| | |  | Computer Security | Home » » Extreme Exploits: Advanced Defenses Against Hardcore Hacks (Hacking Exposed) | | | | | | | Product Promotions: | | | | | Description: | | Protect your network and web sites from malicious attacks with help from this cutting-edge guide. Extreme Exploits is packed with never-before-published advanced security techniques and concise instructions that explain how to defend against devastating vulnerabilities in software and network infrastructure. This book will give a detailed analysis of modern threats and their solutions along with a checklist for developing defenses at the end of each chapter. You’ll also be introduced to a winning methodology for custom vulnerability assessments including attack profiling and the theatre of war concept. Through in-depth explanations of underlying technologies, you’ll learn to prepare your network and software from threats that don’t yet exist. This is a must-have volume for anyone responsible for network security. | | | Product Details: | | | Author:
| Victor Oppleman | | Paperback:
| 448 pages | | Publisher:
| McGraw-Hill Osborne Media | | Publication Date:
| July 18, 2005 | | Language:
| English | | ISBN:
| 0072259558 | | Product Length:
| 9.16 inches | | Product Width:
| 7.4 inches | | Product Height:
| 0.93 inches | | Product Weight:
| 1.62 pounds | | Package Length:
| 9.1 inches | | Package Width:
| 7.4 inches | | Package Height:
| 1.0 inches | | Package Weight:
| 1.6 pounds | | Average Customer Rating:
|  based on 5 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 5 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
5 of 5 found the following review helpful:
Awesome stuff about infrastructure attacksDec 02, 2005
By Dr Anton Chuvakin
"Dr. Anton Chuvakin"
Here is the thing - I am giving this book a high score (4) since it contains unique and fun content related to network infrastructure attacks and defenses, which I have not seen anywhere else. In my view, the good stuff justifies such score, although I suspect that some other reviewers will sledgehammer the book for having too much of routine material covered in other previous books, including the venerable Hacking Exposed.
While I had a general idea of how providers mitigate DDoS attacks, I did not know the specifics of unicast reverse-path forwarding method, described in the book. Similarly, I picked up a lot of material of setting up sinkholes for dropping traffic (and, more specifically, how they are better than ACLs in many cases).
From other topics, I liked their coverage on the evolution of DMZ from simple designs of years past to current security zone design.
The book also presents a lot of up-to-date material, such as the coverage of security information management (SIM), vulnerability management and recent security standards, such as CVSS. It doesn't go into details in some places where I'd wanted it to, but still is interesting to read.
On the other hand, some chapters are disappointing and seem to be in the book for it to appear "comprehensive". Forensics chapter is one of those (it is also mistakenly called "Exploiting Forensics", while no exploitation is taking place)
I recommend the book for most people, from beginners to advanced, since the former will enjoy the breadth of coverage while the latter will likely benefit from the network infrastructure protection (and devastation, of course!) tips. In addition, defense checklists in the end of each chapter are useful for those who do not have time to go and study the material in-depth. The book is slightly biased towards the defense side, with good coverage of the attacking side as well.
Dr Anton Chuvakin, GCIA, GCIH, GCFA is a recognized security expert and book author. In his current role as a Security Strategist with netForensics, a security information management company, he is involved with defining future features and conducting security research. A frequent conference speaker, he also represents the company at various security meetings and standard organizations. He is an author of a book "Security Warrior" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and the upcoming "Hacker's Challenge 3". Anton also published numerous papers on a broad range of security subjects. In his spare time he maintains his security portal at info-secure.org and a blog at O'Reilly"
3 of 3 found the following review helpful:
For going from the basics to the advanced...Oct 31, 2005
By Thomas Duff
"Duffbert"
Regardless of how many steps you take to secure your organizational computing environment, there's always some new exploit waiting to nail you. The best you can do is to understand your network and stay on top of the technology. Extreme Exploits - Advanced Defenses Against Hardcore Hacks by Victor Oppleman, Oliver Friedrichs, and Brett Watson can help you in that pursuit, especially in the networking realm...
