Verfügbarkeit: Security Power Tools

Security Power Tools:

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Burns, Bryan (VerfasserIn)
Format:	Buch
Sprache:	English
Veröffentlicht:	Beijing [u.a.] O'Reilly 2007
Ausgabe:	1. ed.
Schlagworte:	Computersicherheit Computer networks > Security measures Computer security
Online-Zugang:	Inhaltsverzeichnis
Beschreibung:	XXXII, 822 S. Ill.
ISBN:	9780596009632 0596009631

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV023165585
003	DE-604
005	20080717
007	t
008	080215s2007 a\|\|\| \|\|\|\| 00\|\|\| eng d
015			\|a 07,N29,0020 \|2 dnb
016	7		\|a 984686495 \|2 DE-101
020			\|a 9780596009632 \|c : EUR 58.00 (freier Pr.) \|9 978-0-596-00963-2
020			\|a 0596009631 \|c : EUR 58.00 (freier Pr.) \|9 0-596-00963-1
024	3		\|a 9780596009632
035			\|a (OCoLC)255731377
035			\|a (DE-599)DNB984686495
040			\|a DE-604 \|b ger \|e rakddb
041	0		\|a eng
049			\|a DE-1051 \|a DE-573 \|a DE-M347 \|a DE-522 \|a DE-29T \|a DE-B768
050		0	\|a TK5105.59
082	0		\|a 005.8
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
084			\|a 004 \|2 sdnb
100	1		\|a Burns, Bryan \|e Verfasser \|4 aut
245	1	0	\|a Security Power Tools \|c Bryan Burns ...
250			\|a 1. ed.
264		1	\|a Beijing [u.a.] \|b O'Reilly \|c 2007
300			\|a XXXII, 822 S. \|b Ill.
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
650		4	\|a Computersicherheit
650		4	\|a Computer networks \|x Security measures
650		4	\|a Computer security
650	0	7	\|a Computersicherheit \|0 (DE-588)4274324-2 \|2 gnd \|9 rswk-swf
689	0	0	\|a Computersicherheit \|0 (DE-588)4274324-2 \|D s
689	0		\|5 DE-604
856	4	2	\|m HEBIS Datenaustausch Darmstadt \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016333752&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
999			\|a oai:aleph.bib-bvb.de:BVB01-016333752

Datensatz im Suchindex

_version_	1804137405254467584
adam_text	SECURITY POWER TOOLS BRYAN BURNS, JENNIFER STISA GRANICK, STEVE MANZUIK, PAUL GUERSCKJDAV&KILLION, NICOLAS BEQUCHESNE, ERIC MORET, ; JUHEH SOBRIER, MFCHAELIUYNN, ERIC MARKHAM, I ! CHRIS IEZZONJI AND PHILIPPE BIONDI O REILLT BEIJING * CAMBRIDGE * FARNHAM * KOLN * PARIS * SEBASTOPOL * TAIPEI * TOKYO TABLE OF CONTENTS FOREWORD XIII CREDITS XVII PREFACE XXI PART I LEGAL AND ETHICS 1. LEGAL AND ETHICS ISSUES 3 1.1 CORE ISSUES 4 1.2 * COMPUTER TRESPASS LAWS: NO HACKING ALLOWED 7 1.3 REVERSE ENGINEERING 13 1.4 VULNERABILITY REPORTING 22 1.5 WHAT TO DO FROM NOW ON 26 PART II RECONNAISSANCE 2. NETWORK SCANNING 31 2.1 HOW SCANNERS WORK 31 2.2 SUPERUSER PRRWILEGES 33 2.3 THREE NETWORK SCANNERS TO CONSIDER 34 2.4 HOST DISCOVERY 34 2.5 PORT SCANNING 37 2.6 SPECIFYING CUSTOM PORTS 39 2.7 SPECIFYING TARGETS TO SCAN 40 2.8 DIFFERENT SCAN TYPES 42 2.9 TUNING THE SCAN SPEED 45 2.10 APPLICATION FINGERPRINTING 49 2.11 OPERATING SYSTEM DETECTION 49 2.12 SAVING NMAP OUTPUT 51 2.13 RESUMING NMAP SCANS 51 2.14 AVOIDING DETECTION 52 2.15 CONCLUSION 54 3. VULNERABILITY SCANNING 55 3.1 NESSUS 55 3.2 NIKTO V 72 3.3 WEBLNSPECT V 76 4. LAN RECONNAISSANCE .... 