Foreword: Hacking for Dummies
Foreword: Hacking for Dummies
Available on Amazon
Foreword by Stuart McClure
Little more than a decade ago, IT security was barely a newborn in diapers. With only a handful of security professionals in 1994, few practiced security and even fewer truly understood it. Security technologies amounted to little more than anti-virus software and packet filtering routers at that time. And the concept of a “hacker” came primarily from the Hollywood movie WarGames; or more often it referred to someone with a low golf score. As a result, just like Rodney Dangerfield, it got “no respect,” and no one took it seriously. IT professionals saw it largely as a nuisance, to be ignored — that is until they were impacted by it.
Today, the number of Certified Information Systems Security Professionals (CISSP) has topped 41,000 (www.isc2.org) worldwide, and there are more security companies dotting the landscape than anyone could possibly remember. Today security technologies encompass everything from authentication and authorization to firewalls and VPNs. There are so many ways to address the security problem that it can cause more than a slight migraine simply considering the alternatives. And the term hacker has become a permanent part of our everyday vernacular — as defined in nearly daily headlines. The world (and its criminals) has changed dramatically.
So what does all this mean for you, the home/end-user or IT/security professional that is thrust into this dangerous online world every time you hit the power button on your computer? The answer is everything. The digital landscape is peppered with land mines that can go off with the slightest touch or, better yet, without any provocation whatsoever. Consider some simple scenarios:
Simply plugging into the Internet without a properly configured firewall can get you hacked before the pizza is delivered, within 30 minutes or less.
Opening an e-mail attachment from a family member, friend, or work colleague can install a back door on your system, allowing a hacker free access to your computer.
Downloading and executing a file via your Internet Messaging (IM) program can turn your pristine desktop into a Centers for Disease Control (CDC) hotzone, complete with the latest alphabet soup virus.
Browsing to an innocent (and trusted) Web site can completely compromise your computer, allowing a hacker to read your sensitive files or, worse, delete them.
Trust me when we say the likelihood of becoming an Internet drive-by statistic on the information superhighway is painfully real.
I am often asked, “Is the fear, uncertainty, and doubt (FUD) centered on cyber-terrorism justified? Can cyber-terrorists really affect our computer systems and our public infrastructure as some have prognosticated like new-age Nostradamus soothsayers?” The answer I always give is, “Unequivocally, yes.” The possibility of a digital Pearl Harbor is closer than many think. Organized terrorist cells like Al Qaeda are raided almost weekly, and when computers are discovered, their drives are filled with cyber-hacking plans, U.S. infrastructure blueprints, and instructions on attacking U.S. computer and infrastructure targets.
Do you believe the energy commission’s report about the biggest power outage in U.S. history? The one that on August 14, 2003, left one-fifth of the U.S. population without power (about 50 million people) for over 12 hours? Do you believe that it has to do with untrimmed trees and faulty control processes? If you believe in Occam’s Razor, then yes, the simplest explanation is usually the correct one, but remember this: The power outage hit just three days after the Microsoft Blaster worm, one of the most vicious computer worms ever unleashed on the Internet, first hit. Coincidence? Perhaps.
Some of you may be skeptical, saying, “Well, if the threat is so real, why hasn’t something bad happened yet?” I respond simply, “If I had come to you on September 10, 2001, and said that in the near future people would use commercial airplanes as bombs to kill over 3,000 people in the matter of 5 hours, would you believe me?” I understand your skepticism. And you should be skeptical. But we are asking for your trust, and your faith, before something bad happens. Trust that we know the truth, we know what is possible, and we know the mind of the enemy. I think we can all agree on at least one thing, we cannot allow them to succeed.
Every minute of every day there are governments, organized crime, and hacker groups turning the doorknobs on your house looking for an unlocked entry. They are rattling the windows and circling your domicile, looking for a weakness, a vulnerability, or a way into your house. Are you going to let them in? Are you going to sit idly by and watch as they ransack your belongings, make use of your facilities, and desecrate your sanctuary? Or are you going to empower yourself, educate yourself, and prevent them from winning? The actions you take today will ultimately answer that question.
