RADMIN - Remote Control Software is Fast and Reliable Remote Control Software for Secure Remote Access to PC from Anywhere. Available on Windows Vista 32-bit and 64-bit Compatible (including Service Pack 1)
Radmin (Remote Administrator) is the world famous, award winning secure remote control software and remote access software which enables you to work on a remote computer in real time as if you were using its own keyboard and mouse.
Radmin (Remote Administrator) is fast and secure remote control and remote access software that enables you to work on a remote computer as if you were sitting right in front of it and access it from multiple places. Radmin includes full support for Windows Vista (32-bit and 64-bit), file transfer, multi-user text and voice chats, Windows security, Kerberos authentication, 256-bit AES encryption for all data streams, telnet access, multiple monitors support and unique DirectScreenTransfer™ technology. Radmin utilizes the ever-present TCP/IP protocol - the most widespread protocol used in LANs, WANs and the Internet. This means you can access your remote computer from anywhere in the world. Radmin is deployed on thousands of corporate PCs worldwide. Among our clients are companies where Radmin is the standard application for network management.
You view the remote computer's screen on your own monitor either in a window or full screen. All your mouse movements and keyboard signals are transferred directly to the remote computer. You work on the remote computer just as if it were right there in front of you. You can remotely access the same computer from multiple places and use advanced file transferring, text and voice chats, remote shutdown, Telnet and other useful features.
Radmin 3 consists of two modules:
The Viewer module (Radmin Viewer)
Radmin Viewer needs to be installed on the local computer (for example your home PC or notebook) which you want to use to access your remote computer.
The Server module (Radmin Server)
Radmin Server needs to be installed on the remote computer (for example your office PC) which you want to access from your own one.
Installing Radmin Server 3
The Server module needs to be installed on the remote computer (for example your office PC) that you want to access from your own one (for example your home PC or notebook).
Step 1: Run rserv32.exe to install Radmin Server.
Step 2: Follow the on-screen instructions. The installer will copy all required files into the default system directory.
Step 3: Please, remember to activate your newly installed copies of Radmin Server 3.
Installing Radmin Viewer 3
The Client module (also called the Viewer) needs to be installed on the local computer (for example your home PC or notebook) which you want to use to access your remote PC.
Step 1: Run rview32.exe to install Radmin Viewer.
Step 2: Follow the on-screen instructions and select an installation directory when asked. The installer will copy all required files into the specified directory.
FAQ
1. I can't connect to Radmin server. What can I do?
Check your connection to the remote host via TCP/IP: Type in the command prompt: ping remote_host_name
Ex: ping 10.0.0.1
Ex: ping myserver.mycompany.com
Make sure that radmin server is running on the remote computer. Verify that you are connecting to the correct port on which the radmin server is waiting for the incoming connection. Check the firewall settings on the remote computer. You can also examine Radmin’s logfile.txt to discover what's causing the problem.
2. I'm behind a router and don't have public IP address. What can I do?
Several situations are possible:
Your computers are in an internal network behind a NAT based router. Only the router has a public IP address. You can access your internal network computers via the Internet. To do this you need to configure 'Forwarding' on the router/firewall. Configure the router to forward connections from a port on the router to a specific IP address and port (Radmin server's default port is 4899) of the target computer in your internal network. You need to assign a port on the router for every computer you need to access. The router will then forward the connection to your computer in the internal network.
Your PCs have real IP addresses but the firewall has its port 4899 closed. In this case you have to open 4899 or use another open port.
Radmin Server does not start on the server. Examine the log file on the server for the reason.
Thursday, July 17, 2008
RADMIN - Remote Control Software
Tuesday, July 15, 2008
Free Vulnerability Scan
NetClarity offers FREE SCAN tool to findout if you have any
vulnerabilities ( Malware, Viruses, Worms, Trojans, Keyloggers and all
those nasty exploits are not the problem ) they can exploit, harden
your system and take a more proactive approach to securing your
personal computer.
http://www.netclarity.net/freescan.html
On completing the SCAN, please contact us for the full report unlock key.
