|Hacking for Dummies|
Thursday, 08 April 2010 09:41
I say this because I’m fairly clued up when it comes to computing systems (with a degree in Software Development – you kind of have to keep abreast of technology and computer technologies). However, I’m happy to say this wasn’t the case with Hacking for Dummies by Kevin Beaver.
The book explains the concept of ethical hacking – where the point is to provide an authorised, legal type of security testing and security penetration. The goal is simple: fix the weaknesses of your system security before criminal hackers can attempt to break into your systems to wreck havoc.
I quite enjoyed the chapter on social engineering attack vectors in the book – as these have become a little more prevalent in mainstream news. It highlights the human and physical elements of security, and that sometimes it’s the people in the organisation and not the systems that form the weakest link an organisations’ security.
Beaver goes through a fairly comprehensive list of applications that have been developed specifically for hacking, and explains how to use each of the tools he lists. He often cites that it’s not always about using tools, but rather using the right tool for the right task – that there is not an all encompassing tool that does everything, but rather a collection of tools that is dedicated in its task.
Application use is often fairly easy to do, with clear instructions in most cases. A lot of the applications listed all run on Windows, although they appear to be mostly ports of popular Linux applications.
The book also contains numerous case studies that pinpoint the weaknesses that other companies have had to deal with, making for interesting reads as well as highlighting the area’s where companies fail.
Ultimately, it’s a good starting point to a subject matter that can be extremely complex. The book not only explains how to attack systems from a vulnerability exploitation level, but also how to harden operating systems to mitigate such attacks – providing an all round information gain for the reader. I would highlight though that before being too critical on the book, one has to remember who its target audience is.
Chapter 1: Introduction to Ethical Hacking?
Chapter 2: Cracking the Hacker Mindset?
Chapter 3: Developing Your Ethical Hacking Plan?
Chapter 4: Hacking Methodology
Chapter 5: Social Engineering?
Chapter 6: Physical Security
Chapter 7: Passwords?
Chapter 8: War Dialing
Chapter 9: Network Infrastructure
Chapter 10: Wireless LANs
Chapter 11: Windows
Chapter 12: Linux?
Chapter 13: Novell NetWare?
Chapter 14: Messaging Systems
Chapter 15: Web Applications?
Chapter 16: Reporting Your Results
Chapter 17: Plugging Security Holes
Chapter 18: Managing Security Changes
Chapter 19: Ten Tops for Getting Upper Management Buy-In
Chapter 20: Ten Deadly Mistakes?
Appendix: Tools and Resources
Add your 2Cents
Newer news items:
Older news items: