Practical Hacking Techniques and Countermeasures
暫譯: 實用駭客技術與對策

Mark D. Spivey

Practical Hacking Techniques and Countermeasures
  • 出版商: Auerbach Publication
  • 出版日期: 2006-10-01
  • 售價: $4,390
  • 貴賓價: 9.5$4,171
  • 語言: 英文
  • 頁數: 752
  • 裝訂: Hardcover
  • ISBN: 0849370574
  • ISBN-13: 9780849370571
  • 相關分類: 駭客 Hack

    • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

相關主題

商品描述

Table of contents

 Preparation
  1 (62)
 Installing VMware Workstation
  3 (7)
 Configuring Virtual Machines
  10 (50)
 Installing a Virtual Windows 2000 Workstation
  11 (18)
 Installing VMware Tools for Windows 2000 Virtual Machines
  29 (6)
 Installing a Red Hat Version 8 Virtual Machine
  35 (20)
 Installing VMware Tools for Red Hat Virtual Machines
  55 (5)
 What Is on the CD?
  60 (1)
 Restrict Anonymous
  60 (3)
 To Restrict Anonymous
  60 (1)
 In Windows NT
  60 (1)
 For Windows XP, 2003
  60 (1)
 For Windows 2000
  61 (1)
 What Is the Difference?
  61 (2)
 Banner Identification
  63 (24)
 Lab 1: Banner Identification
  65 (2)
 Lab 2: Banner Identification
  67 (6)
 Lab 3: Banner Identification
  73 (2)
 Lab 4: Operating System Identification
  75 (4)
 Detect Operating System of Target: Xprobe2
 
 Lab 5: Banner Identification
  79 (5)
 Lab 6: Banner Identification
  84 (2)
 Lab 7: Personal Social Engineering
  86 (1)
 Social Engineering Techniques: Dumpster Diving/Personnel
 
 Target Enumeration
  87 (58)
 Lab 8: Establish a NULL Session
  89 (1)
 Establish a NULL Session: NULL Session
 
 Lab 9: Enumerate Target MAC Address
  90 (1)
 Enumerate MAC Address and Total NICs: GETMAC
 
 Lab 10: Enumerate SID from User ID
  91 (2)
 Enumerate the SID from the Username: USER2SID
 
 Lab 11: Enumerate User ID from SID
  93 (3)
 Enumerate the User name from the Known SID: SID2USER
 
 Lab 12: Enumerate User Information
  96 (1)
 Enumerate User Information from Target: USERDUMP
 
 Lab 13: Enumerate User Information
  97 (1)
 Exploit Data from Target Computer: USERINFO
 
 Lab 14: Enumerate User Information
  98 (4)
 Exploit User Information from Target: DUMPSEC
 
 Lab 15: Host/Domain Enumeration
  102 (3)
 Enumerate Hosts and Domains of LAN: Net Commands
 
 Lab 16: Target Connectivity? Route
  105 (2)
 Detect Target Connectivity: PingG
 
 Lab 17: Target Connectivity/Route
  107 (2)
 Connectivity/Routing Test: Pathping
 
 Lab 18: Operating System Identification
  109 (8)
 Identify Target Operating System: Nmap/nmapFE
 
 Lab 19: Operating System Identification
  117 (6)
 Identify Target Operating System: NmapNT
 
 Lab 20: IP/Hostname Enumeration
  123 (1)
 Enumerate IP or Hostname: Nslookup
 
 Lab 21: IP/Hostname Enumeration
  124 (1)
 Enumerate IP or Hostname: Nmblookup
 
 Lab 22: RPC Reporting
  125 (1)
 Report the RPC of Target: Rpcinfo
 
 Lab 23: Location/Registrant Identification
  126 (2)
 Gather Registration Info/Trace Visual Route: Visual Route
 
 Lab 24: Registrant Identification
  128 (3)
 Gather IP or Hostname: Sam Spade
 
 Lab 25: Operating System Identification
  131 (2)
 Gather OS Runtime and Registered IPs: Netcraft
 
 Lab 26: Operating System Identification
  133 (2)
 Scan Open Ports of Target: Sprint
 
 Lab 27: Default Shares
  135 (4)
 Disable Default Shares: Windows Operating System
 
 Lab 28: Host Enumeration
  139 (6)
 Scan Open Ports of Target: WinFingerprint
 
 Scanning
  145 (48)
 Lab 29: Target Scan/Share Enumeration
  147 (4)
 Scan Open Ports of Target: Angry IP
 
 Lab 30: Target Scan/Penetration
  151 (2)
 Scan Open Ports/Penetration Testing: LANguard
 