NACwall are Network Access Control (NAC) appliances which scan
corporate networks for devices that may contain exposures or
vulnerabilities exploited by hackers that firewalls can't defend
against. NACwalls also alert customers and block against malicious and
un-trusted network access at all points on the network, whether wired
or wireless.
NACwall are proactive appliances that take just minutes to install.
Continuously scanning for vulnerability' s across every device on a
network, NACwalls can stop threats within milliseconds.
NACwall detect & respond to threats from network connected computers,
returning mobile users, wireless devices, new devices and even detect
´imitation´ users (spoofed machines). NACwalls respond in milliseconds
to un-trusted and potentially hazardous computer assets stunning off
their network access in less time than it took to read this sentence.
Network Access Control (NAC) is an approach to computer network security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.
Network Access Control is a computer networking concept and set of protocols used to define how to secure the network nodes prior to the nodes accessing the network. NAC might integrate the automatic remediation process (fixing non-compliant nodes before allowing access) into the network systems, allowing the network infrastructure such as routers, switches and firewalls to work together with back office servers and end user computing equipment to ensure the information system is operating securely before interoperability is allowed.
Network Access Control (NAC) aims to do exactly what the name implies: control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do.
"NAC's roots trace back to the trusted computing movement. In this context an open-architecture was created as an alternative to proprietary NAC initiatives. TNC-WG aims at enabling network operators to provide endpoint integrity at every network connection, thus enabling interoperability among multi-vendor network endpoints.[3]"
Initially 802.1x was also thought of as NAC. Some still considers 802.1x as the most simple form of NAC, but most people think of NAC as something more.
Goals of Network Access Control
Because NAC represents an emerging category of security products, its definition is both evolving and controversial. The overarching goals of the concept can be distilled to:
Mitigation of zero-day attacks
The key value proposition of NAC solutions is the ability to prevent end-stations that lack antivirus, patches, or host intrusion prevention software from accessing the network and placing other computers at risk of cross-contamination of network worms.
Policy enforcement
NAC solutions allow network operators to define policies, such as the types of computers or roles of users allowed to access areas of the network, and enforce them in switches, routers, and network middleboxes.
Identity and access management
Where conventional IP networks enforce access policies in terms of IP addresses, NAC environments attempt to do so based on authenticated user identities, at least for user end-stations such as laptops and desktop computers.
Pre-admission and post-admission
There are two prevailing design philosophies in NAC, based on whether policies are enforced before or after end-stations gain access to the network. In the former case, called pre-admission NAC, end-stations are inspected prior to being allowed on the network. A typical use case of pre-admission NAC would be to prevent clients with out-of-date antivirus signatures from talking to sensitive servers. Alternatively, post-admission NAC makes enforcement decisions based on user actions, after those users have been provided with access to the network.
Agent versus agentless
The fundamental idea behind NAC is to allow the network to make access control decisions based on intelligence about end-systems, so the manner in which the network is informed about end-systems is a key design decision. A key difference among NAC systems is whether they require agent software to report end-system characteristics, or whether they use scanning and network inventory techniques to discern those characteristics remotely.
Out-of-band versus inline
In some out-of-band systems, agents are distributed on end-stations and report information to a central console, which in turn can control switches to enforce policy. In contrast the inline solutions can be single-box solutions which act as internal firewalls for access-layer networks and enforce the policy. Out-of-band solutions have the advantage of reusing existing infrastructure; inline products can be easier to deploy on new networks, and may provide more advanced network enforcement capabilities, because they are directly in control of individual packets on the wire. However, there are products that are agentless, and have both the inherent advantages of easier, less risky out-of-band deployment, but use techniques to provide inline effectiveness for non-compliant devices, where enforcement is required
Remediation, quarantine and captive portals
Network operators deploy NAC products with the expectation that some legitimate clients will be denied access to the network (if users never had out-of-date patch levels, NAC would be unnecessary). Because of this, NAC solutions require a mechanism to remediate the end-user problems that deny them access.
