Nitesh Dhanjani0072227869, 9780072227864
Table of contents :
Team DDU……Page 1
CONTENTS……Page 8
Acknowledgments……Page 14
Introduction……Page 20
Reference Center……Page 24
Common Commands……Page 25
Common Ports……Page 30
Classes……Page 32
Subnet Masks……Page 34
Protocol Headers……Page 35
Hacking Tools……Page 38
Web Resources……Page 41
Conferences and Events……Page 42
Useful Netcat Commands……Page 43
ASCII Table……Page 45
HTTP Codes……Page 51
Important Files……Page 53
Part I Hacking Techniques and Defenses……Page 56
■ 1 Footprinting……Page 58
Search Engines……Page 59
Domain Registrars……Page 63
Regional Internet Registries……Page 67
DNS Reverse-Lookups……Page 69
Mail Exchange……Page 70
Zone Transfers……Page 71
Traceroute……Page 73
Summary……Page 74
■ 2 Scanning and Identification……Page 76
Ping Sweeping……Page 78
TCP Pinging……Page 79
TCP Connect……Page 80
TCP SYN/Half-Open……Page 81
FIN……Page 82
XMAS……Page 83
RPC……Page 84
ACK……Page 85
UDP……Page 86
Fingerprinting……Page 87
Summary……Page 89
■ 3 Enumeration……Page 90
Enumerate Remote Services……Page 91
FTP (File Transfer Protocol): 21 (TCP)……Page 92
Telnet: 23 (TCP)……Page 93
SMTP (Simple Mail Transfer Protocol):25 (TCP)……Page 94
DNS (Domain Name System):53 (TCP/UDP)……Page 96
Finger: 79 (TCP)……Page 97
HTTP (Hypertext Transfer Protocol): 80 (TCP)……Page 98
Portmapper: 111 (TCP)……Page 100
NNTP (Network News Transfer Protocol): 119 (TCP)……Page 102
Samba: 137 to 139 (TCP and UDP)……Page 103
IMAP2/IMAP4 (Internet Message Access Protocol 2/4): 143 (TCP)……Page 104
SNMP (Simple Network Management Protocol): 161, 162 (UDP)……Page 105
HTTPS (Secure Hypertext Transfer Protocol): 443 (TCP)……Page 106
IMAPS (Secure Internet Message Access Protocol): 993 (TCP)……Page 107
MySQL: 3306 (TCP)……Page 108
Automated Banner-Grabbing……Page 109
Summary……Page 111
■ 4 Remote Hacking……Page 112
Intrusion Tactics……Page 113
Remote Service Vulnerabilities……Page 117
Application Vulnerabilities……Page 158
Nessus……Page 159
Obtaining a Shell……Page 160
Port Redirection……Page 163
Cracking /etc/shadow……Page 164
Summary……Page 165
■ 5 Privilege Escalation……Page 166
Group Memberships and Incorrect File Permissions……Page 167
“.” in PATH……Page 169
Kernel Flaws……Page 170
Improper Input Validation……Page 171
Core Dumps……Page 172
Summary……Page 173
■ 6 Hiding……Page 174
Shell History……Page 175
Cleaning /var……Page 176
Backdoors……Page 177
Changing a Local Account’s uid to 0……Page 178
.rhosts……Page 179
SSH’s authorized_keys……Page 180
Rootkits……Page 181
Summary……Page 183
Part II Host Hardening……Page 184
■ 7 Default Settings and Services……Page 186
Remove “.” from the PATH Variable……Page 187
Use TCP Wrappers……Page 188
Disable Unnecessary Services……Page 189
WU-FTPD……Page 190
Sendmail……Page 191
BIND (DNS)……Page 193
Apache (HTTP and HTTPS)……Page 194
Samba……Page 195
Summary……Page 196
■ 8 User and File-System Privileges……Page 198
File Permissions: A Quick Tutorial……Page 199
World-Readable Files……Page 200
The umask Value……Page 201
Important Files……Page 202
Disk Partitions……Page 204
Implement the wheel Group……Page 205
Summary……Page 206
■ 9 Logging and Patching……Page 208
Log Files……Page 209
Log Rotation……Page 211
Patching……Page 212
Summary……Page 213
Part III Special Topics……Page 214
■ 10 Nessus Attack Scripting Language (NASL)……Page 216
Example Vulnerability……Page 217
The Plug-in……Page 218
Running the Plug-in……Page 221
Summary……Page 222
■ 11 Wireless Hacking……Page 224
Introduction to WEP……Page 225
Antennas……Page 226
Airsnort……Page 227
Fata-Jack……Page 228
Securing Wireless Networks……Page 229
Summary……Page 230
■ 12 Hacking with the Sharp Zaurus PDA……Page 232
Kismet……Page 233
Qpenmapfe……Page 234
OpenSSH……Page 235
Hping2……Page 236
VNC Server……Page 237
Tcpdump……Page 238
zNessus……Page 239
Dig……Page 240
Summary……Page 241
■ Index……Page 242
Reviews
There are no reviews yet.