Skip to main content

Hacking For Dummies, 6th Edition

Paperback

$29.99

Hacking For Dummies, 6th Edition

Kevin Beaver

ISBN: 978-1-119-48547-6 July 2018 416 Pages

Description

Stop hackers before they hack you! 

In order to outsmart a would-be hacker, you need to get into the hacker’s mindset. And with this book, thinking like a bad guy has never been easier. In Hacking For Dummies, expert author Kevin Beaver shares his knowledge on penetration testing, vulnerability assessments, security best practices, and every aspect of ethical hacking that is essential in order to stop a hacker in their tracks.

Whether you’re worried about your laptop, smartphone, or desktop computer being compromised, this no-nonsense book helps you learn how to recognize the vulnerabilities in your systems so you can safeguard them more diligently—with confidence and ease.

  • Get up to speed on Windows 10 hacks  
  • Learn about the latest mobile computing hacks
  • Get free testing tools   
  • Find out about new system updates and improvements

There’s no such thing as being too safe—and this resourceful guide helps ensure you’re protected. 

Introduction 1

About This Book 1

Foolish Assumptions 2

Icons Used in This Book 3

Beyond the Book 3

Where to Go from Here 4

Part 1: Building the Foundation for Security Testing 5

Chapter 1: Introduction to Vulnerability and Penetration Testing 7

Straightening Out the Terminology 7

Hacker 8

Malicious user 9

Recognizing How Malicious Attackers Beget Ethical Hackers 10

Vulnerability and penetration testing versus auditing 10

Policy considerations 11

Compliance and regulatory concerns 12

Understanding the Need to Hack Your Own Systems 12

Understanding the Dangers Your Systems Face 14

Nontechnical attacks 14

Network infrastructure attacks 15

Operating system attacks 15

Application and other specialized attacks 15

Following the Security Assessment Principles 16

Working ethically 16

Respecting privacy 17

Not crashing your systems 17

Using the Vulnerability and Penetration Testing Process 18

Formulating your plan 18

Selecting tools 20

Executing the plan 22

Evaluating results 23

Moving on 23

Chapter 2: Cracking the Hacker Mindset 25

What You’re Up Against 25

Who Breaks into Computer Systems 28

Hacker skill levels 28

Hacker motivations 30

Why They Do It 30

Planning and Performing Attacks 33

Maintaining Anonymity 35

Chapter 3: Developing Your Security Testing Plan 37

Establishing Your Goals 37

Determining Which Systems to Test 40

Creating Testing Standards 43

Timing your tests 43

Running specific tests 44

Conducting blind versus knowledge assessments 45

Picking your location 46

Responding to vulnerabilities you find 46

Making silly assumptions 46

Selecting Security Assessment Tools 47

Chapter 4: Hacking Methodology 49

Setting the Stage for Testing 49

Seeing What Others See 51

Scanning Systems 52

Hosts 53

Open ports 53

Determining What’s Running on Open Ports 54

Assessing Vulnerabilities 56

Penetrating the System 58

Part 2: Putting Security Testing in Motion 59

Chapter 5: Information Gathering 61

Gathering Public Information 61

Social media 62

Web search 62

Web crawling 63

Websites 64

Mapping the Network 64

WHOIS 65

Privacy policies 66

Chapter 6: Social Engineering 67

Introducing Social Engineering 67

Starting Your Social Engineering Tests 68

Knowing Why Attackers Use Social Engineering 69

Understanding the Implications 70

Building trust 71

Exploiting the relationship 72

Performing Social Engineering Attacks 74

Determining a goal 75

Seeking information 75

Social Engineering Countermeasures 80

Policies 80

User awareness and training 80

Chapter 7: Physical Security 83

Identifying Basic Physical Security Vulnerabilities 84

Pinpointing Physical Vulnerabilities in Your Office 85

Building infrastructure 85

Utilities 87

Office layout and use 88

Network components and computers 90

Chapter 8: Passwords 95

