Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hack Attacks Revealed

Posted by timothy on from the use-for-good dept.

Bill Camarda contributed this review of Hack Attacks Revealed. A healthy dose of paranoia comes in handy sometimes -- and anyone with a broadband connection of any kind has reason to double the dose. And Yes, this book denies the existence of neither *NIX nor Windows systems.

Hack Attacks Revealed author John Chirillo pages 800 publisher Wiley, John & Sons rating 8.5 reviewer Bill Camarda ISBN 047141624X summary If you have a computer that's not locked underground, disconnected from any network, and powered down, it probably has some of the security holes described in this book.

"I'm going to make a virtuous hacker guru out of you."

That's how John Chirillo begins his "challenging technogothic journey," Hack Attacks Revealed. And whoever "you" are -- sysadmin, internetworking engineer, or hacker (disaffected or otherwise), you'll find that Chirillo is selling authentic goods. (He's been hired by many Fortune 1000 companies to break into their networks.) This book offers a systematic tour of network vulnerabilities, hacking tools and techniques, and a whole lot more. Be warned: "This book is sold for information purposes only. Without written consent from the target company, most of these procedures are illegal in the United States and many other countries as well. Neither the author nor the publisher will be held accountable for the use and misuse of the information contained in this book."

Whew. Now that we've got that out of the way, let's see what's really in here...

The first section of Hack Attacks Revealed reintroduces each of today's communications protocols from a hacker's point of view. For example, it's one thing to know that when IP datagrams traveling in frames cross networks with different size limits, the routers must sometimes fragment the datagrams. It's another to recognize that this introduces a potential vulnerability to both passive and intrusive attacks. It's one thing to know that Address Resolution Protocol (ARP) broadcasts packets to all the hosts attached to a physical network, which store this information for later use; it's another to recognize that this represents an opportunity for a spoofing attack.

In Part II, Chirillo moves on to the communications media that tie workstations into LANs, LANs into WANs, and WANs into internets -- Ethernet, Token Ring, FDDI, ISDN, xDSL, point-to-point links, and frame relay. Then, it's on to start attacking the most vulnerable of those 65,000 ports into your computer.

Chirillo starts with Port 7, echo, explaining echo overloads, Ping of Death attacks, and Ping flooding, which takes advantage of a computer's responsiveness by bombarding it with pings or ICMP echo requests. There's Port 19, chargen, vulnerable to a telnet connection that generates a string of characters with output redirected to a telnet connection. There's Port 53, domain, which leads to a discussion of how DNS caching servers can be spoofed, forwarding visitors to the wrong location.

And so it continues, through more than 50 vulnerable TCP and UDP ports, all the way up to Port 540, uucp, Port 543, klogin, and beyond. Chirillo exposes a veritable who's who of viruses, worms, and trojans: Executor, Cain & Abel, Satanz Backdoor, ServeU, ShadowPhyre, SubSeven Apocalypse, Voodoo Doll, Portal of Doom...

Next, you're introduced to scanning: IP, port, and service site scans, tools, and techniques -- including techniques that can penetrate or "stealth" their way past firewalls (a comforting thought).

There's detailed coverage of mail bombing, spamming, and spoofing; web page hacking, and vulnerabilities of specific *nix and Windows operating systems, as well as internetworking hardware (Cisco, 3Com, et al.). You'll find tons of useful charts (from common ports to Ethernet frame formats). There's even an introductory guide to the lingua franca of hacking, the C programming language.

The accompanying CD-ROM contains an extensive collection of security and hacking software, plus TigerSuite -- all you need to uncover, scan, penetrate, expose, control, spy, flood, spoof, sniff, infect, report, monitor, and generally prevent (or perform) all manner of havoc. We hope you'll use the software -- and the book -- for good, not evil.

You can purchase this book at Fatbrain.

3 of 34 comments (clear)

  1. buy it at bookpool for 39% off instead by paled · · Score: 5

    http://www.bookpool.com

    He also wrote Hack Attacks Denied.
    not an employee or investor, just a customer.

    --
    .
  2. precious pennies by joq · · Score: 5


    Well I have my own Cisco based [1 2 3] information which sums up networking to a tee. Security Focus, Packet Storm, SpyKing, and Cryptome all cover the other areas for information when I need it. Is it me or in the past 2 years did everyone jump on the "Hacker" bandwagon writing books on information that's already a point and click away? Not taking anything away from the book, but Information Security Management Handbook 2001, Cisco's Routing TCP/IP, and other security books in my library have done me justice. Makes I guess a nice intro for newer users, but personally I don't like books with "Hacker" in them, they tend to be geared for those with little clues, and who are often too lazy or dumb to find information and study it on their own.

    --

    Want Root?
  3. Re:for the Hackers who didnt understand the review by Some+Dumbass... · · Score: 4

    And if you run this through perl, it prints out:

    "Hello, World!"