소장자료검색

책소개

"The end-all of hacking.... A must-read if you want to secure your networks." --"W2Knews

Plug the holes in your Windows infrastructure by seeing it through the eyes of the attacker

Protect your Windows Server 2003 systems from the latest widespread and devastating attacks the tried-and-true "Hacking Exposed way. You'll learn, step-by-step, how intruders locate targets, gain super-user access, and ransack compromised networks. Fully updated chapters detail all-new Windows Server 2003 footprinting and scanning methods, IIS6 security flaws, buffer overflow exploits, Terminal Services hacks, and DoS/DDoS vulnerabilities. Real-world cases and code examples demonstrate the most current dangers and spell out countermeasures to stonewall malicious intruders "every "time.

New and Updated Material: All-new Windows footprinting and scanning tools and techniques NetBIOS, MSRPC, SMB, DNS, SNMP, and Active Directory enumeration protection Updated exploits of Windows-specific services, including the MSRPC interface vulnerability that led to the Blaster worm, SQL Slammer, and eavesdropping attacks on Kerberos Details on the new IIS6 security architecture, URLScan, Microsoft Web services source code disclosure exploits, and HTR chunked encoding exploits All-new Terminal Services information including new password guessing, privilege escalation, and eavesdropping countermeasures New client-side exploits using popular multimedia file formats, and strong new countermeasures using Internet Explorer Enhanced Security Configuration The latest countermeasures for Denial of Service (DoS) attacks including bogon filtering and sink holes New security features such as Internet Connection Firewall,software restriction policies, and updates to IPSec

About the Authors:

Joel Scambray is Senior Director of Security for Microsoft's MSN and Stuart McClure is President/CTO of Foundstone, Inc., an enterprise security products company. They are co-authors of four editions of "Hacking Exposed as well as "Hacking Exposed Windows 2000.

목차

Pt. I Foundations
1 Information security basics 3
2 The Windows Server 2003 security architecture from the hacker's perspective 13
Pt. II Profiling
3 Footprinting and scanning 55
4 Enumeration 73
Pt. III Divide and conquer
5 Hacking Windows-specific services 117
6 Privilege escalation 159
7 Getting interactive 174
8 Expanding influence 187
9 Cleanup 221
Pt. IV Exploiting vulnerable services and clients
10 Hacking IIS 243
11 Hacking SQL Server 289
12 Hacking Terminal Server 337
13 Hacking Microsoft Internet clients 359
14 Physical attacks 409
15 Denial of service 425
Pt. V Playing defense
16 NT family security features and tools 445
17 The future of Windows security 481
Pt. VI Appendixes