Hack the stack: using snort and ethereal to master the 8 layers of an insecure network
Gespeichert in:
| Format: | Elektronisch E-Book |
|---|---|
| Sprache: | English |
| Veröffentlicht: |
Rockland, MA
Syngress Pub.
c2006
|
| Schlagworte: | |
| Online-Zugang: | FAW01 FAW02 Volltext |
| Beschreibung: | Includes index This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack"--The seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer: The people layer. This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attackers exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur. What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack. * Remember being a child and wanting to take something apart, like a phone, to see how it worked? This book is for you then as it details how specific hacker tools and techniques accomplish the things they do. * This book will not only give you knowledge of security tools but will provide you the ability to design more robust security solutions * Anyone can tell you what a tool does but this book shows you how the tool works 1 Extending OSI to Network Security (20 pp) 2 -- Layer 1 Physical layer (30 pp) Introduction Perimeter security Facility security Device security Identification and authentication Biometrics Attacking physical security Lock picks Wiretapping and Scanners Hardware hacking Layer 1 security project Building a one-way data reception cable Summary 3 -- Layer 2 -- - Data Link layer (40 pp) Introduction The Ethernet Frame structure Understanding MAC addressing Understanding PPP and SLIP How a protocol analyzer works Attacking the Data Link Layer Passive versus active sniffing Sniffing Wireless (Wireless basics) Wireless vulnerabilities Defending the Data Link Layer Defenses against active sniffing Detecting promiscuous devices Security in switches Layer 2 security project Using Auditor to crack WEP Summary 4 Layer 3 Network layer (40 pp) Introduction The IP packet structure Attacking the network layer IP Attacks Fragmentation Analyzing an IPID scan The ICMP packet structure Attacking ICMP Smurf Redirects Analyzing the ARP Process Attacking ARP ARP Poisoning Defending the Network Layer Securing IP, ICMP, - and ARP Layer 3 security project Fragmenting traffic to bypass an IDS Summary 5 Layer 4 Transport layer (40 pp) Introduction The TCP packet structure Attacking TCP TCP port scanning Advanced port scanning tools Watching Amap in action Using Snort to identify a port scans The UDP datagram Attacking UDP Defending the Transport Layer Watching TLS/SSL Amap and SSL Layer 4 security project Building a Snort system Summary 6 Layer 5 Session layer (40 pp) Introduction Attacking the Session Layer Session hijacking ettercap Observing a SYN attack Sniffing usernames and passwords during a session setup Establishing a session Lophtcrack Dsniff Using ettercap and Hunt Defending the Session Layer Port knocking Layer 5 security project -- - Building Snort filters to capture malicious traffic Summary 7 Layer 6 Presentation layer (40 pp) Introduction An analysis of the NetBIOS and SMB Attacking the Presentation layer NetBIOS and enumeration Sniffing Kerberos Using BurpProxy to intercept traffic Cracking weak encryption Defending the Presentation Layer Encryption Adding confidentiality and integrity with IPSec Protecting email with S-MIME Layer 6 security project Cracking passwords and other encryption schemes Summary 8 Layer 7 Application layer (40 pp) Introduction The structure of FTP Analyzing DNS and its weaknesses Other insecure applications Attacking the Application layer Web Applications Cross site scripting DNS Spoofing and pharming Buffer Overflow attacks Using Snort to detect a buffer overflow attack Reverse engineering code Using the Exploitation Framework Metasploit Defending the Application Layer SSH PGP Vulnerability scanners Nessus Layer 7 security project Using Nessus to secure the stack Summary 9 Layer 8 - The People layer (35 pp) Introduction Attacking the People Layer Social Engineering Person to person and remote attacks Fun with Caller ID spoofing Defending the People Layer Policies, procedures, and guidelines Regulatory Requirements SOX / HIPAA / California law / PIPDA, etc. Making the case for stronger security Building a better stack Layer 8 security project Building an orange box Summary 10 -- Appendix A (12 pp) Risk Mitigation Securing the Stack Tying the layers together Defense in depth |
| Beschreibung: | 1 Online-Ressource (xxvi, 442 p.) |
