01_05235x ffirs.qxp 9/25/06 9:47 PM Page i Hacking FOR DUMmIES‰ 2ND EDITION by Kevin Beaver Foreword by Stuart McClure 02_05235x ftoc.qxp 9/25/06 10:09 PM Page viii 01_05235x ffirs.qxp 9/25/06 9:47 PM Page i Hacking FOR DUMmIES‰ 2ND EDITION by Kevin Beaver Foreword by Stuart McClure 01_05235x ffirs.qxp 9/25/06 9:47 PM Page ii Hacking For Dummies®, 2nd Edition Published by Wiley Publishing, Inc. 111 River Street Hoboken, NJ 07030-5774 www.wiley.com Copyright © 2007 by Wiley Publishing, Inc., Indianapolis, Indiana Published by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permit- ted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions. Trademarks: Wiley, the Wiley Publishing logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book. LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REP- RESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY MAY BE CRE- ATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND STRATEGIES CON- TAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR A POTENTIAL SOURCE OF FUR- THER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ. FULFILLMENT OF EACH COUPON OFFER IS THE SOLE RESPONSIBILITY OF THE OFFEROR. For general information on our other products and services, please contact our Customer Care Department within the U.S. at 800-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002. For technical support, please visit www.wiley.com/techsupport. Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books. Library of Congress Control Number: 2006932690 ISBN-13: 978-0-470-05235-8 ISBN-10: 0-470-05235-X Manufactured in the United States of America 10 9 8 7 6 5 4 3 2 1 2B/RS/RQ/QW/IN 01_05235x ffirs.qxp 9/25/06 9:47 PM Page iii About the Author Kevin Beaver is an independent information security consultant, speaker, and expert witness with Atlanta-based Principle Logic, LLC. He has two decades of experience and specializes in performing information security assessments for Fortune 500 corporations, security product vendors, independent soft- ware developers, government agencies, nonprofit organizations, and small businesses — basically any size organization that takes security seriously. Before starting his information security consulting practice over six years ago, Kevin served in various information technology and security roles for several healthcare, e-commerce, financial, and educational institutions. Kevin has authored or co-authored six information security books, including Hacking Wireless Networks For Dummies (Wiley), Securing the Mobile Enterprise For Dummies (Wiley), The Definitive Guide to Email Management and Security (Realtimepublishers.com), and The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). In addition to his books, Kevin writes and produces practical information security advice called Security on Wheels™ — podcast-centric content for security professionals on the go. He is also a regu- lar columnist and information security advisor for various Web sites, including SearchWindowsSecurity.com, SearchSQLServer.com, and SearchStorage.com. Kevin’s information security articles have also been published in Information Security Magazine and CSI’s Computer Security ALERT newsletter, and he has been quoted in numerous technical and business magazines and newspapers nationwide. He is consistently a top-rated speaker on information security at various conferences, such as the RSA Conference, CSI Computer Security Conference and Exhibition, Novell BrainShare, Institute of Internal Auditors’ IT Conference, SecureWorld Expo, and the Cybercrime Summit. Kevin earned his bachelor’s degree in Computer Engineering Technology from Southern Polytechnic State University and his master’s degree in Management of Technology from Georgia Tech. He also holds CISSP, MCSE, Master CNE, and IT Project+ certifications. Kevin can be reached through his Web sites at www.principlelogic.com and www.securityonwheels.com. 01_05235x ffirs.qxp 9/25/06 9:47 PM Page iv Dedication For little Mary-Anderson. You’re a miraculous inspiration. Author’s Acknowledgments First, I’d like to thank Melody Layne, my acquisitions editor at Wiley, for originally contacting me with this book idea and providing me this great opportunity, again. I’d like to thank my project editor, Jean Rogers. You’ve been more than a plea- sure to work with. I’d also like to thank Andy Hollandbeck, my copy editor, for keeping my focus (and English) in line. Also, many thanks to my technical editor, business colleague, and co-author of Hacking Wireless Networks For Dummies, Peter T. Davis. Again, I’m honored to be working with you on this project. Thanks to Ira Winkler, Jack Wiles, Philippe Oechslin, David Rhoades, Laura Chappell, Matt Caldwell, Thomas Akin, Ed Skoudis, and Caleb Sima for your original case study contributions and for advancing the field of information security. Much gratitude to Kim Dinerman and Tracy Simmons with SPI Dynamics; Tom Speros with Application Security; Chia-Chee Kuan with AirMagnet; Ronnie Holland with WildPackets; Vladimir Katalov with Elcomsoft; Tony Haywood and Matt Foster with Karalon; Victoria Muscat Inglott with GFI Software; Stu Sjouwerman, Alex Eckelberry, and Wendy Ivanoff with Sunbelt Software; Tamara Borg with Acunetix; Jeff Cassidy with Core Security Technologies; Kyle Lai with KLC Consulting; Jim Taylor with NGSSoftware; Mickey Denny with Northwest Performance Software; David Vest with Mythicsoft; Thiago Zaninotti and Sabrina Martins with N-Stalker; Mike Andrews and Chris Neppes with Port80 Software; G.C. with RainbowCrack-Online.com; Sybil Shearin and James Van Bokkelen with Sandstorm Enterprises; Stefan Fleischmann with X-Ways Software Technology; Michael Berg with TamoSoft; Terry Ingoldsby with Amenaza Technologies; Chris Gaither with Qualys; and Steve Erbst, Bill Paul, Brian de Haaff, and Chris Andrews with Network Chemistry for responding to all my requests. Much gratitude to all the others I forgot to mention as well! Mega thanks to Queensrÿche, Rush, and Triumph for your energizing sounds and inspirational words. You guys move a lot of souls. 01_05235x ffirs.qxp 9/25/06 9:47 PM Page v Thanks to Neal Boortz for educating and informing me and so many others about the world we live in. I’m glad that somebody’s saying it! You keep me motivated as an entrepreneur and small business owner. Thanks for that real estate tip too. Keep it coming! Thanks to Brian Tracy for your immeasurable insight and guidance it takes to be a better person. I can’t imagine that you truly know the depth of your help and value of your contributions. Finally, I want to send out many thanks and much appreciation to my clients for hiring me, a “no-name-brand” consultant, and keeping me around for the long term. I wouldn’t be here without your willingness to break out of the mold and your ongoing support. 01_05235x ffirs.qxp 9/25/06 9:47 PM Page vi Publisher’s Acknowledgments We’re proud of this book; please send us your comments through our online registration form located at www.dummies.com/register/. Some of the people who helped bring this book to market include the following: Acquisitions, Editorial, and Composition Services Media Development Project Coordinator: Adrienne Martinez Associate Project Editor: Jean Rogers Layout and Graphics: Claudia Bell, Carl Byers, (Previous Edition: Pat O’Brien) Joyce Haughey, Stephanie D. Jumper, Acquisitions Editor: Melody Layne Barbara Moore, Barry Offringa, Alicia South, Ronald Terry Copy Editor: Andy Hollandbeck Proofreaders: John Greenough, Technical Editor: Peter T. Davis Christine Pingleton, Techbooks Editorial Manager: Kevin Kirschner Indexer: Techbooks Media Development Specialists: Anniversary Logo Design: Richard Pacifico Angela Denny, Kate Jenkins, Steven Kudirka, Kit Malone Special Help Mary Lagu Media Development Coordinator: Laura Atkinson Media Project Supervisor: Laura Moss Media Development Manager: Laura VanWinkle Media Development Associate Producer: Richard Graves Editorial Assistant: Amanda Foxworth Sr.
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages411 Page
-
File Size-