 Lab 31: Target Scan through Firewall
  153 (1)
 Scan Open Ports of Target: Fscan
 
 Lab 32: Passive Network Discovery
  154 (4)
 Passively Identify Target Information on the LAN: Passifist
 
 Lab 33: Network Discovery
  158 (3)
 Identify Target Information: LanSpy
 
 Lab 34: Open Ports/Services
  161 (2)
 Scan Open Ports/Services of Target: Netcat
 
 Lab 35: Port Scan/Service Identification
  163 (3)
 Scan Open Ports of Target: SuperScan
 
 Lab 36: Port Scanner
  166 (3)
 Identify Ports Open: Strobe
 
 Lab 37: Anonymous FTP Locator
  169 (2)
 Locate Anonymous FTP Servers: FTPScanner
 
 Lab 38: CGI Vulnerability Scanner
  171 (7)
 Identify CGI Vulnerabilities: TCS CGI Scanner
 
 Lab 39: Shared Resources Locator
  178 (9)
 Identify Open Shared Resources: Hydra
 
 Lab 40: Locate Wingate Proxy Servers
  187 (6)
 Locate Wingate Proxy Servers: WGateScan/ADM Gates
 
 Sniffing Traffic
  193 (68)
 Lab 41: Packet Capture --- Sniffer
  195 (18)
 Exploit Data from Network Traffic: Ethereal
 
 To Install Ethereal on a Red Hat Linux Computer
  196 (10)
 To Install Ethereal on Microsoft Windows
  206 (7)
 Lab 42: Packet Capture --- Sniffer
  213 (10)
 Exploit Data from Network Traffic: Ngrep
 
 For Linux
  213 (6)
 For Windows
  219 (4)
 Lab 43: Packet Capture --- Sniffer
  223 (7)
 Exploit Data from Network Traffic: TcpDump
 
 Lab 44: Packet Capture --- Sniffer
  230 (4)
 Exploit Data from Network Traffic: WinDump
 
 Lab 45: Packet Capture --- Sniffer
  234 (6)
 Monitor IP Network Traffic Flow: IPDump2
 
 For Linux
  234 (3)
 For Windows
  237 (3)
 Lab 46: Password Capture --- Sniffer
  240 (9)
 Exploit Passwords and Sniff the Network: ZxSniffer
 
 Lab 47: Exploit Data from Target Computer --- Sniffit
  249 (12)
 Spoofing
  261 (38)
 Lab 48: Spoofing IP Addresses
  263 (5)
 Send Packets via False IP Address: RafaleX
 
 Lab 49: Spoofing MAC Addresses
  268 (9)
 Send Packets via a False MAC Address: SMAC
 
 Lab 50: Spoofing MAC Addresses
  277 (7)
 Send Packets via a False MAC Address: Linux
 
 Lab 51: Packet Injection/Capture/Trace
  284 (11)
 Send Packets via a False IP/MAC Address: Packit
 
 Lab 52: Spoof MAC Address
  295 (4)
 Altering the MAC Address: VMware Workstation
 
 Brute Force
  299 (58)
 Lab 53: Brute-Force FTP Server
  301 (8)
 Crack an FTP Password: NETWOX/NETWAG
 
 Lab 54: Retrieve Password Hashes
  309 (4)
 Extract Password Hashes: FGDump
 
 Lab 55: Crack Password Hashes
  313 (12)
 Crack and Capture Password Hashes: LC5
 
 Lab 56: Overwrite Administrator Password
  325 (12)
 Change the Administrator Password: CHNTPW
 
 Lab 57: Brute-Force Passwords
  337 (9)
 Brute-Force Passwords for a Hashed File: John the Ripper
 
 Lab 58: Brute-Force FTP Password
  346 (8)
 Brute-Force an FTP Password Connection: BruteFTP
 
 Lab 59: Brute-Force Terminal Server
  354 (3)
 Brute-Force Terminal Server Passwords: TSGrinder II
 
 Vulnerability Scanning
  357 (154)
 Lab 60: Vulnerability Scanner
  359 (20)
 Perform Vulnerability Assessment: SAINT
 
 Lab 61: SNMP Walk
  379 (7)
 Exploit Data via SNMP Walk: NETWOX/NETWAG
 
 Lab 62: Brute-Force Community Strings
  386 (6)
 Exploit the SNMP Community Strings: Solar Winds
 