Two common strategies for remediation are quarantine networks and captive portals:
Quarantine
A quarantine network is a restricted IP network that provides users with routed access only to certain hosts and applications. Quarantine is often implemented in terms of VLAN assignment; when an NAC product determines that an end-user is out-of-date, their switch port is assigned to a VLAN that is routed only to patch and update servers, not to the rest of the network. Other solutions use Address Management techniques (such as Address Resolution Protocol (ARP) or Neighbor Discovery Protocol (NDP)) for quarantine, avoiding the overhead of managing quarantine VLANs.
Captive portals
A captive portal intercepts HTTP access to web pages, redirecting users to a web application that provides instructions and tools for updating their computer. Until their computer passes automated inspection, no network usage besides the captive portal is allowed. This is similar to the way paid wireless access works at public access points.
Benefits:
Minimize risk of outbreaks while allowing for policy flexibility
Protect your network from zero-day threats and infected guest devices; monitor the network continuously for threat assessment and attack behavior originating from all types of devices Minimize exposure from noncompliant, infected, or misconfigured systems
Allow only authorized devices to have network access: enforce compliance by scanning devices to test their overall security posture as they attempt to log onto a network Reduce downtime and risk
Guard against infections and vulnerabilities from mobile devices; identify and quarantine misconfigured systems and company laptops that fall out of compliance; enforce network access decision at the system level; remediate noncompliant devices automatically Make intelligent decisions based on real knowledge
Gain visibility of system and network threats with efficient security collaboration; breakthrough McAfee ePolicy Orchestrator® (ePO™) integration provides real-time visibility of actionable system host details, as well as the most relevant host IPS, anti-virus, and spyware events Leverage your existing network infrastructure
Deploy to all ePO managed systems in your network infrastructure without hardware replacements; get continuous, broad protection that keeps up with the latest threats with McAfee Total Protection for Enterprise—Advanced with NAC included; manage it all from a single, centralized console.
Features:
Dynamic NAC with IntruShield
Protect the internal organization from the threat of remote access, high-risk branch offices, or guest wireless networks by identifying, quarantining, and then remediating any infected device Flexible and powerful remediation options
Minimize helpdesk calls and make faster fixes on managed systems with automated remediation; for unmanaged systems, go to a user-directed remediation portal for quick results Broad enforcement options
Select from a variety of enforcement strategies, thanks to integration with ePO and a flexible architecture; protect against critical systems that cannot run agents with integrated McAfee Network Security Platform; add support for Microsoft NAP Framework Centralized management and control
Manage and control access to your network, along with your other system security protection, through a single console with ePO; get a bird's eye view or all the details about hosts and define policies; retrieve centralized reports of failed compliance checks and remediation action Protection from non-Microsoft® Windows devices
Monitor and assess threats and attacks from any device, including Macintosh and Unix systems and devices with embedded operating systems, like VoIP phones, printers, faxes, and copiers
Thursday, July 10, 2008
Stealing the Network: How to Own the Box
"Steal This Network" is not another of the countless hacker books out there, but an edgy, provocative, attack-oriented series of chapters written in a firsthand, conversational style. World-renowned network security personalities present a series of 25-to-30-page chapters written from the point of view of an attacker who is gaining access to a particular system.
Synopsis
"If you want to hack into someone else's network, the week between Christmas and New Year's Day is the best time. I love that time of year" (from Chapter 1, "Hide and Sneak"). Written by a team of network security professionals, this volume contains a series of fictional short stories demonstrating the techniques commonly used by criminal hackers. The appendix provides an overview of the "Laws of Security" and discusses ways to mitigate many of the attacks detailed in the book. Annotation © 2004 Book News, Inc., Portland, OR
Annotation
"Steal This Network" is not another of the countless hacker books out there, but an edgy, provocative, attack-oriented series of chapters written in a firsthand, conversational style. World-renowned network security personalities present a series of 25-to-30-page chapters written from the point of view of an attacker who is gaining access to a particular system.