Do not despair, all hope is not lost. Increasing security is more of a mindset than anything else. Security is akin to working out. If you don’t do it regularly, it won’t become a part of your lifestyle. And if it doesn’t become a part of your lifestyle, it will quickly become something you can forgo and avoid. In other words, you won’t be fit. Same thing applies for security. If you don’t realize that it is a process, not a goal, then you will never make it part of your everyday wellness routine; as a result, it quickly becomes something you forgo and avoid. And if you avoid it, you will eventually be bit by it.
The greatest gift you can give yourself is that of education. What you don’t know may not kill you, but it may seriously impact you or someone you care about. Knowing what you don’t know is the real trick. And filling in the gaps of knowledge is paramount to preventing a significant attack. Hacking For Dummies can fill in those gaps. Kevin has done a remarkable job in presenting material that is valuable and unique in that it covers hacking methodologies for Windows, Novell, and Linux, as well as such little-covered topics as physical security, social engineering, and malware. The varied coverage of security topics in this book is what helps you more completely understand the minds of hackers and how they work, and it will ultimately be the singular reason you may avoid an attack in the future. Read it carefully. Learn from it. And practice what it says in every area you can.
Make no mistake; the digital battlefield is very real. It has no beginning, it has no ending, it has no boundaries, and it has no rules. Read this book, learn from it, and defend yourself, or we may lose this digital war.
Available on Amazon
Foreword by Stuart McClure
Little more than a decade ago, IT security was barely a newborn in diapers. With only a handful of security professionals in 1994, few practiced security and even fewer truly understood it. Security technologies amounted to little more than anti-virus software and packet filtering routers at that time. And the concept of a “hacker” came primarily from the Hollywood movie WarGames; or more often it referred to someone with a low golf score. As a result, just like Rodney Dangerfield, it got “no respect,” and no one took it seriously. IT professionals saw it largely as a nuisance, to be ignored — that is until they were impacted by it.
Today, the number of Certified Information Systems Security Professionals (CISSP) has topped 41,000 (www.isc2.org) worldwide, and there are more security companies dotting the landscape than anyone could possibly remember. Today security technologies encompass everything from authentication and authorization to firewalls and VPNs. There are so many ways to address the security problem that it can cause more than a slight migraine simply considering the alternatives. And the term hacker has become a permanent part of our everyday vernacular — as defined in nearly daily headlines. The world (and its criminals) has changed dramatically.
So what does all this mean for you, the home/end-user or IT/security professional that is thrust into this dangerous online world every time you hit the power button on your computer? The answer is everything. The digital landscape is peppered with land mines that can go off with the slightest touch or, better yet, without any provocation whatsoever. Consider some simple scenarios:
Simply plugging into the Internet without a properly configured firewall can get you hacked before the pizza is delivered, within 30 minutes or less.
Opening an e-mail attachment from a family member, friend, or work colleague can install a back door on your system, allowing a hacker free access to your computer.
Downloading and executing a file via your Internet Messaging (IM) program can turn your pristine desktop into a Centers for Disease Control (CDC) hotzone, complete with the latest alphabet soup virus.
Browsing to an innocent (and trusted) Web site can completely compromise your computer, allowing a hacker to read your sensitive files or, worse, delete them.
Trust me when we say the likelihood of becoming an Internet drive-by statistic on the information superhighway is painfully real.
I am often asked, “Is the fear, uncertainty, and doubt (FUD) centered on cyber-terrorism justified? Can cyber-terrorists really affect our computer systems and our public infrastructure as some have prognosticated like new-age Nostradamus soothsayers?” The answer I always give is, “Unequivocally, yes.” The possibility of a digital Pearl Harbor is closer than many think. Organized terrorist cells like Al Qaeda are raided almost weekly, and when computers are discovered, their drives are filled with cyber-hacking plans, U.S. infrastructure blueprints, and instructions on attacking U.S. computer and infrastructure targets.
