Systems administrators are often unaware of the dangers presented by anything beyong the most trivial attacks. Because of the day-to-day tasks, Y2K projects, and increasingly complex technology, administrators have perpetually back-burnerer security issues out of necessity. However, recent high-profile viruses and events like the White House website being closed down by hackers has brought the issue back to the forefront. With Hacking Exposed: Network Security Secrets and Solutions, Osborne will provide administrators with a modular and approachable reference so they can select the most pertinent information, rapidly digest it, and apply it immediately.
Whenever Hollywood does a movie in which someone breaks into a computer, the hacking scenes are completely laughable to anyone who knows the first thing about computer security. Think of Hacking Exposed: Network Security Secrets and Solutions as a computer thriller for people with a clue. This is a technical book, certainly--URLs, procedures, and bits of advice take the place of plot and characters--but the information about hackers' tools will leave you wondering exactly how vulnerable your system is. More to the point, the explicit instructions for stealing supposedly secure information (a Windows NT machine's Security Access Manager file, for example) will leave you absolutely certain that your computers have gaping holes in their armor.
The book describes the security characteristics of several computer-industry pillars, including Windows NT, Unix, Novell NetWare, and certain firewalls. It also explains what sorts of attacks against these systems are feasible, which are popular, and what tools exist to make them easier. The authors walk the reader through numerous attacks, explaining exactly what attackers want, how they defeat the relevant security features, and what they do once they've achieved their goal. In what might be called after-action reports, countermeasures that can help steer bad buys toward less-well-defended prey are explained. If you run Linux, you may want to supplement the Unix information in this book with Maximum Linux Security, another practical-minded and very popular security text. --David Wall
Topics covered: The state of the art in breaking into computers and networks, as viewed from the vantage point of the attacker and the defender. There's information on surveying a system remotely, identifying weak points, and exploiting weaknesses in specific operating systems (Windows NT, Unix, and Novell NetWare, mostly). Coverage also includes war dialers, circumventing firewalls, denial-of-service attacks, and remote-control software. There's a cool appendix on the security characteristics of Windows 2000.