How they do it, so you can stop them
Book review Sometimes it just pays to think bad thoughts. And, sometimes, it might even be a good idea to act on those bad thoughts. No, that doesn't mean you go out and shoot your boss. It does mean thinking bad thoughts about security. It means thinking like a hacker (no, not that sort of hacker, the sort that attacks your software/server/system).
We all know that security shouldn't be an afterthought when it comes to system design and development, but unless you know how a hacker attempts to crack a system how can you code for it?
The Anti-Hacker Toolkit isn't really designed for developers as such. It's a book that's aimed at those who need to defend rather than offend, which in practice means system admins, security personnel, web developers and so on. It takes the view that the best way of defending against attacks is to understand how attacks take place - what tools and techniques are likely to be used to launch attacks? And just what are the different types of attacks?
As suggested by the title, the book is a complete toolkit (with the individual tools included on the attached CD). It covers in some detail a very wide range of tools and utilities, with detailed instructions on how to use them, what the different options are and common usage scenarios.
The tools are organised by type: multi-function tools (including complete environments, such as VMware); server audit tools (from basic port scanners through to brute force password cracking, server hardening, backdoors and root kits); network auditing and defence (starting at the firewall and moving on to network reconnaissance, port redirectors, sniffers, wireless tools etc) and, finally, a section on incident response and computer forensics.
As you would expect from a book devoted to tools, the focus on the book is decidedly practical. That's not to say that it's just a glorified all-in-one manual for the tools that are covered. It's the material on usage that makes the book valuable, it shows how the tools can be used to attack (or seek out vulnerabilities in) networks and servers.
The book is fairly agnostic as to operating system, and there's coverage of Unix, Linux and Windows tools and systems. A willingness to dive to the command line is pretty much compulsory for all systems, however. Given the cross-platform nature of the beast, the authors recommend cygwin as a way of getting a Linux-like environment under Windows. The attached CD also includes a copy of Gnoppix, which is a CD-bootable Linux distribution that uses the Gnome desktop. It enables a Windows user to reboot into Linux and to access the security tools that come as standard with that operating system.
To be clear, this isn't a book about IT security as an abstract concept - and there are no chapters devoted to attempting to understand what drives hacking as a subculture, for example - it's a book devoted to the most useful of the tools and utilities used by hackers.
Title: Anti-Hacker Toolkit, 3rd edition
Verdict: If you want to get to grips with the tools of the hacking trade, then this is a great place to do it.
Author: Mike Shema, Chris Davis, Aaron Philipp, David Cowen
Publisher: Osborne McGraw-Hill
Buy this book at Cash 'n' Carrion. ®