CEH Study Book

Информатика и компютърни науки Книга или учебник

Contents
1.Introduction
2.Assessment Test
3.Chapter 1: Getting Started with Ethical Hacking
1.Hacking: A Short History
2.What Is an Ethical Hacker?
3.Summary
4.Exam Essentials
5.Review Questions
4.Chapter 2: System Fundamentals
1.Exploring Network Topologies
2.WorkingwiththeOpenSystems
Interconnection Model
3.Dissecting the TCP/IP Suite
4.IP Subnetting
5.Hexadecimal vs. Binary
6.Exploring TCP/IP Ports
7.Understanding Network Devices
8.Working with MAC Addresses
9.IntrusionPreventionandIntrusionDetection
Systems
10.Network Security
11.Knowing Operating Systems
12.Backups and Archiving
13.Summary
14.Exam Essentials
15.Review Questions
5.Chapter 3: Cryptography
2

1.Cryptography:EarlyApplicationsand
Examples
2.Cryptography in Action
3.Understanding Hashing
4.Issues with Cryptography
5.Applications of Cryptography
6.Summary
7.Exam Essentials
8.Review Questions
6.Chapter 4: Footprinting and Reconnaissance
1.Understanding the Steps of Ethical Hacking
2.What Is Footprinting?
3.Terminology in Footprinting
4.Threats Introduced by Footprinting
5.The Footprinting Process
6.Summary
7.Exam Essentials
8.Review Questions
7.Chapter 5: Scanning Networks
1.What Is Network Scanning?
2.Checking for Live Systems
3.Checking for Open Ports
4.Types of Scans
5.OS Fingerprinting
6.Banner Grabbing
7.Countermeasures
8.Vulnerability Scanning
9.Drawing Network Diagrams
10.Using Proxies
11.Summary
12.Exam Essentials
13.Review Questions
8.Chapter 6: Enumeration of Services
3

1.A Quick Review
2.What Is Enumeration?
3.Windows Basics
4.Enumeration with SNMP
5.Unix and Linux Enumeration
6.LDAP and Directory Service Enumeration
7.Enumeration Using NTP
8.SMTP Enumeration
9.UsingEXPN
10.UsingRCPT TO
11.SMTP Relay
12.Summary
13.Exam Essentials
14.Review Questions
9.Chapter 7: Gaining Access to a System
1.Up to This Point
2.Summary
3.Exam Essentials
4.Review Questions
10.Chapter8:Trojans,Viruses,Worms,andCovert
Channels
1.Malware
2.Overt and Covert Channels
3.Summary
4.Exam Essentials
5.Review Questions
11.Chapter 9: Sniffers
1.Understanding Sniffers
2.Using a Sniffer
3.Switched Network Sniffing
4.Exam Essentials
5.Summary
6.Review Questions
4

12.Chapter 10: Social Engineering
1.What Is Social Engineering?
2.What Is Social Networking?
3.Commonly Employed Threats
4.Identity Theft
5.Summary
6.Exam Essentials
7.Review Questions
13.Chapter 11: Denial of Service
1.Understanding DoS
2.Understanding DDoS
3.DoS Tools
4.DDoS Tools
5.DoS Defensive Strategies
6.DoS Pen Testing Considerations
7.Summary
8.Exam Essentials
9.Review Questions
14.Chapter 12: Session Hijacking
1.Understanding Session Hijacking
2.Exploring Defensive Strategies
3.Summary
4.Exam Essentials
5.Review Questions
15.Chapter 13: Web Servers and Web Applications
1.Exploring the Client-Server Relationship
2.Summary
3.Exam Essentials
4.Review Questions
16.Chapter 14: SQL Injection
1.Introducing SQL Injection
2.Summary
3.Exam Essentials
5

4.Review Questions
17.Chapter 15: Wireless Networking
1.What Is a Wireless Network?
2.Summary
3.Exam Essentials
4.Review Questions
18.Chapter 16: Evading IDSs, Firewalls, and Honeypots
1.Honeypots, IDSs, and Firewalls
2.Summary
3.Exam Essentials
4.Review Questions
19.Chapter 17: Physical Security
1.Introducing Physical Security
2.Summary
3.Exam Essentials
4.Review Questions
20.Appendix A: Answers to Review Questions
21.Appendix B: About the Additional Study Tools
22.Advertisement
23.End User License Agreement
List of Illustrations
1.FIGURE 1.1 Security versus convenience analysis
2.FIGURE 1.2 The hacking process
3.FIGURE 2.1 Bus topology
4.FIGURE 2.2 Ring topology
5.FIGURE 2.3 Star topology
6.FIGURE 2.4 Mesh topology
7.FIGURE 2.5 Hybrid topology
8.FIGURE 2.6 OSI TCP/IP comparative model
9.FIGURE 2.7 TCP three-way handshake
6