86 4.1 MAPPING THE LAN 87 4.2 USING ETTERCAP AND ARPSPOOF ON A SWITCHED NETWORK 88 4.3 DEALING WITH STATIC ARP TABLES 92 4.4 GETTING INFORMATION FROM THE LAN 94 4.5 MANIPULATING PACKET DATA 98 5. WIRELESS RECONNAISSANCE 101 5.1 GET THE RIGHT WARDRIVING GEAR 101 5.2 802.11 NETWORK BASICS 102 5.3 802.11 FRAMES 103 5.4 HOW WIRELESS DISCOVERY TOOLS WORK 105 5.5 NETSTUMBLER * ; 105 5.6 KISMET AT A GLANCE 107 5.7 USING KISMET 110 5.8 SORTING THE KISMET NETWORK LIST 112 5.9 USING NETWORK GROUPS WITH KISMET 112 5.10 USING KISMET TO FIND NETWORKS BY PROBE REQUESTS 113 5.11 KISMET GPS SUPPORT USING GPSD 113 5.12 LOOKING CLOSER AT TRAFFIC WITH KISMET 114 5.13 CAPTURING PACKETS AND DECRYPTING TRAFFIC WITH KISMET 116 5.14 WIRESHARK AT A GLANCE 117 5.15 USING WIRESHARK 119 5.16 AIRDEFENSE MOBILE * 122 5.17 AIRMAGNET ANALYZERS 126 5.18 OTNER WARDRIVING TOOLS 129 VI TABLE OF CONTENTS 6. CUSTOM PACKET GENERATION 130 6.1 WHY CREATE CUSTOM PACKETS? 130 6.2 HPING 132 6.3 SCAP Y 136 6.4 PACKET-CRAFTING EXAMPLES WITH SCAPY 163 6.5 PACKET MANGLING WITH NETFILTER 183 6.6 REFERENCES 189 PART III PENETRATION 7. METASPLOIT T 193 7.1 METASPLOIT INTERFACES 194 7.2 UPDATING METASPLOIT 200 7.3 CHOOSING AN EXPLOIT 200 7.4 CHOOSING A PAYLOAD 202 7.5 . SETTING OPTIONS 206 7.6 RUNNING AN EXPLOIT 209 7.7 MANAGING SESSIONS AND JOBS 212 7.8 THE METERPRETER 215 7.9 SECURITY DEVICE EVASION 219 7.10 SAMPLE EVASION OUTPUT 220 7.11- EVASION USING NOPS AND ENCODERS 221 7.12 IN CONCLUSION 224 8. WIRELESS PENETRATION 225 8.1 WEP AND WPA ENCRYPTION 225 8.2 AIRCRACK 226 8.3 INSTALLING AIRCRACK-NG 227 8.4 RUNNING AIRCRACK-NG 229 8.5 AIRPWN 231 8.6 BASIC AIRPWN USAGE 231 8.7 AIRPWN CONFIGURATION FILES 235 8.8 USING AIRPWN ON WEP-ENCRYPTED NETWORKS 236 8.9 SCRIPTING WITH AIRPWN 237 8.10 KARMA 238 8.11 CONCLUSION 241 TABLE OF CONTENTS VII 9. EXPLOITATION FRAMEWORK APPLICATIONS 242 9.1 TASK OVERVIEW 242 9.2 CORE IMPACT OVERVIEW 244 9.3 NETWORK RECONNAISSANCE WITH CORE IMPACT 246 9.4 CORE IMPACT EXPLOIT SEARCH ENGINE 247 9.5 RUNNING AN EXPLOIT 249 9.6 RUNNING MACROS 250 9.7 BOUNCING OFF AN INSTALLED AGENT 253 ; 9.8 ENABLING AN AGENT TO SURVIVE A REBOOT 253 9.9 MASS SCALE EXPLOITATION 254 9.10 WRITING MODULES FOR CORE IMPACT^ 255 9.11 THE CANVAS EXPLOIT FRAMEWORK 258 9.12 PORTING EXPLOITS WITHIN CANVAS 260 9.13 USING CANVAS FROM THE COMMAND LINE 261 9.14 DIGGIN G DEEPER WITH CANVAS 262 9.15 ADVANCED EXPLOITATION WITH MOSDEF 262 9.16 WRITING EXPLOITS FOR CANVAS 264 9.17 EXPLOITING ALTERNATIVE TOOLS 267 10. CUSTOM EXPLOITATION 268 10.1 UNDERSTANDING VULNERABILITIES 269 