Hacker's Challenge 3: 20 Brand New Forensic Scenarios &Amp; Solutions (V. 3): 20 Brand New Forensic Scenarios & Solutions (NETWORKING & COMM - OMG) - Softcover

Über die Autorinnen und Autoren

David Pollino (Walnut Creek, CA) is a senior security consultant at @stake, Inc. He has extensive networking experience including working for a tier 1 ISP architecting and deploying secure networks for Fortune 500 companies. David leads the @stake Center of Excellence focusing on wireless technologies such as 802.11x, WAP and GPRS. Recent projects include helping design and oversee the security architecture for a large European ASP and assisting with the security architecture for a wireless provider.

Bill Pennington, (CISSP), is a Principal Security Consultant with Guardent Inc. Bill has five years of professional experience in information security, ten in information technology. He is familiar with Linux, Solaris, Windows, and OpenBSD, and is a Certified Information Security Systems Practitioner, Certified Cisco Network Administrator (CCNA), Certified Internet Security Specialist (CISS), and a Microsoft Certified Product Specialist, Windows NT 4.0. He has broad experience in computer forensics, installing and maintaining VPNs, Cisco Pix firewalls, IDS, and in monitoring systems. Bill was a contributing author to several chapters of the original Hacker’s Challenge.

Himanshu Dwivedi is a co-founder of iSEC Partners (www.isecpartners.com), an information security firm specializing in application security. At iSEC, Himanshu manages the firm’s product development efforts and co-manages the sales and marketing programs. Himanshu is also a renowned industry author with six security books published, including Mobile Application Security (McGraw Hill/Osborne), Hacking VoIP (No Starch Press), Hacking Exposed: Web 2.0 (McGraw Hill/Osborne), Hacker’s Challenge 3 (McGraw Hill/Osborne), Securing Storage (Addison Wesley), and Implementing SSH (Wiley). In addition to the books, Himanshu also has a patent pending on Fibre Channel security. Before starting iSEC Partners, Himanshu was the Regional Technical Director at @stake, Inc.

Von der hinteren Coverseite

The stories about phishing attacks against banks are so true-to-life, it’s chilling.” --Joel Dubin, CISSP, Microsoft MVP in Security

Every day, hackers are devising new ways to break into your network. Do you have what it takes to stop them? Find out in Hacker’s Challenge 3. Inside, top-tier security experts offer 20 brand-new, real-world network security incidents to test your computer forensics and response skills. All the latest hot-button topics are covered, including phishing and pharming scams, internal corporate hacking, Cisco IOS, wireless, iSCSI storage, VoIP, Windows, Mac OS X, and UNIX/Linux hacks, and much more. Each challenge includes a detailed explanation of the incident--how the break-in was detected, evidence and clues, technical background such as log files and network maps, and a series of questions for you to solve. In Part II, you’ll get a detailed analysis of how the experts solved each incident.

Exerpt from “Big Bait, Big Phish”:

The Challenge: “Could you find out what’s going on with the gobi web server? Customer order e-mails aren’t being sent out, and the thing’s chugging under a big load…” Rob e-mailed the development team reminding them not to send marketing e-mails from the gobi web server…. “Customer service is worried about some issue with tons of disputed false orders….” Rob noticed a suspicious pattern with the “false” orders: they were all being delivered to the same P.O. box…He decided to investigate the access logs. An external JavaScript file being referenced seemed especially strange, so he tested to see if he could access it himself…. The attacker was manipulating the link parameter of the login.pl application. Rob needed to see the server side script that generated the login.pl page to determine the purpose….

The Solution: After reviewing the log files included in the challenge, propose your assessment: What is the significance of the attacker’s JavaScript file? What was an early clue that Rob missed that might have alerted him to something being amiss? What are some different ways the attacker could have delivered the payload? Who is this attack ultimately targeted against? Then, turn to the experts' answers to find out what really happened.