Security Warrior

Larger Cover

Security Warrior

By Cyrus Peikari, Anton Chuvakin

Publisher: O'Reilly Media

Released: January 2004

Pages: 556

When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.

What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.

Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.

Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.

Software Cracking
1. Chapter 1 Assembly Language
  1. Registers
  2. ASM Opcodes
  3. References
2. Chapter 2 Windows Reverse Engineering
  1. History of RCE
  2. Reversing Tools
  3. Reverse Engineering Examples
  4. References
3. Chapter 3 Linux Reverse Engineering
  1. Basic Tools and Techniques
  2. A Good Disassembly
  3. Problem Areas
  4. Writing New Tools
  5. References
4. Chapter 4 Windows CE Reverse Engineering
  1. Windows CE Architecture
  2. CE Reverse Engineering Fundamentals
  3. Practical CE Reverse Engineering
  4. Reverse Engineering serial.exe
  5. References
5. Chapter 5 Overflow Attacks
  1. Buffer Overflows
  2. Understanding Buffers
  3. Smashing the Stack
  4. Heap Overflows
  5. Preventing Buffer Overflows
  6. A Live Challenge
  7. References
Network Stalking
1. Chapter 6 TCP/IP Analysis
  1. A Brief History of TCP/IP
  2. Encapsulation
  3. TCP
  4. IP
  5. UDP
  6. ICMP
  7. ARP
  8. RARP
  9. BOOTP
  10. DHCP
  11. TCP/IP Handshaking
  12. Covert Channels
  13. IPv6
  14. Ethereal
  15. Packet Analysis
  16. Fragmentation
  17. References
2. Chapter 7 Social Engineering
  1. Background
  2. Performing the Attacks
  3. Advanced Social Engineering
  4. References
3. Chapter 8 Reconnaissance
  1. Online Reconnaissance
  2. Conclusion
  3. References
4. Chapter 9 OS Fingerprinting
  1. Telnet Session Negotiation
  2. TCP Stack Fingerprinting
  3. Special-Purpose Tools
  4. Passive Fingerprinting
  5. Fuzzy Operating System Fingerprinting
  6. TCP/IP Timeout Detection
  7. References
5. Chapter 10 Hiding the Tracks
  1. From Whom Are You Hiding?
  2. Postattack Cleanup
  3. Forensic Tracks
  4. Maintaining Covert Access
  5. References
Platform Attacks
1. Chapter 11 Unix Defense
  1. Unix Passwords
  2. File Permissions
  3. System Logging
  4. Network Access in Unix
  5. Unix Hardening
  6. Unix Network Defense
  7. References
2. Chapter 12 Unix Attacks
  1. Local Attacks
  2. Remote Attacks
  3. Unix Denial-of-Service Attacks
  4. References
3. Chapter 13 Windows Client Attacks
  1. Denial-of-Service Attacks
  2. Remote Attacks
  3. Remote Desktop/Remote Assistance
  4. References
4. Chapter 14 Windows Server Attacks
  1. Release History
  2. Kerberos Authentication Attacks
  3. Kerberos Authentication Review
  4. Defeating Buffer Overflow Prevention
  5. Active Directory Weaknesses
  6. Hacking PKI
  7. Smart Card Hacking
  8. Encrypting File System Changes
  9. Third-Party Encryption
  10. References
5. Chapter 15 SOAP XML Web Services Security
  1. XML Encryption
  2. XML Signatures
  3. Reference
6. Chapter 16 SQL Injection
  1. Introduction to SQL
  2. SQL Injection Attacks
  3. SQL Injection Defenses
  4. PHP-Nuke Examples
  5. References
7. Chapter 17 Wireless Security
  1. Reducing Signal Drift
  2. Problems with WEP
  3. Cracking WEP
  4. Practical WEP Cracking
  5. VPNs
  6. TKIP
  7. SSL
  8. Airborne Viruses
  9. References
Advanced Defense
1. Chapter 18 Audit Trail Analysis
  1. Log Analysis Basics
  2. Log Examples
  3. Logging States
  4. When to Look at the Logs
  5. Log Overflow and Aggregation
  6. Challenge of Log Analysis
  7. Security Information Management
  8. Global Log Aggregation
  9. References
2. Chapter 19 Intrusion Detection Systems
  1. IDS Examples
  2. Bayesian Analysis
  3. Hacking Through IDSs
  4. The Future of IDSs
  5. Snort IDS Case Study
  6. IDS Deployment Issues
  7. References
3. Chapter 20 Honeypots
  1. Motivation
  2. Building the Infrastructure
  3. Capturing Attacks
  4. References
4. Chapter 21 Incident Response
  1. Case Study: Worm Mayhem
  2. Definitions
  3. Incident Response Framework
  4. Small Networks
  5. Medium-Sized Networks
  6. Large Networks
  7. References
5. Chapter 22 Forensics and Antiforensics
  1. Hardware Review
  2. Information Detritus
  3. Forensics Tools
  4. Bootable Forensics CD-ROMs
  5. Evidence Eliminator
  6. Forensics Case Study: FTP Attack
  7. References
Appendix
1. Appendix A Useful SoftICE Commands and Breakpoints
  1. SoftICE Commands
  2. Breakpoints