10.2 ANALYZING SHELLCODE 275 10.3 TESTING SHELLCODE 279 10.4 CREATING SHELLCODE 285 10.5 DISGUISING SHELLCODE 302 10.6 EXECUTION FLOW HIJACKING 306 10.7 REFERENCES 320 PART IV CONTROL 11. BACKDOORS 323 //./ CHOOSING A BACKDOOR 324 11.2 VNC 325 11.3 CREATING AND PACKAGING A VNC BACKDOOR 327 11.4 CONNECTING TO AND REMOVING THE VNC BACKDOOR 332 11.5 BACK ORIFICE 2000 334 11.6 CONFIGURING A BO2K SERVER 335 11.7 CONFIGURING A BO2K CLIENT 340 VIII TABLE OF CONTENTS 11.8 ADDIN G NEW SERVERS TO THE BO2K WORKSPACE 342 11.9 USING THE BO2K BACKDOOR 343 11.10 BO2K POWERTOOLS . 345 11.11 ENCRYPTION FOR BO2K COMMUNICATIONS 355 11.12 CONCEALING THE BO2K PROTOCOL 356 11.13 REMOVING BO2K 358 11.14 A FEW UNIX BACKDOORS 359 12. ROOTKITS 363 12.1 WINDOWS ROOTKIT: HACKER DEFENDER 363 12.2 LINUX ROOTKIT: ADORE-NG 366 12.3 DETECTING ROOTKITS TECHNIQUES 368 12.4 WINDOWS ROOTKIT DETECTORS 371 12.5 LINUX ROOTKIT DETECTORS 376 12.6 CLEANING AN INFECTED SYSTEM 380 12.7 THE FUTURE OF ROOTKITS 381 PART V DEFENSE 13. PROACTIVE DEFENSE: FIREWALLS 385 13.1 FIREWALL BASICS 385 13.2 NETWORK ADDRESS TRANSLATION 389 13.3 SECURING BSD SYSTEMS WITH IPFW/NATD 391 13.4 SECURING GNU/LINUX SYSTEMS WITH NETFILTER/IPTABLES 401 * 13.5 SECURIN G WINDOWS SYSTEMS WITH WINDOWS FIREWALL/INTERNET CONNECTION SHARING - 412 13.6 VERIFYING YOUR COVERAGE 417 14. HOST HARDENING 421 14.1 CONTROLLING SERVICES 422 14.2 TURNING OFF WHAT YOU DO NOT NEED 423 74.3 LIMITING ACCGSS 424 14.4 LIMITING DAMAGE 430 14.5 BASTILLE LINUX 436 14.6 SELINUX 438 14.7 PASSWORD CRACKING 444 14.8 CHROOTING 448 14.9 SANDBOXING WITH OS VIRTUALIZATION 449 TABLE OF CONTENTS IX 15. SECURING COMMUNICATIONS : 455 15.1 THE SSH-2 PROTOCOL 456 15.2 SSH CONFIGURATION 459 15.3 SSH AUTHENTICATION 465 15.4 SSH SHORTCOMINGS , 471 15.5 SSH TROUBLESHOOTING 476 15.6 REMOTE FILE ACCESS WITH SSH 480 15.7 SSH ADVANCED USE 483 15.8 USING SSH UNDER WINDOWS 489 15.9 FILE AND EMAIL SIGNING AND ENCRYPTION , 494 15.10 GPG - 495 15.11 CREATE YOUR GPG KEYS _ 499 15.12 ENCRYPTION AND SIGNATURE WITH GPG . 507 15.13 PGP VERSUS GPG COMPATIBILITY 509 15.14 ENCRYPTION AND SIGNATURE WITH S/MIME 510 15.15 STUNNEL 513 15.16 DISK ENCRYPTION 520 15.17 WINDOWS FILESYSTEM ENCRYPTION WITH PGP DISK , 521 15.18 LINUX FILESYSTEM ENCRYPTION WITH LUKS 522 15.19 CONCLUSION 524 16. EMAIL SECURITY AND ANTI-SPAM 525 16.1 NORTON ANTIVIRUS - 527 16.2 THE CLAMAV PROJECT 531 16.3 CLAMWIN 531 16.4 FRESHCLAM _ 533 16.5 CLAMSCAN 536 16.6 CLAMD AND CLAMDSCAN 538 16.7 CLAMAV VIRUS SIGNATURES 544 16.8 PROCMAI L 548 16.9 BASIC PROCMAIL RULES 550 16.10 ADVANCED PROCMAIL RULES 552 16.11 CLAMAV WITH PROCMAIL 554 16.12 UNSOLICITED EMAIL 554 16.13 SPAM FILTERING WITH BAYESIAN FILTERS 556 16.14 SPAMASSASSIN 560 16.15 SPAMASSASSIN RULES 562 16.16 PLUG-INS FOR SPAMASSASSIN 567 16.17 