Hacking For Dummies

Stop hackers before they hack you!

In order to outsmart a would-be hacker, you need to get into the hacker's mindset. And with this book, thinking like a bad guy has never been easier. In Hacking For Dummies, expert author Kevin Beaver shares his knowledge on penetration testing, vulnerability assessments, security best practices, and every aspect of ethical hacking that is essential in order to stop a hacker in their tracks.

Whether you're worried about your laptop, smartphone, or desktop computer being compromised, this no-nonsense book helps you learn how to recognize the vulnerabilities in your systems so you can safeguard them more diligently--with confidence and ease.

• Get up to speed on Windows 10 hacks

• Learn about the latest mobile computing hacks

• Get free testing tools

• Find out about new system updates and improvements

There's no such thing as being too safe--and this resourceful guide helps ensure you're protected.

Autorentext

Kevin Beaver is an independent information security consultant with more than three decades of experience. Kevin specializes in performing vulnerability and penetration testing and security consulting work for Fortune 1000 corporations, product vendors, independent software developers, universities, and government organizations. He has appeared on CNN and been quoted in The Wall Street Journal.

Klappentext

• Prevent Windows® 10, Linux®, and macOS® attacks
• Use the latest tools and techniques

• Develop a security testing plan Be a good guy by thinking like a bad guy To outsmart a hacker, you must think like a hacker. Security expert Kevin Beaver shows you what motivates hackers and what they're looking for. He lets you in on the secrets of vulnerability and penetration testing, security best practices, and everything else you need to know to stop attackers before they cause problems for your business. Learn how to protect your servers and desktops, web applications, mobile devices, or your entire network. Inside

• Identify Windows® 10, Linux®, and macOS® vulnerabilities
• Prevent web application hacking
• Defend your databases
• Secure your mobile devices
• Eliminate vulnerabilities in VoIP
• Browse a list of free and commercial testing tools
• Check out resources for locking down your network

Zusammenfassung
Stop hackers before they hack you!

In order to outsmart a would-be hacker, you need to get into the hacker's mindset. And with this book, thinking like a bad guy has never been easier. In Hacking For Dummies, expert author Kevin Beaver shares his knowledge on penetration testing, vulnerability assessments, security best practices, and every aspect of ethical hacking that is essential in order to stop a hacker in their tracks.

Whether you're worried about your laptop, smartphone, or desktop computer being compromised, this no-nonsense book helps you learn how to recognize the vulnerabilities in your systems so you can safeguard them more diligentlywith confidence and ease.

• Get up to speed on Windows 10 hacks
• Learn about the latest mobile computing hacks
• Get free testing tools
• Find out about new system updates and improvements
  There's no such thing as being too safeand this resourceful guide helps ensure you're protected.

Inhalt

Introduction 1

About This Book 1

Foolish Assumptions 2

Icons Used in This Book 3

Beyond the Book 3

Where to Go from Here 4

Part 1: Building the Foundation for Security Testing 5

Chapter 1: Introduction to Vulnerability and Penetration Testing 7

Straightening Out the Terminology 7

Hacker 8

Malicious user 9

Recognizing How Malicious Attackers Beget Ethical Hackers 10

Vulnerability and penetration testing versus auditing 10

Policy considerations 11

Compliance and regulatory concerns 12

Understanding the Need to Hack Your Own Systems 12

Understanding the Dangers Your Systems Face 14

Nontechnical attacks 14

Network infrastructure attacks 15

Operating system attacks 15

Application and other specialized attacks 15

Following the Security Assessment Principles 16

Working ethically 16

Respecting privacy 17

Not crashing your systems 17

Using the Vulnerability and Penetration Testing Process 18

Formulating your plan 18

Selecting tools 20

Executing the plan 22

Evaluating results 23

Moving on 23

Chapter 2: Cracking the Hacker Mindset 25

What You're Up Against 25

Who Breaks into Computer Systems 28

Hacker skill levels 28

Hacker motivations 30

Why They Do It 30

Planning and Performing Attacks 33

Maintaining Anonymity 35

Chapter 3: Developing Your Security Testing Plan 37

Establishing Your Goals 37

Determining Which Systems to Test 40

Creating Testing Standards 43

Timing your tests 43

Running specific tests 44

Conducting blind versus knowledge assessments 45

Picking your location 46

Responding to vulnerabilities you find 46

Making silly assumptions 46

Selecting Security Assessment Tools 47

Chapter 4: Hacking Methodology 49

Setting the Stage for Testing 49

Seeing What Others See 51

Scanning Systems 52

Hosts 53

Open ports 53

Determining What's Running on Open Ports 54

Assessing Vulnerabilities 56

Penetrating the System 58

Part 2: Putting Security Testing in Motion 59

Chapter 5: Information Gathering 61

Gathering Public Information 61

Social media 62

Web search 62

Web crawling 63

Websites 64

Mapping the Network 64

WHOIS 65

Privacy policies 66

Chapter 6: Social Engineering 67

Introducing Social Engineering 67

Starting Your Social Engineering Tests 68

Knowing Why Attackers Use Social Engineering 69

Understanding the Implications 70

Building trust 71

Exploiting the relationship 72

Performing Social Engineering Attacks 74

Determining a goal 75

Seeking information 75

Social Engineering Countermeasures 80

Policies 80

User awareness and training 80

Chapter 7: Physical Security 83

Identifying Basic Physical Security Vulnerabilities 84

Pinpointing Physical Vulnerabilities in Your Office 85

Building infrastructure 85

Utilities 87

Office layout and use 88

Network components and computers 90

Chapter 8: Passwords 95

Understanding Password Vulnerabilities 96

Organizational password vulnerabilities 97 Tech...