 Lab 63: Target Assessment
  392 (5)
 Assessment of Target Security: Retina
 
 Lab 64: Target Assessment
  397 (5)
 Assessment of Target Security: X-Scan
 
 Lab 65: Vulnerability Scanner
  402 (12)
 Perform Vulnerability Assessment: SARA
 
 Lab 66: Web Server Target Assessment
  414 (7)
 Assessment of Web Server Security: N-Stealth
 
 Lab 67: Vulnerability Scanner
  421 (8)
 Exploit Data from Target Computer: Pluto
 
 Lab 68: Vulnerability Assessment
  429 (22)
 Perform Vulnerability Assessment: Metasploit
 
 On Windows
  429 (12)
 On Linux
  441 (10)
 Lab 69: Web Server Target Assessment
  451 (4)
 Assessment of Web Server Security: Nikto
 
 Lab 70: Vulnerability Scanner
  455 (13)
 Assessment of Target Security: Shadow Scanner
 
 Lab 71: Internet Vulnerability Scanner
  468 (6)
 Assessment of Target Security: Cerberus
 
 Lab 72: WHAX --- Auto Exploit Reverse Shell
  474 (17)
 Automatically Exploit the Target: AutoScan
 
 Lab 73: Unique Fake Lock Screen XP
  491 (8)
 Grab the Administrator Password: Fake Lock Screen XP
 
 Lab 74: Bypassing Microsoft Serial Numbers
  499 (8)
 Bypassing Serial Number Protection: RockXP/Custom Script
 
 Lab 75: Vulnerability Exploit
  507 (4)
 Assessment of Target Security: Web Hack Control Center
 
 Wireless
  511 (92)
 Lab 76: Locate Unsecured Wireless
  513 (6)
 Locate Unsecured Wireless: NetStumbler/Mini-Stumbler
 
 Lab 77: Trojan
  519 (15)
 Unauthorized Access and Control: Back Orifice
 
 On the Target Computer
  519 (9)
 On the Attacker's Computer
  528 (6)
 Lab 78: Trojan
  534 (11)
 Unauthorized Access and Control: NetBus
 
 On the Target (Server)
  534 (6)
 On the Attacker's Computer
  540 (5)
 Lab 79: ICMP Tunnel Backdoor
  545 (8)
 Bidirectional Spoofed ICMP Tunnel: Sneaky-Sneaky
 
 On the Target (Server)
  545 (3)
 On the Attacker's Machine
  548 (5)
 Lab 80: Hiding Tools on the Target
  553 (3)
 Hiding Files on the Target: CP
 
 Scenario: Hiding Netcat inside the Calculator Application
  553 (2)
 To Verify
  555 (1)
 Lab 81: Capturing Switched Network Traffic
  556 (17)
 Intercept/Exploit Traffic: Ettercap
 
 Lab 82: Password Capture
  573 (1)
 Capture Passwords Traversing the Network: Dsniff
 
 Lab 83: Data Manipulation
  574 (14)
 Manipulate the Live Data Stream: Achilles
 
 Lab 84: Covert Reverse Telnet Session
  588 (8)
 Create a Reverse Telnet Session: Netcat
 
 Lab 85: Covert Channel --- Reverse Shell
  596 (7)
 Exploit Data from Target Computer: Reverse Shell
 
 Redirection
  603 (40)
 Lab 86: PortMapper
  605 (13)
 Traffic Redirection: PortMapper
 
 Lab 87: Executing Applications --- Elitewrap
  618 (9)
 Executing Hidden Applications: Elitewrap
 
 Lab 88: TCP Relay --- Bypass Firewalls
  627 (6)
 Traffic Redirection: Fpipe
 
 Lab 89: Remote Execution
  633 (5)
 Remote Execution on Target: PsExec
 
 Lab 90: TCP Relay --- Bypass Firewalls
  638 (5)
 Traffic Redirection: NETWOX/NETWAG
 
 Denial-of-Service (DoS)
  643 (28)
 Lab 91: Denial-of-Service --- Land Attack
  645 (5)
 DoS Land Attack: Land Attack
 
 Lab 92: Denial-of-Service --- Smurf Attack
  650 (5)
 DoS Smurf Attack: Smurf Attack
 
 Lab 93: Denial-of-Service --- SYN Attack
  655 (5)
 DoS Land Attack: SYN Attack
 
 Lab 94: Denial-of-Service --- UDP Flood
  660 (5)
 DoS UDP Flood Attack: UDP Flood Attack
 
 Lab 95: Denial-of-Service --- Trash2.c
  665 (6)
 Create Denial-of-Service Traffic: Trash2.c
 
Appendix A: References  671 (4)
Appendix B: Tool Syntax  675 (50)
Index  725

商品描述(中文翻譯)