SPAMASSASSIN WITH PROCMAIL 569 TABLE OF CONTENTS 16.18 ANTI-PHISHING TOOLS 571 16.19 CONCLUSION 574 17. DEVICE SECURITY TESTING 576 17.1 REPLAY TRAFFIC WITH TCPREPLAY 577 17.2 TRAFFIC IQ PRO 586 17.3 ISIC SUITE 593 17.4 PROTOS 601 PART VI MONITORING 18. NETWORK CAPTURE 607 18.1 TCPDUMP 607 18.2 ETHEREAL/WIRESHARK 614 18.3 PCAP UTILITIES: TCPFLOW AND NETDUDE 631 18.4 PYTHON/SCAPY SCRIPT FIXES CHECKSUMS 638 18.5 CONCLUSION 639 19. NETWORK MONITORING 640 19.1 SNORT 640 19.2 IMPLEMENTING SNORT 651 19.3 HONEYPOT MONITORING 653 19.4 GLUING THE STUFF TOGETHER 662 20. HOST MONITORING 664 20.1 USING FILE INTEGRITY CHECKERS 664 20.2 FILE INTEGRITY HASHING 666 20.3 THE DO-IT-YOURSELF WAY WITH RPMVERIFY 668 20.4 COMPARING FILE INTEGRITY CHECKERS 670 20.5 PREPPING THE ENVIRONMENT FOR SAMHAIN AND TRIPWIRE 673 20.6 DATABASE INITIALIZATION WITH SAMHAIN AND TRIPWIRE 678 20.7 SECURING THE BASELINE STORAGE WITH SAMHAIN AND TRIPWIRE 680 20.8 RUNNING FILESYSTEM CHECKS WITH SAMHAIN AND TRIPWIRE 682 20.9 MANAGING FILE CHANGES AND UPDATING STORAGE DATABASE WITH SAMHAIN AND TRIPWIRE 684 20.10 RECOGNIZING MALICIOUS ACTIVITY WITH SAMHAIN AND TRIPWIRE 687 20.11 LOG MONITORING WITH LOGWATCH 689 20.12 IMPROVIN G LOGWATCH S FILTERS 690 20.13 HOST MONITORING IN LARGE ENVIRONMENTS WITH PRELUDE-IDS - 692 20.14 CONCLUSION 694 TABLE OF CONTENTS XI PART VII DISCOVERY 21. FORENSICS 699 21.1 NETSTAT 700 21.2 THE FORENSIC TOOLKIT - 704 21.3 SYSINTERNALS 710 22. APPLICATION FUZZING 725 22.1 WHICH FUZZER TO USE 726 22.2 DIFFERENT TYPES OF FUZZERS FOR DIFFERENT-TASKS 727 22.3 WRITING A FUZZER WITH SPIKE 734 22.4 THE SPIKE API , 735 22.5 FILE-FUZZING APPS 739 22.6 FUZZING WEB APPLICATIONS 742 22.7 CONFIGURING WEBPROXY 744 22.8 AUTOMATIC FUZZING WITH WEBLNSPECT 746 22.9 NEXT-GENERATION FUZZING 747 22.10 FUZZING OR NOT FUZZING 748 23. BINARY REVERSE ENGINEERING 749 23.1 INTERACTIVE DISASSEMBLER 749 23.2 SYSINTERNAL S 775 23.3 OLLYDBG 776 23.4 OTHER TOOLS 781 INDEX . ! -.../. : 783 XII TABLE OF CONTENTS
adam_txt	SECURITY POWER TOOLS BRYAN BURNS, JENNIFER STISA GRANICK, STEVE MANZUIK, PAUL GUERSCKJDAV&KILLION, NICOLAS BEQUCHESNE, ERIC MORET, ; JUHEH SOBRIER, MFCHAELIUYNN, ERIC MARKHAM, I ! CHRIS IEZZONJI AND PHILIPPE BIONDI O'REILLT BEIJING * CAMBRIDGE * FARNHAM * KOLN * PARIS * SEBASTOPOL * TAIPEI * TOKYO TABLE OF CONTENTS FOREWORD XIII CREDITS XVII PREFACE XXI PART I LEGAL AND ETHICS 1. LEGAL AND ETHICS ISSUES 3 1.1 CORE ISSUES 4 1.2 * COMPUTER TRESPASS LAWS: NO "HACKING" ALLOWED 7 1.3 REVERSE ENGINEERING 13 1.4 VULNERABILITY REPORTING 22 1.5 WHAT TO DO FROM NOW ON 26 PART II RECONNAISSANCE 2. NETWORK SCANNING 31 2.1 HOW SCANNERS WORK 31 2.2 SUPERUSER PRRWILEGES 33 2.3 THREE NETWORK SCANNERS TO CONSIDER 34 2.4 HOST DISCOVERY 34 2.5 PORT SCANNING 37 2.6 SPECIFYING CUSTOM PORTS 39 2.7 SPECIFYING TARGETS TO SCAN 40 2.8 DIFFERENT SCAN TYPES 42 2.9 TUNING THE SCAN SPEED 45 2.10 APPLICATION FINGERPRINTING 49 2.11 OPERATING SYSTEM DETECTION 49 2.12 SAVING NMAP OUTPUT 51 2.13 RESUMING NMAP SCANS 51 2.14 AVOIDING DETECTION 52 2.15 CONCLUSION 54 3. VULNERABILITY SCANNING 55 3.1 NESSUS 55 3.2 NIKTO V 72 3.3 WEBLNSPECT V 76 4. LAN RECONNAISSANCE . 