Stealing the Network: How to Own the Box is a book about breaking into computer systems by various means, ranging from obtaining physical access to network intrusion. There are lots of books on computer security and on breaking into computer systems. What is unusual about this book is that it is composed of fictional stories based around various "exploits" to gain access to computer systems. The book has nine authors: Ryan Russel, Tim Mullen, FX, Dan Kaminsky, Joe Grand, Ken Pfeil, Ido Dubrawsky, Mark Burnett and Paul Craig. Each wrote a chapter, except for Ryan Russel who edited the book and wrote two chapters. All of the authors are involved in computer security or computer intrusion (or perhaps both at differing points in their lives).
The fictional nature of the book makes it readable, although Stealing the Network is not exactly Neuromancer. Most of the chapters revolve around a different fictional character using various methods for gaining unauthorized access to computer systems. These include "social engineering" - obtaining information or physical access by gaining the confidence of people at a company. Some are attacks are sophisticated. One vignette involves a beautiful woman hacker who specializes in hacking into printers.
One of the objectives of the authors of Stealing the Network is to get you to think about computer security in new ways. Before reading Stealing the Network I had never thought of printers as possible targets for intrusion attack. Printers have evolved into full network devices that run some form of operating system, which supports the network stack software. Although printers are increasingly powerful computers, they started out as dumb devices (raise your hand if you remember the old "chain" printers) so there is a tendency keep thinking of them as the dumb devices. This means that the network security on a printer may be non-existent. Since the printer can communicate with the rest of the network, it can serve as a platform for attack (as a network proxy if nothing else).
Although the characters in Stealing the Network are fictional, the techniques and software tools are real. The attack described in each chapter also includes a description of the software tools used (in some cases including the web site that publishes the software). The details of the attack are also broken down. Unless you have a real passion for the fine details of computer security and intrusion, these accounts can become tedious in places.
The appendix of Stealing the Network is titled Laws of Computer Security which attempts to summarize some of the issues raised in the stories. Stealing the Network is a valuable reference for those who want to understand current security exploits. The usefulness of the book as a reference is harmed by the fact that it does not include an index.
We wouldn't have to spend so much time, money, and effort on network security if we didn't have such bad software security. Think about the most recent security vulnerability about which you've read. Maybe it's a killer packet that allows an attacker to crash some server by sending it a particular packet. Maybe it's one of the gazillions of buffer overflows that allow an attacker to take control of a computer by sending it a particular malformed message. Maybe it's an encryption vulnerability that allows an attacker to read an encrypted message or to fool an authentication system. These are all software issues.
Bruce Schneier, from the forward to Building Secure Software: How to Avoid Security Problems the Right Way by John Viega and Gary McGraw, Addison-Wesley, 2002
Computer security is viewed by many people as "cool". Case, the cyberspace cowboy in Neuromancer hacking into computer systems. The mirror of Case is the computer security guru who protects the system with their vast store of knowledge. Some computer security "gurus" have even gained their fifteen minutes of media fame (can you say Satan). The truth is that network computer systems are vulnerable because of human limitations. While computer security is important, it may come as a shock to those who attend conferences like Black Hat to learn that computer security is not as cool as they think it is.
The design and implementation of secure computer networks, or at least networks that will not fall to most of the attacks described in Stealing the Network are not waiting for new results from computer science research or software engineering. As Bruce Schneier points out above, the problems that are encountered in computer security are frequently the result of well understood issues. For example, many of the computer network attacks that are described in Stealing the Network are buffer overflow attacks. Methods for avoiding buffer overflow problems have been known for something like 30 years.
There are two major historical factors that have lead to the poor state of computer security that prompts me to read books like Stealing the Network. These are:
Susceptibility to buffer overflow attack (as noted above)
The C/C++ programming languages have been used to implement every major operating system in use today (e.g., Windoz, UNIX and Linux). This includes the operating systems that run on network routers, like Cisco's IOS. Most, if not all, of the buffer overflow attacks result from the lack of compiled range checks in C/C++.
A range check allows buffer (array) overflows to be caught at runtime. For example, a potential buffer overflow problem exists in the code below (which calls the POSIX function gets).
#define SIZE 80
char buf[SIZE];
while (! gets( buf )) {
....
