Developing Your Security Testing Plan. 37
Establishing Your Goals . 37
Determining Which Systems to Test. 40
Creating Testing Standards. 43
Timing your tests. 43
Running specific tests. 44
Conducting blind versus knowledge assessments. 45
Picking your location. 46
Responding to vulnerabilities you find. 46
Making silly assumptions. 46
Selecting Security Assessment Tools. 47
CHAPTER 4: Hacking Methodology . 49
Setting the Stage for Testing. 49
Seeing What Others See. 51
Scanning Systems. 52
Hosts. 53
Open ports. 53
Determining What’s Running on Open Ports . 54
Assessing Vulnerabilities . 56
Penetrating the System . 58
PART 2: PUTTING SECURITY TESTING IN MOTION. 59
CHAPTER 5: Information Gathering. 61
Gathering Public Information . 61
Social media. 62
Web search. 62
Web crawling. 63
Websites. 64
Mapping the Network. 64
WHOIS. 65
Privacy policies. 66
CHAPTER 6: Social Engineering. 67
Introducing Social Engineering. 67
Starting Your Social Engineering Tests. 68
Knowing Why Attackers Use Social Engineering. 69
Understanding the Implications. 70
Building trust. 71
Exploiting the relationship. 72
Performing Social Engineering Attacks . 74
Determining a goal. 75
Seeking information. 75
Social Engineering Countermeasures . 80
Policies . 80
User awareness and training. 80
CHAPTER 7: Physical Security. 83
Identifying Basic Physical Security Vulnerabilities . 84
Pinpointing Physical Vulnerabilities in Your Office. 85
Building infrastructure. 85
Utilities . 87
Office layout and use . 88
Network components and computers. 90
CHAPTER 8: Passwords. 95
Understanding Password Vulnerabilities. 96
Organizational password vulnerabilities. 97
Technical password vulnerabilities. 97
Cracking Passwords . 98
Cracking passwords the old-fashioned way . 99
Cracking passwords with high-tech tools. 102
Cracking password-protected files. 110
Understanding other ways to crack passwords. 112
General Password Cracking Countermeasures . 117
Storing passwords. 118
Creating password policies . 118
Taking other countermeasures. 120
Securing Operating Systems. 121
Windows. 121
Linux and Unix. 122
PART 3: HACKING NETWORK HOSTS. 123
CHAPTER 9: Network Infrastructure Systems. 125
Understanding Network Infrastructure Vulnerabilities. 126
Choosing Tools. 127
Scanners and analyzers. 128
Vulnerability assessment. 128
Scanning, Poking, and Prodding the Network. 129
Scanning ports. 129
Scanning SNMP. 135
Grabbing banners. 137
Testing firewall rules. 138
Analyzing network data . 140
The MAC-daddy attack. 147
Testing denial of service attacks. 152
Detecting Common Router, Switch, and Firewall Weaknesses. 155
Finding unsecured interfaces . 155
Uncovering issues with SSL and TLS. 156
Putting Up General Network Defenses . 156
CHAPTER 10: Wireless Networks. 159
Understanding the Implications of Wireless Network
Vulnerabilities . 159
Choosing Your Tools. 160
Discovering Wireless Networks. 162
Checking for worldwide recognition. 162
Scanning your local airwaves. 163
Discovering Wireless Network Attacks and Taking
Countermeasures. 165
Encrypted traffic . 167
Countermeasures against encrypted traffic attacks . 170
Wi-Fi Protected Setup. 172
Countermeasures against the WPS PIN flaw. 175
Rogue wireless devices. 175
Countermeasures against rogue wireless devices. 179
MAC spoofing. 179
Countermeasures against MAC spoofing . 183
Physical security problems. 183
Countermeasures against physical security problems. 184
Vulnerable wireless workstations. 185
Countermeasures against vulnerable wireless workstations. 185
Default configuration settings. 185
Countermeasures against default configuration settings
exploits. 186
CHAPTER 11: Mobile Devices. 187
Sizing Up Mobile Vulnerabilities. 187
Cracking Laptop Passwords. 188
Choosing your tools . 188
Applying countermeasures . 193
Cracking Phones and Tablets. 193
Cracking iOS passwords. 194
Taking countermeasures against password cracking . 197
PART 4: HACKING OPERATING SYSTEMS. 199
CHAPTER 12: Windows. 201
Introducing Windows Vulnerabilities. 202
Choosing Tools. 203
Free Microsoft tools . 203
All-in-one assessment tools. 204
Task-specific tools. 204
Gathering Information About Your Windows Vulnerabilities. 205
System scanning. 205
NetBIOS. 208
Detecting Null Sessions . 210
Mapping. 211
Gleaning information. 212
Countermeasures against null-session hacks. 214
Checking Share Permissions. 215
Windows defaults . 216
Testing. 216
Exploiting Missing Patches. 217
Using Metasploit. 220
Countermeasures against missing patch vulnerability
exploits. 224
Running Authenticated Scans. 225
CHAPTER 13: Linux and macOS. 227
Understanding Linux Vulnerabilities . 228
Choosing Tools. 229
Gathering Information About Your System Vulnerabilities. 229
System scanning. 229
Countermeasures against system scanning. 233
Finding Unneeded and Unsecured Services. 234
