Sunday, December 6, 2009

Acknowledgments

Foremost I would like to thank my wife for for her continued support and patience during this book's development, as well as for proofing this book. Next I want to thank my family and friends for their encouragement, support, and confidence. I am also grateful to Mike Tainter and Dennis Cornelius for some early ideas. I also want to express my admiration for programming guru Michael Probert for his participation on coding fundamentals.

Thanks also to the following: Shadowlord, Mindgame, Simple Nomad, The LAN God, Teiwaz, Fauzan Mirza, David Wagner, Diceman, Craigt, Einar Blaberg, Cyberius, Jungman, RX2, itsme, Greg Miller, John Vranesevich, Deborah Triant, Mentor, the FBI, The National Computer Security Center, 2600.com, Fyodor, Muffy Barkocy, Wintermute, dcypher, manicx, Tsutomu Shimomura, humble, The Posse, Jim Huff, Soldier, Mike Frantzen, Tfreak, Dan Brumleve, Arisme, Georgi Guninski, Satanic Mechanic, Mnemonic, The Grenadier, Jitsu, lore, 416, all of the H4G1S members, everyone at ValCom, and to Bruce Schneier, who inspired me.

Someone once told me in order to be successful, one must surround oneself with the finest people. With that in mind, I thank David Fugate from Waterside Productions, and Carol Long, Mathew Cohen, Adaobi Obi, Micheline Frederick, and anyone else I forgot to mention from John Wiley & Sons, Inc.

A Note to the Reader

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. We cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark.



This book is sold for information purposes only. Without written consent from the target company, most of these procedures are illegal in the United States and many other countries as well. Neither the author nor the publisher will be held accountable for the use or misuse of the information contained in this book.

Introduction

We are the technologically inclined and normality spurned, or at least, this is how we perceive (or perhaps want) things to be. We are adept at dealing with machines, and manipulating things. Everything comes easy to us, and when things always come to you without any failure, you begin to feel nothing matters... that the world is rigged. Perhaps, this is why we always look for conspiracies, and when they don't exist, we create them ourselves. Maybe I will tap another military switch...

Why are we like this?

We are different from other people, and those others cannot always accept this. We ourselves are not racists, or sexists, or idealists. We do not feel that other people will understand us. Those of us electronically gathered here are alike, but in the real world we are so few and far between that we do not feel comfortable in normal society.

We quickly grasp concepts, and, because of our manipulative nature, quickly see through those who are lying. They cannot deceive us. We don't care. There are systems to hack. In reality, we care about much more, but can't very well affect it.

We are dazed and confused technological mall rats waiting for the apocalypse. When will it come? We are ready, and want it. If it doesn't show up... we will be jilted at our millennial altar. Maybe we will create it. Or at least dream about it. Anarchy?

Dark visions, from an apathetic crowd.

And yet, we are not technogoths, waiting for some distant, terrible, cyberdistopia. We have lives, and want to live. We are sick of hearing from a select few that we are ''different." To us, the young generation going into the next millennium, the young generation brought together by technology and in technology, the word "different" shouldn't matter. We are all "different," all abnormal... but it should have no impact.

Those of us on the brink of technology, falling over, laugh at those who do not understand technology. They embody the Old World, driven by race and prior position in society. We laugh at them for being "different," because they refuse to be apathetic about difference. Why can't they be different like us?

Microsoft asked where I want to go today. The only place I want to go is straight to tomorrow. I am a hacker of the future and this is my manifesto.

—Mindgame

As the world becomes increasingly networked through the Internet, competitors, spies, disgruntled employees, bored teens, and hackers more frequently invade others' computers to steal information, sabotage careers, and just to make trouble. Together, the Internet and the World Wide Web have opened a new backdoor through which a remote attacker can invade home computers or company networks and electronically snoop through the data therein. According to my experiences, approximately 85 percent of the networks wired to the Internet are vulnerable to such threats.