86 4.1 MAPPING THE LAN 87 4.2 USING ETTERCAP AND ARPSPOOF ON A SWITCHED NETWORK 88 4.3 DEALING WITH STATIC ARP TABLES 92 4.4 GETTING INFORMATION FROM THE LAN 94 4.5 MANIPULATING PACKET DATA 98 5. WIRELESS RECONNAISSANCE 101 5.1 GET THE RIGHT WARDRIVING GEAR 101 5.2 802.11 NETWORK BASICS 102 5.3 802.11 FRAMES 103 5.4 HOW WIRELESS DISCOVERY TOOLS WORK 105 5.5 NETSTUMBLER * ; 105 5.6 KISMET AT A GLANCE 107 5.7 USING KISMET 110 5.8 SORTING THE KISMET NETWORK LIST 112 5.9 USING NETWORK GROUPS WITH KISMET 112 5.10 USING KISMET TO FIND NETWORKS BY PROBE REQUESTS 113 5.11 KISMET GPS SUPPORT USING GPSD 113 5.12 LOOKING CLOSER AT TRAFFIC WITH KISMET 114 5.13 CAPTURING PACKETS AND DECRYPTING TRAFFIC WITH KISMET 116 5.14 WIRESHARK AT A GLANCE 117 5.15 USING WIRESHARK 119 5.16 AIRDEFENSE MOBILE * 122 5.17 AIRMAGNET ANALYZERS 126 5.18 OTNER WARDRIVING TOOLS 129 VI TABLE OF CONTENTS 6. CUSTOM PACKET GENERATION 130 6.1 WHY CREATE CUSTOM PACKETS? 130 6.2 HPING 132 6.3 SCAP Y 136 6.4 PACKET-CRAFTING EXAMPLES WITH SCAPY 163 6.5 PACKET MANGLING WITH NETFILTER 183 6.6 REFERENCES 189 PART III PENETRATION 7. METASPLOIT "T 193 7.1 METASPLOIT INTERFACES 194 7.2 UPDATING METASPLOIT 200 7.3 CHOOSING AN EXPLOIT 200 7.4 CHOOSING A PAYLOAD 202 7.5 . SETTING OPTIONS 206 7.6 RUNNING AN EXPLOIT 209 7.7 MANAGING SESSIONS AND JOBS 212 7.8 THE METERPRETER 215 7.9 SECURITY DEVICE EVASION 219 7.10 SAMPLE EVASION OUTPUT 220 7.11- EVASION USING NOPS AND ENCODERS 221 7.12 IN CONCLUSION 224 8. WIRELESS PENETRATION 225 8.1 WEP AND WPA ENCRYPTION 225 8.2 AIRCRACK 226 8.3 INSTALLING AIRCRACK-NG 227 8.4 RUNNING AIRCRACK-NG 229 8.5 AIRPWN 231 8.6 BASIC AIRPWN USAGE 231 8.7 AIRPWN CONFIGURATION FILES 235 8.8 USING AIRPWN ON WEP-ENCRYPTED NETWORKS 236 8.9 SCRIPTING WITH AIRPWN 237 8.10 KARMA 238 8.11 CONCLUSION 241 TABLE OF CONTENTS VII 9. EXPLOITATION FRAMEWORK APPLICATIONS 242 9.1 TASK OVERVIEW 242 9.2 CORE IMPACT OVERVIEW 244 9.3 NETWORK RECONNAISSANCE WITH CORE IMPACT 246 9.4 CORE IMPACT EXPLOIT SEARCH ENGINE 247 9.5 RUNNING AN EXPLOIT 249 9.6 RUNNING MACROS 250 9.7 BOUNCING OFF AN INSTALLED AGENT 253 ; 9.8 ENABLING AN AGENT TO SURVIVE A REBOOT 253 9.9 MASS SCALE EXPLOITATION 254 9.10 WRITING MODULES FOR CORE IMPACT^ 255 9.11 THE CANVAS EXPLOIT FRAMEWORK 258 9.12 PORTING EXPLOITS WITHIN CANVAS 260 9.13 USING CANVAS FROM THE COMMAND LINE 261 9.14 DIGGIN G DEEPER WITH CANVAS 262 9.15 ADVANCED EXPLOITATION WITH MOSDEF 262 9.16 WRITING EXPLOITS