Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Book Review: Defense Against the Black Arts

samzenpus posted more than 2 years ago | from the protect-ya-neck dept.

Security 58

brothke writes "If there ever was a book that should not be judged by its title, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It, is that book. Even if one uses the definition in The New Hackers Dictionary of 'a collection of arcane, unpublished, and (by implication) mostly ad-hoc techniques developed for a particular application or systems area', that really does not describe this book. The truth is that hacking is none of the above. If anything, it is a process that is far from mysterious, but rather aether to describe. With that, the book does a good job of providing the reader with the information needed to run a large set of hacking tools." Read below for the rest of Ben's review.Defense against the Black Arts is another in the line of hacking overview books that started with the first edition of Hacking Exposed. Like Hacking Exposed, the book walks the reader through the process of how to use hacking tools and how to make sense of their output.

Defense against the Black Arts is written for the reader with a good technical background who is looking for a nuts and bolts approach to ethical hacking. Its 14 chapters provide a comprehensive overview of the topic, with an emphasis on Windows.

But for those looking for an introductory text, this is not the best choice out there. The book is written for the reader that needs little hand-holding. This is in part due to its somewhat rough around the edges text and the use of more advanced hacking tools and techniques.

By page 4, the author has the reader downloading BackTrack Linux. BackTrack is a Ubuntu distro which has a focus on digital forensics and penetration testing. BackTrack is currently in a 5 R1 release, based on Ubuntu 10.04 LTS and Linux kernel BackTrack comes with a significant amount of security and hacking tools preloaded, which the authors reference throughout the book.

After showing how to install BackTrack, chapter 1 shows how to log into Windows without knowing the password. Much of that is around the Kon-Boot tool, which allows you to change the contents of the Windows kernel in order to bypass the administrator password. Tools like Kon-Boot though will only work when you have physical access to the machine.

Chapter 3 gets into the details of digital forensics and highlights a number of popular tools for forensic imaging. While the book provides a good overview of the topic, those looking for the definitive text on the topic should read Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet.

Chapter 5 deals with web application penetration testing. The authors describe a number of tools that can be used to assess the security of web sites, and offer ways to attempts to manipulate data from a web page or web application.

One is likely hard pressed to find a large web site that will be vulnerable to such web attacks, given that most of them have already checked for those errors via validation control testing. Smaller vendors may not be so proactive, and find out that those $99- items are being sold for .99 cents. With that, the chapter details a number of tools developers can use to test for SQL injection, XSS and other types of web vulnerabilities.

Chapter 8 is about capturing network traffic. There are two perspective to collecting traffic. For the attacker, it is about identifying holes and avenues for attack. For those trying to secure a network, collecting network traffic is an exercise in identifying, thwarting and defending the network against attacks.

Chapter 10 provides a brief overview of Metasploit. For those looking for a comprehensive overview of Metasploit, Metasploit: The Penetration Testers Guide is an excellent resource. This chapter like many of the others provides the reader with detailed step-by-step instructions, including screen prints, on how to use the specific tool at hand.

Chapter 11 provides a long list of attack and defense tools that can be used as a larger part of a penetration tester's toolkit.

Chapter 12 is interesting is that it details how social engineering can be used. The authors show how public domain tools like Google Maps can be used in to mount an attack.

Chapter 13 – Hack the Macs– is one of the shorter chapters in the book and should really be longer. One of the reasons pen testers are increasingly using Macs is that the newer Macs run on the Intel platform, and can run and emulate Windows and Linux. The increasing number of tools for the Mac, and significant Mac vulnerabilities, mean that the Mac will increasingly be used and abused in the future.

Just last week, Dr. Mich Kabay wrote in Macintosh Malware Erupts that malware specifically designed for Mac is on the rise. This is based on progressively more and more serious malware for the Mac since 2009 where given that Apple products have been increasing their market share for laptops and workstations but especially for tablets and phones.

The article notes that one of the reasons Mac OS X is perceived as superior to Windows is because of its appearance of having integrated security. But although the design may be sound, the operating system does not prevent people from being swayed into thinking that the malicious software they are downloading is safe. With that, Apple will have to concentrate more on security and vulnerability within their operating system.

The book ends with about 30 pages on wireless hacking. The chapter provides an overview of some of the weaknesses in Wi-Fi technology and how they can be exploited. The chapter focuses on the airmon tool, part of BackTrack that you can use to set your wireless adapter into monitor mode, to see all of the traffic traversing the wireless network.

Overall, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It is a really good reference for someone experienced in the topic who wants to improve their expertise.

Ben Rothkei s the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered



Anonymous Coward | more than 2 years ago | (#38453910)

Avoid using computers and mobile phones!


Anonymous Coward | more than 2 years ago | (#38456906)

...and not to mention thermostats!


Anonymous Coward | more than 2 years ago | (#38460722)

and cars nowadays!

Protection from hackers? (1)

Anonymous Coward | more than 2 years ago | (#38453952)

But, who writes the operating system then?

Re:Protection from hackers? (1)

ackthpt (218170) | more than 2 years ago | (#38454106)

But, who writes the operating system then?

Write it yourself and that'll really confound them. Write your own browser and office suite, too. Even better, make your own CPU with your very own instruction set, which will really drive them nuts!