Understanding Password Vulnerabilities 96

Organizational password vulnerabilities 97

Technical password vulnerabilities 97

Cracking Passwords 98

Cracking passwords the old-fashioned way 99

Cracking passwords with high-tech tools 102

Cracking password-protected files 110

Understanding other ways to crack passwords 112

General Password Cracking Countermeasures 117

Storing passwords 118

Creating password policies 118

Taking other countermeasures 120

Securing Operating Systems 121

Windows 121

Linux and Unix 122

Part 3: Hacking Network Hosts 123

Chapter 9: Network Infrastructure Systems 125

Understanding Network Infrastructure Vulnerabilities 126

Choosing Tools 127

Scanners and analyzers 128

Vulnerability assessment 128

Scanning, Poking, and Prodding the Network 129

Scanning ports 129

Scanning SNMP 135

Grabbing banners 137

Testing firewall rules 138

Analyzing network data 140

The MAC-daddy attack 147

Testing denial of service attacks 152

Detecting Common Router, Switch, and Firewall Weaknesses 155

Finding unsecured interfaces 155

Uncovering issues with SSL and TLS 156

Putting Up General Network Defenses 156

Chapter 10: Wireless Networks 159

Understanding the Implications of Wireless Network Vulnerabilities 159

Choosing Your Tools 160

Discovering Wireless Networks 162

Checking for worldwide recognition 162

Scanning your local airwaves 163

Discovering Wireless Network Attacks and Taking Countermeasures 165

Encrypted traffic 167

Countermeasures against encrypted traffic attacks 170

Wi-Fi Protected Setup 172

Countermeasures against the WPS PIN flaw 175

Rogue wireless devices 175

Countermeasures against rogue wireless devices 179

MAC spoofing 179

Countermeasures against MAC spoofing 183

Physical security problems 183

Countermeasures against physical security problems 184

Vulnerable wireless workstations 185

Countermeasures against vulnerable wireless workstations 185

Default configuration settings 185

Countermeasures against default configuration settings exploits 186

Chapter 11: Mobile Devices 187

Sizing Up Mobile Vulnerabilities 187

Cracking Laptop Passwords 188

Choosing your tools 188

Applying countermeasures 193

Cracking Phones and Tablets 193

Cracking iOS passwords 194

Taking countermeasures against password cracking 197

Part 4: Hacking Operating Systems 199

Chapter 12: Windows 201

Introducing Windows Vulnerabilities 202

Choosing Tools 203

Free Microsoft tools 203

All-in-one assessment tools 204

Task-specific tools 204

Gathering Information About Your Windows Vulnerabilities 205

System scanning 205

NetBIOS 208

Detecting Null Sessions 210

Mapping 211

Gleaning information 212

Countermeasures against null-session hacks 214

Checking Share Permissions 215

Windows defaults 216

Testing 216

Exploiting Missing Patches 217

Using Metasploit 220

Countermeasures against missing patch vulnerability exploits 224

Running Authenticated Scans 225

Chapter 13: Linux and macOS 227

Understanding Linux Vulnerabilities 228

Choosing Tools 229

Gathering Information About Your System Vulnerabilities 229

System scanning 229

Countermeasures against system scanning 233

Finding Unneeded and Unsecured Services 234

Searches 234

Countermeasures against attacks on unneeded services 236

Securing the rhosts and hosts.equiv Files 238

Hacks using the hosts.equiv and rhosts files 239

Countermeasures against rhosts and hosts.equiv file attacks 240

Assessing the Security of NFS 241

NFS hacks 241

Countermeasures against NFS attacks 242

Checking File Permissions 242

File permission hacks 243

Countermeasures against file permission attacks 243

Finding Buffer Overflow Vulnerabilities 244

Attacks 244

Countermeasures against buffer overflow attacks 245

Checking Physical Security 245

Physical security hacks 245

Countermeasures against physical security attacks 245

Performing General Security Tests 246

Patching 248

Distribution updates 248

Multiplatform update managers 249