FOR CANVAS 264 9.17 EXPLOITING ALTERNATIVE TOOLS 267 10. CUSTOM EXPLOITATION 268 10.1 UNDERSTANDING VULNERABILITIES 269 10.2 ANALYZING SHELLCODE 275 10.3 TESTING SHELLCODE " 279 10.4 CREATING SHELLCODE 285 10.5 DISGUISING SHELLCODE 302 10.6 EXECUTION FLOW HIJACKING 306 10.7 REFERENCES ' 320 PART IV CONTROL 11. BACKDOORS 323 //./ CHOOSING A BACKDOOR " 324 11.2 VNC 325 11.3 CREATING AND PACKAGING A VNC BACKDOOR 327 11.4 CONNECTING TO AND REMOVING THE VNC BACKDOOR 332 11.5 BACK ORIFICE 2000 " 334 11.6 CONFIGURING A BO2K SERVER 335 11.7 CONFIGURING A BO2K CLIENT 340 VIII TABLE OF CONTENTS 11.8 ADDIN G NEW SERVERS TO THE BO2K WORKSPACE 342 11.9 USING THE BO2K BACKDOOR 343 11.10 BO2K POWERTOOLS . 345 11.11 ENCRYPTION FOR BO2K COMMUNICATIONS 355 11.12 CONCEALING THE BO2K PROTOCOL 356 11.13 REMOVING BO2K 358 11.14 A FEW UNIX BACKDOORS 359 12. ROOTKITS 363 12.1 WINDOWS ROOTKIT: HACKER DEFENDER 363 12.2 LINUX ROOTKIT: ADORE-NG 366 12.3 DETECTING ROOTKITS TECHNIQUES 368 12.4 WINDOWS ROOTKIT DETECTORS 371 12.5 LINUX ROOTKIT DETECTORS 376 12.6 CLEANING AN INFECTED SYSTEM 380 12.7 THE FUTURE OF ROOTKITS 381 PART V DEFENSE 13. PROACTIVE DEFENSE: FIREWALLS 385 13.1 FIREWALL BASICS 385 13.2 NETWORK ADDRESS TRANSLATION 389 13.3 SECURING BSD SYSTEMS WITH IPFW/NATD 391 13.4 SECURING GNU/LINUX SYSTEMS WITH NETFILTER/IPTABLES 401 * 13.5 SECURIN G WINDOWS SYSTEMS WITH WINDOWS FIREWALL/INTERNET CONNECTION SHARING - 412 13.6 VERIFYING YOUR COVERAGE 417 14. HOST HARDENING 421 14.1 CONTROLLING SERVICES 422 14.2 TURNING OFF WHAT YOU DO NOT NEED 423 74.3 LIMITING ACCGSS 424 14.4 LIMITING DAMAGE 430 14.5 BASTILLE LINUX 436 14.6 SELINUX 438 14.7 PASSWORD CRACKING 444 14.8 CHROOTING 448 14.9 SANDBOXING WITH OS VIRTUALIZATION 449 TABLE OF CONTENTS IX 15. SECURING COMMUNICATIONS : 455 15.1 THE SSH-2 PROTOCOL 456 15.2 SSH CONFIGURATION ' 459 15.3 SSH AUTHENTICATION 465 15.4 SSH SHORTCOMINGS , 471 15.5 SSH TROUBLESHOOTING 476 15.6 REMOTE FILE ACCESS WITH SSH 480 15.7 SSH ADVANCED USE 483 15.8 USING SSH UNDER WINDOWS 489 15.9 FILE AND EMAIL SIGNING AND ENCRYPTION , 494 15.10 GPG - 495 15.11 CREATE YOUR GPG KEYS _ 499 15.12 ENCRYPTION AND SIGNATURE WITH GPG . 507 15.13 PGP VERSUS GPG COMPATIBILITY 509 15.14 ENCRYPTION AND SIGNATURE WITH S/MIME 510 15.15 STUNNEL 513 15.16 DISK ENCRYPTION 520 15.17 WINDOWS FILESYSTEM ENCRYPTION WITH PGP DISK , 521 15.18 LINUX FILESYSTEM ENCRYPTION WITH LUKS 522 15.19 CONCLUSION 524 16. EMAIL SECURITY AND ANTI-SPAM 525 16.1 NORTON ANTIVIRUS - 527 16.2 THE CLAMAV PROJECT 531 16.3 CLAMWIN 531 16.4 FRESHCLAM ' _ 533 16.5 CLAMSCAN 536 16.6 CLAMD AND CLAMDSCAN 538 16.7 CLAMAV VIRUS SIGNATURES 544 16.8 PROCMAI L 548 16.9 BASIC PROCMAIL RULES 550 16.10 ADVANCED PROCMAIL RULES 552 16.11 CLAMAV WITH PROCMAIL 554 16.12 UNSOLICITED EMAIL 554 16.13 SPAM