|
Buy |
| The Ethical Hacking Guide to Corporate
Security |
by:
Ankit Fadia
Pages: 358
Format: PDF (required free software:
Adobe Reader 6 or 7)
File Size: 3,3 Mbytes
ISBN: 989-615-004-4
e-book Price: 19,99 Euros
(This title is NOT available in paper
format)
1st Edition: January 2005
Collection: Tecnologias |
|
|
|
The Internet has considerably enhanced various
business critical operations of companies in different industry
sectors across the globe. However, as more and more Organizations
become partially or completely dependent on the Internet, computer
security and the serious threat of computer criminals comes to the
foreground. A single network infiltration can cause severe losses
totalling in millions of dollars. Unfortunately, most organizations
across the globe continue to remain oblivious of to the threat posed
by computer criminals, corporate espionage and cyber terrorism.
‘The Ethical Hacking Guide to Corporate Security’ dismisses this
incompetent approach adopted by many companies and clears up some of
the most horrific cyber crime cases that hit the corporate world
across 17 different countries in 5 continents. With the correct mix
of technical explanations and subsequent business implications, this
book draws a direct correlation between computer security and
business profitability. The comprehensive yet easy to understand
analysis of some of the most dangerous security threats and
vulnerabilities on the Internet, lays down the path that companies
need to follow to safeguard their networks. This book places a great
deal of emphasis on investigating and solving real attacks faced by
companies. Moreover, the thoroughly researched attack strategies,
working and countermeasures described in this book are organized in
an extremely unique easy to understand format.
This book is not only aimed at serious hardcore system
administrators, but it also contains information that will be
relished by top-level management gurus working in various industry
sectors. |
About the Author
Introduction
I Buffer Overflows
Introduction
Business Definition
Business
Cheats, Cons and Crimes
Case Studies
Paris, France: Fashion Sector
Seoul, South Korea: Hotel Sector
The Art of Buffer
Overflows
Different Types of Buffer Overflows
Stack Overflows
Format
String Overflows
Heap
Overflows
Integer Overflows
More Buffer Overflow examples
Poor Programming
MSN
Messenger
Wu-FTPD
Countermeasures
II Denial of Services
(DOS) attacks
Introduction
Technical Definition
Business Definition
Threats of DOS attacks
Business Cheats, Cons and Crimes
Case Studies
Tokyo, Japan: Media Sector
Delhi, India: Advertising Sector
United States of America: Online Websites
The Art of Denial of Services (DOS) Attacks
Types of DOS Attacks
Ping of Death
Teardrop
SYN Flooding
Land Attacks
Smurf Attacks
UDP Flooding
Hybrid DOS attacks
Application Specific DOS attacks
Distributed DOS Attacks
Distributed DOS Attack tools
Tribal Flood Network (TFN and TFN2K)
Trin00
Stacheldraht
Shaft
Mstream
Fadia’s Hot Picks for popular distributed DOS attack
tools
Countermeasures
Raw Fun
III E-mail Security
Introduction
Business Definition
E-mail Threats
Business Cheats, Cons and Crimes
Case Studies
Karachi, Pakistan: Individual
Dubai, UAE: Individual
Types of E-mail Threats
Abusive E-mails
Introduction
E-mail Headers
Tracing E-mails
Case Studies
Fadia’s Hot Picks for popular E-mail Threats tools
E-mail Forging
Introduction
The Art of Forging E-mails
Countermeasures
Case Studies
Spam
Introduction
Countermeasures
Countermeasures
Raw Fun
IV Input
Validation Attacks
Introduction
Technical Definition
Business Definition
Business Cheats, Cons and Crimes
Case Studies
Throughout the Globe: Software Industry
London, Britain: Internet Services Sector
The Art of Input Validation Attacks
Input Validation Threats
Case Studies
Hotmail.com
Apache Web Server
MailMachine.cgi
SQL Injection Attacks
Introduction
Accessing Sensitive Files
Bypassing Security Controls
DOS Attacks VS Input Validation Attacks
Fadia’s Hot Picks for popular Input Validation attack
tools
Countermeasures
V Intellectual Property
(IP) Theft
Introduction
Business Definition
Threats of Intellectual Property Theft
Business Cheats, Cons and Crimes
Case Studies
Mumbai, India: Individual
Paris, France: Architecture Sector
Texas, USA: Agricultural Sector
Types of IP theft
Trojans
Working
Fadia’s Hot Picks for popular Trojan tools
Detection of Trojans