| ISBN: | 0080507743 1429417293 1597491098 9780080507743 9781429417297 9781597491099 |
Internformat
MARC
| LEADER | 00000nmm a2200000zc 4500 | ||
|---|---|---|---|
| 001 | BV043043930 | ||
| 003 | DE-604 | ||
| 005 | 00000000000000.0 | ||
| 007 | cr|uuu---uuuuu | ||
| 008 | 151123s2006 |||| o||u| ||||||eng d | ||
| 020 | |a 0080507743 |9 0-08-050774-3 | ||
| 020 | |a 1429417293 |c electronic bk. |9 1-4294-1729-3 | ||
| 020 | |a 1597491098 |9 1-59749-109-8 | ||
| 020 | |a 9780080507743 |9 978-0-08-050774-3 | ||
| 020 | |a 9781429417297 |c electronic bk. |9 978-1-4294-1729-7 | ||
| 020 | |a 9781597491099 |9 978-1-59749-109-9 | ||
| 035 | |a (OCoLC)162131532 | ||
| 035 | |a (DE-599)BVBBV043043930 | ||
| 040 | |a DE-604 |b ger |e aacr | ||
| 041 | 0 | |a eng | |
| 049 | |a DE-1046 |a DE-1047 | ||
| 082 | 0 | |a 005.8 |2 22 | |
| 245 | 1 | 0 | |a Hack the stack |b using snort and ethereal to master the 8 layers of an insecure network |c Michael Gregg ... [et al.] ; technical editor, Stephen Watkins |
| 264 | 1 | |a Rockland, MA |b Syngress Pub. |c c2006 | |
| 300 | |a 1 Online-Ressource (xxvi, 442 p.) | ||
| 336 | |b txt |2 rdacontent | ||
| 337 | |b c |2 rdamedia | ||
| 338 | |b cr |2 rdacarrier | ||
| 500 | |a Includes index | ||
| 500 | |a This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack"--The seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer: The people layer. This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attackers exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur. | ||
| 500 | |a What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack. * Remember being a child and wanting to take something apart, like a phone, to see how it worked? This book is for you then as it details how specific hacker tools and techniques accomplish the things they do. | ||
| 500 | |a * This book will not only give you knowledge of security tools but will provide you the ability to design more robust security solutions * Anyone can tell you what a tool does but this book shows you how the tool works | ||
| 500 | |a 1 Extending OSI to Network Security (20 pp) 2 -- Layer 1 Physical layer (30 pp) Introduction Perimeter security Facility security Device security Identification and authentication Biometrics Attacking physical security Lock picks Wiretapping and Scanners Hardware hacking Layer 1 security project Building a one-way data reception cable Summary 3 -- Layer 2 -- | ||
| 500 | |a - Data Link layer (40 pp) Introduction The Ethernet Frame structure Understanding MAC addressing Understanding PPP and SLIP How a protocol analyzer works Attacking the Data Link Layer Passive versus active sniffing Sniffing Wireless (Wireless basics) Wireless vulnerabilities Defending the Data Link Layer Defenses against active sniffing Detecting promiscuous devices Security in switches Layer 2 security project Using Auditor to crack WEP Summary 4 Layer 3 Network layer (40 pp) Introduction The IP packet structure Attacking the network layer IP Attacks Fragmentation Analyzing an IPID scan The ICMP packet structure Attacking ICMP Smurf Redirects Analyzing the ARP Process Attacking ARP ARP Poisoning Defending the Network Layer Securing IP, ICMP, | ||
| 500 | |a - and ARP Layer 3 security project Fragmenting traffic to bypass an IDS Summary 5 Layer 4 Transport layer (40 pp) Introduction The TCP packet structure Attacking TCP TCP port scanning Advanced port scanning tools Watching Amap in action Using Snort to identify a port scans The UDP datagram Attacking UDP Defending the Transport Layer Watching TLS/SSL Amap and SSL Layer 4 security project Building a Snort system Summary 6 Layer 5 Session layer (40 pp) Introduction Attacking the Session Layer Session hijacking ettercap Observing a SYN attack Sniffing usernames and passwords during a session setup Establishing a session Lophtcrack Dsniff Using ettercap and Hunt Defending the Session Layer Port knocking Layer 5 security project -- | ||
| 500 | |a - Building Snort filters to capture malicious traffic Summary 7 Layer 6 Presentation layer (40 pp) Introduction An analysis of the NetBIOS and SMB Attacking the Presentation layer NetBIOS and enumeration Sniffing Kerberos Using BurpProxy to intercept traffic Cracking weak encryption Defending the Presentation Layer Encryption Adding confidentiality and integrity with IPSec Protecting email with S-MIME Layer 6 security project Cracking passwords and other encryption schemes Summary 8 Layer 7 Application layer (40 pp) Introduction The structure of FTP Analyzing DNS and its weaknesses Other insecure applications Attacking the Application layer Web Applications Cross site scripting DNS Spoofing and pharming Buffer Overflow attacks Using Snort to detect a buffer overflow attack Reverse engineering code Using the Exploitation Framework Metasploit Defending the Application Layer SSH PGP Vulnerability scanners Nessus Layer 7 security project Using Nessus to secure the stack Summary 9 Layer 8 | ||