}
In this code a stream of text, terminated by a newline character, is read from the POSIX standard input (which might be connected to a TCP/IP socket). If the stream of text is longer than 80 characters, it will overwrite data which is stored following buf. A text stream of just the right size may overwrite the return address for a function (possibly the function that called the current function), allowing the attacker to insert and execute their own code.
Compilers for languages like Pascal and Java insert code that checks that an array (buffer) access is within the bounds of the memory allocated for the array. If there is an access beyond the end of the array, a runtime error will result. The software will fail, but the intruder will not gain access to the system.
The equality between arrays and pointers in C makes it very difficult, if not impossible to compile range checked into C. The designers of C (Kernighan and Ritchie) might have designed the language differently if they had realized that it would become the lingua franca of software. C was designed so that it could be efficiently translated into the Digital Equipment Corporation PDP instruction set. This allowed C to be used as an efficient vehicle to implement operating system software (e.g., the early versions of UNIX). The extra code generated by the compiler to support range checks was anathema to the concentration on efficiency in C.
Since every operating system in wide spread use has been implemented in C (or C++), the historical decisions in the C programming language resulted in many of the computer network vulnerabilities that exist today.
Microsoft Software
The most commonly attacked and penetrated computer systems run various versions of Microsoft's Windows operating system. The original root of the security problems in Windows based operating systems comes from the fact that Microsoft's model for computation is a computer system, running Microsoft Windows, on every desktop, joined by a network that supports simple operations like printing. Unlike UNIX, which evolved on systems joined by the Internet, the Internet was not part of Microsoft's world view until it exploded into popular culture. In Microsoft's view, computers running Windows would only communicate with other computers running Windows within a corporate network. The Web did not exist in this world view and computer networks where not heavily connected to the outside world. As a result, network security was not an issue Microsoft considered much.
Microsoft implemented features like OLE (Object Linking and Embedding) which allows a Microsoft Word document to include a spread sheet constructed with Microsoft Excel. By clicking on the spread sheet you can bring up Excel and make changes in the spread sheet. By allowing code execution to be started from a document, which could be sent via e-mail, Microsoft laid the foundation for security holes which are probably still not fixed.
All this is old history with Microsoft and a larger question exists: Why did Microsoft not take action to re-architect their software when it became obvious that the foundation for their design view was wrong? The fact that viruses have exploited vulnerabilities in Microsoft e-mail for years is simply inexcusable.
As Stealing the Network points out, there is no way to build a computer system that cannot be successfully attacked by some means. If nothing else, high levels of security make computer systems difficult to use. UNIX was designed in reaction to the secure, but difficult to use, MULTICS operating system. Systems that are difficult use to may be compromised as their users open holes to make their jobs easier.
While recognizing the limitations of computer security, it is still obvious that computer security could be greatly improved if people simply applied the knowledge that engineers and computer scientists have had for many years. Many of the vulnerabilities exploited by the characters in Stealing the Network would not exist if this happened. Firewalls and network intrusion detection systems exist to protect against problems that could have been avoided.
A Note on Terminology
The computer security/hacker community, like any community, has developed their own set of jargon. Some of this is generally familiar in the software world. The one term that I found unfamiliar was the term "0-day exploit". I did not find an explaination for this term in this book, but I later found that it means an exploit with 0-days of warning before the attack.
For example, it frequently happens that a vulnerability is announced for Microsoft operating systems. An attack does not appear for some number of days, so there is some chance to install software to protect the system.
In a 0-day exploit a previously unknown exploit becomes known only as a result of a successful attack. Those who manage the computer system have 0-days of warning. The security research community hopes to keep ahead of those who attack computer systems. But as the potential profits from system attacks increase 0-day attacks become inevitable.
Credit to Ian Kaplan
Stealing the Network: How to Own the Box is a couple years old, and is the first in a series of books that provide information on computer and network security by combining fictional narratives with genuine techniques. It is not written as a "how-to" guide, which makes it an easier read for a non-geek, though there is enough real technical information contained in the short stories to give a sysadmin or security enthusiast something to go on.
The book is divided into ten chapters (and an appendix that non-geeks may take a pass on), each one of which gives a short story dealing with some aspect of security. While there are clear roles associated with the protagonist in each story -- some white hat, some black -- overall the book does a nice job of presenting the information in a useful way without imposing morals on the reader. The stories give a wide variety of scenarios, which include:
- a general "break into a network" hack
- worm analysis
- hardware hacking
- printer security
- hacking without hacking (relying on the general laziness of users)
- wireless security
- social engineering
- forensics and post-incident analysis
The narratives are all more or less easy to follow (though a couple are somewhat long and dull), and help to illustrate good security by showing just how powerful poor security can be in the hands of an attacker. By riding shotgun on several different scenarios, you can spot the weak points and see where exactly vulnerabilities can be exploited. It shows that many networks, even those with SOME security in place, can often still be compromised relatively simply. Although it has been repeated to the point of being cliche, it is true that a chain is only as strong as its weakest link -- and many times, the weakest link is plain human laziness or ignorance.
This book is a quick read; I finished it in a little over a week. However, the effect it has had on me will be much longer-lasting. Although it is a bit dated by modern standards, there is enough real information to serve as a reminder that, while it is easy to talk about security on a web forum, true security is found only when you roll up your sleeves and get your hands dirty. It is not always enough to assume you are secure simply because you know a thing or two about firewalls and Windows Update. Security is a process, and it ends up being a process that is never truly finished.
I would like to close by sharing a quote from the book that, for some reason, has stuck with me:
What's funny is that I've never needed to resort to some fancy theoretical exploit that security researchers talk about, because the script kiddy stuff usually works just fine. I've seen administrators go to great lengths to prevent man-in-the-middle attacks. But I've never actually used such an attack myself, I don't know anyone else who has used one, and I don't know anyone who was ever a victim of one.
I highly recommend this book to anyone with a real interest in the guts of security. The dead tree edition retails for around US$50, though you can probably find a cheaper one used, or if you don't mind reading electronic copy (or if you have a printer that can handle it), you can download the eBook.
From the Publisher
"Stealing the Network: How to Own the Box" is NOT intended to be a "install, configure, update, troubleshoot, and defend book." It is also NOT another one of the countless Hacker books out there. So, what IS it? It is an edgy, provocative, attack-oriented series of chapters written in a first hand, conversational style. World-renowned network security personalities present a series of 25 to 30 page chapters written from the point of an attacker who is gaining access to a particular system. This book portrays the "street fighting" tactics used to attack networks and systems.
Not just another "hacker" book, it plays on "edgy" market success of Steal this Computer Book with first hand, eyewitness accounts
A highly provocative expose of advanced security exploits
Written by some of the most high profile "White Hats", "Black Hats" and "Gray Hats"
Gives readers a "first ever" look inside some of the most notorious network intrusions
Table of Contents
Chapter 1: Hide and Sneak--Ido Dubrawsky
Chapter 2: BabelNet--Dan Kaminsky
Chapter 3: The Worm Turns--Ryan Russell and Tim Mullen
Chapter 4: Just Another Day at the Office--Joe Grand
Chapter 5: h3X's Adventures in Networkland--FX
Chapter 6: The Thief No One Saw--Paul Craig
Chapter 7: Flying the Friendly Skies--Joe Grand
Chapter 8: dis-card--Mark Burnett
Chapter 9: Social (In)Security--Ken Pfeil
Chapter 10: The Art of Tracking--Mark Burnett
Appendix: The Laws of Security
Read an Excerpt
From Chapter 5, The Thief No One Saw
This is my story. My name is Dex. I'm a 22-year-old systems administrator. I live in an upper-class apartment in New York's CBD. My apartment is lined with computers, coffee cups, and cables. I work eight hours a day for a small online e-commerce site, mostly managing servers and security.
In my free time, I run my own contract development company, writing mostly C/C++. I also moonlight as a "Rent a Thief" for a black market media "distribution" company based out of Taiwan. On demand, I hack into companies and steal whatever is required. Usually, it's a new, highly anticipated game or a large, expensive CAD (computer-aided design) software package. Once, I was even asked to steal software used to design a nuclear power plant. I don't ask questions. This thievery doesn't stop at software, though. There is big money in commercial plans, financial data, and customer contact lists, as well.