Contents:
Part 1 - Core Internet Infrastructure for Security Professionals: Internet Infrastructure for Security Professionals; ISP Security Practices - Separating Fact from Fiction; Securing the Domain Name System
Part 2 - Defending Your Perimeter and Critical Internet Infrastructure: Reliable Connectivity; Securing the Perimeter; Redefining the DMZ - Securing Critical Systems; Intrusion Detection and Prevention; E-mail Gateways, Filtering, and Redundancy; Data Leaks - Exploiting Egress; Sinkholes and Backscatter; Securing Wireless Networks
Part 3 - Network Vulnerability Assessments: Vulnerability and Patch Management; A Winning Methodology for Vulnerability Assessments; Performing the Assessment - Part 1, Performing the Assessment - Part 2
Part 4 - Designing Countermeasures for Tomorrow's Threats: Exploiting Digital Forensics; Viruses, Worms, Trojans, and Other Malicious Code; Exploiting Software
Index
The authors of this book are real gurus when it comes to networking technology. I worked with Brett Watson at a prior place of employment, and I can attest to the fact that he really knows his trade. In the first part of this book, they go into networking and security probably deeper than any other book I've had the opportunity to review. To get the most out of the material, it helps to be firmly grounded in networking technology. If you're not a network administrator or if you're just starting out, you'll probably struggle to keep up. Parts 2 and 3 are also valuable sections. Part 2 continues the in-depth analysis of how best to protect your network from attack, along with software recommendations to implement your security plans. And if you aren't already using a formal methodology to continuously review your network security, Part 3 will help you set up the necessary framework to implement a solid security review. Part 4 probably is the weakest part of the book, in that most of the material is available from multiple other sources, and doesn't necessarily fit into the "extreme exploits" flavor of the rest of the book. It's good information, to be sure... Just not all that unique or special if you've read more than one other security book.
One feature at the end of each chapter stood out and works well... It's a "Checklist for Developing Defenses" along with a recommended reading list. Using the checklist allows you to make sure you understood what each chapter was getting at, as well as giving you a roadmap for implementing security in the particular area that was just discussed. And if a particular chapter was really applicable to your organization, the follow-up reading can help you get even deeper into the material. Good practical technique for helping the reader move from theory to application...
If you have the basics of network security down, it's time to pick up a copy of this book. While you may have to work at understanding the material, it will pay off in a system network that is much more secure than most...
7 of 9 found the following review helpful:
Network infrastructure security sections are excellentAug 15, 2005
By Richard Bejtlich
"TaoSecurity"
I read Extreme Exploits because the content looked intriguing and I am familiar with applications written by lead author Victor Oppleman. The back cover states the book is "packed with never-before-published advanced security techniques," but I disagree with that assessment. While I found all of the content helpful, between 1/3 and 1/2 of it is probably available in older books -- including several by publisher McGraw-Hill/Osborne. Nevertheless, I find the strength of the network infrastructure security sections powerful enough to recommend Extreme Exploits.
I found Extreme Exploit's most innovative material in chapter 1 (Internet Infrastructure), 2 (ISP Security Practices), 4 (Reliable Connectivity), 8 (Email Gateways, Filtering, and Redundancy), 10 (Sinkholes and Backscatter, and 14 (Performing the Assessment, Part 1). These chapters introduced projects like RADB, IRRd, INOC-DBA (a VoIP "hotline" for ISPs), the Distributed Checksum Clearinghouse (an anti-spam system), and Hashcash (to consume CPU cycles and frustrate spammers). Subjects like questions to ask ISPs, ways to multi-home, and using anycast to improve redundancy were also welcome. A comment that spammers are using people who register with porn sites to pass CAPTCHA tests really surprised me! Ch 10's coverage of ISP sinkholes was clear, and I learned about triggered blackhole routing. Advice on checking publicly announced routes was cool, especially the reference to the author's Pwhois system.
Although the vulnerability and patch management information in ch 12 was fairly routine, I also liked the author's mention of recent industry projects like the NIAC vulnerability lifecycle and Common Vulnerability and Scoring System.
Other chapters mainly covered topics found in other books, like Hacking Exposed, Gray Hat Hacking, or Hardening Network Security (all Osborne titles). Most of the book contains sound advice, but I must disagree with several assertions made in ch 7 (Intrusion Detection and Prevention). These include the "rejection" of the value of passive detection (p 116), the "logical transition" where detection and prevention converges into firewalls (p 116), the idea that intrusion prevention systems are "less prone to insertion and evasion attacks" (p 120), and "signature-based IDS normally do not have an understanding of the underlying protocol that they are examining and simply perform byte-by-byte pattern matching" (p 121).