| 500 | |a - The People layer (35 pp) Introduction Attacking the People Layer Social Engineering Person to person and remote attacks Fun with Caller ID spoofing Defending the People Layer Policies, procedures, and guidelines Regulatory Requirements SOX / HIPAA / California law / PIPDA, etc. Making the case for stronger security Building a better stack Layer 8 security project Building an orange box Summary 10 -- Appendix A (12 pp) Risk Mitigation Securing the Stack Tying the layers together Defense in depth | ||
| 650 | 7 | |a COMPUTERS / Internet / Security |2 bisacsh | |
| 650 | 7 | |a COMPUTERS / Networking / Security |2 bisacsh | |
| 650 | 7 | |a COMPUTERS / Security / General |2 bisacsh | |
| 650 | 7 | |a Computer networks / Security measures |2 local | |
| 650 | 7 | |a Computer security |2 local | |
| 650 | 4 | |a Computer networks |x Security measures | |
| 650 | 4 | |a Computer security | |
| 700 | 1 | |a Gregg, Michael |e Sonstige |4 oth | |
| 700 | 1 | |a Watkins, Stephen |e Sonstige |4 oth | |
| 856 | 4 | 0 | |u http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=174832 |x Aggregator |3 Volltext |
| 912 | |a ZDB-4-EBA | ||
| 999 | |a oai:aleph.bib-bvb.de:BVB01-028468468 | ||
| 966 | e | |u http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=174832 |l FAW01 |p ZDB-4-EBA |q FAW_PDA_EBA |x Aggregator |3 Volltext | |
| 966 | e | |u http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=174832 |l FAW02 |p ZDB-4-EBA |q FAW_PDA_EBA |x Aggregator |3 Volltext | |
Datensatz im Suchindex
| _version_ | 1804175409207574528 |
|---|---|
| any_adam_object | |
| building | Verbundindex |
| bvnumber | BV043043930 |
| collection | ZDB-4-EBA |
| ctrlnum | (OCoLC)162131532 (DE-599)BVBBV043043930 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>07643nmm a2200577zc 4500</leader><controlfield tag="001">BV043043930</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">00000000000000.0</controlfield><controlfield tag="007">cr|uuu---uuuuu</controlfield><controlfield tag="008">151123s2006 |||| o||u| ||||||eng d</controlfield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">0080507743</subfield><subfield code="9">0-08-050774-3</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1429417293</subfield><subfield code="c">electronic bk.</subfield><subfield code="9">1-4294-1729-3</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1597491098</subfield><subfield code="9">1-59749-109-8</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780080507743</subfield><subfield code="9">978-0-08-050774-3</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781429417297</subfield><subfield code="c">electronic bk.</subfield><subfield code="9">978-1-4294-1729-7</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781597491099</subfield><subfield code="9">978-1-59749-109-9</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)162131532</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BVBBV043043930</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield><subfield code="e">aacr</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-1046</subfield><subfield code="a">DE-1047</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">22</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Hack the stack</subfield><subfield code="b">using snort and ethereal to master the 8 layers of an insecure network</subfield><subfield code="c">Michael Gregg ... [et al.] ; technical editor, Stephen Watkins</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Rockland, MA</subfield><subfield code="b">Syngress Pub.</subfield><subfield code="c">c2006</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 Online-Ressource (xxvi, 442 p.)