Know Your Enemy - Advanced Security Techniques

Category: Books
Reading time: 2 minutes


Cyrus Peikari & Anton Chuvakin
July 2004
ISBN: 3-89721-376-1kdfeind.gif

Both system administrators and users are increasingly concerned about the security of their systems, and rightly so. The attacks get more subtle and cunning with each new Internet worm and security hole found.

What's the worst that attackers can do to you?
This is exactly what Know Your Enemy conveys.
Based on the principle that a good defense knows the attackers' methods down to the last detail, this book uncovers sophisticated attack methods and describes innovative defense techniques.

Topics covered include:

  • Reverse Code Engineering (RCE)
  • Buffer overflow attacks
  • Social engineering and reconnaissance
  • Operating system fingerprinting
  • Sophisticated attacks against Unix and Windows systems
  • SQL injection
  • WLAN security
  • Intrusion Detection Systems (IDS)
  • honey pot
  • Incident Response
  • Computer forensics and anti-forensics

Know Your Enemy puts a special emphasis on reverse engineering binary software.
Reverse engineering is an important practice for administrators who need to be aware of possible malware on their machines: Trojans, innocent-looking spyware, etc. This is the first book to cover reverse engineering not only for Windows but also for Linux and Windows CE .

Know Your Enemy is a comprehensive book on the art of self-defense in computer networks. If you are on the front lines defending your network or website against attackers, this book can save you some painful experience.

The book is divided into four parts:

Part 1. Software cracking
Reverse engineering / reverse code engineering (RCE) for Windows, Linux and embedded platforms as well as Windows Mobile platforms.

Part 2. Network attacks
Security aspects of TCP / IP, fragmentation attacks. Social engineering, network reconnaissance, operating system fingerprinting and techniques for covering the tracks.

Part 3. Platform attacks
Differences and basics of attacks on UNIX and Windows. As well as vulnerabilities in wireless systems, including WLANs and embedded malware.

Part 4. Advanced Defense
Inspection trace analysis, intrusion detection systems. Construction of a honey pot system. Incident Response as well as Forensics and Antiforensics.

Attachment:
The appendix contains a list of useful SoftICE commands and breakpoints.


For an insight into the book, a 26-page sample chapter (PDF) is available on the subject of "Windows Reverse Engineering".
To the rehearsal chapter

CONCLUSION:

This book is intended for advanced users who have experience in security issues and who are familiar with networks and programming languages. With "Know Your Enemy" it is possible to penetrate very deeply into the protection of networks. As the book title suggests, if you know your enemy and his techniques, you have a good chance of fending off him. But it is not necessary to go through the book, which is almost 600 pages long, from cover to cover.
The authors have tried to give "Know Your Enemy" a meaningful structure so that it is possible to work on relevant topics directly.

Related Links:

Know your enemy at Amazon.de
oreilly.de