Part 5: Hacking Applications 251

Chapter 14: Communication and Messaging Systems 253

Introducing Messaging System Vulnerabilities 253

Recognizing and Countering Email Attacks 254

Email bombs 255

Banners 258

SMTP attacks 260

General best practices for minimizing email security risks 269

Understanding VoIP 270

VoIP vulnerabilities 271

Countermeasures against VoIP vulnerabilities 275

Chapter 15: Web Applications and Mobile Apps 277

Choosing Your Web Security Testing Tools 278

Seeking Out Web Vulnerabilities 279

Directory traversal 279

Countermeasures against directory traversals 283

Input-filtering attacks 283

Countermeasures against input attacks 290

Default script attacks 291

Countermeasures against default script attacks 293

Unsecured login mechanisms 293

Countermeasures against unsecured login systems 297

Performing general security scans for web application vulnerabilities 297

Minimizing Web Security Risks 298

Practicing security by obscurity 299

Putting up firewalls 300

Analyzing source code 300

Uncovering Mobile App Flaws 301

Chapter 16: Databases and Storage Systems 303

Diving Into Databases 303

Choosing tools 304

Finding databases on the network 304

Cracking database passwords 305

Scanning databases for vulnerabilities 306

Following Best Practices for Minimizing Database Security Risks 307

Opening Up About Storage Systems 308

Choosing tools 309

Finding storage systems on the network 309

Rooting out sensitive text in network files 310

Following Best Practices for Minimizing Storage Security Risks 312

Part 6: Security Testing Aftermath 315

Chapter 17: Reporting Your Results 317

Pulling the Results Together 317

Prioritizing Vulnerabilities 319

Creating Reports 321

Chapter 18: Plugging Your Security Holes 323

Turning Your Reports into Action 323

Patching for Perfection 324

Patch management 325

Patch automation 325

Hardening Your Systems 326

Assessing Your Security Infrastructure 328

Chapter 19: Managing Security Processes 331

Automating the Security Assessment Process 331

Monitoring Malicious Use 332

Outsourcing Security Assessments 334

Instilling a Security-Aware Mindset 336

Keeping Up with Other Security Efforts 337

Part 7: The Part of Tens 339

Chapter 20: Ten Tips for Getting Security Buy-In 341

Cultivate an Ally and a Sponsor 341

Don’t Be a FUDdy-Duddy 342

Demonstrate That the Organization Can’t Afford to Be Hacked 342

Outline the General Benefits of Security Testing 343

Show How Security Testing Specifically Helps the Organization 344

Get Involved in the Business 344

Establish Your Credibility 345

Speak on Management’s Level 345

Show Value in Your Efforts 346

Be Flexible and Adaptable 346

Chapter 21: Ten Reasons Hacking Is the Only Effective Way to Test 347

The Bad Guys Think Bad Thoughts, Use Good Tools, and Develop New Methods 347

IT Governance and Compliance Are More Than High-Level Checklist Audits 348

Vulnerability and Penetration Testing Complements Audits and Security Evaluations 348

Customers and Partners Will Ask How Secure Your Systems Are 348

The Law of Averages Works Against Businesses 349

Security Assessments Improve Understanding of Business Threats 349

If a Breach Occurs, You Have Something to Fall Back On 349

In-Depth Testing Brings Out the Worst in Your Systems 350

Combined Vulnerability and Penetration Testing Is What You Need 350

Proper Testing Can Uncover Overlooked Weaknesses 350

Chapter 22: Ten Deadly Mistakes 351

Not Getting Approval 351

Assuming That You Can Find All Vulnerabilities 352

Assuming That You Can Eliminate All Vulnerabilities 352

Performing Tests Only Once 353

Thinking That You Know It All 353

Running Your Tests Without Looking at Things from a Hacker’s Viewpoint 353

Not Testing the Right Systems 354

Not Using the Right Tools 354

Pounding Production Systems at the Wrong Time 354

Outsourcing Testing and Not Staying Involved 355

Appendix: Tools and Resources 357

Index 375