Hacking the Hacker Learn From the Experts Who Take Down Hackers

Meet the world's top ethical hackers and explore the tools of the trade

Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race. Twenty-six of the world's top white hat hackers, security researchers, writers, and leaders, describe what they do and why, with each profile preceded by a no-experience-necessary explanation of the relevant technology.  Dorothy Denning discusses advanced persistent threats, Martin Hellman describes how he helped invent public key encryption, Bill Cheswick talks about firewalls, Dr. Charlie Miller talks about hacking cars, and other cybersecurity experts from around the world detail the threats, their defenses, and the tools and techniques they use to thwart the most advanced criminals history has ever seen. Light on jargon and heavy on intrigue, this book is designed to be an introduction to the field; final chapters include a guide for parents of young hackers, as well as the Code of Ethical Hacking to help you start your own journey to the top.

Cybersecurity is becoming increasingly critical at all levels, from retail businesses all the way up to national security. This book drives to the heart of the field, introducing the people and practices that help keep our world secure.

• Go deep into the world of white hat hacking to grasp just how critical cybersecurity is
• Read the stories of some of the world's most renowned computer security experts
• Learn how hackers do what they do?no technical expertise necessary
• Delve into social engineering, cryptography, penetration testing, network attacks, and more

As a field, cybersecurity is large and multi-faceted?yet not historically diverse. With a massive demand for qualified professional that is only going to grow, opportunities are endless. Hacking the Hacker shows you why you should give the field a closer look.

