Hacking: The Next Generation
Publisher: O'Reilly Media
Released: August 2009
Pages: 298

With the advent of rich Internet applications, the explosion of social media, and the increased use of powerful cloud computing infrastructures, a new generation of attackers has added cunning new techniques to its arsenal. For anyone involved in defending an application or a network of systems, Hacking: The Next Generation is one of the few books to identify a variety of emerging attack vectors.

You'll not only find valuable information on new hacks that attempt to exploit technical flaws, you'll also learn how attackers take advantage of individuals via social networking sites, and abuse vulnerabilities in wireless technologies and cloud infrastructures. Written by seasoned Internet security professionals, this book helps you understand the motives and psychology of hackers behind these attacks, enabling you to better prepare and defend against them.

  • Learn how "inside out" techniques can poke holes into protected networks
  • Understand the new wave of "blended threats" that take advantage of multiple application vulnerabilities to steal corporate data
  • Recognize weaknesses in today's powerful cloud infrastructures and how they can be exploited
  • Prevent attacks against the mobile workforce and their devices containing valuable data
  • Be aware of attacks via social networking sites to obtain confidential information from executives and their assistants
  • Get case studies that show how several layers of vulnerabilities can be used to compromise multinational corporations

Table of Contents
Product Details
About the Author
Colophon
Recommended for You
Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews
O'Reilly MediaHacking: The Next Generation
 
4.2

(based on 6 reviews)

Ratings Distribution

  • 5 Stars

     

    (3)

  • 4 Stars

     

    (2)

  • 3 Stars

     

    (0)

  • 2 Stars

     

    (1)

  • 1 Stars

     

    (0)

100%

of respondents would recommend this to a friend.

Pros

  • Well-written (4)
  • Accurate (3)
  • Concise (3)
  • Helpful examples (3)

Cons

    Best Uses

    • Intermediate (5)
      • Reviewer Profile:
      • Developer (4)

    Reviewed by 6 customers

    Sort by

    Displaying reviews 1-6

    Back to top

    (10 of 10 customers found this review helpful)

     
    2.0

    Not as technical as I had expected

    By Andrew

    from Winnipeg, MB

    About Me Developer

    Verified Reviewer

    Pros

    • Easy to understand
    • Well-written

    Cons

    • Too basic

    Best Uses

    • Novice

    Comments about O'Reilly Media Hacking: The Next Generation:

    Although Hacking: The Next Generation did offer an insight into the world of hacking, I felt like I was being told a story rather than learning something new and insightful.

    The main theme of the book seemed to stem from social engineering. This skill is a useful tool in a hackers world, definitely, but I believe that the examples were pandering to his argument and took away from the reality of them. The argument I am referring to could be summed up as "people will trust you with too much information, too easily"; an idea that could be expressed in a paragraph rather than a chapter (and referenced several other times in other chapters).

    The main disappointment is that I am a developer looking for the technical aspects of hacking remote and secure systems but instead was met with extremely basic web development security issues. It was a nice refresher on cross-site scripting and cross-site request forgery, but these are things that I learned within only a few months of web development.

    The strong points of this book are that it is really well written and provides good entertainment value. Also, for those unfamiliar with hacking, this would be a good place to start (although some basic programming comprehension is required for the code examples).

    Although my rating is low, I believe this is only due to my previous experience in programming and security issues and I would still recommend this book to those looking for a foot into the door of the topic of hacking.

    (1 of 22 customers found this review helpful)

     
    4.0

    microsoft sponsored

    By grubert

    from austria

    About Me Developer

    Verified Reviewer

    Pros

    • Interesting although

    Cons

    • See above

    Best Uses

    • Intermediate

    Comments about O'Reilly Media Hacking: The Next Generation:

    not understandable the book calls it
    Safaris Carpet Bomb and not ie7-loads-dlls-from-desktop security backdoor and firefoxurl-application-protocol-handler and not ie7-quoting error (ie7 strips the backslash) and reading about the shellexecute error, this reminds me of stealing passwds 1980 and code-red poking into iis4.

    is there someone lecturing the book besides word spellchecker.

    (3 of 3 customers found this review helpful)

     
    5.0

    Relavent, Timely, Excellent

    By jdruin

    from KY

    About Me Developer

    Verified Reviewer

    Pros

    • Accurate
    • Concise
    • Helpful examples

    Cons

      Best Uses

      • Expert
      • Intermediate
      • Student

      Comments about O'Reilly Media Hacking: The Next Generation:

      Security books tend to have something in common. They usually go over the basic concepts and build up to the more advanced issues. This is certainly a great idea for readers who are just learning, students, or instructors looking for end-to-end information. And the great this about this approach is there are lots of books to cover the basics.