The continued growth of the Internet, along with advances in technology, mean these intrusions will become increasingly prevalent. Today, external threats are a real-world problem for any company with connectivity. To ensure that remote access is safe, that systems are secure, and that security policies are sound, users in all walks of life need to understand the hacker, know how the hacker thinks—in short, become the hacker.

The primary objective of this book is to lay a solid foundation from which to explore the world of security. Simply, this book tells the truth about hacking, to bring awareness about the so-called Underground, the hacker's community, and to provide the tools for doing so.

The difference between this book and other technical manuscripts is that it is written from a hacker's perspective. The internetworking primers in Parts 1 and 2, coupled with Chapter 6, "The Hacker's Technology Handbook, will educate you about the technologies required to delve into security and hacking. These chapters can be skimmed if your background is technically sound, and later used as references. Part 3 reviews in detail the tools and vulnerability exploits that rule "hackerdom." Part 4 continues by describing covert techniques used by hackers, crackers, phreaks, and cyberpunks to penetrate security weaknesses. Part 5 reveals hacking secrets of gateways, routers, Internet server daemons, operating systems, proxies, and firewalls. Part 6 concludes with the software and construction necessary for compiling a TigerBox, used by security professionals and hackers for sniffing, spoofing, cracking, scanning, spying, and penetrating vulnerabilities. Throughout this book you will also encounter Intuitive Intermissions, real-life interludes about hacking and the Underground. Through them you'll explore a hacker's chronicles, including a complete technology guide.

Who Should Read This Book



The cliche ''the best defense is a good offense" can certainly be applied to the world of network security. Evaluators of this book have suggested that this book it may become a required reference for managers, network administrators (CNAs, MCPs), network engineers (CNEs, MCSEs), internetworking engineers (CCNA/P, CCIEs), even interested laypeople. The material in this book will give the members in each of these categories a better understanding of how to hack their network vulnerabilities.

More specifically, the following identifies the various target readers:

The home or small home office (SOHO) Internet Enthusiast, whose web browsing includes secure online ordering, filling out forms, and/or transferring files, data, and information

The network engineer, whose world revolves and around security

The security engineer, whose intent is to become a security prodigy

The hacker, cracker, and phreak, who will find this book both educational and entertaining

The nontechnical manager, whose job may depend on the information herein

The hacking enthusiast and admirer of such films as Sneakers, The Matrix, and Hackers

The intelligent, curious teenager, whose destiny may become clear after reading these pages

As a reader here, you are faced with a challenging "technogothic" journey, for which I am your guide. Malicious individuals are infesting the world of technology. My goal is to help mold you become a virtuous hacker guru.

About the Author

Now a renowned superhacker who works on award-winning projects, assisting security managers everywhere, John Chirillo began his computer career at 12, when after a one-year self-taught education in computers, he wrote a game called Dragon's Tomb. Following its publication, thousands of copies were sold to the Color Computer System market. During the next five years, John wrote several other software packages including, The Lost Treasure (a game-writing tutorial), Multimanger (an accounting, inventory, and financial management software suite), Sorcery (an RPG adventure), PC Notes (GUI used to teach math, from algebra to calculus), Falcon's Quest I and II (a graphical, Diction-intensive adventure), and Genius (a complete Windows-based point-and-click operating system), among others. John went on to become certified in numerous programming languages, including QuickBasic, VB, C++, Pascal, Assembler and Java. John later developed the PC Optimization Kit (increasing speeds up to 200 percent of standard Intel 486 chips).

John was equally successful in school. He received scholarships including one to Illinois Benedictine University. After running two businesses, Software Now and Geniusware, John became a consultant, specializing in security and analysis, to prestigious companies, where he performed security analyses, sniffer analyses, LAN/WAN design, implementation, and troubleshooting. During this period, John acquired numerous internetworking certifications, including Cisco's CCNA, CCDA, CCNP, pending CCIE, Intel Certified Solutions Consultant, Compaq ASE Enterprise Storage, and Master UNIX, among others. He is currently a Senior Internetworking Engineer at a technology management company.

No comments:

Post a Comment