Countermeasures
Sniffers
Fadia’s Hot Picks for Packet Sniffing Software
Detection Methods
Countermeasures
Keyloggers
Working
Fadia’s Hot Picks for Keylogging Software
Countermeasures
Spyware Software
Countermeasures
Traditional Data Hiding Techniques
The Power of the Inside Force
E-mail
Instant Messaging (IM)
FTP Uploads
Steganography
Fadia’s Hot Picks for popular Steganography tools
Text Steganography
Digital Cameras
Mobile Phones
Dumpster Diving
Shoulder Surfing
VI Instant Messenger
Threats
Introduction
Business Definition
Instant Messaging (IM) Threats
Business Cheats, Cons and Crimes
Case Studies
Canberra, Australia: Government Sector
Hong Kong: Real Estate Sector
The Art of Instant Messaging
IM and Privacy
IM Specific Vulnerabilities
MSN Messenger
ICQ Messenger
Yahoo Messenger
Fadia’s Hot Picks for popular IM attack tools
Countermeasures
Raw Fun
VII Social
Engineering Attacks
Introduction
Technical Definition
Business Definition
Business Cheats, Cons and Crimes
Case Studies
Singapore: Shipping Industry
California, USA: Education Industry
The Art of Social Engineering
Types of Social Engineering Attacks
Impersonation
Intimidation
Real Life Social Engineering
Fake Prompts
Countermeasures
VIII Identity Threats
Introduction
Business Definition
Business Cheats, Cons and Crimes
Case Studies
Shanghai, China: Financial Sector
Toronto, Canada: Software Sector
Types of Identity Threats
Proxy Servers
Proxy Bouncing
IP Spoofing Attacks
Onion Routing Attacks
Proxy Servers
Uses/Misuses
Wingates Torn Apart
Proxy Bouncing
Fadia’s Hot Picks for Proxy Servers
Countermeasures
IP Spoofing
Introduction
Challenges Faced
Networking Basics
Sequence Numbers
Trust Relationships
Exploit Trust Relationships
Fadia’s Hot Picks for Packet Generation Tools
Countermeasures
Onion Routing
IX Password Cracking
Attacks
Introduction
Business Definition
Business Cheats, Cons and Crimes
Case Studies
Taipei, Taiwan: Consumer Electronics Sector
Auckland, New Zealand: Individual
Different Password Cracking Attacks
Password Guessing
Default Passwords
Dictionary Based Attacks
Brute Force Attacks
Cracking Application Passwords
(Zip Passwords; Instant Messenger Passwords; Windows Login
Passwords; E-mail Client Passwords; PDF
File Passwords; Microsoft Office Passwords; All Windows
Passwords; Internet Explorer Passwords; File Maker Pro
Passwords; Web Passwords)
Cracking Windows NT passwords
Obtaining the SAM file
Cracking the Passwords
Countermeasures
Cracking UNIX passwords
Identifying and locating the Password Files
Unshadowing the Shadow
Cracking the passwords
Fadia’s Hot Picks for popular Password Cracking tools
Countermeasures
Appendix A: Default Passwords Torn Apart
Appendix B: Well Known Port Numbers
Appendix C: Country Codes
Appendix D: Trojan Port Numbers
|
|
Ankit Fadiaa is an independent Computer Security and Digital
Intelligence Consultant and has definitive experience in the field
of computers. He has authored several best-selling books on Computer
Security, which have been appreciated by professionals and industry
leaders, all over the world. His books sold a record 80,000 copies
across the globe. Fadia is also a widely recognized cyber terrorism
expert.
Fadia is however, more well known for his significant work in the
field of digital intelligence, security consultancy and training.
Moreover, Fadia has also conducted more than a 100 training sessions
on various topics related to Computer Security to an audience
comprising of international defense personnel, software
professionals and college students.
For his work in the field of computer security, Fadia has been
honoured with numerous awards namely: Person of The Year 2002, Limca
Book of Records, Silicon India Person of the Week, Embassy State
Award, Best Speaker Award (3 occasions), Hall of Fame Award,
Outstanding Young Achiever’s Award, Student of the Year 2002-03 and
many more.
Quite recently, Fadia travelled to Australia, Singapore and Malaysia
where he addressed hundreds of CEO’s of various IT companies and
provided them solutions to protect their network and keep their data
safe. He has also been conducting a number of learning events for
Young Entrepreneurs and Young Presidents of the most successful
companies and businesses all across India.
Fadia is currently pursuing his studies in Computer Science with
specialization in Information Security at Stanford University, USA.
|
|
|
|
