TY - BOOK AU - Peikari,Cyrus AU - Chuvakin,Anton TI - Security warrior / SN - 0596005458 PY - 2004/// CY - Sebastopol, California : PB - O'Reilly, KW - SECURITY KW - SEGURIDAD INFORMATICA KW - SOFTWARE CRACKING KW - NETWORK STALKING KW - PLATFORM ATTACKS KW - ADVANCED DEFENSE KW - HONEYPOTS KW - WINDOWS SERVER ATTACKS KW - WIRELESS SECURITY N1 - CONTENIDO Dedication Preface Part I: Software Cracking Chapter 1. Assembly Language Registers ASM Opcodes References Chapter 2. Windows Reverse Engineering History of RCE Reversing Tools Reverse Engineering Examples References Chapter 3. Linux Reverse Engineering Basic Tools and Techniques A Good Disassembly Problem Areas Writing New Tools References Chapter 4. Windows CE Reverse Engineering Windows CE Architecture CE Reverse Engineering Fundamentals Practical CE Reverse Engineering Reverse Engineering serial.exe References Chapter 5. Overflow Attacks Buffer Overflows Understanding Buffers Smashing the Stack Heap Overflows Preventing Buffer Overflows A Live Challenge References Part II: Network Stalking Chapter 6. TCP/IP Analysis A Brief History of TCP/IP Encapsulation TCP IP UDP ICMP ARP RARP BOOTP DHCP TCP/IP Handshaking Covert Channels IPv6 Ethereal Packet Analysis Fragmentation References Chapter 7. Social Engineering Background Performing the Attacks Advanced Social Engineering References Chapter 8. Reconnaissance Online Reconnaissance Conclusion References Chapter 9. OS Fingerprinting Telnet Session Negotiation TCP Stack Fingerprinting Special-Purpose Tools Passive Fingerprinting Fuzzy Operating System Fingerprinting TCP/IP Timeout Detection References Chapter 10. Hiding the Tracks From Whom Are You Hiding? Postattack Cleanup Forensic Tracks Maintaining Covert Access References Part III: Platform Attacks Chapter 11. Unix Defense Unix Passwords File Permissions System Logging Network Access in Unix Unix Hardening Unix Network Defense References Chapter 12. Unix Attacks Local Attacks Remote Attacks Unix Denial-of-Service Attacks References Chapter 13. Windows Client Attacks Denial-of-Service Attacks Remote Attacks Remote Desktop/Remote Assistance References Chapter 14. Windows Server Attacks Release History Kerberos Authentication Attacks Kerberos Authentication Review Defeating Buffer Overflow Prevention Active Directory Weaknesses Hacking PKI Smart Card Hacking Encrypting File System Changes Third-Party Encryption References Chapter 15. SOAP XML Web Services Security XML Encryption XML Signatures Reference Chapter 16. SQL Injection Introduction to SQL SQL Injection Attacks SQL Injection Defenses PHP-Nuke Examples References Chapter 17. Wireless Security Reducing Signal Drift Problems with WEP Cracking WEP Practical WEP Cracking VPNs TKIP SSL Airborne Viruses References Part IV: Advanced Defense Chapter 18. Audit Trail Analysis Log Analysis Basics Log Examples Logging States When to Look at the Logs Log Overflow and Aggregation Challenge of Log Analysis Security Information Management Global Log Aggregation References Chapter 19. Intrusion Detection Systems IDS Examples Bayesian Analysis Hacking Through IDSs The Future of IDSs Snort IDS Case Study IDS Deployment Issues References Chapter 20. Honeypots Motivation Building the Infrastructure Capturing Attacks References Chapter 21. Incident Response Case Study: Worm Mayhem Definitions Incident Response Framework Small Networks Medium-Sized Networks Large Networks References Chapter 22. Forensics and Antiforensics Hardware Review Information Detritus Forensics Tools Bootable Forensics CD-ROMs Evidence Eliminator Forensics Case Study: FTP Attack References Part V: Appendix Appendix A. Useful SoftICE Commands and Breakpoints Section A.1. SoftICE Commands Section A.2. Breakpoints Colophon Index ER -