Aggressive Network Self-Defense

Features

• Cover Type: Paperback with 448 pages
• Published by: Syngress
• Edition: 1st Edition February 1, 2005
• Written in: English
• ISBN 10 Number: 1931836205
• ISBN 13 Number: 978-1931836203
• Book Dimensions: 9.1 x 7 x 1.1 inches
• Weighs: 1.3 pounds

Product Description
I'm Mad As Hell, and I'm Not Gonna Take it Anymore!

• Analyze the technical, legal, and financial ramifications of revolutionary and controversial network strike-back and active defense techniques.
• Follow the travails of eight system administrators who take cyber law into their own hands.
• See chillingly realistic examples of everything from a PDA to the MD5 hash being used as weapons in cyber dog fights.

There is a certain satisfaction for me in seeing this book published. When I presented my "strike-back" concept to the security community years ago, I was surprised by the ensuing criticism from my peers. I thought they would support our right to defend ourselves, and that the real challenge would be educating the general public. It was the other way around, however. This is why I'm happy to see Aggressive Network Self-Defense published. It shows that people are beginning to consider the reality of today's internet. Many issues are not black and white, right or wrong, legal or illegal. Some of the strike-back approaches in this book I support. Others, I outright disagree with. But that's good--it gives us the chance to truly think about each situation--and thinking is the most important part of the security business. Now is the time to analyze the technologies and consider the stories presented in this book before fiction becomes reality.--Timothy M. Mullen, CIO and Chief software Architect for AnchorIS.Com

• When the Worm Turns Analyze the technical and legal implications of "neutralizing" machines that propagate malicious worms across the Internet.
• Are You the Hunter or the Hunted? Discover for yourself how easy it is to cross the line from defender to aggressor, and understand the potential consequences.
• Reverse Engineer Working Trojans, Viruses, and Keyloggers Perform forensic analysis of malicious code attacking a Pocket PC to track down, identify, and strike back against the attacker.
• To Catch a Thief Track stolen software as it propagates through peer-to-peer networks and learn to bypass MD5 checksum verification to allow multiple generations of attackers to be traced.
• Learn the Definition of "Hostile Corporate Takeover" in Cyberspace Find out who will own the fictional Primulus Corporation as attacker and defender wage war.
• Understand the Active Defense Algorithm Model (ADAM) Analyze the primary considerations of implementing an active defense strategy in your organization: ethical, legal, unintended consequences, and risk validation.
• See What Can Happen when the Virtual World Meets the Real World Use keyloggers, Bluetooth device exploitation, and Windows forensics to discover if your cubicle mate has been stealing more than post-it notes.
• Where the Wild Things Are Follow along as a real-life "in-the-wild" format string bug is morphed into strike-back code that launches a listening shell on the attacker's own machine.
• Implement Passive Strike-Back Technologies Learn the strategy and implement the tools for responding to footprinting, network reconnaissance, vulnerability scanning, and exploit code.

Your Solutions Membership Gives You Access to: A comprehensive FAQ page that consolidates all of the key points of this book into an easy-to-search Web page "From the Author" forum where the authors post timely updates and links to related sites The complete code listings from the book Downloadable chapters from these best-selling books: Black Hat Physical Device Security Google Hacking for Penetration Testers Buffer Overflow Attacks: Detect, Exploit, Prevent Hacking a Terror Network: The Silent Threat of Covert Channels TABLE OF CONTENTS Part I Fictionalized Cases of Network Strike-Back, Self-Defense, and Revenge Chapter 1 PDA Perils: Revenge from the Palm of Your Hand Chapter 2 The Case of a WLAN Attacker: In the Booth Chapter 3 MD5: Exploiting the Generous Chapter 4 A VPN Victim's Story: Jack's Smirking Revenge Chapter 5 Network Protection: Cyber-Attacks Meet Physical Response Chapter 6 Network Insecurity: Taking Patch Management to the Masses Chapter 7 The Fight for the Primulus Network: Yaseen vs Nathan Chapter 8 Undermining the Network: A Breach of Trust Part II The Technologies and Concepts Behind Network Strike Back Chapter 9 ADAM: Active Defense Algorithm and Model Chapter ten Defending Your Right to Defend Chapter 11 MD5 to Be Considered Harmful Someday Chapter 12 When the Tables Turn: Passive Strike-Back 339

About The Author
Neil R. Wyler (JNCIS-FWV, JNCIA-SSL) is an Information Security Engineer and Researcher located on the Wasatch Front in Utah. He is the co-owner of two Utah-based businesses, which include a consulting firm with clients worldwide and a small software start-up. He is currently doing contract work for Juniper Networks, working with the companys Security Products Group. Neil is a staff member of the Black Hat Security Briefings and Def Con hacker conference. He has spoken at numerous security conferences and been the subject of various online, print, film, and television interviews regarding different areas of information security. He was the Lead Author and Technical Editor of Aggressive Network Self-Defense (Syngress, 1-931836-20-5) and serves on the advisory board for a local technical college.



Reader Reviews
'Aggressive Network Self-Defense' (ANSD) is another innovative Syngress book. It leaps beyond the theories of digital self-defense initially proposed by Tim Mullen in 2002. Tim tried to justify using 'neutralizing agents' to disable malicious processes (like Code Red or Nimda) on infected hosts attacking one's enterprise. ANSD does not speak of neutralizing agents in the eight fictional cases the comprise the bulk of the book, but those chapters make for thought-provoking reading. The first eight chapters present creative scenarios where digital strike-back may or may not be justified. Chapter 1 explains how a PDA user retaliates against a miscreant who installs a backdoor on his Pocket PC device. This is a highly technical section where ARM assembly language and virus creation are discussed. In chapter 2 a rogue wireless cafe employee sets up a man-in-the-middle attack to steal customer credit card data. Chapter 3 shows how a game developer retaliates against a software thief. Chapter 4 demonstrates the trouble in which a system administrator can find himself when he installs an unauthorized VPN connection. Chapter 5 -- probably my favorite -- describes hardware and software keyloggers, along with Bluetooth monitoring, to catch a college campus intruder. In chapter 6 two over-zealous administrators decide to patch any machines which attack their honeypots. Chapter 7 is another creative section, where attacker and defender fight for control of a network using unorthodox methods. In chapter 8, a security audit reveals a rogue member who tries to infiltrate a government agency. I liked all of these chapters. I had a slight problem following the logic in chapter 3, where it was unclear how the intruder compromised sshd to access the victim's system. In all other cases, I found the scenarios plausible and technically accurate. My only real concern with these chapters were many of the screen shots; most were far too small to make the text in the images legible. ANSD is weaker in the second half, as fiction makes way for discussions of strike-back. All four chapters are previously published material; three are available on the Web right now. I would have preferred more fictional case studies and fewer reprinted papers. The book cover seemed to indicate that legal concerns would be analyzed in the text, but I found nothing authoritative beyond the fate of a few fictional perpetrators. I recommend those considering digital strike-back read ANSD. Only one of the chapters is close to Tim Mullen's ideal, where neutralizing agents directly disable attacking processes on compromised systems. In many cases the activities of the protagonists in ANSD would land them in jail. In a few chapters, that is the explicit end result! ANSD is a thought-provoking exploration of digital strike-back. Its case study method would be appropriate in classes for security managers and other students.