Colophon

Title:

Security Warrior

By:

Cyrus Peikari, Anton Chuvakin

Publisher:

O'Reilly Media

Formats:

Print
Ebook
Safari Books Online

Print:

January 2004

Ebook:

February 2009

Pages:

556

Print ISBN:

978-0-596-00545-0

| ISBN 10:

0-596-00545-8

Ebook ISBN:

978-0-596-10425-2

| ISBN 10:

0-596-10425-1

Cyrus Peikari

Dr. Cyrus Peikari is currently the Chief Technical Officer of Airscanner Corporation, a leading mobile security software company. He personally holds several patents in the anti-virus and infosec fields. In addition to numerous radio and television appearances, he is a popular speaker at technology and network security conferences. He has co-authored four bestselling security books, two of them as lead author, including Maximum Wireless Security, Windows .Net Server Security Handbook, and Windows Internet Security.

View Cyrus Peikari's full profile page.
Anton Chuvakin

Dr. Cyrus Peikari is currently the Chief Technical Officer of Airscanner Corporation, a leading mobile security software company. He personally holds several patents in the anti-virus and infosec fields. In addition to numerous radio and television appearances, he is a popular speaker at technology and network security conferences. He has co-authored four bestselling security books, two of them as lead author, including Maximum Wireless Security, Windows .Net Server Security Handbook, and Windows Internet Security.

View Anton Chuvakin's full profile page.

Colophon

Our look is the result of reader comments, our own experimentation, and feedback from distribution channels. Distinctive covers complement our distinctive approach to technical topics, breathing personality and life into potentially dry subjects. The image on the cover of Security Warrior is a group of Sumo wrestlers. Sumo is the traditional national sport of Japan. An origin myth about Japan tells how the god Take-Mikazuchi won dominion over the Japanese islands in a Sumo match. Since then, Sumo wrestling has been an integral part of ancient religious ceremonies and was an important entertainment for the Imperial Court in the 1600s, when it became a professional sport. Sumo is one of the oldest martial arts; Judo and Jujitsu derive throws and techniques from Sumo wrestling. It continues to gain international popularity.

Before a match, the athletes march in procession around the ring wearing heavy ceremonial skirts embroidered with their symbols. Their hair is traditionally worn in a topknot (theoretically to protect their heads in a fall). Salt and sake is placed at the center of the ring to purify it, and the match is blessed by a priest. The contest pits two fighters, clad in thick silk belts, against each other in a ring (dohyo). Their object is to force an opponent out of the ring, or force him to touch the ground with any part of his body (the soles of the feet don't count). As with any challenging sport, Sumo wrestling involves strict focus and mental toughness. The competitors begin bouts by trying to intimidate their opponents: stomping their feet and staring each other down. Then they use different body throws, shoving, slapping, and tripping to push their opponent off-balance. Hair-pulling, punching, kicking, and gouging are not allowed. The bouts are brief and intense, often no more than a few seconds. It's unusual for a bout to last two or three minutes.

