1541-4922/04/$31.00 © 2004 IEEE
Published by the IEEE Computer Society
Getting to Know Your Enemy
Hacking Exposed: Network Security Secrets and Solutions, 4th edition
By Stuart McClure, Joel Scambray, and George Kurtz
I've read and reviewed other books from the Hacking Exposed series. The authors' example-driven style shows the tools and tactics of vulnerability assessment and penetration testing. Security experts will tell you that it's not enough to know how to update patches and turn off unnecessary services. You must also understand hackers' mindset, know the tools they like to use, and see your network from their perspective.
The book's transparency can be surprising for some people—it gives public default passwords for routers and switches, among other things. But this is the sort of wake-up call that turns network administration into security. Some might argue that books like this only motivate and educate hackers. The truth is that hackers are already aware of the book's contents. Hacking Exposed is designed for novice system administrators and managers who need to know their systems' risks and vulnerabilities and how to address them.
Based on its predecessors, you can expect this edition to be a well-written book about computer hacking. Hacking Exposed, 4th edition describes techniques to attack and defend a wide variety of network assets. The authors provide detailed instructions and explanations for many security features and flaws in Unix variants, Linux, NetWare, PBXs ( private branch e xchanges), routers, firewalls, and Windows and Microsoft products (for example, SQL Server). The book offers balanced platform coverage—UNIX, Windows, and Novell—and is somewhat biased toward the attacker side, just as the title promises. The book explains weaknesses in applications, giving attention to remote-control tools (such as Virtual Network Computing, Windows Terminal Server, and PCAnywhere), Web technologies (such as Microsoft Internet Information Server (MS-IIS), ColdFusion, ActiveX, Java, and database access with SQL Server), and file sharing/chat systems (such as Napster or Internet Relay Chat (IRC)). Among the new sections in the fourth edition are wireless security, format string vulnerabilities, Web hacking, and malicious hackers attacking clients, such as Web browsers.
The "What's New" section details the updates in this edition, which would be useful for those familiar with the series. The most noticeable and remarkable change is the reorganization of Windows-specific chapters, making it easy to read and find what you are looking for.
Many of the book's topics also appear in Hacking Windows 2000 Exposed and Hacking Linux Exposed. In fact, this book covers so many topics that it can't devote as much coverage as I would like on any one. For example, the sections on Unix and Windows hacking contain useful information, but they're better covered in other Hacking Exposed titles. The authors wisely direct readers to Hacking Exposed: Windows 2000 and Hacking Exposed: Web Applications for more in-depth discussions of attacking Windows.
The book explains how to defend and attack specific programs, Web sites, voicemail, firewalls, and even individual Internet users. For each attack the book mentions, it describes the tools needed to carry out the attack, a high-level description of the attack strategy using the tools, and ways to protect against the attack. The book is aimed at someone who doesn't care how an attack works, only how to carry out or prevent it.
From this book, you can expect to learn about
• Back channels
• Port redirection
• Banner grabbing
• Buffer overflows
• Vulnerabilities on operating systems such as Windows, Unix flavors, and Netware
• Web and TCP/IP vulnerabilities
• SQL Server vulnerabilities
• Remote system identification
• Vulnerability identification
• War dialers
• Firewall circumvention
• Denial-of-service attacks
The book comes with a great complimentary CD with an exposition from one of the authors. Also, the companion Web site, www.hackingexposed.com, includes the book's table of contents as well as other material.
This book is a good introduction for novice system administrators or programmers who want to know about tools to attack or protect systems. I recommend it as a general reference for administrators looking for a text, guide, and reference source to the many topics in this field.
Héctor Zenil Chávez
is a mathematician at the National University of Mexico. Contact him at firstname.lastname@example.org.