Foreword xxxi

Introduction xxxiii

1 What Type of Hacker Are You? 1

Most Hackers Aren’t Geniuses 2

Defenders Are Hackers Plus 3

Hackers Are Special 3

Hackers Are Persistent 4

Hacker Hats 4

2 How Hackers Hack 9

The Secret to Hacking 10

The Hacking Methodology 11

Hacking Is Boringly Successful 20

Automated Malware as a Hacking Tool 20

Hacking Ethically 21

3 Profile: Bruce Schneier   23

For More Information on Bruce Schneier 26

4 Social Engineering   27

Social Engineering Methods 27

Phishing 27

Trojan Horse Execution 28

Over the Phone 28

Purchase Scams 28

In-Person 29

Carrot or Stick 29

Social Engineering Defenses 30

Education 30

Be Careful of Installing Software from Third-Party Websites 30

EV Digital Certificates   31

Get Rid of Passwords 31

Anti–Social Engineering Technologies 31

5 Profile: Kevin Mitnick   33

For More Information on Kevin Mitnick 37

6 Software Vulnerabilities   39

Number of Software Vulnerabilities 39

Why Are Software Vulnerabilities Still a Big Problem? 40

Defenses Against Software Vulnerabilities 41

Security Development Lifecycle 41

More Secure Programming Languages 42

Code and Program Analysis 42

More Secure Operating Systems 42

Third-Party Protections and Vendor Add-Ons 42

Perfect Software Won’t Cure All Ills 43

7 Profile: Michael Howard 45

For More Information on Michael Howard 49

8 Profile: Gary McGraw 51

For More Information on Gary McGraw 54

9 Malware   55

Malware Types 55

Number of Malware Programs 56

Mostly Criminal in Origin 57

Defenses Against Malware 58

Fully Patched Software 58

Training 58

Anti-Malware Software 58

Application Control Programs 59

Security Boundaries 59

Intrusion Detection 59

10 Profile: Susan Bradley 61

For More Information on Susan Bradley 63

11 Profile: Mark Russinovich   65

For More on Mark Russinovich 68

12 Cryptography 69

What Is Cryptography? 69

Why Can’t Attackers Just Guess All the Possible Keys? 70

Symmetric Versus Asymmetric Keys 70

Popular Cryptography 70

Hashes 71

Cryptographic Uses 72

Cryptographic Attacks 72

Math Attacks 72

Known Ciphertext/Plaintext 73

Side Channel Attacks 73

Insecure Implementations 73

13 Profile: Martin Hellman   75

For More Information on Martin Hellman 79

14 Intrusion Detection/APTs   81

Traits of a Good Security Event Message 82

Advanced Persistent Threats (APTs) 82

Types of Intrusion Detection 83

Behavior-Based 83

Signature-Based 84

Intrusion Detection Tools and Services 84

Intrusion Detection/Prevention Systems 84

Event Log Management Systems 85

Detecting Advanced Persistent Threats (APTs) 85

15 Profile: Dr. Dorothy E. Denning   87

For More Information on Dr Dorothy E Denning 90

16 Profile: Michael Dubinsky 91

For More Information on Michael Dubinsky 93

17 Firewalls 95

What Is a Firewall? 95

The Early History of Firewalls 95

Firewall Rules 97

Where Are Firewalls? 97

Advanced Firewalls 98

What Firewalls Protect Against 98

18 Profile: William Cheswick   101

For More Information on William Cheswick 105

19 Honeypots 107

What Is a Honeypot? 107

Interaction 108

Why Use a Honeypot? 108

Catching My Own Russian Spy 109

Honeypot Resources to Explore 110

20 Profile: Lance Spitzner   111

For More Information on Lance Spitzner 114

21 Password Hacking   115

Authentication Components 115

Passwords 116

Authentication Databases 116

Password Hashes   116

Authentication Challenges   116

Authentication Factors   117

Hacking Passwords   117

Password Guessing 117

Phishing   118

Keylogging 118

Hash Cracking   118

Credential Reuse 119

Hacking Password Reset Portals   119

Password Defenses   119

Complexity and Length 120

Frequent Changes with No Repeating 120

Not Sharing Passwords Between Systems 120

Account Lockout 121

Strong Password Hashes 121

Don’t Use Passwords   121

Credential Theft Defenses 121

Reset Portal Defenses 122

22 Profile: Dr. Cormac Herley   123

For More Information on Dr. Cormac Herley 126

23 Wireless Hacking   127

The Wireless World 127

Types of Wireless Hacking   127

Attacking the Access Point 128

Denial of Service 128

Guessing a Wireless Channel Password 128

Session Hijacking 128

Stealing Information 129

Physically Locating a User 129

Some Wireless Hacking Tools 129

Aircrack-Ng 130

Kismet 130

Fern Wi-Fi Hacker 130

Firesheep 130

Wireless Hacking Defenses 130

Frequency Hopping 130

Predefined Client Identification   131

Strong Protocols 131

Long Passwords   131

Patching Access Points   131

Electromagnetic Shielding   131

24 Profile: Thomas d’Otreppe de Bouvette   133

For More Information on Thomas d’Otreppe de Bouvette 135

25 Penetration Testing   137

My Penetration Testing Highlights   137

Hacked Every Cable Box in the Country   137

Simultaneously Hacked a Major Television Network and Pornography 138

Hacked a Major Credit Card Company   138

Created a Camera Virus   139

How to Be a Pen Tester   139

Hacker Methodology   139

Get Documented Permission First 140

Get a Signed Contract 140

Reporting 140

Certifications   141

Be Ethical 145

Minimize Potential Operational Interruption 145

26 Profile: Aaron Higbee   147

For More Information on Aaron Higbee 149

27 Profile: Benild Joseph   151

For More Information on Benild Joseph   153

28 DDoS Attacks 155