There are six Grand Sumo tournaments (basho) a year. The athletes, who live and train together, are ranked by merit: winners gain acclaim and financial rewards, and losers drop in rank. The pinnacle of Sumo wrestling is the Grand Champion, or Yokozuna. Once a wrestler reaches this rank, it cannot be taken away. Colleen Gorman was the production editor and copyeditor for Security Warrior. Rachel Wheeler was the proofreader. Mary Brady, Jamie Peppard, and Mary Agner provided production support. Emily Quill and Sarah Sherman provided quality control. John Bickelhaupt wrote the index.

Emma Colby designed the cover of this book, based on a series design by Edie Freedman. The cover image is a 19th-century engraving from the Men Pictorial Archive. Emma Colby produced the cover layout with QuarkXPress 4.1 using Adobe's ITC Garamond font.

David Futato designed the interior layout. This book was converted by Julie Hawks to FrameMaker 5.5.6 with a format conversion tool created by Erik Ray, Jason McIntosh, Neil Walls, and Mike Sierra that uses Perl and XML technologies. The text font is Linotype Birka; the heading font is Adobe Myriad Condensed; and the code font is LucasFont's TheSans Mono Condensed. The illustrations that appear in the book were produced by Robert Romano and Jessamyn Read using Macromedia FreeHand 9 and Adobe Photoshop 6. The tip and warning icons were drawn by Christopher Bing. This colophon was written by Colleen Gorman.

Description

Table of Contents

Product Details

About the Author

Colophon

Recommended for You

Recently Viewed

Amazon Hacks

100 Industrial-Strength Tips & Tools

By Paul Bausch

August 2003

Print: $24.95

Head First Servlets and JSP

Passing the Sun Certified Web Component Developer Exam

By Bryan Basham, Kathy Sierra, Bert Bates

August 2004

Ebook: $30.99

Office 2003 XML

Integrating Office with the Rest of the World

By Evan Lenz, Mary McRae, Simon St. Laurent

May 2004

Print: $44.99

Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews

oreilly Security Warrior

4.4

(based on 5 reviews)

Reviews

Reviewed by 5 customers

Sort by

Displaying reviews 1-5

5/21/2009

5.0

Very good book for pros and students

By jdruin

from Undisclosed

Comments about oreilly Security Warrior:

This book is similar in material to "Hacking: The Art of Exploitation" in that it covers exploitation hacks (reverse engineering, overflows, etc), networking hacks, authentication hacks, and ways to defend. The amount of information in one book is very good. This book covers a wide range of topic but also goes into depth on each area. For example, both wired and wireless topics are explored, client and server, web protocol, sql injection, IDS, forensics, and assembly language based hacks. This is a great book for students and security professionals. The knowledge itself is valuable plus the book is a good value due to its completeness.

6/6/2008

4.0

Good introductory security book

By Jason

from Undisclosed

Comments about oreilly Security Warrior:

This is one of my favorite security books from O'Reilly, primarily for the first four chapters which are dedicated to reverse engineering software. While there are a few texts out there that are dedicated to the subject and go into almost painful detail, this book is great for someone who is new to the skill. The other chapter that I was happy to see was chapter twenty-two which covers forensics and anti-forensics. While the coverage on anti-forensics was a bit light, it was great to actually see it included. I would e very interested to see (perhaps write?) a full book on this from O'Reilly sometime in the future, particularly given some of the attack methods on full disk encryption coming out of Princeton as of late.

Overall, a great tome on security with a good body of solid and applicable information. I'm hoping to see an updated edition.