目錄

準備
1 (62)
安裝 VMware Workstation
3 (7)
配置虛擬機
10 (50)
安裝虛擬 Windows 2000 工作站
11 (18)
為 Windows 2000 虛擬機安裝 VMware Tools
29 (6)
安裝 Red Hat 版本 8 虛擬機
35 (20)
為 Red Hat 虛擬機安裝 VMware Tools
55 (5)
光碟中包含什麼?
60 (1)
限制匿名
60 (3)
限制匿名
60 (1)
在 Windows NT 中
60 (1)
對於 Windows XP、2003
60 (1)
對於 Windows 2000
61 (1)
有什麼不同?
61 (2)
橫幅識別
63 (24)
實驗 1:橫幅識別
65 (2)
實驗 2:橫幅識別
67 (6)
實驗 3:橫幅識別
73 (2)
實驗 4:操作系統識別
75 (4)
檢測目標的操作系統:Xprobe2

實驗 5:橫幅識別
79 (5)
實驗 6:橫幅識別
84 (2)
實驗 7:個人社會工程
86 (1)
社會工程技術:垃圾桶潛水/人員

目標枚舉
87 (58)
實驗 8:建立 NULL 會話
89 (1)
建立 NULL 會話:NULL 會話

實驗 9:枚舉目標 MAC 地址
90 (1)
枚舉 MAC 地址和總 NIC 數:GETMAC

實驗 10:從用戶 ID 枚舉 SID
91 (2)
從用戶名枚舉 SID:USER2SID

實驗 11:從 SID 枚舉用戶 ID
93 (3)
從已知 SID 中枚舉用戶名:SID2USER

實驗 12:枚舉用戶信息
96 (1)
從目標中枚舉用戶信息:USERDUMP

實驗 13:枚舉用戶信息
97 (1)
從目標計算機中提取數據:USERINFO

實驗 14:枚舉用戶信息
98 (4)
從目標中提取用戶信息:DUMPSEC

實驗 15:主機/域枚舉
102 (3)
枚舉 LAN 的主機和域:Net 命令

實驗 16:目標連接性?路由
105 (2)
檢測目標連接性:PingG

實驗 17:目標連接性/路由
107 (2)
連接性/路由測試:Pathping

實驗 18:操作系統識別
109 (8)
識別目標操作系統:Nmap/nmapFE

實驗 19:操作系統識別
117 (6)
識別目標操作系統:NmapNT

實驗 20:IP/主機名枚舉
123 (1)
枚舉 IP 或主機名:Nslookup

實驗 21:IP/主機名枚舉
124 (1)
枚舉 IP 或主機名:Nmblookup

實驗 22:RPC 報告
125 (1)
報告目標的 RPC:Rpcinfo

實驗 23:位置/註冊人識別
126 (2)
收集註冊信息/追蹤視覺路徑:Visual Route

實驗 24:註冊人識別
128 (3)
收集 IP 或主機名:Sam Spade

實驗 25:操作系統識別
131 (2)
收集 OS 運行時和註冊 IP:Netcraft

實驗 26:操作系統識別
133 (2)
掃描目標的開放端口:Sprint

實驗 27:默認共享
135 (4)
禁用默認共享:Windows 操作系統

實驗 28:主機枚舉
139 (6)
掃描目標的開放端口:WinFingerprint

掃描
145 (48)
實驗 29:目標掃描/共享枚舉
147 (4)
掃描目標的開放端口:Angry IP

實驗 30:目標掃描/滲透
151 (2)
掃描開放端口/滲透測試:LANguard

實驗 31:通過防火牆的目標掃描
153 (1)
掃描目標的開放端口:Fscan

實驗 32:被動網絡發現
154 (4)
被動識別 LAN 上的目標信息:Passifist

實驗 33:網絡發現
158 (3)
識別目標信息:LanSpy

實驗 34:開放端口/服務
161 (2)
掃描目標的開放端口/服務:Netcat

實驗 35:端口掃描/服務識別
163 (3)
掃描目標的開放端口:SuperScan

實驗 36:端口掃描器
166 (3)
識別開放端口:Strobe

實驗 37:匿名 FTP 定位器
169 (2)
定位匿名 FTP 伺服器:FTPScanner

實驗 38:CGI 漏洞掃描器
171 (7)
識別 CGI 漏洞:TCS CGI Scanner

實驗 39:共享資源定位器
178 (9)
識別開放共享資源:Hydra

實驗 40:定位 Wingate 代理伺服器
187 (6)
定位 Wingate 代理伺服器:WGateScan/ADM Gates

嗅探流量
193 (68)
實驗 41:數據包捕獲 --- 嗅探器
195 (18)
從網絡流量中提取數據:Ethereal

在 Red Hat Linux 計算機上安裝 Ethereal
196 (10)
在 Microsoft Windows 上安裝 Ethereal
206 (7)

