Thwarting the Enemy

Hacker’s Challenge 2 tests your defensive skills.

You’ve read books on hacking, perused hacking tools on Web sites and discussed hacking preparedness with your co-workers. So, when it comes time to test your mettle, you’re sure you’ll be ready?right? Well, with Hacker’s Challenge 2, you’re given the chance to test your skills without putting your corporate systems on the line.

Hacker’s Challenge 2 is a collection of scenarios based on the authors’ real-world experiences as professional security consultants. The book is divided into two parts: The first part contains scenarios for you to work through, while the second section provides the solutions. In the first segment, each scenario contains all the necessary facts to detect, identify and solve the problem. This includes network topologies, server and application logs, and relevant “soft” information such as employee discussions. To help you focus your analysis, questions are provided at the end of each scenario that should be answered in order to solve the problem.

The scenarios cover a broad range of attacks, from social engineering and wireless wardriving to buffer overflow attacks and VLAN configuration problems (along with a man-in-the-middle scenario to keep things interesting). Some of the scenarios may seem obvious, including the “default-password-on-the-router” scheme, but they’re all handled with humor and, sometimes, with a bit of misdirection. To protect the innocent—and, occasionally, the guilty—all identifying information has been removed.
In the second section, the solutions contain scenario analyses, showing which relevant information helped solve the cases, and provide answers to the questions posed. The solutions also include sections on prevention and mitigation, and a list of additional resources to pursue if any of these scenarios hit close to home.

While this book offers many good tips, it isn’t for the novice network or systems administrator looking for an instant knowledge transfer. Much of the problem analysis involves reading logs, many of which don’t have the fields or data explained, so previous experience with this level of data diagnosis is highly recommended. Some of it can be worked out in context, but other bits of data require actual knowledge of the subject matter.

Where this book will be most useful is either as a training manual or as a companion volume to Hacking Exposed. Along with its predecessor Hacker’s Challenge (Schiffman, Osborne, 300 pages, $29.99, ISBN 0072193840), Hacker’s Challenge 2 tests your ability to recognize attacks and shows you how to respond quickly when they occur. One good training method would be to assign a scenario at your next team meeting and see how quickly the team can diagnose the problem and propose a solution. One thing these scenarios subtly point out is that no one person typically has all the pieces of the puzzle or all the tools needed to find the answer. Using this book to help identify your teammates’ skill sets and domain knowledge may be the best investment you can make toward intrusion detection and prevention. If nothing else, the scenarios make you wonder just how safe your own environment is and help you realize that security truly is a journey, not a destination.

About the Author

Michael Toot, MCSE, MCP+I, is a freelance author and consultant in the Seattle area. He freely admits that his wife and two cats, collectively and individually, know more than he does.

Featured

  • Microsoft Nabs IoT Platform Provider Express Logic

    As part of its plan to invest $5 billion in IoT technologies, Microsoft this week acquired Express Logic, which provides real-time operating systems for industrial embedded and IoT devices.

  • Dealing with Broken Dependencies in SCVMM

    Brien shows you how to resolve some broken, template-related dependencies in Microsoft's System Center Virtual Machine Manager.

  • AzCopy Preview Adds AWS S3 Data Transfer Improvements

    Microsoft announced this week that it has improved the preview version of its AzCopy tool to better handle Amazon Web Services (AWS) S3 data.

  • Microsoft Adding Google G Suite Migration in Exchange Admin Center

    Microsoft's Exchange Admin Center will be getting the ability to move Google G Suite calendar, contacts and e-mail data over to the Office 365 service "in the coming weeks."

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.