Once, hackers were brilliant, if deviant, experts in network and operating system design. Now, the hacking underground has software tools that allow know-nothing “script kiddies” to exploit your network’s weaknesses at the click of a button. We’ve entered the era of automated hacking, according to Pete Murphy, who wrote the foreword to Hacking Exposed: Network Security Secrets and Solutions.

To counter new threats, computer professionals need information, from the ground up. The authors of Hacking Exposed state, “Most systems come out of the box begging to be hacked.”

This authoritative, clearly written book probes the vulnerabilities that are inherent in networks and operating systems and discusses the measures used to counter exploits. The book is written both from a hacker’s and an administrator’s perspective. Reading it, you’ll see your networks through the eyes of a data thief.


Hacking Exposed: Network Security Secrets and Solutions, Third Edition

By Stuart McClure, Joel Scambray, and George Kurtz
McGraw-Hill Professional
Date published: September 2001
729 pages
ISBN: 0072193816
List price: $49.99 at fatbrain.com


Experts rate typical attacks
In Hacking Exposed, each section begins with a case study that introduces the subject matter. Individual chapters take you step-by-step through attacks and countermeasures. The authors have given each attack a rating; values from 1 to 9 are used to describe an attack’s popularity, simplicity, and impact. The average of all three provides an overall Risk Rating.

For example, consider an exploit of Cisco’s support for a previous type of Management Information Base (MIB). This exploit makes it possible for hackers to access the router or switch’s configuration file, which can be used to decode weakly encrypted passwords. The book provides the overall Risk Rating of 6 based on the following ratings:

  • Popularity: 2
  • Simplicity: 8
  • Impact: 9

Each attack description is followed by detailed countermeasures, often including a Web address for learning more. In this case, one countermeasure consists of restricting the use of SNMP to approved hosts or networks.

Organization of chapters and sections include topics such as:

  • Footprinting (how hackers gather information about systems)
  • Scanning (mapping out a network)
  • System hacking
  • Network hacking
  • Software hacking

For example, under System Hacking, Windows 2000’s Active Directory is shown to be a prime source for footprinting internal systems. Fortunately, its DNS implementation also makes it easy to restrict zone transfers. On the other hand, the authors report that their Windows 2000 testing indicates TCP/IP filtering, used to restrict access to ports, does not effectively block ICMP echo requests. To do so, the authors recommend IPSec filters. While this is not profound information to experienced administrators, it does provide an indication of how this comprehensive guide is valuable to both novices and experts. Among the systems covered are flavors of Windows from 95 to XP, Novell NetWare, and UNIX.

In the Network Hacking chapter, the authors cover dirty tricks used to exploit Dial-Up, PBX, Voicemail, and VPN vulnerabilities, to scan through firewalls, and to launch Denial of Service (DoS) attacks. The section on Software Hacking covers methods hackers use to exploit remote control software, Web browsers, e-mail, ActiveX, and IRC.

Hacking Exposed’s two appendices describe ports and the top 14 security vulnerabilities you need to know.

New edition updates
The three authors bring a background in security issues to bear on their subject. Stuart McClure was responsible for security and technology evaluations at Ernst & Young. He also coauthored the weekly InfoWorld “Security Watch” column. Joel Scambray worked as an IT security consultant, and George Kurtz is CEO of Foundstone, a security solutions provider. Kurtz recently authored Hacking Linux Exposed, while McClure and Scambray together coauthored Hacking Windows 2000 Exposed.

New to this edition are several topics vital to IT managers who are responsible for securing a network. Here’s a sample of the new topics covered:

  • Attacks against 802.11 wireless networks
  • New attacks against Windows 2000, XP, and .NET
  • Methods used to hack e-commerce sites

A companion CD-ROM contains a sampling of security tools, while the chapters contain many pointers to Web sites containing tools and more detailed information. In addition, the publishers maintain a companion Web site, Hacking Exposed.

I highly recommend this book, with one caveat: Don’t let this book fall into the wrong hands since it also serves as a step-by-step hacker’s bible.

What books are vital to your IT library?

Which books should every IT manager own to help reduce security risks? Tell us about your old favorites or new publications that you have found useful. Post a comment below or send us an e-mail.