Suchen und Finden
Service
Hack the Stack - Using Snort and Ethereal to Master The 8 Layers of An Insecure Network
Stephen Watkins, George Mays, Chris Ries
Verlag Elsevier Reference Monographs, 2006
ISBN 9780080507743
Format PDF, ePUB, OL
Kopierschutz DRM
Geräte
Front Cover
1
Hack The Stack: Using Snort and Ethereal to Master The 8 Layers of an Insecure Network
6
Copyright Page
7
Contents
14
Foreword
26
Chapter 1. Extending OSI to Network Security
28
Introduction
29
Our Approach to This Book
29
Common Stack Attacks
35
Mapping OSI to TCP/IP
40
The Current State of IT Security
43
Using the Information in This Book
46
Summary
50
Solutions Fast Track
50
Frequently Asked Questions
52
Chapter 2. The Physical Layer
54
Introduction
55
Defending the Physical Layer
55
Attacking the Physical Layer
74
Layer 1 Security Project
91
Summary
92
Solutions Fast Track
93
Frequently Asked Questions
94
Chapter 3. Layer 2: The Data Link Layer
96
Introduction
97
Ethernet and the Data Link Layer
97
Understanding PPP and SLIP
100
Working with a Protocol Analyzer
102
Understanding How ARP Works
109
Attacking the Data Link Layer
111
Defending the Data Link Layer
118
SecuringYour Network from Sniffers
118
Employing Detection Techniques
120
Data Link Layer Security Project
122
Using the Auditor Security Collection to Crack WEP
122
Summary
126
Solutions Fast Track
126
Frequently Asked Questions
128
Chapter 4. Layer 3: The Network Layer
130
Introduction
131
The IP Packet Structure
131
The ICMP Packet Structure
145
Attacking the Network Layer
150
Defending the Network Layer
167
Network Layer Security Project
170
Summary
173
Solutions Fast Track
173
Frequently Asked Questions
176
Chapter 5. Layer 4: The Transport Layer
178
Introduction
179
Connection-Oriented versus Connectionless Protocols
179
Protocols at the Transport Layer
180
The Hacker's Perspective
189
Scanning the Network
190
Operating System Fingerprinting
200
Detecting Scans on Your Network
208
Defending the Transport Layer
210
Transport Layer Project—Setting Up Snort
214
Summary
227
Solutions Fast Track
227
Frequently Asked Questions
229
Chapter 6. Layer 5: The Session Layer
232
Introduction
233
Attacking the Session Layer
233
Defending the Session Layer
254
Session Layer Security Project
259
Summary
264
Solutions Fast Track
264
Frequently Asked Questions
266
Chapter 7. Layer 6: The Presentation Layer
268
Introduction
269
The Structure of NetBIOS and SMB
269
Attacking the Presentation Layer
272
Defending the Presentation Layer
293
Presentation Layer Security Project
301
Summary
307
Solutions Fast Track
307
Frequently Asked Questions
309
Notes
310
Chapter 8. Layer 7: The Application Layer
312
Introduction
313
The Structure of FTP
313
Analyzing Domain Name System and Its Weaknesses
319
Other Insecure Application Layer Protocols
326
Attacking the Application Layer
330
Defending the Application Layer
363
Nessus
373
Application-Layer Security Project: Using Nessus to Secure the Stack
374
Summary
377
Solutions Fast Track
377
Frequently Asked Questions
379
Chapter 9. Layer 8: The People Layer
380
Introduction
381
Attacking the People Layer
381
Defending the People Layer
402
Making the Case for Stronger Security
417
People Layer Security Project
422
Summary
425
Solutions Fast Track
425
Frequently Asked Questions
426
Appendix A. Risk Mitigation: Securing the Stack
428
Introduction
429
Physical
429
Data Link
430
Network
431
Transport
432
Session
432
Presentation
433
Application
433
People
447
Summary
449
Index
450
Service
Shop