Types of DDoS Attacks   155

Denial of Service 155

Direct Attacks 156

Reflection Attacks 156

Amplification 156

Every Layer in the OSI Model   157

Escalating Attacks 157

Upstream and Downsteam Attacks 157

DDoS Tools and Providers 158

Tools 158

DDoS as a Service 158

DDoS Defenses   159

Training   159

Stress Testing   159

Appropriate Network Configuration 159

Engineer Out Potential Weak Points   159

Anti-DDoS Services 160

29 Profile: Brian Krebs 161

For More Information on Brian Krebs 164

30 Secure OS 165

How to Secure an Operating System 166

Secure-Built OS 166

Secure Guidelines 168

Secure Configuration Tools 169

Security Consortiums 169

Trusted Computing Group 169

FIDO Alliance 169

31 Profile: Joanna Rutkowska 171

For More Information on Joanna Rutkowska   173

32 Profile: Aaron Margosis   175

For More Information on Aaron Margosis   179

33 Network Attacks   181

Types of Network Attacks 181

Eavesdropping 182

Man-in-the-Middle Attacks 182

Distributed Denial-of-Service Attacks 183

Network Attack Defenses 183

Domain Isolation 183

Virtual Private Networks 183

Use Secure Protocols and Applications 183

Network Intrusion Detection 184

Anti-DDoS Defenses 184

Visit Secure Web Sites and Use Secure Services 184

34 Profile: Laura Chappell 185

For More Information on Laura Chappell 188

35 IoT Hacking 189

How Do Hackers Hack IoT? 189

IoT Defenses 190

36 Profile: Dr. Charlie Miller 193

For More Information on Dr. Charlie Miller 198

37 Policy and Strategy 201

Standards 201

Policies 202

Procedures 203

Frameworks 203

Regulatory Laws 203

Global Concerns 203

Systems Support 204

38 Profile: Jing de Jong-Chen 205

For More Information on Jing de Jong-Chen 209

39 Threat Modeling  211

Why Threat Model?  211

Threat Modeling Models 212

Threat Actors  213

Nation-States  213

Industrial Hackers  213

Financial Crime 213

Hacktivists 214

Gamers 214

Insider Threats 214

Ordinary, Solitary Hackers or Hacker Groups 214

40 Profile: Adam Shostack 217

For More Information on Adam Shostack 220

41 Computer Security Education 221

Computer Security Training Topics 222

End-User/Security Awareness Training 222

General IT Security Training 222

Incident Response 222

OS and Application-Specific Training 223

Technical Skills 223

Certifications 223

Training Methods 224

Online Training 224

Break into My Website 224

Schools and Training Centers 224

Boot Camps 225

Corporate Training 225

Books 225

42 Profile: Stephen Northcutt  227

For More Information on Stephen Northcutt 230

43 Privacy 231

Privacy Organizations 232

Privacy-Protecting Applications 233

44 Profile: Eva Galperin 235

For More Information on Eva Galperin 237

45 Patching  239

Patching Facts 240

Most Exploits Are Caused by Old Vulnerabilities That Patches Exist For 240

Most Exploits Are Caused by a Few Unpatched Programs 240

The Most Unpatched Program Isn’t Always the Most Exploited Program 241

You Need to Patch Hardware Too 241

Common Patching Problems 241

Detecting Missing Patching Isn’t Accurate 241

You Can’t Always Patch 242

Some Percentage of Patching Always Fails 242

Patching Will Cause Operational Issues 242

A Patch Is a Globally Broadcasted Exploit Announcement 243

46 Profile: Window Snyder 245

For More Information on Window Snyder 248

47 Writing as a Career 249

Computer Security Writing Outlets 250

Blogs 250

Social Media Sites 250

Articles   250

Books 251

Newsletters 253

Whitepapers 254

Technical Reviews 254

Conferences 254

Professional Writing Tips 255

The Hardest Part Is Starting 255

Read Differently 255

Start Out Free 255

Be Professional 256

Be Your Own Publicist 256

A Picture Is Worth a Thousand Words 256

48 Profile: Fahmida Y . Rashid 259

For More Information on Fahmida Y. Rashid 262

49 Guide for Parents with Young Hackers   263

Signs Your Kid Is Hacking 264

They Tell You They Hack 264

Overly Secretive About Their Online Activities 264

They Have Multiple Email/Social Media Accounts You Can’t Access 265

You Find Hacking Tools on the System 265

People Complain You Are Hacking 265

You Catch Them Switching Screens Every Time You Walk into the Room 265

These Signs Could Be Normal 265

Not All Hacking Is Bad 266

How to Turn Around Your Malicious Hacker 266

Move Their Computers into the Main Living Area and Monitor 267

Give Guidance 267

Give Legal Places to Hack 267

Connect Them with a Good Mentor 269

50 Hacker Code of Ethics   271

Hacker Code of Ethics 272

Be Ethical, Transparent, and Honest 273

Don’t Break the Law 273

Get Permission 273

Be Confidential with Sensitive Information 273

Do No Greater Harm 273

Conduct Yourself Professionally 274

Be a Light for Others 274

Index 275

ROGER A. GRIMES has worked in the field of computer security for over 27 years. As a professional penetration tester, he successfully broke into every company he was hired to hack within an hour, with a single exception that took three hours. He consults worldwide and has been the InfoWorld magazine (www.infoworld.com) computer security columnist since 2005.

(ISC)² books published by Wiley provide aspiring and experienced cybersecurity professionals with unique insights and advice for delivering on (ISC)²'s vision of inspiring a safe and secure world.