Hacking for DummiesNew
Book Basic Info
Synopsis "Ethical hacking" is the process of entering into a hacker's mindset in order to spot system vulnerabilities by performing typical hacks in a controlled environment. This book helps security professionals understand how malicious users think and work, enabling administrators to defend their systems against attacks and to identify security vulnerabilities; shows readers how to approach their system security from the hacker's perspective and perform nondestructive penetration testing; helps the reader develop an ethical hacking plan, and examines typical attacks and how to counteract them; and guides readers through reporting vulnerabilities to upper management, managing security changes, automating the ethical hacking process, and training end-users to avoid being victimized.
While you re reading this, a hacker could be prying and spying his way into your company s IT systems, sabotaging your operations, stealing confidential information, shutting down your Web site, or wreaking havoc in other diabolical ways. Hackers For Dummies helps you hack into a hacker s mindset and take security precautions to help you avoid a hack attack. It outlines computer hacker tricks and techniques you can use to assess the security of your own information systems, find security vulnerabilities, and fix them before malicious and criminal hackers can exploit them. It covers: - Hacking methodology and researching public information to see what a hacker can quickly learn about your operations - Social engineering (how hackers manipulate employees to gain information and access), physical security, and password vulnerabilities - Network infrastructure, including port scanners, SNMP scanning, banner grabbing, scanning, and wireless LAN vulnerabilities - Operating systems, including Windows, Linux, and Novell NetWare - Application hacking, including malware (Trojan horses, viruses, worms, rootkits, logic bombs, and more), e–mail and instant messaging, and Web applications - Tests, tools (commercial, shareware, and freeware), and techniques that offer the most bang for your ethical hacking buck
With this guide you can develop and implement a comprehensive security assessment plan, get essential support from management, test your system for vulnerabilities, take countermeasures, and protect your network infrastructure. You discover how to beat hackers at their own game, with:
- A hacking toolkit, including War dialing software, password cracking software, network scanning software, network vulnerability assessment software, a network analyzer, a Web application assessment tool, and more - All kinds of countermeasures and ways to plug security holes - A list of more than 100 security sites, tools, and resources
Ethical hacking helps you fight hacking with hacking, pinpoint security flaws within your systems, and implement countermeasures. Complete with tons of screen shots, step–by–step instructions for some countermeasures, and actual case studies from IT security professionals, this is an invaluable guide, whether you re an Internet security professional, part of a penetration–testing team, or in charge of IT security for a large or small business.
From the Back Cover Find out if your system is vulnerable to hack attacks! "The coverage of security topics in this book can help you avoid a hack attack." Stuart McClure
"To catch a thief, think like a thief." Here’s the guide that will help you do just that! It shows you how to become a "white hat hacker," exploring your own system for vulnerabilities the unscrupulous hacker could exploit. And it’s loaded with tips, suggestions, and recommendations to help you plug any holes you find.
The Dummies Way
Explanations in plain English "Get in, get out" information Icons and other navigational aids Tear–out cheat sheet Top ten lists A dash of humor and fun Discover how to: - Recognize and counter common hack attacks - Gain support for your security plan - Test the security of Windows®, Linux®, NetWare®, and more - Report your finds to upper management - Protect your network infrastructure
About the Author As founder and principal consultant of Principle Logic, LLC, Kevin Beaver has over 16 years of experience in IT and specializes in information security. Before starting his own information security services business, Kevin served in various information technology and security roles for several Fortune 500 corporations and a variety of consulting, e-commerce, and educational institutions. In addition to ethical hacking, his areas of information security expertise include network and wireless network security, e-mail and instant messaging security, and incident response
Kevin is also author of the book The Definitive Guide to Email Management and Security by Realtimepublishers.com and co-author of the book The Practical Guide to HIPAA Privacy and Security Compliance by Auerbach Publications. In addition, he is technical editor of the book Network Security For Dummies by Wiley Publishing, and a contributing author and editor of the book Healthcare Information Systems, 2nd ed. by Auerbach Publications.
Kevin is a regular columnist and information security expert advisor for SearchSecurity.com and SearchMobileComputing.com and is a Security Clinic Expert for ITsecurity.com. In addition, his information security work has been published in Information Security Magazine, HIMSS Journal of Healthcare Information Management, Advance for Health Information Executives as well as on SecurityFocus.com. Kevin is an information security instructor for the Southeast Cybercrime Institute and also frequently speaks on information security at various workshops and conferences around the U.S. including TechTarget’s Decisions conferences, CSI, and the Southeast Cybercrime Summit.
Kevin is the founder and president of the Technology Association of Georgia’s Information Security Society and serves as an IT advisory board member for several universities and companies around the southeast. Kevin earned his bachelor’s degree in Computer Engineering Technology from Southern Polytechnic State University and his master’s degree in Management of Technology from Georgia Tech. He also holds CISSP, MCSE, Master CNE, and IT Project+ certifications. Kevin can be reached at firstname.lastname@example.org.