Authors: Stacy Prowell, Rob Kraus and Mike Borkin
Part of Syngress’ “The Seven Deadliest Attack Series”, this book introduces the reader to the anatomy of attacks aimed at networks: DoS, MiTM, war dialing, penetration testing, protocol tunneling, password replay and spanning tree attacks.
About the authors
Stacy Prowell is a senior member of the CERT technical staff, and chief scientist of STAR*Lab. He is an expert in the function-theoretic foundations of software, and is currently conducting research and development for function extraction technology.
Rob Kraus is a Senior Security Consultant for Solutionary. His areas of expertise include penetration testing, social engineering, wireless and VoIP penetration testing and vulnerability research.
Mike Borkin is an author and speaker in the area of IT security where he focuses on data protection strategies, Microsoft security and security architecture/engineering best practices.
Inside the book
The book starts with a chapter on a very prominent type of attack – Denial of Service. Often used for political purposes – whether is to aid war efforts, attract attention to a particular situation or crash websites belonging to various organization – it can also be used to discredit and hurt businesses, especially those that depend heavily on the Internet. In this day and age when anyone can hire a botnet to effectuate such an attack, it is imperative to learn what can be done to stop it – or, at least, mitigate its consequences.
War dialing attacks are not as famous as DoS ones, but can used effectively to gain complete access to otherwise secured network resources. See which tools are commonly used and how to configure your modems and harden your system in order to block such attacks.
Penetration testing is a type of attack often used by security experts to test networks in order to discover possible cracks and holes that would allow intruders to slip in. In this chapter, you will find out about pentesting tools such as Nessus or Metasploit, and how they can be used effectively both by security professionals and hackers.
Protocol tunneling is addressed shortly in Chapter 4, and Chapter 5 deals with spanning tree attacks, which take advantage of the protocol that prevents data from getting stuck in a loop and crashing the network. Combining this last type with another attack such as Man-in-the-Middle (discussed in the next chapter), an attacker can easily steal data.
The last attack discussed in the book is the password replay, which was so successfully used in the TJX breach in 2006 to crack the WEP encryption of the wireless network.
Each chapter starts with an explanation how the attack works and the danger it presents, continues by presenting defense strategies, and ends by addressing likely future variations of the attack and a short summary.
Attacks may and will change, but the principles, assumptions and practices being used will likely remain the same for quite some time, and the authors did a good job explaining them. And that is the real value of this book.