FILTERING WITH BAYESIAN FILTERS 556 16.14 SPAMASSASSIN 560 16.15 SPAMASSASSIN RULES 562 16.16 PLUG-INS FOR SPAMASSASSIN 567 16.17 SPAMASSASSIN WITH PROCMAIL 569 TABLE OF CONTENTS 16.18 ANTI-PHISHING TOOLS 571 16.19 CONCLUSION 574 17. DEVICE SECURITY TESTING 576 17.1 REPLAY TRAFFIC WITH TCPREPLAY 577 17.2 TRAFFIC IQ PRO 586 17.3 ISIC SUITE 593 17.4 PROTOS 601 PART VI MONITORING 18. NETWORK CAPTURE 607 18.1 TCPDUMP 607 18.2 ETHEREAL/WIRESHARK 614 18.3 PCAP UTILITIES: TCPFLOW AND NETDUDE 631 18.4 PYTHON/SCAPY SCRIPT FIXES CHECKSUMS 638 18.5 CONCLUSION 639 19. NETWORK MONITORING 640 19.1 SNORT 640 19.2 IMPLEMENTING SNORT 651 19.3 HONEYPOT MONITORING 653 19.4 GLUING THE STUFF TOGETHER 662 20. HOST MONITORING 664 20.1 USING FILE INTEGRITY CHECKERS 664 20.2 FILE INTEGRITY HASHING 666 20.3 THE DO-IT-YOURSELF WAY WITH RPMVERIFY 668 20.4 COMPARING FILE INTEGRITY CHECKERS 670 20.5 PREPPING THE ENVIRONMENT FOR SAMHAIN AND TRIPWIRE 673 20.6 DATABASE INITIALIZATION WITH SAMHAIN AND TRIPWIRE 678 20.7 SECURING THE BASELINE STORAGE WITH SAMHAIN AND TRIPWIRE 680 20.8 RUNNING FILESYSTEM CHECKS WITH SAMHAIN AND TRIPWIRE 682 20.9 MANAGING FILE CHANGES AND UPDATING STORAGE DATABASE WITH SAMHAIN AND TRIPWIRE 684 20.10 RECOGNIZING MALICIOUS ACTIVITY WITH SAMHAIN AND TRIPWIRE 687 20.11 LOG MONITORING WITH LOGWATCH 689 20.12 IMPROVIN G LOGWATCH'S FILTERS 690 20.13 HOST MONITORING IN LARGE ENVIRONMENTS WITH PRELUDE-IDS - 692 20.14 CONCLUSION 694 TABLE OF CONTENTS XI PART VII DISCOVERY 21. FORENSICS 699 21.1 NETSTAT 700 21.2 THE FORENSIC TOOLKIT - 704 21.3 SYSINTERNALS 710 22. APPLICATION FUZZING 725 22.1 WHICH FUZZER TO USE 726 22.2 DIFFERENT TYPES OF FUZZERS FOR DIFFERENT-TASKS 727 22.3 WRITING A FUZZER WITH SPIKE 734 22.4 THE SPIKE API , 735 22.5 FILE-FUZZING APPS 739 22.6 FUZZING WEB APPLICATIONS 742 22.7 CONFIGURING WEBPROXY 744 22.8 AUTOMATIC FUZZING WITH WEBLNSPECT 746 22.9 NEXT-GENERATION FUZZING 747 22.10 FUZZING OR NOT FUZZING 748 23. BINARY REVERSE ENGINEERING 749 23.1 INTERACTIVE DISASSEMBLER 749 23.2 SYSINTERNAL S 775 23.3 OLLYDBG " 776 23.4 OTHER TOOLS 781 INDEX .' ! -./. : 783 XII TABLE OF CONTENTS
any_adam_object	1
any_adam_object_boolean	1
author	Burns, Bryan
author_facet	Burns, Bryan
author_role	aut
author_sort	Burns, Bryan
author_variant	b b bb
building	Verbundindex
bvnumber	BV023165585
callnumber-first	T - Technology
callnumber-label	TK5105
callnumber-raw	TK5105.59
callnumber-search	TK5105.59
callnumber-sort	TK 45105.59
callnumber-subject	TK - Electrical and Nuclear Engineering
classification_rvk	ST 277
ctrlnum	(OCoLC)255731377 (DE-599)DNB984686495
dewey-full	005.8
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.8
dewey-search	005.8
dewey-sort	15.8
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
discipline_str_mv	Informatik
edition	1. ed.