實驗 42:數據包捕獲 --- 嗅探器
213 (10)
從網絡流量中提取數據:Ngrep

對於 Linux
213 (6)
對於 Windows
219 (4)

實驗 43:數據包捕獲 --- 嗅探器
223 (7)
從網絡流量中提取數據:TcpDump

實驗 44:數據包捕獲 --- 嗅探器
230 (4)
從網絡流量中提取數據:WinDump

實驗 45:數據包捕獲 --- 嗅探器
234 (6)
監控 IP 網絡流量:IPDump2

對於 Linux
234 (3)
對於 Windows
237 (3)

實驗 46:密碼捕獲 --- 嗅探器
240 (9)
提取密碼並嗅探網絡:ZxSniffer

實驗 47:從目標計算機提取數據 --- Sniffit
249 (12)

欺騙
261 (38)
實驗 48:欺騙 IP 地址
263 (5)
通過虛假 IP 地址發送數據包:RafaleX

實驗 49:欺騙 MAC 地址
268 (9)
通過虛假 MAC 地址發送數據包:SMAC

實驗 50:欺騙 MAC 地址
277 (7)
通過虛假 MAC 地址發送數據包:Linux

實驗 51:數據包注入/捕獲/追蹤
284 (11)
通過虛假 IP/MAC 地址發送數據包:Packit

實驗 52:欺騙 MAC 地址
295 (4)
更改 MAC 地址:VMware Workstation

暴力破解
299 (58)
實驗 53:暴力破解 FTP 伺服器
301 (8)
破解 FTP 密碼:NETWOX/NETWAG

實驗 54:檢索密碼哈希
309 (4)
提取密碼哈希:FGDump

實驗 55:破解密碼哈希
313 (12)
破解並捕獲密碼哈希:LC5

實驗 56:覆蓋管理員密碼
325 (12)
更改管理員密碼:CHNTPW

實驗 57:暴力破解密碼
337 (9)
對哈希文件進行暴力破解:John the Ripper

實驗 58:暴力破解 FTP 密碼
346 (8)
對 FTP 密碼連接進行暴力破解:BruteFTP

實驗 59:暴力破解終端伺服器
354 (3)
對終端伺服器密碼進行暴力破解:TSGrinder II

漏洞掃描
357 (154)
實驗 60:漏洞掃描器
359 (20)
執行漏洞評估:SAINT

實驗 61:SNMP Walk
379 (7)
通過 SNMP Walk 提取數據:NETWOX/NETWAG

實驗 62:暴力破解社區字符串
386 (6)
提取 SNMP 社區字符串:Solar Winds

實驗 63:目標評估
392 (5)
目標安全評估:Retina

實驗 64:目標評估
397 (5)
目標安全評估:X-Scan

實驗 65:漏洞掃描器
402 (12)
執行漏洞評估:SARA

實驗 66:網頁伺服器目標評估
414 (7)
網頁伺服器安全評估:N-Stealth

實驗 67:漏洞掃描器
421 (8)
從目標計算機提取數據:Pluto

實驗 68:漏洞評估
429 (22)
執行漏洞評估:Metasploit

在 Windows 上
429 (12)
在 Linux 上
441 (10)

實驗 69:網頁伺服器目標評估
451 (4)
網頁伺服器安全評估:Nikto

實驗 70:漏洞掃描器
455 (13)
目標安全評估:Shadow Scanner

實驗 71:互聯網漏洞掃描器
468 (6)
目標安全評估:Cerberus

實驗 72:WHAX --- 自動利用反向 Shell
474 (17)
自動利用目標:AutoScan

實驗 73:獨特的假鎖屏 XP
491 (8)
獲取管理員密碼:假鎖屏 XP

實驗 74:繞過 Microsoft 序列號
499 (8)
繞過序列號保護:RockXP/自定義腳本

實驗 75:漏洞利用
507 (4)
目標安全評估:Web Hack 控制中心

無線
511 (92)
實驗 76:定位不安全的無線
513 (6)
定位不安全的無線:NetStumbler/Mini-Stumbler

實驗 77:木馬
519 (15)
未經授權的訪問和控制:Back Orifice

在目標計算機上
519 (9)
在攻擊者的計算機上
528 (6)

實驗 78:木馬
534 (11)
未經授權的訪問和控制:NetBus

在目標(伺服器)上
534 (6)
在攻擊中

類似商品