Table of Contents:
I Setting the Stage
• • • • Chapter 1 - Why Did I Write This Book? Chapter 2 - How This Book Will Help You Chapter 3 - Hackers and Crackers Chapter 4 - Just Who Can Be Hacked, Anyway?
II Understanding the Terrain
• • • • Chapter 5 - Is Security a Futile Endeavor? Chapter 6 -A Brief Primer on TCP/IP Chapter 7 - Birth of a Network: The Internet Chapter 8 - Internet Warfare
• • • • • • Chapter 9 - Scanners Chapter 10 - Password Crackers Chapter 11 - Trojans Chapter 12 - Sniffers Chapter 13 - Techniques to Hide One's Identity Chapter 14 - Destructive Devices
IV Platforms and Security
• • • Chapter 15 - The Hole Chapter 16 - Microsoft Chapter 17 - UNIX:The Big Kahuna
• • • •
Chapter 18 - Novell Chapter 19 - VAX/VMS Chapter 20 - Macintosh Chapter 21 - Plan 9 from Bell Labs
V Beginning at Ground Zero
• • • Chapter 22 - Who or What Is Root? Chapter 23 - An Introduction to Breaching a Server Internally Chapter 24 - Security Concepts
VI The Remote Attack
• • • • • • Chapter 25 - The Remote Attack Chapter 26 - Levels of Attack Chapter27 - Firewalls Chapter 28 - Spoofing Attacks Chapter 29 - Telnet-Based Attacks Chapter 30 - Language, Extensions, and Security
VII The Law
• Chapter 31 - Reality Bytes: Computer Security and the Law
• • • • Appendix A - How to Get More Information Appendix B - Security Consultants Appendix C - A Hidden Message About the Internet Appendix D - What's on the CD-ROM
©Copyright, Angel722 Computer Publishing. All rights reserved.
Maximum Security: A Hacker's Guide to Protecting Your Internet Site and Network
This book is dedicated to Michelle, whose presence has rendered me a prince among men.
My acknowledgments are brief. First, I would like to acknowledge the folks at Sams, particularly Randi Roger, Scott Meyers, Mark Taber,Blake Hall, Eric Murray, Bob Correll, and Kate Shoup. Without them, my work would resemble a tangled, horrible mess. They are an awesome editing team and their expertise is truly extraordinary. Next, I extend my deepest gratitude to Michael Michaleczko, and Ron and Stacie Latreille. These individuals offered critical support, without which this book could not have been written. Also, I would like torecognize the significant contribution made by John David Sale, a network security specialist located in Van Nuys, California. His input was invaluable. A similar thanks is also extended to Peter Benson, an Internet and EDI Consultant in Santa Monica, California (who, incidentally, is the current chairman of ASC X12E). Peter's patience was (and is) difficult to fathom. Moreover, I forward a specialacknowledgment to David Pennells and his merry band of programmers. Those cats run the most robust and reliable wire in the southwestern United States.
About the Author
The author describes himself as a "UNIX propeller head" and is a dedicated advocate of the Perl programming language, Linux, and FreeBSD. After spending four years as a system administrator for two California health-carefirms, the author started his own security-consulting business. Currently, he specializes in testing the security of various networking platforms (breaking into computer networks and subsequently revealing what holes lead to the unauthorized entry) including but not limited to Novell NetWare, Microsoft Windows NT, SunOS, Solaris, Linux, and Microsoft Windows 95. His most recent assignment was to securea wide area network that spans from Los Angeles to Montreal. The author now lives quietly in southern California with a Sun SPARCStation, an IBM RS/6000, two Pentiums, a Macintosh, various remnants of a MicroVAX, and his wife.
In the late 1980s, the author was convicted of a series of financial crimes after developing a technique to circumvent bank security in Automatic Teller Machine...