12/16/2004

4.0

NLUG: Book Review - Security Warrior by Cyrus Peikari & Anton Chuvakin

By James Ko, CISSP

from Undisclosed

Comments about oreilly Security Warrior:

I enjoyed reading the Assembler and the reverse engineering section of the book. I didn't realize there are so many variants of x86 Assemblers. I thought it was brilliant to use the CD organizer as an analogy to program stack to explain the buffer overflow problem, The little HackMe challenge dramatizes the whole buffer overflow issue. It really sticks into reader's mind about how vulnerable our software industry stands today. However, I feel it fall short on the networking section, where the authors could have spent more time on explaining these evil hacking tools. There were no examples on how to use hping, for example. As far as I know, there are lot more evil packet injection tools out there worth mentioning, such as Nemesis, libnet, hping and packit. I was somewhat disappointed given that the authors said in the beginning (preface)this is an advanced security book that I would expect more on the networking side. However, on the positive note, the Log Analysis section is very valuable to system administrators because it provides a lot of good information. There is not a lot of literature out there spend time on explaining what log is, or what is being captured. In fact, log analysis is gaining popularity because it is used for security forensics where security professional tries to piece the evidence together. All in all, this is a very useful book for those who wants to have a survey of what is involved in the field of security incident handlers and/or intrusion detection.

4/26/2004

4.0

Covers the spectrum well. Good reference.

By Alex Belt from the Columbia Java Users Group

from Undisclosed

Comments about oreilly Security Warrior:

This excellent, well-written book can be an enigma at times. The authors indicate that the material is for someone who has read on the subject before, although there is quite a bit of material geared more towards novices like myself. In other places I was defintely out of my depth, not having enough of a C/*Nix background to fully comprehend the material. The authors cover reverse engineering, network attacks, platform attacks, and defense/intrusion detection methods.

I very much liked the samples and references to existing tools, although they clearly indicate the possible criminal repercussions of using some of these tools/techniques. The samples provide invaluable insight and experience into learning the techniques, and how to thwart them, if it's possible at this time. The intrusion detection/defense material is split between information that would benefit everyone, including home pc users, and techniques more suited to professionals, such as advanced intrusion detection and network defense. This would be a very good second book on the subject, and barring any sudden changes in the security landscape, this book should hold it's value for some time to come.

2/24/2004

5.0

Security Warrior Review

By Ali Rahbar

from Undisclosed

Comments about oreilly Security Warrior:

This is one of the first book that talk about the fundamentals of reverse

engennering.It is true that you can find can all the books subjects on the net but for finding and understanding them you should waste a lot of time and effort (to seek different messageboard and reversers site). This book

has done the hard works for you and you can read everything classified and in great details. I recomend it for everyone interested in security and if you already know all the topic in this book I still recommend you to read this book

for a fast and well organized review.

Displaying reviews 1-5

Save a Tree - Go Digital what is this?

Ebook: $35.99

Formats: APK, DAISY, ePub, Mobi, PDF

Print & Ebook: $49.45

Print: $44.95

Safari Books Online - Read now >

Software Cracking

Chapter 1 Assembly Language

Chapter 2 Windows Reverse Engineering

Chapter 3 Linux Reverse Engineering

Chapter 4 Windows CE Reverse Engineering

Chapter 5 Overflow Attacks

Network Stalking

Chapter 6 TCP/IP Analysis

Chapter 7 Social Engineering

Chapter 8 Reconnaissance

Chapter 9 OS Fingerprinting

Chapter 10 Hiding the Tracks

Platform Attacks

Chapter 11 Unix Defense

Chapter 12 Unix Attacks

Chapter 13 Windows Client Attacks

Chapter 14 Windows Server Attacks

Chapter 15 SOAP XML Web Services Security

Chapter 16 SQL Injection

Chapter 17 Wireless Security

Advanced Defense

Chapter 18 Audit Trail Analysis

Chapter 19 Intrusion Detection Systems

Chapter 20 Honeypots

Chapter 21 Incident Response

Chapter 22 Forensics and Antiforensics

Appendix

Appendix A Useful SoftICE Commands and Breakpoints

Colophon

Cyrus Peikari

Anton Chuvakin

About O'Reilly

Community

More O'Reilly Sites

Partner Sites

Shop O'Reilly