Anti-Hacker Tool Kit, Third Edition

Features

• Cover Type: Paperback with 799 pages
• Published by: McGraw-Hill Osborne Media
• Edition: 3rd Edition February 9, 2006
• Written in: English
• ISBN 10 Number: 0072262877
• ISBN 13 Number: 978-0072262872
• Book Dimensions: 9.1 x 7.3 x 2 inches
• Weighs: 3 pounds

Product Description
Stop hackers in their tracks

Organized by category, Anti-Hacker Tool Kit, Third Edition provides complete details on the latest and most critical security tools, explains their function, and demonstrates how to configure them to get the best results.

• Completely revised to include the latest security tools, including wireless tools
• New tips on how to configure the recent tools on Linux, Windows, and Mac OSX
• New on the CD-ROM -- Gnoppix, a complete Linux system, ClamAV anti-virus, Cain, a multi-function hacking tool, Bluetooth tools, protocol scanners, forensic tools, and more
• New case studies in each chapter

Back Cover Copy
THWART THE LATEST DISASTROUS ATTACKS

Mount a comprehensive, proactive defense against the most sinister cyber-criminals using the tricks and techniques contained in this unique resource. Fully updated to include the latest weapons in the security experts; arsenal, Anti-Hacker Tool Kit, Third Edition provides all the information you'll need to lock down your network from the ground up. Logically organized by category, each tool's function, installation, and configuration is fully described, alongside screenshots and code examples. Brand-new examples and in-depth case studies detail how to implement each vital tool in real-world situations.

Explains how to configure and use these and other key tools:

• MULTIFUNCTIONAL UTILITIES: Netcat, Cryptcat, Sbd
• PORT SCANNERS: Nmap, THC-Amap,IPEye
• EMULATORS: VMware, Virtual PC, Gnoppix, Cygwin
• ENUMERATORS: Samba, Winfingerprint, PsTools, HFNetChk
• WEB HACKING APPLICATIONS: Nikto, LibWhisker, Paros, Burp
• PASSWORD CRACKERS AND BRUTE-FORCE TOOLS: John the Ripper, LophtCrack, THC-Hydra, PwDump
• WAR DIALERS: ToneLoc, THC-Scan
• HOST HARDENING APPLICATIONS: Clamav, Titan, Msec
• BACKDOORS AND REMOTE ACCESS: VNC, Netbus, Back Orifice, SubSeven, Loki, Knark
• AUDITING TOOLS: Flawfinder, RATS, Nessus, STAT, Tripwire
• PORT REDIRECTERS: Datapipe, FPipe, WinRelay
• SNIFFERS: BUTTSniffer, WinDump, Ethereal, Dsniff, Snort
• WIRELESS TOOLS: NetSlumber, TCPsic, ICMpsic, Iptest
• FORENSIC UTILITIES: dd, EnCase, Sleuth Kit, Vnode, WinHex

Reader Reviews
I reviewed the first edition "Anti-Hacker Tool Kit" (AHT:1E) in August 2002, and the second edition (AHT:2E) in June 2004. AHT:3E was published in February 2006. I continue to like AHT, because it addresses many of the tools an operational security professional should know how to use. I'll point out the differences between AHT:2E and AHT:3E, then offer some suggestions for AHT:4E. The introduction lists the same "changes in the third edition" that are listed in AHT:2E. I would expect this part of AHT:3E to be different from AHT:2E! Ch 1 adds Netcat6 and mentions SBD. Ch 3 adds Virtual PC and Gnoppix. Ch 4 drops NetScan Tools, SuperScan, and Udp_scan. Ch 5 is updated to talk about Win XP SP2 and Win 2k3 Server. Ch 6 drops HFNetChk but adds MBSAv2 and updates Winfingerprint to 0.6.2. Ch 7 adds Libwhisker and Burp, while dropping Stealth, Achilles, and WebSleuth. Ch 8 drops PassFilt.dll and adds PWDump3 and PWDump4. Ch 9 adds Clamav. Ch 12 drops STAT, Retina, and Internet Scanner, and adds Cain and Able. Ch 18 adds Shokdial. Ch 21 adds FTK Imager and SMART. Ch 22 adds Dcfldd and Split. Ch 24 adds ReadPST, ReadDBX, Encase Forensic, FTK, NetAnalysis, and Web Historian. Ch 25 drops Xvi32. Ch 26 is entirely new, albeit 8 pages. The following chapters were largely the same: 2, 10, 11, 13-17, 19, 20, and 23. A few may have had a new case study or a minor tweak. Security pro Mike Shema seems to have done a lot of the work revising old material. You can see his command prompt and tool output timestamps showing references to mid-2005. However, old material from AHT:1E remains, like talk of FreeBSD 4.3 BETA and Red Hat Linux 6.1 (kernel 2.2.12) in Ch 1. The Vnode discussion on pp 653-4 no longer works on FreeBSD, but I posted a new method to my blog. I believe AHT:3E would merit a fifth star if it dropped clearly old material and beefed up its newer sections. For example, AHT:3E spends 17 pages explaining Tripwire (free and commercial), despite the use of newer open source alternative like Osiris, AIDE, or Samhain. AHT:3E devotes almost twenty pages to really old back doors and remote access tools like Netbus, Back Orifice, SubSeven, and Loki. The book includes ten pages on Ipchains, which went out of style years ago. I think sections like those should be cut entirely, or maybe moved onto a CD-ROM or Web site, to make room for more detail on Cain and Able and other newer projects. Overall, I still like AHT:3E, but I would like to see a more thorough scrub in AHT:4E. If you don't have AHT:2E or AHT:1E, you should buy AHT:3E. If you have either of those books, you might want to wait for AHT:4E.