Do you believe the energy commission’s report about the biggest power outage in U.S. history? The one that on August 14, 2003, left one-fifth of the U.S. population without power (about 50 million people) for over 12 hours? Do you believe that it has to do with untrimmed trees and faulty control processes? If you believe in Occam’s Razor, then yes, the simplest explanation is usually the correct one, but remember this: The power outage hit just three days after the Microsoft Blaster worm, one of the most vicious computer worms ever unleashed on the Internet, first hit. Coincidence? Perhaps.
Some of you may be skeptical, saying, “Well, if the threat is so real, why hasn’t something bad happened yet?” I respond simply, “If I had come to you on September 10, 2001, and said that in the near future people would use commercial airplanes as bombs to kill over 3,000 people in the matter of 5 hours, would you believe me?” I understand your skepticism. And you should be skeptical. But we are asking for your trust, and your faith, before something bad happens. Trust that we know the truth, we know what is possible, and we know the mind of the enemy. I think we can all agree on at least one thing, we cannot allow them to succeed.
Every minute of every day there are governments, organized crime, and hacker groups turning the doorknobs on your house looking for an unlocked entry. They are rattling the windows and circling your domicile, looking for a weakness, a vulnerability, or a way into your house. Are you going to let them in? Are you going to sit idly by and watch as they ransack your belongings, make use of your facilities, and desecrate your sanctuary? Or are you going to empower yourself, educate yourself, and prevent them from winning? The actions you take today will ultimately answer that question.
Do not despair, all hope is not lost. Increasing security is more of a mindset than anything else. Security is akin to working out. If you don’t do it regularly, it won’t become a part of your lifestyle. And if it doesn’t become a part of your lifestyle, it will quickly become something you can forgo and avoid. In other words, you won’t be fit. Same thing applies for security. If you don’t realize that it is a process, not a goal, then you will never make it part of your everyday wellness routine; as a result, it quickly becomes something you forgo and avoid. And if you avoid it, you will eventually be bit by it.
The greatest gift you can give yourself is that of education. What you don’t know may not kill you, but it may seriously impact you or someone you care about. Knowing what you don’t know is the real trick. And filling in the gaps of knowledge is paramount to preventing a significant attack. Hacking For Dummies can fill in those gaps. Kevin has done a remarkable job in presenting material that is valuable and unique in that it covers hacking methodologies for Windows, Novell, and Linux, as well as such little-covered topics as physical security, social engineering, and malware. The varied coverage of security topics in this book is what helps you more completely understand the minds of hackers and how they work, and it will ultimately be the singular reason you may avoid an attack in the future. Read it carefully. Learn from it. And practice what it says in every area you can.
Make no mistake; the digital battlefield is very real. It has no beginning, it has no ending, it has no boundaries, and it has no rules. Read this book, learn from it, and defend yourself, or we may lose this digital war.
Available on Amazon
Foreword by Stuart McClure
Little more than a decade ago, IT security was barely a newborn in diapers. With only a handful of security professionals in 1994, few practiced security and even fewer truly understood it. Security technologies amounted to little more than anti-virus software and packet filtering routers at that time. And the concept of a “hacker” came primarily from the Hollywood movie WarGames; or more often it referred to someone with a low golf score. As a result, just like Rodney Dangerfield, it got “no respect,” and no one took it seriously. IT professionals saw it largely as a nuisance, to be ignored — that is until they were impacted by it.
Today, the number of Certified Information Systems Security Professionals (CISSP) has topped 41,000 (www.isc2.org) worldwide, and there are more security companies dotting the landscape than anyone could possibly remember. Today security technologies encompass everything from authentication and authorization to firewalls and VPNs. There are so many ways to address the security problem that it can cause more than a slight migraine simply considering the alternatives. And the term hacker has become a permanent part of our everyday vernacular — as defined in nearly daily headlines. The world (and its criminals) has changed dramatically.
So what does all this mean for you, the home/end-user or IT/security professional that is thrust into this dangerous online world every time you hit the power button on your computer? The answer is everything. The digital landscape is peppered with land mines that can go off with the slightest touch or, better yet, without any provocation whatsoever. Consider some simple scenarios:
Simply plugging into the Internet without a properly configured firewall can get you hacked before the pizza is delivered, within 30 minutes or less.