10.FIGURE 2.8 TCP sequencing
11.FIGURE 2.9 Residential network setup
12.FIGURE 2.10 Typical enterprise network
13.FIGURE 5.1 The three-way handshake
14.FIGURE5.2Half-openscanagainstclosedandopen
ports
15.FIGURE 5.3 Xmas tree scan
16.FIGURE5.4AnFINscanagainstaclosedportand
an open port
17.FIGURE5.5ANULLscanagainstaclosedandan
open port
18.FIGURE 5.6 Results of a banner grab
19.FIGURE5.7Anetworkmapbuiltbya
network-mapping software package
20.FIGURE 8.1 JPS Virus Maker user interface
21.FIGURE 8.2 TCPView interface
22.FIGURE 9.1 TCP three-way handshake packet
23.FIGURE 9.2 Macof MAC flood
24.FIGURE 9.3 Cain and Abel
25.FIGURE 11.1 Basic program stack
26.FIGURE 11.2 Smashing the stack
27.FIGURE 11.3 Smashing the stack
28.FIGURE 12.1 Session hijack
29.FIGURE 12.2 Active attack
30.FIGURE 12.3 Passive attack
31.FIGURE 12.4 Spoofing
32.FIGURE 12.5 Source routing
33.FIGURE 12.6 Desynchronizing a connection
34.FIGURE 12.7 TCP three-way handshake
35.FIGURE 12.8 MITM attack
36.FIGURE 15.1 A Yagi antenna
37.FIGURE 15.2 A parabolic antenna
38.FIGURE 17.1 A drive degausser
7

39.FIGURE 17.2 A mantrap installed in a lobby
40.FIGURE 17.3 One kind of cipher lock
41.FIGURE 17.4 Lock-picking tools
List of Tables
1.TABLE 1.1 Available types of pen tests
2.TABLE 2.1 Hex, binary, and decimal
3.TABLE 2.2 Well-known ports
4.TABLE 2.3 Registered ports of interest
5.TABLE 3.1 Cracking times for 40- and 56-bit keys
6.TABLE 5.1 TCP flags
7.TABLE5.2ResultsofUDPscanningagainstclosed
and open ports
8.TABLE 5.3 Active vs. passive fingerprinting
9.TABLE 9.1 Wireshark filters
10.TABLE 9.2 Wireshark filter breakdown
11.TABLE 9.3 Wireshark CLI tools
12.TABLE 12.1 Dissected IDs
13.TABLE 15.1 Wireless standards
14.TABLE 15.2 Common wireless terms
15.Exercise 2.1 Finding the maC address
16.Exercise 4.1 Finding the IP Address of a Website
17.Exercise 4.2 Examining a Site
18.Exercise 7.1 Extracting Hashes from a System
19.Exercise 7.2 Creating Rainbow Tables
20.Exercise 7.3 Working with Rainbow Crack
21.Exercise 7.4 PSPV
22.Exercise 8.1 Creating a Simple Virus
23.Exercise 8.2 Using Netstat to Detect Open Ports
24.Exercise 8.3 Using TCPView to Track Port Usage
25.Exercise 9.1 Sniffing with Wireshark
8

26.Exercise 9.2 Sniffing with TCPdump
27.Exercise 9.3 Understanding Packet Analysis
28.Exercise 11.1 Performing a SYN Flood
29.Exercise 11.2 Seeing LOIC in Action
30.Exercise 12.1 Performing an MITM Attack
31.Exercise 13.1 Performing a Password Crack
Pages
1.iii
2.iv
3.v
4.vii
5.viii
6.xxi
7.xxii
8.xxiii
9.xxiv
10.xxv
11.xxvi
12.xxvii
13.xxviii
14.xxix
15.xxx
16.xxxi
17.xxxii
18.xxxiii
19.xxxiv
20.xxxv
21.xxxvi
22.xxxvii
23.xxxviii
9

24.1
25.2
26.3
27.4
28.5
29.6
30.7
31.8
32.9
33.10
34.11
35.12
36.13
37.14
38.15
39.16
40.17
41.18
42.19
43.20
44.21
45.22
46.23
47.24
48.25
49.26
50.27
51.28
52.29
53.30
54.31
55.32
56.33
10

57.34
58.35
59.36
60.37
61.38
62.39
63.40
64.41
65.42
66.43
67.44
68.45
69.46
70.47
71.48
72.49
73.50
74.51
75.52
76.53
77.54
78.55
79.56
80.57
81.58
82.59
83.60
84.61
85.62
86.63
87.64
88.65
89.66
11

90.67
91.68
92.69
93.70
94.71
95.72
96.73
97.74
98.75
99.76
100.77
101.78
102.79
103.80
104.81
105.82
106.83
107.84
108.85
109.86
110.87
111.88
112.89
113.90
114.91
115.92
116.93
117.94
118.95
119.96
120.97
121.98
122.99
12

