Features
- Cover Type: Paperback with 400 pages
- Published by: McGraw-Hill Osborne Media
- Edition: 3rd Edition April 25, 2006
- Written in: English
- ISBN 10 Number: 0072263040
- ISBN 13 Number: 978-0072263046
-
Book Dimensions:
9.1 x 7.4 x 1 inches
- Weighs: 1.5 pounds
Product Description
The stories about phishing attacks against banks are so true-to-life, it’s chilling.” --Joel Dubin, CISSP, Microsoft MVP in Security Every day, hackers are devising new ways to break into your network. Do you have what it takes to stop them? Find out in
Hacker’s Challenge 3. Inside, top-tier security experts offer twenty brand-new, real-world network security incidents to test your computer forensics and response skills. All the latest hot-button topics are covered, including phishing and pharming scams, internal corporate hacking, Cisco IOS, wireless, iSCSI storage, VoIP, Windows, Mac OS X, and UNIX/Linux hacks, and much more. Each challenge includes a detailed explanation of the incident--how the break-in was detected, evidence and clues, technical background such as log files and network maps, and a series of questions for you to solve. In Part II, you’ll get a detailed analysis of how the experts solved each incident.
Back Cover Copy
The stories about phishing attacks against banks are so true-to-life, it’s chilling.” --Joel Dubin, CISSP, Microsoft MVP in Security Every day, hackers are devising new ways to break into your network. Do you have what it takes to stop them? Find out in
Hacker’s Challenge 3. Inside, top-tier security experts offer twenty brand-new, real-world network security incidents to test your computer forensics and response skills. All the latest hot-button topics are covered, including phishing and pharming scams, internal corporate hacking, Cisco IOS, wireless, iSCSI storage, VoIP, Windows, Mac OS X, and UNIX/Linux hacks, and much more. Each challenge includes a detailed explanation of the incident--how the break-in was detected, evidence and clues, technical background such as log files and network maps, and a series of questions for you to solve. In Part II, you’ll get a detailed analysis of how the experts solved each incident.
Exerpt from “Big Bait, Big Phish”:
The Challenge: “Could you find out what’s going on with the gobi web server? Customer order e-mails aren’t being sent out, and the thing’s chugging under a big load…” Rob e-mailed the development team reminding them not to send marketing e-mails from the gobi web server…. “Customer service is worried about some issue with tons of disputed false orders….” Rob noticed a suspicious pattern with the “false” orders: they were all being delivered to the same P.O. box…He decided to investigate the access logs. An external JavaScript file being referenced seemed especially strange, so he tested to see if he could access it himself…. The attacker was manipulating the link parameter of the login.pl application. Rob needed to see the server side script that generated the login.pl page to determine the purpose….
The Solution: After reviewing the log files included in the challenge, propose your assessment: What is the significance of the attacker’s JavaScript file? What was an early clue that Rob missed that might have alerted him to something being amiss? What are some different ways the attacker could have delivered the payload? Who is this attack ultimately targeted against? Then, turn to the experts' answers to find out what really happened.
Reader ReviewsI've been looking for a resource that would be useful as a recommendation to the students in my wireless training classes. There've been plenty teaching wireless security and penetration philosophically, but I wanted a practical - get your hands dirty - approach. It's here! Hackers Challenge 3 contains a great "case study" of a hack attack on a wireless network and gives you the insights you need to analyze such an attack. In addition, you get information related to other newer attacks like phishing, VoIP vulnerabilities and social engineering. This is a great book and MUST be in every security technician's library. Tom Carpenter, Author: Wireless@ Certification Official Study Guide, CWSP Certification Official Study Guide, and Foundations of Effectiveness.
Search for books at
