IEEE DISTRIBUTED SYSTEMS ONLINE 1541-4922 © 2004 Published by the IEEE Computer Society, Vol. 5, No. 7; July 2004

Getting to Know Your Enemy

Héctor Zenil Chávez

Hacking Exposed: Network Security Secrets and Solutions, 4th edition By Stuart McClure, Joel Scambray, and George Kurtz 737 pages US$49.99 McGraw-Hill, 2003 ISBN 0-072-22742-7

I've read and reviewed other books from the Hacking Exposed series. The authors' example-driven style shows the tools and tactics of vulnerability assessment and penetration testing. Security experts will tell you that it's not enough to know how to update patches and turn off unnecessary services. You must also understand hackers' mindset, know the tools they like to use, and see your network from their perspective.

NO SURPRISE TO HACKERS

The book's transparency can be surprising for some people it gives public default passwords for routers and switches, among other things. But this is the sort of wake-up call that turns network administration into security. Some might argue that books like this only motivate and educate hackers. The truth is that hackers are already aware of the book's contents. Hacking Exposed is designed for novice system administrators and managers who need to know their systems' risks and vulnerabilities and how to address them.

1IEEE Distributed Systems Online July 2004

Based on its predecessors, you can expect this edition to be a well-written book about computer hacking. Hacking Exposed, 4th edition describes techniques to attack and defend a wide variety of network assets. The authors provide detailed instructions and explanations for many security features and flaws in Unix variants, Linux, NetWare, PBXs (private branch exchanges), routers, firewalls, and Windows and Microsoft products (for example, SQL Server). The book offers balanced platform coverage

UNIX, Windows, and Novell and is somewhat biased toward the attacker side, just as the title promises. The book explains weaknesses in applications, giving attention to remote-control tools (such as Virtual Network Computing, Windows Terminal Server, and PCAnywhere), Web technologies (such as Microsoft Internet Information Server (MS-IIS), ColdFusion, ActiveX, Java, and database access with SQL Server), and file sharing/chat systems (such as Napster or Internet Relay Chat (IRC)). Among the new sections in the fourth edition are wireless security, format string vulnerabilities, Web hacking, and malicious hackers attacking clients, such as Web browsers.

The "What's New" section details the updates in this edition, which would be useful for those familiar with the series. The most noticeable and remarkable change is the reorganization of Windows-specific chapters, making it easy to read and find what you are looking for.

Many of the book's topics also appear in Hacking Windows 2000 Exposed and Hacking Linux Exposed. In fact, this book covers so many topics that it can't devote as much coverage as I would like on any one. For example, the sections on Unix and Windows hacking contain useful information, but they're better covered in other Hacking Exposed titles. The authors wisely direct readers to Hacking Exposed: Windows 2000 and Hacking Exposed: Web Applications for more in-depth discussions of attacking Windows.

AIMED AT PREVENTION

The book explains how to defend and attack specific programs, Web sites, voicemail, firewalls, and even individual Internet users. For each attack the book mentions, it describes the tools needed to carry out the attack, a high-level description of the attack strategy using the tools, and ways to protect against the attack. The book is aimed at someone who doesn't care how an attack works, only how to carry out or prevent it.

2IEEE Distributed Systems Online July 2004

From this book, you can expect to learn about

l Back channelsl Port redirectionl Banner grabbingl Buffer overflowsl Vulnerabilities on operating systems such as Windows, Unix flavors, and

Netwarel Web and TCP/IP vulnerabilitiesl SQL Server vulnerabilitiesl Remote system identificationl Vulnerability identificationl War dialersl Firewall circumventionl Denial-of-service attacks

The book comes with a great complimentary CD with an exposition from one of the authors. Also, the companion Web site, www.hackingexposed.com, includes the book's table of contents as well as other material.

CONCLUSION

This book is a good introduction for novice system administrators or programmers who want to know about tools to attack or protect systems. I recommend it as a general reference for administrators looking for a text, guide, and reference source to the many topics in this field.

Héctor Zenil Chávez is a mathematician at the National University of Mexico. Contact him at zenil@ciencias.unam.mx.

3IEEE Distributed Systems Online July 2004