Product Description

"Hacker's Challenge" will consist of 20-25 hacking scenarios followed by the solution for each. The challenges/chapters are organized by increasing levels of complexity, and covers many hot topics, including Web content, VPNs, Denial of Service, wireless issues, e-commerce, email attacks and more. It includes input from top names in the industry - in addition to Mike Schiffman, consultants from the top security firms, such as Guardent, Foundstone, @Stake, SecurityFocus.com, In-Q-Tel, Arbor Networks, LoudCloud and more contribute their expertise. It is intended for a broad audience - "Hacker's Challenge" is for anyone who wants to solve the latest hacking challenges. It is a great companion to "Hacking Exposed" - an entire book of hands-on scenarios that compliment the "Hacking Exposed" text.

Product Details

• Amazon Sales Rank: #477181 in Books
• Published on: 2001-10-01
• Original language: English
• Number of items: 1
• Binding: Paperback
• 300 pages

Amazon.co.uk Review
Mike Schiffman has hit upon a great formula for Hacker's Challenge. Rather than try to research, fully understand and adequately explain attacks that have taken place on other people's networks--the approach taken by too many writers of books about computer security--Schiffman lets network administrators and security experts tell their stories first-hand. This is good. What's better is that Schiffman has edited each of their war stories into two sections: one that presents the observations the system admin or security consultant made at the time of the attack and another (in a separate part of the book) that ties the clues together and explains exactly what was going on. The challenge in the title is for you to figure out what the bad guys were doing--and how best to stop them--before looking at the printed solution. Let's call this book what it is: an Encyclopaedia Brown book for people with an interest in network security.

It doesn't really matter whether your skills are up to the challenge or not. The accounts of real life intrusions, that you can probably learn from, are written like chapters in a novel (though log file listings, network diagrams and performance graphs appear alongside the narrative text). Recall every time you've seen a movie or read a book with computer scenes so technically inaccurate they made you wish for a writer with a clue--Schiffman and Hacker's Challenge is what you wished for. --David Wall

Topics covered: the sorts of attacks that black-hat hackers (everyone from script kiddies to accomplished baddies) launch against Internet-linked computers and networks. Everything is presented from the perspective of the defenders--the network administrators--who have to look at log files and process activity to figure out what's going on.

From the Back Cover

"A solve-it-yourself mystery that will draw you in with entertaining, yet realistic scenarios that both challenge and inform you." Tim Newsham, security research scientist, @stake, Inc.

Malicious hackers are everywhere these days, so how do you keep them out of your networks? This unique volume challenges your forensics and incident response skills with 20 real-world hacks presented by upper-echelon security experts. Important topics are covered, including Denial of Service, wireless technologies, Web attacks, and malicious code. Each challenge includes a detailed explanation of the incident how the break-in was detected, evidence and possible clues, technical background such as log files and network maps, and a series of questions for you to solve. Then, in Part II, you get a detailed analysis of how the experts solved each incident.

Excerpt from "The Insider":

The Challenge:

Kris, a software company's senior I.T. staffer, got a call from the helpdesk....Users were complaining that the entire contents of their inbox, outbox, and deleted items folders had completely disappeared....The following Monday, Kris found that the entire Exchange database had been deleted....The attacker sent an email from a Yahoo! account taking responsibility for the attacks....The e-mail had been sent from a machine within the victim's network. Kris brought in an external security team who immediately began their investigation...In addition to gathering physical security logs, Microsoft Exchange logs, and virtual private network (VPN) logs they interviewed key people inside the company....

The Solution:

After reviewing the log files included in the challenge, propose your assessment when did the deletion of e-mail accounts begin and end, which users were connected to the VPN at the time, and what IP addresses were the users connecting from? Then, turn to the experts' answers to find out what really happened.

Contributing authors include:

Top security professionals from @stake, Foundstone, Guardent, The Honeynet Project, University of Washington, Fortrex Technologies, SecureMac.com, AnchorIS.com, and the National Guard Information Warfare unit.

About the Author
Mike Schiffman is the director of research and development at Guardent, the leading provider of professional security services. He has written for numerous technical journals, has written white papers, and has contributed to Hacking Exposed.

Customer Reviews

Fantastic, you MUST buy this book.
This book is a must buy for anyone who charged with managing or implementing network security. The book takes a unique approach to teaching readers the dangers that come with computing, as well as showing how to prevent such issues. These issues involve MS Exchange, Windows NT, Unix, Wireless protocols, MS IIS and many more.

There are 20 real life hacking cases detailed with logs, to which you must work out how the hack was carried out and what could have been done. At the end you wil find the answers.

If you are looking to get a broad view on IT security then buy this book!

A great read for all those security finatics
I enjoyed this book especially all the important information that i have learnt from it. There are 20 hacking accounts where there has been an intruder on a network, all gained access using different methods and sneeky techniques. At the end of eash study you are given some questions eg. "What tool or tools were used to attempt the escalation?" all solutions to the problems are given in the back off the book, how this problem should have been delt with, how the attacker got in, and how to prevent this from happening again, what i'm trying to say is BUY THIS BOOK!!!!

Great idea, but disappointing
Great idea applying a sort of 'murder mystery' to network security. Though, I found it lacking depth and not up to the excellent standard of the Hacking Exposed series. Also in several scenarios not enough data/information was given to actually answer the questions, until you went to the answer section. Bit difficult to solve the mystery without the vital clues!