</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes index</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack"--The seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer: The people layer. This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attackers exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur. </subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack. * Remember being a child and wanting to take something apart, like a phone, to see how it worked? This book is for you then as it details how specific hacker tools and techniques accomplish the things they do. </subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">* This book will not only give you knowledge of security tools but will provide you the ability to design more robust security solutions * Anyone can tell you what a tool does but this book shows you how the tool works</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">1 Extending OSI to Network Security (20 pp) 2 -- Layer 1 Physical layer (30 pp) Introduction Perimeter security Facility security Device security Identification and authentication Biometrics Attacking physical security Lock picks Wiretapping and Scanners Hardware hacking Layer 1 security project Building a one-way data reception cable Summary 3 -- Layer 2 -- </subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a"> - Data Link layer (40 pp) Introduction The Ethernet Frame structure Understanding MAC addressing Understanding PPP and SLIP How a protocol analyzer works Attacking the Data Link Layer Passive versus active sniffing Sniffing Wireless (Wireless basics) Wireless vulnerabilities Defending the Data Link Layer Defenses against active sniffing Detecting promiscuous devices Security in switches Layer 2 security project Using Auditor to crack WEP Summary 4 Layer 3 Network layer (40 pp) Introduction The IP packet structure Attacking the network layer IP Attacks Fragmentation Analyzing an IPID scan The ICMP packet structure Attacking ICMP Smurf Redirects Analyzing the ARP Process Attacking ARP ARP Poisoning Defending the Network Layer Securing IP, ICMP, </subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a"> - and ARP Layer 3 security project Fragmenting traffic to bypass an IDS Summary 5 Layer 4 Transport layer (40 pp) Introduction The TCP packet structure Attacking TCP TCP port scanning Advanced port scanning tools Watching Amap in action Using Snort to identify a port scans The UDP datagram Attacking UDP Defending the Transport Layer Watching TLS/SSL Amap and SSL Layer 4 security project Building a Snort system Summary 6 Layer 5 Session layer (40 pp) Introduction Attacking the Session Layer Session hijacking ettercap Observing a SYN attack Sniffing usernames and passwords during a session setup Establishing a session Lophtcrack Dsniff Using ettercap and Hunt Defending the Session Layer Port knocking Layer 5 security project -- </subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a"> - Building Snort filters to capture malicious traffic Summary 7 Layer 6 Presentation layer (40 pp) Introduction An analysis of the NetBIOS and SMB Attacking the Presentation layer NetBIOS and enumeration Sniffing Kerberos Using BurpProxy to intercept traffic Cracking weak encryption Defending the Presentation Layer Encryption Adding confidentiality and integrity with IPSec Protecting email with S-MIME Layer 6 security project Cracking passwords and other encryption schemes Summary 8 Layer 7 Application layer (40 pp) Introduction The structure of FTP Analyzing DNS and its weaknesses Other insecure applications Attacking the Application layer Web Applications Cross site scripting DNS Spoofing and pharming Buffer Overflow attacks Using Snort to detect a buffer overflow attack Reverse engineering code Using the Exploitation Framework Metasploit Defending the Application Layer SSH PGP Vulnerability scanners Nessus Layer 7 security project Using Nessus to secure the stack Summary 9 Layer 8 </subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a"> - The People layer (35 pp) Introduction Attacking the People Layer Social Engineering Person to person and remote attacks Fun with Caller ID spoofing Defending the People Layer Policies, procedures, and guidelines Regulatory Requirements SOX / HIPAA / California law / PIPDA, etc. Making the case for stronger security Building a better stack Layer 8 security project Building an orange box Summary 10 -- Appendix A (12 pp) Risk Mitigation Securing the Stack Tying the layers together Defense in depth</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Internet / Security</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Networking / Security</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS / Security / General</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer networks / Security measures</subfield><subfield code="2">local</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer security</subfield><subfield code="2">local</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer networks</subfield><subfield code="x">Security measures</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer security</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Gregg, Michael</subfield><subfield code="e">Sonstige</subfield><subfield code="4">oth</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Watkins, Stephen</subfield><subfield code="e">Sonstige</subfield><subfield code="4">oth</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=174832</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="999" ind1=" " ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-028468468</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=174832</subfield><subfield code="l">FAW01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FAW_PDA_EBA</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="966" ind1="e" ind2=" "><subfield code="u">http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=174832</subfield><subfield code="l">FAW02</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FAW_PDA_EBA</subfield><subfield code="x">Aggregator</subfield><subfield code="3">Volltext</subfield></datafield></record></collection> |
| id | DE-604.BV043043930 |
| illustrated | Not Illustrated |
| indexdate | 2024-07-10T07:15:49Z |
| institution | BVB |
| isbn | 0080507743 1429417293 1597491098 9780080507743 9781429417297 9781597491099 |
| language | English |
| oai_aleph_id | oai:aleph.bib-bvb.de:BVB01-028468468 |
| oclc_num | 162131532 |
| open_access_boolean | |
| owner | DE-1046 DE-1047 |
| owner_facet | DE-1046 DE-1047 |
| physical | 1 Online-Ressource (xxvi, 442 p.) |
| psigel | ZDB-4-EBA ZDB-4-EBA FAW_PDA_EBA |
| publishDate | 2006 |
| publishDateSearch | 2006 |
| publishDateSort | 2006 |
| publisher | Syngress Pub. |
| record_format | marc |
| spelling | Hack the stack using snort and ethereal to master the 8 layers of an insecure network Michael Gregg ... [et al.] ; technical editor, Stephen Watkins Rockland, MA Syngress Pub. c2006 1 Online-Ressource (xxvi, 442 p.) txt rdacontent c rdamedia cr rdacarrier Includes index This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack"--The seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer: The people layer. This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attackers exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur. What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack. * Remember being a child and wanting to take something apart, like a phone, to see how it worked? This book is for you then as it details how specific hacker tools and techniques accomplish the things they do. * This book will not only give you knowledge of security tools but will provide you the ability to design more robust security solutions * Anyone can tell you what a tool does but this book shows you how the tool works 1 Extending OSI to Network Security (20 pp) 2 -- Layer 1 Physical layer (30 pp) Introduction Perimeter security Facility security Device security Identification and authentication Biometrics Attacking physical security Lock picks Wiretapping and Scanners Hardware hacking Layer 1 security project Building a one-way data reception cable Summary 3 -- Layer 2 -- - Data Link layer (40 pp) Introduction The Ethernet Frame structure Understanding MAC addressing Understanding PPP and SLIP How a protocol analyzer works Attacking the Data Link Layer Passive versus active sniffing Sniffing Wireless (Wireless basics) Wireless vulnerabilities Defending the Data Link Layer Defenses against active sniffing Detecting promiscuous devices Security in switches Layer 2 security project Using Auditor to crack WEP Summary 4 Layer 3 Network layer (40 pp) Introduction The IP packet structure Attacking the network layer IP Attacks Fragmentation Analyzing an IPID scan The ICMP packet structure Attacking ICMP Smurf Redirects Analyzing the ARP Process Attacking ARP ARP Poisoning Defending the Network Layer Securing IP, ICMP, - and ARP Layer 3 security project Fragmenting traffic to bypass an IDS Summary 5 Layer 4 Transport layer (40 pp) Introduction The TCP packet structure Attacking TCP TCP port scanning Advanced port scanning tools Watching Amap in action Using Snort to identify a port scans The UDP datagram Attacking UDP Defending the Transport Layer Watching TLS/SSL Amap and SSL Layer 4 security project Building a Snort system Summary 6 Layer 5 Session layer (40 pp) Introduction Attacking the Session Layer Session hijacking ettercap Observing a SYN attack Sniffing usernames and passwords during a session setup Establishing a session Lophtcrack Dsniff Using ettercap and Hunt Defending the Session Layer Port knocking Layer 5 security project -- - Building Snort filters to capture malicious traffic Summary 7 Layer 6 Presentation layer (40 pp) Introduction An analysis of the NetBIOS and SMB Attacking the Presentation layer NetBIOS and enumeration Sniffing Kerberos Using BurpProxy to intercept traffic Cracking weak encryption Defending the Presentation Layer Encryption Adding confidentiality and integrity with IPSec Protecting email with S-MIME Layer 6 security project Cracking passwords and other encryption schemes Summary 8 Layer 7 Application layer (40 pp) Introduction The structure of FTP Analyzing DNS and its weaknesses Other insecure applications Attacking the Application layer Web Applications Cross site scripting DNS Spoofing and pharming Buffer Overflow attacks Using Snort to detect a buffer overflow attack Reverse engineering code Using the Exploitation Framework Metasploit Defending the Application Layer SSH PGP Vulnerability scanners Nessus Layer 7 security project Using Nessus to secure the stack Summary 9 Layer 8 - The People layer (35 pp) Introduction Attacking the People Layer Social Engineering Person to person and remote attacks Fun with Caller ID spoofing Defending the People Layer Policies, procedures, and guidelines Regulatory Requirements SOX / HIPAA / California law / PIPDA, etc. Making the case for stronger security Building a better stack Layer 8 security project Building an orange box Summary 10 -- Appendix A (12 pp) Risk Mitigation Securing the Stack Tying the layers together Defense in depth COMPUTERS / Internet / Security bisacsh COMPUTERS / Networking / Security bisacsh COMPUTERS / Security / General bisacsh Computer networks / Security measures local Computer security local Computer networks Security measures Computer security Gregg, Michael Sonstige oth Watkins, Stephen Sonstige oth http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=174832 Aggregator Volltext |
| spellingShingle | Hack the stack using snort and ethereal to master the 8 layers of an insecure network COMPUTERS / Internet / Security bisacsh COMPUTERS / Networking / Security bisacsh COMPUTERS / Security / General bisacsh Computer networks / Security measures local Computer security local Computer networks Security measures Computer security |
| title | Hack the stack using snort and ethereal to master the 8 layers of an insecure network |
| title_auth | Hack the stack using snort and ethereal to master the 8 layers of an insecure network |
| title_exact_search | Hack the stack using snort and ethereal to master the 8 layers of an insecure network |
| title_full | Hack the stack using snort and ethereal to master the 8 layers of an insecure network Michael Gregg ... [et al.] ; technical editor, Stephen Watkins |
| title_fullStr | Hack the stack using snort and ethereal to master the 8 layers of an insecure network Michael Gregg ... [et al.] ; technical editor, Stephen Watkins |
| title_full_unstemmed | Hack the stack using snort and ethereal to master the 8 layers of an insecure network Michael Gregg ... [et al.] ; technical editor, Stephen Watkins |
| title_short | Hack the stack |
| title_sort | hack the stack using snort and ethereal to master the 8 layers of an insecure network |
| title_sub | using snort and ethereal to master the 8 layers of an insecure network |
| topic | COMPUTERS / Internet / Security bisacsh COMPUTERS / Networking / Security bisacsh COMPUTERS / Security / General bisacsh Computer networks / Security measures local Computer security local Computer networks Security measures Computer security |
| topic_facet | COMPUTERS / Internet / Security COMPUTERS / Networking / Security COMPUTERS / Security / General Computer networks / Security measures Computer security Computer networks Security measures |
| url | http://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&db=nlabk&AN=174832 |
| work_keys_str_mv | AT greggmichael hackthestackusingsnortandetherealtomasterthe8layersofaninsecurenetwork AT watkinsstephen hackthestackusingsnortandetherealtomasterthe8layersofaninsecurenetwork |