Hack the Stack (Paperback)

1 ? Extending OSI to Network Security (20 pp) 2 - Layer 1 ? Physical layer (30 pp) Introduction Perimeter security Facility security Device security Identification and authentication Biometrics Attacking physical security Lock picks Wiretapping and Scanners Hardware hacking Layer 1 security project ? Building a one-way data reception cable Summary 3 - Layer 2 - Data Link layer (40 pp) Introduction The Ethernet Frame structure Understanding MAC addressing Understanding PPP and SLIP How a protocol analyzer works Attacking the Data Link Layer Passive versus active sniffing Sniffing Wireless (Wireless basics) Wireless vulnerabilities Defending the Data Link Layer Defenses against active sniffing Detecting promiscuous devices Security in switches Layer 2 security project ? Using Auditor to crack WEP Summary 4 ? Layer 3 ? Network layer (40 pp) Introduction The IP packet structure Attacking the network layer IP Attacks Fragmentation Analyzing an IPID scan The ICMP packet structure Attacking ICMP Smurf Redirects Analyzing the ARP Process Attacking ARP ARP Poisoning Defending the Network Layer Securing IP, ICMP, and ARP Layer 3 security project ? Fragmenting traffic to bypass an IDS Summary 5 ? Layer 4 ? Transport layer (40 pp) Introduction The TCP packet structure Attacking TCP TCP port scanning Advanced port scanning tools Watching Amap in action Using Snort to identify a port scans The UDP datagram Attacking UDP Defending the Transport Layer Watching TLS/SSL Amap and SSL Layer 4 security project ? Building a Snort system Summary 6 ? Layer 5 ? Session layer (40 pp) Introduction Attacking the Session Layer Session hijacking ettercap Observing a SYN attack Sniffing usernames and passwords during a session setup Establishing a session Lophtcrack Dsniff Using ettercap and Hunt Defending the Session Layer Port knocking Layer 5 security project - Building Snort filters to capture malicious traffic Summary 7 ? Layer 6 ? Presentation layer (40 pp) Introduction An analysis of the NetBIOS and SMB Attacking the Presentation layer NetBIOS and enumeration Sniffing Kerberos Using BurpProxy to intercept traffic Cracking weak encryption Defending the Presentation Layer Encryption Adding confidentiality and integrity with IPSec Protecting email with S-MIME Layer 6 security project ? Cracking passwords and other encryption schemes Summary 8 ? Layer 7 ? Application layer (40 pp) Introduction The structure of FTP Analyzing DNS and its weaknesses Other insecure applications Attacking the Application layer Web Applications Cross site scripting DNS Spoofing and pharming Buffer Overflow attacks Using Snort to detect a buffer overflow attack Reverse engineering code Using the Exploitation Framework Metasploit Defending the Application Layer SSH PGP Vulnerability scanners Nessus Layer 7 security project ? Using Nessus to secure the stack Summary 9 ? Layer 8 ? The People layer (35 pp) Introduction Attacking the People Layer Social Engineering Person to person and remote attacks Fun with Caller ID spoofing Defending the People Layer Policies, procedures, and guidelines Regulatory Requirements SOX / HIPAA / California law / PIPDA, etc. Making the case for stronger security Building a better stack Layer 8 security project ? Building an orange box Summary 10 - Appendix A (12 pp) Risk Mitigation ? Securing the Stack Tying the layers together Defense in depth