I do this because I enjoy the rush and the feeling of outsmarting someone else. I never tell anyone else about a hack, and to date, only a few companies I've hit even suspected that they had been hacked. I am not a part of the typical hacker community, and I always work alone....
Slashdot.org
Stealing the Network is a refreshing change from more traditional computer books. The authors have created fictional stories based on non-fictional concepts that could really happen to our computer systems today. The realistic fiction approach makes the book much lighter to read and actually entertaining. I also believe this approach makes the true methods behind the fictional stores much more memorable then memorizing thousand page textbooks.
Wired
Stealing The Network: How to Own the Box, a compendium of tales written by well-known hackers, is a perfect summer read. The stories are fictional. The technology and techniques described are very real … At 328 pages, Stealing the Network is a summer blockbuster without the nonsense that packs the pages of most warm-weather reads. It's entertaining, but it won't leave your brain gagging on an overdose of fluff.
Amazon.com
Stealing the Network is a book of science fiction. It's a series of short stories about characters who gain unauthorized access to equipment and information, or deny use of those resources to the people who are meant to have access to them. The characters, though sometimes well described, are not the stars of these stories. That honor belongs to the tools that the black-hat hackers use in their attacks, and also to the defensive measures arrayed against them by the hapless sysadmins who, in this volume, always lose. Consider this book, with its plentiful detail, the answer to every pretty but functionally half-baked user interface ever shown in a feature film.
One can read this book for entertainment, though its writing falls well short of cyberpunk classics like Burning Chrome and Snow Crash. Its value is in its explicit references to current technologies--Cisco routers, OpenSSH, Windows 2000--and specific techniques for hacking them (the heroes and heroines of this book are always generous with command-history dumps). The specific detail may open your eyes to weaknesses in your own systems (or give you some ideas for, ahem, looking around on the network). Alternately, you can just enjoy the extra realism that the detail adds to these stories of packetized adventure. --David Wall
Product Description
"Stealing the Network: How to Own the Box" is NOT intended to be a "install, configure, update, troubleshoot, and defend book." It is also NOT another one of the countless Hacker books out there. So, what IS it? It is an edgy, provocative, attack-oriented series of chapters written in a first hand, conversational style. World-renowned network security personalities present a series of 25 to 30 page chapters written from the point of an attacker who is gaining access to a particular system. This book portrays the "street fighting" tactics used to attack networks and systems.
Not just another "hacker" book, it plays on "edgy" market success of Steal this Computer Book with first hand, eyewitness accounts
A highly provocative expose of advanced security exploits
Written by some of the most high profile "White Hats", "Black Hats" and "Gray Hats"
Gives readers a "first ever" look inside some of the most notorious network intrusions
Download Description
"Stealing the Network: How to Own the Box" is NOT intended to be a "install, configure, update, troubleshoot, and defend book." It is also NOT going to be another one of the countless Hacker books out there now by our competition. So, what IS it going to be? "Stealing the Network: How to Own the Box" is going to be an edgy, provocative, attack-oriented series of chapters written in a first hand, conversational style. World-renowned network security personalities will present a series of 25 to 30 page chapters written from the point of an attacker who is gaining access to a particular system. This book will portray the "street fighting" tactics used to attack networks and systems. --This text refers to the Digital edition.
Book Info
(Syngress Publishing) Combines fictional stories with real technology. Provides a glimpse into the creative minds of some of today's best hackers. Softcover.
From the Publisher
In the real world, hackers go after the "low-hanging fruit." They take the least risk and go for the greatest reward. They often act alone or in small groups. They don’t have government funding or belong to world criminal organizations. What they do have is spare time and a lot of curiosity, and believe me, hacking takes a lot of time. Some of the best hackers spend months working on one exploit. At the end of all that work, the exploit may turn out to not be reliable or to not to function at all! Breaking into a site is the same way. Hackers may spend weeks performing reconnaissance on a site, only to find out there is no practical way in, so it’s back to the drawing board.