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01593nam a2200445 c 4500</leader><controlfield tag="001">BV023165585</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20080717 </controlfield><controlfield tag="007">t</controlfield><controlfield tag="008">080215s2007 a\|\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">07,N29,0020</subfield><subfield code="2">dnb</subfield></datafield><datafield tag="016" ind1="7" ind2=" "><subfield code="a">984686495</subfield><subfield code="2">DE-101</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780596009632</subfield><subfield code="c">: EUR 58.00 (freier Pr.)</subfield><subfield code="9">978-0-596-00963-2</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0596009631</subfield><subfield code="c">: EUR 58.00 (freier Pr.)</subfield><subfield code="9">0-596-00963-1</subfield></datafield><datafield tag="024" ind1="3" ind2=" "><subfield code="a">9780596009632</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)255731377</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)DNB984686495</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">rakddb</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-1051</subfield><subfield code="a">DE-573</subfield><subfield code="a">DE-M347</subfield><subfield code="a">DE-522</subfield><subfield code="a">DE-29T</subfield><subfield code="a">DE-B768</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK5105.59</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">004</subfield><subfield code="2">sdnb</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Burns, Bryan</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Security Power Tools</subfield><subfield code="c">Bryan Burns ...</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">1. ed.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Beijing [u.a.]</subfield><subfield code="b">O'Reilly</subfield><subfield code="c">2007</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XXXII, 822 S.</subfield><subfield code="b">Ill.</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computersicherheit</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computersicherheit</subfield><subfield code="0">(DE-588)4274324-2</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">HEBIS Datenaustausch Darmstadt</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016333752&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-016333752</subfield></datafield></record></collection>
id	DE-604.BV023165585
illustrated	Illustrated
index_date	2024-07-02T19:55:28Z
indexdate	2024-07-09T21:11:46Z
institution	BVB
isbn	9780596009632 0596009631
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-016333752
oclc_num	255731377
open_access_boolean
owner	DE-1051 DE-573 DE-M347 DE-522 DE-29T DE-B768
owner_facet	DE-1051 DE-573 DE-M347 DE-522 DE-29T DE-B768
physical	XXXII, 822 S. Ill.
publishDate	2007
publishDateSearch	2007
publishDateSort	2007
publisher	O'Reilly
record_format	marc
spelling	Burns, Bryan Verfasser aut Security Power Tools Bryan Burns ... 1. ed. Beijing [u.a.] O'Reilly 2007 XXXII, 822 S. Ill. txt rdacontent n rdamedia nc rdacarrier Computersicherheit Computer networks Security measures Computer security Computersicherheit (DE-588)4274324-2 gnd rswk-swf Computersicherheit (DE-588)4274324-2 s DE-604 HEBIS Datenaustausch Darmstadt application/pdf http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016333752&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA Inhaltsverzeichnis
spellingShingle	Burns, Bryan Security Power Tools Computersicherheit Computer networks Security measures Computer security Computersicherheit (DE-588)4274324-2 gnd
subject_GND	(DE-588)4274324-2
title	Security Power Tools
title_auth	Security Power Tools
title_exact_search	Security Power Tools
title_exact_search_txtP	Security Power Tools
title_full	Security Power Tools Bryan Burns ...
title_fullStr	Security Power Tools Bryan Burns ...
title_full_unstemmed	Security Power Tools Bryan Burns ...
title_short	Security Power Tools
title_sort	security power tools
topic	Computersicherheit Computer networks Security measures Computer security Computersicherheit (DE-588)4274324-2 gnd
topic_facet	Computersicherheit Computer networks Security measures Computer security
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=016333752&sequence=000001&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT burnsbryan securitypowertools

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Inhaltsverzeichnis

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge