Practical Hacking Techniques and Countermeasures
Mark D. Spivey
Language: English
Pages: 752
ISBN: B00866GPF4
Format: PDF / Kindle (mobi) / ePub
Examining computer security from the hacker's perspective, Practical Hacking Techniques and Countermeasures employs virtual computers to illustrate how an attack is executed, including the script, compilation, and results. It provides detailed screen shots in each lab for the reader to follow along in a step-by-step process in order to duplicate and understand how the attack works. It enables experimenting with hacking techniques without fear of corrupting computers or violating any laws.
Written in a lab manual style, the book begins with the installation of the VMware® Workstation product and guides the users through detailed hacking labs enabling them to experience what a hacker actually does during an attack. It covers social engineering techniques, footprinting techniques, and scanning tools. Later chapters examine spoofing techniques, sniffing techniques, password cracking, and attack tools. Identifying wireless attacks, the book also explores Trojans, Man-in-the-Middle (MTM) attacks, and Denial of Service (DoS) attacks.
Learn how to secure your computers with this comprehensive guide on hacking techniques and countermeasures
By understanding how an attack occurs the reader can better understand how to defend against it. This book shows how an attack is conceptualized, formulated, and performed. It offers valuable information for constructing a system to defend against attacks and provides a better understanding of securing your own computer or corporate network.
Techniques and Countermeasures “Banner grabbing” via Telnet works in Linux as well. In this example Telnet is connecting to port 21. The results show that Serv-U FTP Server, version 5.0 is being used at the target. AU7057_C002.fm Page 67 Tuesday, September 19, 2006 10:21 AM Banner Identification Ⅲ 67 Lab 2: Banner Identification Banner Grabbing: NETCAT Prerequisites: None Countermeasures: Uninstall/disable unnecessary services, SSH, VPN, IPSEC, banner alteration. Description: The netcat
Tuesday, September 19, 2006 11:09 AM Target Enumeration Ⅲ 105 Lab 16: Target Connectivity/Route Detect Target Connectivity: PingG Prerequisites: None Countermeasures: Deny Internet Control Messenger Protocol (ICMP) requests/reply Descriptions: The ping application is used by an attacker to “see” if a target is connected to the network/Internet as the target will respond with a ping reply. Procedure: From a DOS prompt or Linux shell type the following with the syntax of: ping (Target IP or
attacker uses this information to launch appropriate attacks for the results obtained. The difference between nmap and Xprobe2 from Chapter 2 is that this application allows the option of initiating a decoy IP address against the target. Remember that all commands in Linux are case sensitive. Procedure: Compile and create the Linux executable and run it against the target with the syntax of: nmap
is running on the target. This allows an attacker to initiate a DoS attack against the target at will. The Remote Time of Day service is an example of a service that should not be turned on unless there is a very specific reason to do so, and even then should be protected by firewalls and/or routers. *Note: As with any application be aware of your environment prior to and after installing it. One of LANguard’s features is to perform a remote shutdown of the target. Initially this feature did not
.............................................................................. 574 Manipulate the Live Data Stream: Achilles Lab 84: Covert Reverse Telnet Session............................................................ 588 Create a Reverse Telnet Session: Netcat Lab 85: Covert Channel — Reverse Shell ....................................................... 596 Exploit Data from Target Computer: Reverse Shell 10