Product Description

Stop hackers in their tracks

Organized by category, Anti-Hacker Tool Kit, Third Edition provides complete details on the latest and most critical security tools, explains their function, and demonstrates how to configure them to get the best results.

• Completely revised to include the latest security tools, including wireless tools
• New tips on how to configure the recent tools on Linux, Windows, and Mac OSX
• New on the CD-ROM -- Gnoppix, a complete Linux system, ClamAV anti-virus, Cain, a multi-function hacking tool, Bluetooth tools, protocol scanners, forensic tools, and more
• New case studies in each chapter

Product Details

• Amazon Sales Rank: #512650 in Books
• Published on: 2006-02-09
• Original language: English
• Number of items: 1
• Binding: Paperback
• 800 pages

From the Back Cover
THWART THE LATEST DISASTROUS ATTACKS

Mount a comprehensive, proactive defense against the most sinister cyber-criminals using the tricks and techniques contained in this unique resource. Fully updated to include the latest weapons in the security experts; arsenal, Anti-Hacker Tool Kit, Third Edition provides all the information you'll need to lock down your network from the ground up. Logically organized by category, each tool's function, installation, and configuration is fully described, alongside screenshots and code examples. Brand-new examples and in-depth case studies detail how to implement each vital tool in real-world situations.

Explains how to configure and use these and other key tools:

• MULTIFUNCTIONAL UTILITIES: Netcat, Cryptcat, Sbd
• PORT SCANNERS: Nmap, THC-Amap,IPEye
• EMULATORS: VMware, Virtual PC, Gnoppix, Cygwin
• ENUMERATORS: Samba, Winfingerprint, PsTools, HFNetChk
• WEB HACKING APPLICATIONS: Nikto, LibWhisker, Paros, Burp
• PASSWORD CRACKERS AND BRUTE-FORCE TOOLS: John the Ripper, LophtCrack, THC-Hydra, PwDump
• WAR DIALERS: ToneLoc, THC-Scan
• HOST HARDENING APPLICATIONS: Clamav, Titan, Msec
• BACKDOORS AND REMOTE ACCESS: VNC, Netbus, Back Orifice, SubSeven, Loki, Knark
• AUDITING TOOLS: Flawfinder, RATS, Nessus, STAT, Tripwire
• PORT REDIRECTERS: Datapipe, FPipe, WinRelay
• SNIFFERS: BUTTSniffer, WinDump, Ethereal, Dsniff, Snort
• WIRELESS TOOLS: NetSlumber, TCPsic, ICMpsic, Iptest
• FORENSIC UTILITIES: dd, EnCase, Sleuth Kit, Vnode, WinHex

About the Author
Mike Shema is CSO at NT Objectives, Inc., an application security solutions consultancy.

Chris Davis is a Senior Auditor for Texas Instruments. He is the co-author of Hacking Exposed Computer Forensics from McGraw-Hill/Osborne and a regular speaker on computer security topics.

Aaron Phillip is the Managing Partner of Affect Computer Forensics. He is the co-author of Hacking Exposed Computer Forensics from McGraw-Hill/Osborne.

David Cowen, CISSP, of G-C Partners, has extensive experience in security research, application security testing, and computer forensics analysis. He is an expert witness and a regular speaker on computer forensics.

Customer Reviews

Still a great book on essential security tools
I reviewed the first edition "Anti-Hacker Tool Kit" (AHT:1E) in August 2002, and the second edition (AHT:2E) in June 2004. AHT:3E was published in February 2006. I continue to like AHT, because it addresses many of the tools an operational security professional should know how to use. I'll point out the differences between AHT:2E and AHT:3E, then offer some suggestions for AHT:4E.

The introduction lists the same "changes in the third edition" that are listed in AHT:2E. I would expect this part of AHT:3E to be different from AHT:2E! Ch 1 adds Netcat6 and mentions SBD. Ch 3 adds Virtual PC and Gnoppix. Ch 4 drops NetScan Tools, SuperScan, and Udp_scan. Ch 5 is updated to talk about Win XP SP2 and Win 2k3 Server. Ch 6 drops HFNetChk but adds MBSAv2 and updates Winfingerprint to 0.6.2. Ch 7 adds Libwhisker and Burp, while dropping Stealth, Achilles, and WebSleuth. Ch 8 drops PassFilt.dll and adds PWDump3 and PWDump4. Ch 9 adds Clamav. Ch 12 drops STAT, Retina, and Internet Scanner, and adds Cain and Able. Ch 18 adds Shokdial. Ch 21 adds FTK Imager and SMART. Ch 22 adds Dcfldd and Split. Ch 24 adds ReadPST, ReadDBX, Encase Forensic, FTK, NetAnalysis, and Web Historian. Ch 25 drops Xvi32. Ch 26 is entirely new, albeit 8 pages.

The following chapters were largely the same: 2, 10, 11, 13-17, 19, 20, and 23. A few may have had a new case study or a minor tweak. Security pro Mike Shema seems to have done a lot of the work revising old material. You can see his command prompt and tool output timestamps showing references to mid-2005.

However, old material from AHT:1E remains, like talk of FreeBSD 4.3 BETA and Red Hat Linux 6.1 (kernel 2.2.12) in Ch 1. The Vnode discussion on pp 653-4 no longer works on FreeBSD, but I posted a new method to my blog.

I believe AHT:3E would merit a fifth star if it dropped clearly old material and beefed up its newer sections. For example, AHT:3E spends 17 pages explaining Tripwire (free and commercial), despite the use of newer open source alternative like Osiris, AIDE, or Samhain. AHT:3E devotes almost 20 pages to really old back doors and remote access tools like Netbus, Back Orifice, SubSeven, and Loki. The book includes 10 pages on Ipchains, which went out of style years ago. I think sections like those should be cut entirely, or maybe moved onto a CD-ROM or Web site, to make room for more detail on Cain and Able and other newer projects.

Overall, I still like AHT:3E, but I would like to see a more thorough scrub in AHT:4E. If you don't have AHT:2E or AHT:1E, you should buy AHT:3E. If you have either of those books, you might want to wait for AHT:4E.

Good Title - Expected More From the Update
I have the previous version of the book and enjoyed it. I was hoping for more of an update when I bought this version. There is a lot of the material that is still the same. However, it you don't own a previous copy it's a good security book to check out. 3 to 4 stars.