Searches. 234
Countermeasures against attacks on unneeded services. 236
Securing the .rhosts and hosts.equiv Files . 238
Hacks using the hosts.equiv and .rhosts files. 239
Countermeasures against .rhosts and hosts.equiv
file attacks. 240
Assessing the Security of NFS. 241
NFS hacks. 241
Countermeasures against NFS attacks. 242
Checking File Permissions. 242
File permission hacks. 243
Countermeasures against file permission attacks. 243
Finding Buffer Overflow Vulnerabilities. 244
Attacks. 244
Countermeasures against buffer overflow attacks . 245
Checking Physical Security. 245
Physical security hacks. 245
Countermeasures against physical security attacks . 245
Performing General Security Tests. 246
Patching . 248
Distribution updates. 248
Multiplatform update managers. 249
PART 5: HACKING APPLICATIONS. 251
CHAPTER 14: Communication and Messaging Systems. 253
Introducing Messaging System Vulnerabilities. 253
Recognizing and Countering Email Attacks. 254
Email bombs. 255
Banners. 258
SMTP attacks . 260
General best practices for minimizing email security risks. 269
Understanding VoIP . 270
VoIP vulnerabilities. 271
Countermeasures against VoIP vulnerabilities. 275
CHAPTER 15: Web Applications and Mobile Apps . 277
Choosing Your Web Security Testing Tools. 278
Seeking Out Web Vulnerabilities. 279
Directory traversal. 279
Countermeasures against directory traversals. 283
Input-filtering attacks. 283
Countermeasures against input attacks . 290
Default script attacks . 291
Countermeasures against default script attacks . 293
Unsecured login mechanisms. 293
Countermeasures against unsecured login systems. 297
Performing general security scans for web application
vulnerabilities. 297
Minimizing Web Security Risks . 298
Practicing security by obscurity. 299
Putting up firewalls. 300
Analyzing source code . 300
Uncovering Mobile App Flaws. 301
CHAPTER 16: Databases and Storage Systems. 303
Diving Into Databases. 303
Choosing tools. 304
Finding databases on the network. 304
Cracking database passwords. 305
Scanning databases for vulnerabilities. .306
Following Best Practices for Minimizing Database
Security Risks. 307
Opening Up About Storage Systems . 308
Choosing tools. 309
Finding storage systems on the network. 309
Rooting out sensitive text in network files. 310
Following Best Practices for Minimizing Storage
Security Risks. 312
PART 6: SECURITY TESTING AFTERMATH. 315
CHAPTER 17: Reporting Your Results. 317
Pulling the Results Together . 317
Prioritizing Vulnerabilities . 319
Creating Reports. 321
CHAPTER 18: Plugging Your Security Holes. 323
Turning Your Reports into Action. 323
Patching for Perfection. 324
Patch management. 325
Patch automation . 325
Hardening Your Systems. 326
Assessing Your Security Infrastructure . 328
CHAPTER 19: Managing Security Processes 331
Automating the Security Assessment Process . 331
Monitoring Malicious Use. 332
Outsourcing Security Assessments. 334
Instilling a Security-Aware Mindset. 336
Keeping Up with Other Security Efforts. 337
PART 7: THE PART OF TENS. 339
CHAPTER 20: Ten Tips for Getting Security Buy-In. 341
Cultivate an Ally and a Sponsor. 341
Don’t Be a FUDdy-Duddy. 342
Demonstrate That the Organization Can’t Afford to Be Hacked . 342
Outline the General Benefits of Security Testing. 343
Show How Security Testing Specifically Helps the Organization. 344
Get Involved in the Business. 344
Establish Your Credibility. 345
Speak on Management’s Level . 345
Show Value in Your Efforts. 346
Be Flexible and Adaptable. 346
CHAPTER 21: Ten Reasons Hacking Is the Only Effective
Way to Test. 347
The Bad Guys Think Bad Thoughts, Use Good Tools,
and Develop New Methods. 347
IT Governance and Compliance Are More Than
High-Level Checklist Audits . 348
Vulnerability and Penetration Testing Complements
Audits and Security Evaluations . 348
Customers and Partners Will Ask How Secure
Your Systems Are . 348
The Law of Averages Works Against Businesses . 349
Security Assessments Improve Understanding
of Business Threats. 349
If a Breach Occurs, You Have Something to Fall Back On. 349
In-Depth Testing Brings Out the Worst in Your Systems. 350
Combined Vulnerability and Penetration Testing Is
What You Need. 350
Proper Testing Can Uncover Overlooked Weaknesses. 350
CHAPTER 22: Ten Deadly Mistakes. 351
Not Getting Approval . 351
Assuming That You Can Find All Vulnerabilities. 352
Assuming That You Can Eliminate All Vulnerabilities. 352
Performing Tests Only Once. 353
Thinking That You Know It All . 353
Running Your Tests Without Looking at Things from
a Hacker’s Viewpoint. 353
Not Testing the Right Systems. 354
Not Using the Right Tools. 354
Pounding Production Systems at the Wrong Time. 354
Outsourcing Testing and Not Staying Involved. 355
APPENDIX: TOOLS AND RESOURCES. 357
INDEX . 375
Bookscreen