      However, a lot of folks that purchase security books have the basics down. There tend to be many more books to introduce concepts and basics than their are books for experts.

      There are two things that make this book great for pros, expert level, and those needed the most up to date information. The author immediately jumps into the more advanced topics with real-life examples. Also, the topics covered are very timely. A couple of the topics were covered this year at the ISSA Security Conference (Certificate vulns, Current ARP cache poisoning techniques). The books that start from the very basics are definitely needed, but it also good to have a book for those who have to stay current on the trends happening right now.

      Another interesting concept covered was combining multiple attacks to create an end-to-end description of how real-life attacks work. I have seen a few other books that will cover this aspect of attack combining, but most do not.

      Some of the topics covered include cloud computing, ATMs, insiders, FTP, SMTP, phishing, and of course social engineering.

      One thing that would have made the book better would be to have a list of the tools mentioned at the end of each chapter. As I was reading, I had to take notes about each tool and record how that tool was used and what attacks the tools were used with. I would have liked a table at the end of the chapter that listed the tools, the attacks, and the URLs in a summary.

      Overall a must read for those in the industry and computer science students.

      (1 of 2 customers found this review helpful)

       
      5.0

      Well written with good examples

      By indigo196

      from Western, NY

      About Me Sys Admin

      Verified Reviewer

      Pros

      • Accurate
      • Concise
      • Helpful examples
      • Well-written

      Cons

        Best Uses

        • Intermediate

        Comments about O'Reilly Media Hacking: The Next Generation:

        I am always trying to keep on on ways to keep my computing environment safe. This books showed several different scenarios that an attacker might run against my network. The book included examples of tools I could use to 'probe' my weaknesses so I can be more prepared.

        (3 of 3 customers found this review helpful)

         
        5.0

        The Title Says It All

        By WayneMGipson

        from West Point, UT

        About Me Information Security Eng, Sys Admin

        Verified Reviewer

        Pros

        • Accurate
        • Concise
        • Easy to understand
        • Helpful examples
        • Well-written

        Cons

          Best Uses

          • Intermediate
          • Novice
          • Student

          Comments about O'Reilly Media Hacking: The Next Generation:

          This was a very well written book. The authors did a great job of mixing technical and non-technical attack vectors. I felt the flow of the book was very well done, keeping the reader engaged the entire time. The authors gave enough information on each topic to get you started, but did not inundate you with the minute details that can get overwhelming. In many chapters of the book the authors use scenarios to relate the reader to a topic. This method helped me grasp a few of the concepts that may have otherwise taken a second or third read.

          In most of the sections that described technical attack vectors the authors gave links to tools that would help the reader perform that specific attack. Not only is this a great way to help the reader increase their tool set, it allows the reader to put into practice what was just read.

          Chapter 2: Inside-Out-Attacks is an example of how every technical topic should be taught. The authors used scenario based writing mixed with technical details that really help the reader grasp the concept. Again, these are not littered with enough technical detail to understand in-depth how these attacks work, but they will give you a general understanding of each topic.

          Chapter 7: Infiltrating the Phishing Underground was my favorite in the book. The author did a great job of relating how the underground works, how you get in contact with people, and how the act of phishing transpires. I was amazed to read how templates are shared, how they are put in place, and how the phishing crowd feel about each other.

          Chapter 5: Sharing the Cloud with Your Enemy was not really what I expected. I was hoping to hear of some new attack vectors, but didn't seem to get that. It was a great reminder of the risks to companies that use shared resources, and allow other administrators to control those resources, but this all seemed like common knowledge.

          Overall this book was great. The content seemed very fresh, and where it was overlap from previous readings the authors seemed to put a new spin on old ideas. If you are looking for a book that will teach you step by step how to hack a website, or steal some credit cards, this book is not for you. This book is a great overview of multiple attack vectors, giving broad overviews of each one.

          Wayne Gipson, CISSP, CISA

          (1 of 3 customers found this review helpful)

           
          4.0

          What's in a Hackers mind

          By Frank M.

          from Akron, Ohio

          About Me Developer

          Verified Reviewer

          Pros

          • Well-written

          Cons

            Best Uses

            • Intermediate

            Comments about O'Reilly Media Hacking: The Next Generation:

            [...]

            Displaying reviews 1-6

            Back to top

             
            Buy 2 Get 1 Free Free Shipping Guarantee
            Buying Options
            Immediate Access - Go Digital what's this?
            Ebook: $31.99
            Formats:  APK, DAISY, ePub, Mobi, PDF
            Print & Ebook: $43.99
            Print: $39.99