Thwarting the Enemy
Hacker’s Challenge 2 tests your defensive skills.
- By Michael Toot
- 05/01/2003
You’ve read books on hacking, perused hacking tools on Web sites
and discussed hacking preparedness with your co-workers. So, when it comes
time to test your mettle, you’re sure you’ll be ready?right?
Well, with
Hacker’s Challenge 2, you’re given the
chance to test your skills without putting your corporate systems on the
line.
Hacker’s Challenge 2 is a collection of scenarios based
on the authors’ real-world experiences as professional security
consultants. The book is divided into two parts: The first part contains
scenarios for you to work through, while the second section provides the
solutions. In the first segment, each scenario contains all the necessary
facts to detect, identify and solve the problem. This includes network
topologies, server and application logs, and relevant “soft”
information such as employee discussions. To help you focus your analysis,
questions are provided at the end of each scenario that should be answered
in order to solve the problem.
The scenarios cover a broad range of attacks, from social engineering
and wireless wardriving to buffer
overflow attacks and VLAN configuration problems (along with a man-in-the-middle
scenario to keep things interesting). Some of the scenarios may seem obvious,
including the “default-password-on-the-router” scheme, but
they’re all handled with humor and, sometimes, with a bit of misdirection.
To protect the innocent—and, occasionally, the guilty—all
identifying information has been removed.
In the second section, the solutions contain scenario analyses, showing
which relevant information helped solve the cases, and provide answers
to the questions posed. The solutions also include sections on prevention
and mitigation, and a list of additional resources to pursue if any of
these scenarios hit close to home.
While this book offers many good tips, it isn’t for the novice
network or systems administrator looking for an instant knowledge transfer.
Much of the problem analysis involves reading logs, many of which don’t
have the fields or data explained, so previous experience with this level
of data diagnosis is highly recommended. Some of it can be worked out
in context, but other bits of data require actual knowledge of the subject
matter.
Where this book will be most useful is either as a training manual or
as a companion volume to Hacking
Exposed. Along with its predecessor Hacker’s
Challenge (Schiffman,
Osborne, 300 pages, $29.99, ISBN 0072193840), Hacker’s Challenge
2 tests your ability to recognize attacks and shows you how to respond
quickly when they occur. One good training method would be to assign a
scenario at your next team meeting and see how quickly the team can diagnose
the problem and propose a solution. One thing these scenarios subtly point
out is that no one person typically has all the pieces of the puzzle or
all the tools needed to find the answer. Using this book to help identify
your teammates’ skill sets and domain knowledge may be the best
investment you can make toward intrusion detection and prevention. If
nothing else, the scenarios make you wonder just how safe your own environment
is and help you realize that security truly is a journey, not a destination.
About the Author
Michael Toot, MCSE, MCP+I, is a freelance author and consultant in the
Seattle area. He freely admits that his wife and two cats, collectively and
individually, know more than he does.