In movies, Hollywood tends to gloss over this fact about the time involved in hacking. Who wants to watch while a hacker does research and test bugs for weeks? It’s not a visual activity like watching bank robbers in action, and it’s not something the public has experience with and can relate to. In the movie "Hackers," the director tried to get around this by using a visual montage and some time- lapse effects. In "Swordfish," hacking is portrayed by drinking wine to become inspired to visually build a virus in one night. One of the oldest hacking movies, War Games, is the closest to reality on the big screen. In that movie, the main character spends considerable time doing research on his target, tries a variety of approaches to breaking in, and in the end, is noticed and pursued.
But what if …? What would happen if the attackers were highly motivated and highly skilled? What if they had the guts and skills to perform sophisticated attacks? After a few drinks, these authors of the book you are holding in your hands are/were quick to speculate on what would be possible. Now, they have taken the time and effort to create ten stories exploring just what it would take to own the network.
About the Author
Dan Kaminsky, also known as Effugas, is a Senior Security Consultant for Avaya's Enterprise Security Practice, where he works on large-scale security infrastructure. Dan's experience includes two years at Cisco Systems, designing security infrastructure for cross-organization network monitoring systems, and he is best known for his work on the ultra-fast port scanner, scanrand, part of the "Paketto Keiretsu," a collection of tools that use new and unusual strategies for manipulating TCP/IP networks.
FX of Phenoelit has spent the better part of the last few years becoming familiar with the security issues faced by the foundation of the Internet, including protocol based attacks and exploitation of Cisco routers. He has presented the results of his work at several conferences, including DefCon, Black Hat Briefings, and the Chaos Communication Congress.
Mark Burnett is an independent security consultant, freelance writer, and a specialist in securing Windows-based IIS Web servers. Mark is a contributor to Dr. Tom Shinder's ISA Server and Beyond: Real World Security Solutions for Microsoft Enterprise Networks (Syngress Publishing, ISBN: 1-931836-66-3).
Joe Grand is the President and CEO of Grand Idea Studio, Inc., a product design and development firm that brings unique inventions to market through intellectual property licensing. As an electrical engineer, many of his creations including consumer devices, medical products, video games and toys, are sold worldwide. A recognized name in computer security and former member of the legendary hacker think-tank, The L0pht, Joe’s pioneering research on product design and analysis, mobile devices, and digital forensics is published in various industry journals.
Ido Dubrawsky (CCNA, CCDA, SCSA) is a Network Security Architect working in the SAFE architecture group of Cisco Systems, Inc. His responsibilities include research into network security design and implementation.
Paul Craig is a network administrator for a major broadcasting company in New Zealand. He has experience securing a great variety of networks and operating systems. Paul has also done extensive research and development in digital rights management (DRM) and copy protection systems.
Ken Pfeil is a Senior Security Consultant with Avaya's Enterprise Security Consulting Practice, based in New York. Ken's IT and security experience spans over 18 years with companies such as Microsoft, Dell, Identix and Merrill Lynch in strategic positions ranging from Systems Technical Architect to Chief Security Officer. While at Microsoft, Ken co-authored Microsoft's Best Practices for Enterprise Security white paper series, was a technical contributor to the MCSE Exam, Designing Security for Windows 2000 and official curriculum for the same.
Timothy Mullen is CIO and Chief Software Architect for AnchorIS, a developer of secure enterprise-based accounting solutions. Mullen is also a columnist for Security Focus' Microsoft Focus section, and a regular contributor of InFocus technical articles. Also known as Thor, he is the founder of the "Hammer of God" security coop group.
Ryan Russell has worked in the IT field for over 13 years, focusing on information security for the last seven. He was the primary author of Hack Proofing Your Network: Internet Tradecraft (Syngress Publishing, ISBN: 1-928994-15-6), and is a frequent technical editor for the Hack Proofing series of books. Ryan founded the vuln-dev mailing list, and moderated it for three years under the alias "Blue Boar." Ryan is the Director of Software Engineering for AnchorIS, where he's developing the anti-worm product, Enforcer.