Almost all of the vulnerability assessment material could have been cut, aside from the BGP query and network infrastructure advice in ch 14. The misnamed "exploiting digital forensics" chapter (16) tempts the reader into thinking it will cover anti-forensics, but really it's an overview of network-, host-, and memory forensics in 26 pages. An excerpt from p 332 summarizes the problem with the chapter: "At this point, you might be asking, what do I do with the data?" Still, ch 16 deserves an honorable mention for describing multiple tools with which I was not familiar or had only passing familiarity. These included Foremost by Jesse Kornblum and Kris Kendall, Disktype, and Memdump.
In terms of structure, I liked the fact that every chapter concluded with a "checklist for developing defenses" summarizing important points in an actionable format. The writing is always clear, and the diagrams are excellent. Many of the network infrastructure suggestions are supported by command-line syntax and examples, consistent with Osborne's Hacking Exposed style.
Overall, I think most everyone will learn something by reading Extreme Exploits. Those with a decent amount of experience or who have read books already mentioned might find some of the book repetitive. Despite this, I learned a lot about network infrastructure and I look forward to reading Victor's upcoming book on "Carrier Class Network Security."
2 of 2 found the following review helpful:
Good broad coverageNov 28, 2005
By Mark
The book has two major sections: (a) configuration and maintenance practices, and (b) techniques for vulnerability assessment. The breadth of coverage of many modern techniques and terminology is very good; they go in-depth on a few topics here and there.
The basic assumption of section (a) is that you're trying to defend against unknown/unfixable threats. This is basically the current (2001-2005-) school of thought on security and leads to default-deny policies. This book has lots of good information on how to implement default-deny. The book convinced me that it's much more difficult than a default-deny firewall rule.
The book has many contributing authors; this probably contributes to its strength.
Many books are focused on ISPs, or on enterprises (read: "windows clients and servers with a firewall"), or on software developers, or VoIP carriers. This book has some good material for all of those types.
It's written from a Unix perspective. It does have some coverage of analyzing threats to Windows-based systems, but you'll get the most value from the book as an analyst/administrator if you use some sort of Unix. They have a BSD bias.
The authors also have an bias towards open-source software.
But it's not perfectly integrated, and the organization isn't ideal everywhere. For example, there are two sections of the book that discuss buffer overflows, apparently contributed by two different authors.
The index is only minimal; it only covers one of the sections on stack overflows. Bad indexes are a common problem in technical books from some publishers.
0 of 1 found the following review helpful:
Good coverage of darknets, honeynets, and triggered blackholesFeb 13, 2009
By Stefan Fouant
"Technical Trainer, Juniper Networks"
First I must admit that I know and have worked with several of the authors of this book. I was given an autographed copy of the book late last year, however seeing as the book was published in 2005 I didn't think there would be much along the lines of useable information seeing as many of the security threats and vulnerabilities have evolved quite a bit since then. However, as I started reading the book I quickly realized much of the information was still relevant today as it was several years ago. The chapters on ISP Security Practices and Securing the Domain Name System had very good coverage of many of the techniques used throughout Service Provider networks to secure their network and DNS infrastructure.
I particularly enjoyed reading the sections on using egress packet filters to restrict data leaks from within an organization - a particular problem today with the prevalance of Internet Worms and other Malware which often attempt to communicate back to their centralized Command & Control (C&C) hosts. The chapter on 'Sinkholes and Backscatter' has very good coverage on a wide variety of topics such as using Darknets and Honeynets to monitor malicious traffic and other nasties emanating throughout your network, as well as using techniques such as Triggered Blackhole Routing to propagate filters quickly and dynamically to drop DDoS and other malevolent traffic.
I would have to disagree with Dr. Anton Chuvakin that the chapters on Digital Forensics were disappointing. Personally, I learned quite a bit from these chapters and came away from reading them with a whole arsenal of new tools to use with which I can perform my own digital forensics on compromised systems. The coverage of Foremost, memdump, and some of the advanced digital forensic tools was top notch.
All in all, I would say this is still a good book for anyone involved in Network Security. Much of the information covered is still relevant in today's networks. If the authors attempt to release a second edition I would suggest coverage of adapting Triggered Blackhole techniques to be used in more modern DDoS Mitigation scenarios. Additionally, discussion of new techniques used for Malware C&C and coverage of Fast-flux and Double-flux techniques used by the attackers to create more robust and reliable networks would be welcomed.
| | |
|
