Hacker's Challenge: Test Your Incident Response Skills Using 20 Scenarios (Hacking Exposed) - Tapa blanda

Acerca del autor

Mike Schiffman, CISSP, has been involved in most every technical arena computer security has to offer. He has researched and developed many cutting edge technologies including tools such as firewalk and tracerx as well as the ubiquitously used low-level packet shaping library libnet. Mike has led audit teams through engagements for fortune 500 companies in the banking, automotive and manufacturing industries. He has spoken in front of several institutions and government agencies such as: NSA, CIA, DOD, AFWIC, SAIC, and army intelligence. Mike is the lead author of Hackers Challenge, and has written for numerous technical journals such as Software Magazine and has written articles for securityfocus.com, and authored many security white papers. Currently, Mike is the Director of Security Architecture for @stake, the leading provider of professional security services. Previous to @stake, Mike was the Director of Research and Development for Guardent, Inc.

De la contraportada

"A solve-it-yourself mystery that will draw you in with entertaining, yet realistic scenarios that both challenge and inform you." --Tim Newsham, security research scientist, @stake, Inc.

Malicious hackers are everywhere these days, so how do you keep them out of your networks? This unique volume challenges your forensics and incident response skills with 20 real-world hacks presented by upper-echelon security experts. Important topics are covered, including Denial of Service, wireless technologies, Web attacks, and malicious code. Each challenge includes a detailed explanation of the incident--how the break-in was detected, evidence and possible clues, technical background such as log files and network maps, and a series of questions for you to solve. Then, in Part II, you get a detailed analysis of how the experts solved each incident.

Excerpt from "The Insider":

The Challenge:

Kris, a software company's senior I.T. staffer, got a call from the helpdesk....Users were complaining that the entire contents of their inbox, outbox, and deleted items folders had completely disappeared....The following Monday, Kris found that the entire Exchange database had been deleted....The attacker sent an email from a Yahoo! account taking responsibility for the attacks....The e-mail had been sent from a machine within the victim's network. Kris brought in an external security team who immediately began their investigation...In addition to gathering physical security logs, Microsoft Exchange logs, and virtual private network (VPN) logs they interviewed key people inside the company....

The Solution:

After reviewing the log files included in the challenge, propose your assessment--whendid the deletion of e-mail accounts begin and end, which users were connected to the VPN at the time, and what IP addresses were the users connecting from? Then, turn to the experts' answers to find out what really happened.

Contributing authors include:

Top security professionals from @stake, Foundstone, Guardent, The Honeynet Project, University of Washington, Fortrex Technologies, SecureMac.com, AnchorIS.com, and the National Guard Information Warfare unit.