McGraw-Hill Education Europe

Introduction

This new edition of Hacking Exposed features completely up-to-date coverage of today's most devastating hacks and how to prevent them. Using real-world case studies, renowned security experts Stuart McClure, Joel Scambray, and George Kurtz explain how hackers exploit network security holes and what IT professionals can do to recognize and block oncoming attacks. Coverage includes:

Code hacking methods and countermeasures

New exploits for Windows 2003 Server, UNIX/Linux, Cisco, Apache, and Web and wireless applications

Latest DDoS techniques -- zombies, Blaster, MyDoom

All new class of vulnerabilities -- HTTP Response Splitting

Internet client attacks, including phishing

Description

?The seminal book on white-hat hacking and countermeasures... Should be required reading for anyone with a server or a network to secure.? --Bill Machrone, PC Magazine

"The definitive compendium of intruder practices and tools." --Steve Steinke, Network Magazine

"For almost any computer book, you can find a clone. But not this one... A one-of-a-kind study of the art of breaking in." --UNIX Review

Here is the latest edition of international best-seller, Hacking Exposed. Using real-world case studies, renowned security experts Stuart McClure, Joel Scambray, and George Kurtz show IT professionals how to protect computers and networks against the most recent security vulnerabilities. You'll find detailed examples of the latest devious break-ins and will learn how to think like a hacker in order to thwart attacks. Coverage includes:

Code hacking methods and countermeasures
New exploits for Windows 2003 Server, UNIX/Linux, Cisco, Apache, and Web and wireless applications
Latest DDoS techniques--zombies, Blaster, MyDoom
All new class of vulnerabilities--HTTP Response Splitting
and much more

Key Features

Proven, cohesive, coherent methodology showing how a hacker thinks, to better educate those securing all parts of a network

This edition continues the tradition of a one-stop security information resource with dozens of professionally-vetted references and tips

New Web application hacking tools and techniques, as well as new Internet client attacks, and more

New case studies based on Fortune 500 security practices

Companion web site will be available with the most up-to-date security information

Author Biography

Stuart McClure (Ladera Ranch, CA) is Senior Vice President of Risk Management Engineering for McAfee, where he is responsible for driving product strategy and marketing for the McAfee Foundstone family of risk mitigation and management solutions. McAfee Foundstone saves countless millions in revenue and hours annually in recovering from hacker attacks, viruses, worms, and malware. Prior to his role at McAfee, Stuart was founder, president, and chief technology officer at Foundstone, Inc., which was acquired by McAfee in October 2004.
Widely recognized for his extensive and in-depth knowledge of security products, Stuart is considered one of the industry's leading authorities in information security today. A published and acclaimed security visionary, he brings many years of technology and executive leadership to McAfee Foundstone, along with profound technical, operational, and financial experience. At Foundstone, Stuart leads both product vision and strategy, and holds operational responsibilities for all technology development, support, and implementation. During his tenure, annual revenues grew over 100 percent every year since the company's inception in 1999.
In 1999, he took the lead in authoring Hacking Exposed: Network Security Secrets & Solutions, the best-selling computer-security book ever, with over 500,000 copies sold to date. Stuart also coauthored Hacking Exposed: WIndows 2000 (McGraw-Hill/Osborne, 2001) and Web Hacking: Attacks and Defense (Addison-Wesley, 2002).
Prior to Foundstone, Stuart held a variety of leadership positions in security and IT management, with Ernst & Young's National Security Profiling Team, two years as an industry analyst with InfoWorld's Test Center, five years as director of IT with both state and local California governments, two years as owner of an IT consultancy, and two years in IT with the University of Colorado, Boulder.
Stuary holds a bachelor's degree in psychology and philosophy, with an emphasis in computer science applications, from the University of Colorado, Boulder. He later earned numerous ceritifications, including ISC2's CISSP, Novell's CNE, and Check Point's CCSE.
Joel Scambray (Woodinville, WA) is Senior Director of Security for Microsoft's MSN.
George Kurtz (Conto de Caza, CA) is Senior Vice President of Risk Managemnt for McAfee.

They are all best-selling authors of all four previous editions of Hacking Exposed. McClure and Scambray also co-authored Hacking Exposed Windows 2000 and Hacking Exposed Windows Server 2003. Scambray co-authored Hacking Exposed Web Applications and Kurtz contributed to Hacking Exposed Linux.

Table of Contents

Part I: Casing the Establishment
Chapter 1: Footprinting
Chapter 2: Scanning
Chapter 3: Enumeration
Part II: System Hacking
Chapter 4: Hacking Windows
Chapter 5: Hacking UNIX
Chapter 6: Remote Connectivity and VoIP Hacking
Part III: Network Hacking
Chapter7: Network Devices
Chapter 8: Wireless Hacking
Chapter 9: Firewalls
Chapter 10: Denial of Service Attacks
Part IV: Software Hacking
Chapter 11: Hacking Code
Chapter 12: Web Hacking
Chapter 13: Hacking the Internet User
Part V: Appendices
A: Ports
B: Top 14 Security Vulnerabilities
Index

Reviews

Michael McLaughlin calls his new book "PHP Web Programming" an enabling book. I'd go further and call it a desert island book. It is the only thing you'd need to carry. It has much reference material strategically placed in the text, well thought out examples, and teaches how to build applications.

Want to know how to write an HTML form to do HTTP Authentication? Want to know about PHP's POSIX file function? Want to know how about the Oracle database architecture? What about PHP strings, objects, and error handling? Need to learn about Oracle's SQL, PL/SQL, LOBs, REF CURSORS...? Want to know how to use Oracle's BULK COLLECT functionality to improve performance? Or simply need to install Oracle, PHP and Apache for the first time and create a web page? It's all here.

The book comes complete with a CD containing all necessary software for Windows and Linux. This includes the Oracle Database 10g Express Edition, Zend Core for Oracle's PHP stack, and the Apache web server. The CD also contains the extensive sample code and lots of useful documentation.

The author's solid-gold pedigree with Oracle technologies includes working at Oracle and writing "Expert Oracle PL/SQL" for Oracle Press. This experience shows. But the Oracle-centricity of the author does not impact the PHP aspect of PHP Web Programming. The first half of its 700+ pages is devoted purely to PHP. His current position as a professor at Brigham Young University brings a thoroughness to the text, and, no doubt, his students were helpful in developing ideas.

This fully-featured book will expand everyone's knowledge of Oracle and PHP.

Disclaimer: This is an Oracle Press book and obviously associated with my employer. I reviewed an early contents list and have been acknowledged in the book.