123.100
124.101
125.102
126.103
127.104
128.105
129.106
130.107
131.108
132.109
133.110
134.111
135.112
136.113
137.114
138.115
139.116
140.117
141.118
142.119
143.120
144.121
145.122
146.123
147.124
148.125
149.126
150.127
151.128
152.129
153.130
154.131
155.132
13

156.133
157.134
158.135
159.136
160.137
161.138
162.139
163.140
164.141
165.142
166.143
167.144
168.145
169.146
170.147
171.148
172.149
173.150
174.151
175.152
176.153
177.154
178.155
179.156
180.157
181.158
182.159
183.160
184.161
185.162
186.163
187.164
188.165
14

189.166
190.167
191.168
192.169
193.170
194.171
195.172
196.173
197.174
198.175
199.176
200.177
201.178
202.179
203.180
204.181
205.182
206.183
207.184
208.185
209.186
210.187
211.188
212.189
213.190
214.191
215.192
216.193
217.194
218.195
219.196
220.197
221.198
15

222.199
223.200
224.201
225.202
226.203
227.204
228.205
229.206
230.207
231.208
232.209
233.210
234.211
235.212
236.213
237.214
238.215
239.216
240.217
241.218
242.219
243.220
244.221
245.222
246.223
247.224
248.225
249.226
250.227
251.228
252.229
253.230
254.231
16

255.232
256.233
257.234
258.235
259.236
260.237
261.238
262.239
263.240
264.241
265.242
266.243
267.244
268.245
269.246
270.247
271.248
272.249
273.250
274.251
275.252
276.253
277.254
278.255
279.256
280.257
281.258
282.259
283.260
284.261
285.262
286.263
287.264
17

288.265
289.266
290.267
291.268
292.269
293.270
294.271
295.272
296.273
297.274
298.275
299.276
300.277
301.278
302.279
303.280
304.281
305.282
306.283
307.284
308.285
309.286
310.287
311.288
312.289
313.290
314.291
315.292
316.293
317.294
318.295
319.296
320.297
18

321.298
322.299
323.300
324.301
325.302
326.303
327.304
328.305
329.306
330.307
331.308
332.309
333.310
334.311
335.312
336.313
337.314
338.315
339.316
340.317
341.318
342.319
343.320
344.321
345.322
346.323
347.324
348.325
349.326
350.327
351.328
352.329
353.330
19

354.331
355.332
356.333
357.334
358.335
359.336
360.337
361.338
362.339
363.340
364.341
365.342
366.343
367.344
368.345
369.346
370.347
371.348
372.349
373.350
374.351
375.352
376.353
377.354
378.355
379.356
380.357
381.358
382.359
383.360
384.361
385.362
386.363
20

387.364
388.365
389.366
390.367
391.368
392.369
393.370
394.371
395.372
396.373
397.374
398.375
399.376
400.377
401.378
402.379
403.380
404.381
405.382
406.383
407.384
408.385
409.386
410.387
411.388
412.389
413.390
414.391
415.392
416.393
417.394
418.395
419.396
21

420.397
421.398
422.399
423.400
424.401
425.402
426.403
427.404
428.405
429.406
430.407
431.408
432.409
433.410
434.411
435.412
436.413
437.414
438.415
439.416
440.417
441.418
442.419
443.420
444.421
445.422
446.423
447.424
448.425
449.426
450.427
451.428
452.429
22

453.430
454.431
455.432
456.433
457.434
458.435
459.436
460.437
461.438
462.439
463.440
464.464
Guide
1.Cover
2.Table of Contents
3.Begin Reading
23

CEHv8: Certified Ethical
Hacker Version 8
Study Guide
Sean-Philip Oriyano
24

Senior Acquisitions Editor: Jeff Kellum
Development Editor: Richard Mateosian
Technical Editors: Albert Whale and Robert Burke
Production Editor: Dassi Zeidel
Copy Editors: Liz Welch and Tiffany Taylor
Editorial Manager: Pete Gaughan
VicePresidentandExecutiveGroupPublisher:Richard
Swadley
Associate Publisher: Chris Webb
Media Project Manager I: Laura Moss-Hollister
Media Associate Producer: Marilyn Hummel
Media Quality Assurance: Doug Kuhn
Book Designer: Judy Fung
Proofreader: Sarah Kaikini, Word One New York
Indexer: Ted Laux
Project Coordinator, Cover: Patrick Redmond
Cover Designer: Wiley
25

Преглед на първите от 774 страници - останалите след изтегляне

Описание

If you want to acquire a solid amount of information in hacking and pen-testing techniques and your goal is to prepare for the exam by learning how to develop and improve security, this book is for you. You’ll find clear explanations of the concepts you need to grasp and plenty of help to achieve the high level of professional competency you need in order to succeed in your chosen field. If you want to become certified, this book is definitely what you need. Дисциплина: Ethical Hacking

0 коментара

Все още няма коментари. Бъдете първият, който ще коментира.

За да коментирате, трябва да сте влезли в профила си.

Влезте