Opening an e-mail attachment from a family member, friend, or work colleague can install a back door on your system, allowing a hacker free access to your computer.
Downloading and executing a file via your Internet Messaging (IM) program can turn your pristine desktop into a Centers for Disease Control (CDC) hotzone, complete with the latest alphabet soup virus.
Browsing to an innocent (and trusted) Web site can completely compromise your computer, allowing a hacker to read your sensitive files or, worse, delete them.
Trust me when we say the likelihood of becoming an Internet drive-by statistic on the information superhighway is painfully real.
I am often asked, “Is the fear, uncertainty, and doubt (FUD) centered on cyber-terrorism justified? Can cyber-terrorists really affect our computer systems and our public infrastructure as some have prognosticated like new-age Nostradamus soothsayers?” The answer I always give is, “Unequivocally, yes.” The possibility of a digital Pearl Harbor is closer than many think. Organized terrorist cells like Al Qaeda are raided almost weekly, and when computers are discovered, their drives are filled with cyber-hacking plans, U.S. infrastructure blueprints, and instructions on attacking U.S. computer and infrastructure targets.
Do you believe the energy commission’s report about the biggest power outage in U.S. history? The one that on August 14, 2003, left one-fifth of the U.S. population without power (about 50 million people) for over 12 hours? Do you believe that it has to do with untrimmed trees and faulty control processes? If you believe in Occam’s Razor, then yes, the simplest explanation is usually the correct one, but remember this: The power outage hit just three days after the Microsoft Blaster worm, one of the most vicious computer worms ever unleashed on the Internet, first hit. Coincidence? Perhaps.
Some of you may be skeptical, saying, “Well, if the threat is so real, why hasn’t something bad happened yet?” I respond simply, “If I had come to you on September 10, 2001, and said that in the near future people would use commercial airplanes as bombs to kill over 3,000 people in the matter of 5 hours, would you believe me?” I understand your skepticism. And you should be skeptical. But we are asking for your trust, and your faith, before something bad happens. Trust that we know the truth, we know what is possible, and we know the mind of the enemy. I think we can all agree on at least one thing, we cannot allow them to succeed.
Every minute of every day there are governments, organized crime, and hacker groups turning the doorknobs on your house looking for an unlocked entry. They are rattling the windows and circling your domicile, looking for a weakness, a vulnerability, or a way into your house. Are you going to let them in? Are you going to sit idly by and watch as they ransack your belongings, make use of your facilities, and desecrate your sanctuary? Or are you going to empower yourself, educate yourself, and prevent them from winning? The actions you take today will ultimately answer that question.
Do not despair, all hope is not lost. Increasing security is more of a mindset than anything else. Security is akin to working out. If you don’t do it regularly, it won’t become a part of your lifestyle. And if it doesn’t become a part of your lifestyle, it will quickly become something you can forgo and avoid. In other words, you won’t be fit. Same thing applies for security. If you don’t realize that it is a process, not a goal, then you will never make it part of your everyday wellness routine; as a result, it quickly becomes something you forgo and avoid. And if you avoid it, you will eventually be bit by it.
The greatest gift you can give yourself is that of education. What you don’t know may not kill you, but it may seriously impact you or someone you care about. Knowing what you don’t know is the real trick. And filling in the gaps of knowledge is paramount to preventing a significant attack. Hacking For Dummies can fill in those gaps. Kevin has done a remarkable job in presenting material that is valuable and unique in that it covers hacking methodologies for Windows, Novell, and Linux, as well as such little-covered topics as physical security, social engineering, and malware. The varied coverage of security topics in this book is what helps you more completely understand the minds of hackers and how they work, and it will ultimately be the singular reason you may avoid an attack in the future. Read it carefully. Learn from it. And practice what it says in every area you can.
Make no mistake; the digital battlefield is very real. It has no beginning, it has no ending, it has no boundaries, and it has no rules. Read this book, learn from it, and defend yourself, or we may lose this digital war.