Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions, Third Edition

Cover
McGraw Hill Professional, 25.12.2007 - 451 Seiten
6 Rezensionen

The latest Windows security attack and defense strategies

"Securing Windows begins with reading this book." --James Costello (CISSP) IT Security Specialist, Honeywell

Meet the challenges of Windows security with the exclusive Hacking Exposed "attack-countermeasure" approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in Windows XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors' and contributors' many years as security professionals hired to break into the world's largest IT infrastructures. Dramatically improve the security of Microsoft technology deployments of all sizes when you learn to:

  • Establish business relevance and context for security by highlighting real-world risks
  • Take a tour of the Windows security architecture from the hacker's perspective, exposing old and new vulnerabilities that can easily be avoided
  • Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries, and Google searches to locate vulnerable Windows systems
  • Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques
  • Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing, rogue server/man-in-the-middle attacks, and cracking vulnerable services
  • See up close how professional hackers reverse engineer and develop new Windows exploits
  • Identify and eliminate rootkits, malware, and stealth software
  • Fortify SQL Server against external and insider attacks
  • Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats
  • Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control, the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization
 

Was andere dazu sagen - Rezension schreiben

Es wurden keine Rezensionen gefunden.

Inhalt

1 Information Security Basics
1
2 The Windows Security Architecture from the Hackers Perspective
15
3 Footprinting and Scanning
53
4 Enumeration
73
5 Hacking WindowsSpecific Services
115
6 Discovering and Exploiting Windows Vulnerabilities
165
7 PostExploit Pillaging
185
8 Achieving Stealth and Maintaining Presence
225
9 Hacking SQL Server
273
10 Hacking Microsoft Client Apps
317
11 Physical Attacks
345
12 Windows Security Features and Tools
367
Windows Security Checklist
405
About the Companion Website
421
Index
423
Urheberrecht

Häufige Begriffe und Wortgruppen

Beliebte Passagen

Seite 59 - Packets: Sent = 4, Received = 4, Lost = 0 (0% loss). Approximate round trip times in milliseconds: Minimum...
Seite 92 - Querying Controller \\mgmgrand USER INFO Username: Administrator Full Name: Comment: Built-in account for administering the computer/domain User Comment: User ID: 500 Primary Grp : 513 Privs : Admin Privs OperatorPrivs : No explicit OP Privs SYSTEM FLAGS (Flag dword is 66049) User's pwd never expires. MISC INFO Password age: Mon Apr 09 01:41:34 2001 LastLogon: Mon Apr 23 09:27:42 2001 LastLogoff: Thu Jan 01 00:00:00 1970...
Seite 26 - DNS clients who are permitted to perform dynamic updates on behalf of some other clients (such as DHCP servers...
Seite 99 - Network Access Do not allow anonymous enumeration of SAM accounts Network Access Do not allow anonymous enumeration of SAM accounts and shares Network Access Let Everyone permissions apply to anonymous users Network Access Named pipes that can be accessed anonymously Network Access Remotely accessible Registry paths Network Access Remotely accessible Registry paths and subpaths Network Access Restrict anonymous access to named pipes and shares Network Access Shares that can be accessed anonymously...
Seite 20 - Number of subauthorities is 5 Domain is WINDOWSNT Length of SID in memory is 28 bytes Type of SID is SidTypeGroup This tells us the SID for the machine, the string of numbers beginning with Sl, separated by hyphens.
Seite 81 - If you must allow access to NBNS, the only way to prevent user data from appearing in NetBIOS Name Table dumps is to disable the Alerter and Messenger services on individual hosts. The startup behavior for these services can be configured through the Services Control Panel.
Seite 76 - C:\>net view /domain : corleone Server Name Remark \\VITO Make him an offer he can't refuse \\MICHAEL Nothing personal \\SONNY Badda bing badda boom \\FREDO I'm smart \\CONNIE Don't forget the cannoli Again, net view requires access to NBNS across all networks that are to be enumerated, which means it typically only works against the local network segment. If NBNS is routed over TCP/IP, net view can enumerate Windows workgroups, domains, and hosts across...
Seite 39 - Securing the Windows NT Account Database This tool will allow you to configure the Accounts Database to enable additional encryption, further protecting the database from compromise Once enabled, this encryption cannot be disabled. f* Encryption Disabled (* Encryption Enabled OK Cancel ; Update...
Seite 191 - Windows 2000 IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS Suffix IP Address Subnet Mask : oc.cox.net : 192.168.0.9 : 255.255.255.0 The hack worked!
Seite 99 - Network access: Do not allow storage of credentials or .NET Passports for network...

Über den Autor (2007)

Joel Scambray, CISSP, is Chief Strategy Officer at Leviathan Security Group (leviathansecurity.com). His nearly 15 years of information security experience encompasses roles as a corporate leader (senior management positions at Microsoft and Ernst & Young), entrepreneur (co-founder of Foundstone), successful technical consultant for Fortune 500 firms, and internationally recognized speaker and author of multiple security books, including all five editions of Hacking Exposed: Network Security Secrets & Solutions.

Stuart McClure, CISSP, an independent computer security consultant, is one of today's leading authorities on information security. He was SVP of Global Threats and Research for McAfee where he led an elite global security team fighting the most vicious cyber attacks ever seen. Stuart is the coauthor of multiple security books, including all five editions of Hacking Exposed: Network Security Secrets & Solutions.

Bibliografische Informationen