Hacking Exposed: Network Security Secrets and Solutions,Third Edition

Quantified Score

Visualization

Abstract

From the Book:FOREWORDvul.ner-a-ble adj. 1. Susceptible to physical or emotional injury. 2. Susceptible to attack: "We are vulnerable both by water and land, without either fleet or army" (Alexander Hamilton). 3. Open to censure or criticism; assailable. 4. Liable to succumb, as to persuasion or temptation.Whether we recognize it or not, when connected to the Internet in our home or office, we are all vulnerable. In fact, connecting to the Internet makes you a member (either willing or unwilling) of a community in which everyone becomes part of an enormous system-one much larger than any individual and where time and distance are almost eliminated. The interconnectivity of the Internet brings all participants in close proximity to each other. Your "neighbor next door" is now a hacker in a foreign country with intent to harm or a young talented kid searching out your vulnerabilities just for kicks.As with every community, not all of its citizens are upstanding members. You can't open a newspaper these days without coming across another sleepy, quiet community that has been rocked by violence or scandal. The same is true for the cyber community of the Internet. In the high-speed, highly connected worldwide Internet community, it's easy to see why some of the most significant negative events happen there and happen with great speed. Even more distressing is the fact that within the Internet community live some very smart people with extraordinary talent and free time who insist on using that talent for evil instead of good.You don't have to look back very far into Internet history to see incredible advances in computer exploitation. Actually, I believe the rate at which vulnerabilities are discovered and exploited far surpasses Moore's Law for computing power advances. Maybe the security community should develop our own law that says: "Attackers on the Internet will eventually find and exploit every vulnerability. The more interesting the target, the faster this will occur." Unfortunately, most people on the Internet believe that they are not interesting targets. This is simply not true. Anyone running a firewall on his or her home PC can see that. It's much faster for me to count the number of countries in the world that have not tried to attach to my home PC than count the ones that have. Every day there are at least a dozen individuals out there that want to know if my computer will talk to them using one of several well known Trojan Horses or vulnerable software applications. Why do these people keep coming back day after day? Simple, they often have success finding and compromising vulnerable computers.Hacking and exploitation used to be the work of relatively few highly skilled experts. Today, ready-made point and click, load and run, compile and execute tools put destructive capability in the hands of almost anyone looking to cause trouble. It wasn't long ago that we were learning about basic p ping and SYN floods as the primary method for denial of service attacks. Soon after, denial of service took a great step forward with distributed attacks co-opting "innocent" UNIX computers. This technique was quickly morphed to work on another platform even more easily exploited, the Windows platforms used by thousands of cable and DSL customers. A great example of accelerated development is in the worm techniques that propagate Trojan Horses without human intervention. Fall 2000 through summer 2001 brought us the Bymer worm, Linux Ramen worm, Lion worm, SADMIND, the Leave worm, and Code Red. Code Red is possibly the most costly automated attack to date with current estimates of damage and clean up exceeding several billion dollars. This "hacking on autopilot" is a huge force multiplier and greatly leverages the attackers available time, increasing the chances of success. For all of the different techniques employed by worms, they all have one thing in common: closing the vulnerabilities that they exploit would have prevented all of the damage done. The vulnerabilities exploited by these worms, and countermeasures for them, are described in the book you are now reading.Security as Market DifferentiatorCompetition within industry is fierce, and increasingly, security is being viewed not only as an enabler of service, but also as a market differentiator. As this trend matures, visible security incidents could significantly impact stock prices as well as spin up the corporate public relations staff. Clearly, threats from Internet attacks will continue to increase, and companies are going to persist in turning to the Internet channel for some or all of their transaction flow. Despite security threats increasing everyday on the Internet, companies continue to expand their use and presence. Why? Because the Internet is a vital business enabler. Consequently, all of these companies must be on guard and ready to deal with the attention they will receive from individuals with malicious intent. While there are many risks to doing business on the Internet, the biggest one is to your company's reputation. Reputation damage from a security breach is one of the fastest ways to erode customer and trading partner trust. A security breach that exposes confidential information, yours or your customers, can be catastrophic to your business. No industry is exempt from its wrath.Even the most security savvy companies will have vulnerabilities on their network and, because of this, must remain diligent to minimize risk. The first step is knowledge and with knowledge comes the opportunity to mature and improve. In your hands, you hold one of the most powerful tools available in the security business to help increase your knowledge. Read it, heed it, and use it. I hold great respect for the authors of this book. I have sought and received excellent advice from them over the years. In Hacking Exposed, they have written "The Book" on vulnerabilities and countermeasures. My hope is that you will use the information here to make your company a safer and more secure place. In the future, companies that have the fewest reputation issues from security problems will be the companies that invest in passionate and talented people, flexible technology to meet constantly changing security threats, and processes that ensure continuous improvement. The companies that don't will most likely make The Wall Street Journal headlines-and not in a positive way.Pete Murphy, 8/4/2001SVP, Vulnerability and Response ManagementBank of AmericaPeter F. Murphy is responsible for the Vulnerability and Response Management team at Bank of America. These responsibilities include the Bank of America Computer Incident Response Team (BACIRT), Intrusion Detection, Vulnerability Assessments, Threat Management, Forensic Investigations, Regional Workarea Recovery Centers, and Network Computing Group Contingency Planning and Testing.Pete has seventeen years experience in systems development, technology auditing, and information security in the banking and finance industry. Pete is a member of the Information Systems Audit and Control Association, holds a Certified Information Systems Auditor certification, participates in the Vulnerability Assessment working group as part of the President's Commission on Critical Infrastructure Protection, and participates in the Network Security Information Exchange (NSIE) as part of the President's National Security Telecommunications Advisory Council (NSTAC).