Stealing the Network: How to Own the Box

Features

• Cover Type: Paperback with 330 pages
• Published by: Syngress
• Edition: 1st Edition April 1, 2003
• Written in: English
• ISBN 10 Number: 1931836876
• ISBN 13 Number: 978-1931836876
• Book Dimensions: 9.1 x 7.5 x 0.8 inches
• Weighs: 1.4 pounds

Product Review
Stealing the Network is a book of science fiction. It's a series of short stories about characters who gain unauthorized access to equipment and information, or deny use of those resources to the people who are meant to have access to them. The characters, though sometimes well described, are not the stars of these stories. That honor belongs to the tools that the black-hat hackers use in their attacks, and also to the defensive measures arrayed against them by the hapless sysadmins who, in this volume, always lose. Consider this book, with its plentiful detail, the answer to every pretty but functionally half-baked user interface ever shown in a feature film.

One can read this book for entertainment, though its writing falls well short of cyberpunk classics like Burning Chrome and Snow Crash. Its value is in its explicit references to current technologies--Cisco routers, OpenSSH, Windows 2000--and specific techniques for hacking them (the heroes and heroines of this book are always generous with command-history dumps). The specific detail may open your eyes to weaknesses in your own systems (or give you some ideas for, ahem, looking around on the network). Alternately, you can just enjoy the extra realism that the detail adds to these stories of packetized adventure. --David Wall

Product Review
"Stealing the Network: How to Own the Box is a unique book in the fiction department. It combines stories that are false, with technology that is real. While none of the stories have happened, there is no reason why they could not. You could argue it provides a road map for criminal hackers, but I say it does something else; it provides a glimpse into the creative minds of some of today's best hackers, and even the best hackers will tell you that the game is a mental one." - from the foreword by Jeff Moss, President & CEO, BlackHat, Inc. "the reader will find this an informative, instructive and even entertaining book." - Managing Risk magazine

Stealing the Network is a refreshing change from more traditional computer books -- Slashdot.org, June 4, 2003

Reader Reviews
I saw this book on the shelves and started flipping through it. Next thing I know it was a half hour later and I was still sitting on the floor with the same book in my lap. In particular I wanted to read the chapter about H3x's adventure in networkland, since it seemed the most intriguing. She's a sexy female hacker that hits nightclubs and has a neon social life - so already we know the story is fiction, right? I noticed that the author of one of the chapters posted a review. I didn't pay attention to which chapter and don't have the book in front of me, but he states that all the methods used are possible. Well, you can't have a technical book without subjecting it to technical scrutiny. Here's where the meat of my review weighs in: H3x's adventures sometimes make no sense, and other times are technically wrong. Let me explain. First she realizes the changes she made on the routers at a university were logged to a syslog server, so she hacks that to cover her tracks by taking out the network address she used. Nevermind that she configured the routers to point a GRE tunnel to her home network, and then set "0wn3d" (or something similar) as the interface desription. Isn't that like sneaking tiptoe through a house late at night with a blaring stereo on your shoulders? And what kind of pipe would be going into her home to be able to keep up with an ethernet connection on a campus network? At this point everything is still technically possible, although somewhat unbelievable. Still - this is fiction after all. The administrators catch wind of this and do all the obligatory password and community string changes, tightening of security with access lists and pant-wetting. Discovering H3x can no longer get in through the front door, she whips up some java which acts as a UDP proxy and tosses it on a network printer. Using this she is able to bypass some access lists and TFTP the configurations off the Cisco routers - and here's the kicker - without needing community strings. Unfortunately, this just is not technically possible. I'd be curious to see what other technical reviewers have to say about the books merits. Again, it's a fascinating read but you may want to take some of the stories with a grain of salt. The landmine heist is another vastly entertaining story that bleeds into the absurd at times. Read the book and let others know what you think of it!