Re:Protection from hackers? (0)

Anonymous Coward | more than 2 years ago | (#38454166)

I am the GP. I did write an OS (on Z80 in assembly), several word processors and a spreadsheet (in Modula2 on MS-DOS). I have no ambition to write a browser and designing a cpu is out of my league. But anyway, you missed my point.

Re:Protection from hackers? (0)

Anonymous Coward | more than 2 years ago | (#38454252)

Well... some of us got it. More snark about the meaning of "hacker".

Re:Protection from hackers? (1)

Anonymous Coward | more than 2 years ago | (#38455382)

You must be alluding to: Reflections on Trusting Trust by Ken Thompson

Reflections on Trusting Trust
Ken Thompson
Reprinted from Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763. Copyright © 1984, Association for Computing Machinery, Inc. Also appears in ACM Turing Award Lectures: The First Twenty Years 1965-1985 Copyright © 1987 by the ACM press and Computers Under Attack: Intruders, Worms, and Viruses Copyright © 1990 by the ACM press.

I copied this page from the ACM, in fear that it would someday turn stale.

I thank the ACM for this award. I can't help but feel that I am receiving this honor for timing and serendipity as much as technical merit. UNIX swept into popularity with an industry-wide change from central main frames to autonomous minis. I suspect that Daniel Bobrow (1) would be here instead of me if he could not afford a PDP-10 and and had to "settle" for a PDP-11. Moreover, the current state of UNIX is the result of the labors of a large number of people.

There is an old adage, "Dance with the one that brought you," which means that I should talk about UNIX. I have not worked on mainstream UNIX in many years, yet I continue to get undeserved credit for the work of others. Therefore, I am not going to talk about UNIX, but I want to thank everyone who has contributed.

That brings me to Dennis Ritchie. Our collaboration has been a thing of beauty. In the ten years that we have worked together, I can recall only one case of miscoordination of work. On that occasion, I discovered that we both had written the same 20-line assembly language program. I compared the sources and was astounded to find that they matched character-for-character. The result of our work together has been far greater than the work that we each contributed.

I am a programmer. On my 1040 form, that is what I put down as my occupation. As a programmer, I write programs. I would like to present to you the cutest program I ever wrote. I will do this in three stages and try to bring it together at the end.
Stage I

In college, before video games, we would amuse ourselves by posing programming exercises. One of the favorites was to write the shortest self-reproducing program. Since this is an exercise divorced from reality, the usual vehicle was FORTRAN. Actually, FORTRAN was the language of choice for the same reason that three-legged races are popular.

More precisely stated, the problem is to write a source program that, when compiled and executed, will produce as output an exact copy of its source. If you have never done this, I urge you to try it on your own. The discovery of how to do it is a revelation that far surpasses any benefit obtained by being told how to do it. The part about "shortest" was just an incentive to demonstrate skill and determine a winner.

[figure 1]

Figure I shows a self-reproducing program in the C programming language. (The purist will note that the program is not precisely a self-reproducing program, but will produce a self-reproducing program.) This entry is much too large to win a prize, but it demonstrates the technique and has two important properties that I need to complete my story: (1) This program can be easily written by another program. (2) This program can contain an arbitrary amount of excess baggage that will be reproduced along with the main algorithm. In the example, even the comment is reproduced.
Stage II

The C compiler is written in C. What I am about to describe is one of many "chicken and egg" problems that arise when compilers are written in their own language. In this ease, I will use a specific example from the C compiler.

C allows a string construct to specify an initialized character array. The individual characters in the string can be escaped to represent unprintable characters. For example,

        "Hello world\n"

represents a string with the character "\n," representing the new line character.

[figure 2]

Figure 2 is an idealization of the code in the C compiler that interprets the character escape sequence. This is an amazing piece of code. It "knows" in a completely portable way what character code is compiled for a new line in any character set. The act of knowing then allows it to recompile itself, thus perpetuating the knowledge.

[figure 3]

Suppose we wish to alter the C compiler to include the sequence "\v" to represent the vertical tab character. The extension to Figure 2 is obvious and is presented in Figure 3. We then recompile the C compiler, but we get a diagnostic. Obviously, since the binary version of the compiler does not know about "\v," the source is not legal C. We must "train" the compiler. After it "knows" what "\v" means, then our new change will become legal C. We look up on an ASCII chart that a vertical tab is decimal 11. We alter our source to look like Figure 4. Now the old compiler accepts the new source. We install the resulting binary as the new official C compiler and now we can write the portable version the way we had it in Figure 3.

[figure 4]

This is a deep concept. It is as close to a "learning" program as I have seen. You simply tell it once, then you can use this self-referencing definition.
Stage III
[figure 5]

Again, in the C compiler, Figure 5 represents the high-level control of the C compiler where the routine "compile" is called to compile the next line of source. Figure 6 shows a simple modification to the compiler that will deliberately miscompile source whenever a particular pattern is matched. If this were not deliberate, it would be called a compiler "bug." Since it is deliberate, it should be called a "Trojan horse."

[figure 6]

The actual bug I planted in the compiler would match code in the UNIX "login" command. The replacement code would miscompile the login command so that it would accept either the intended encrypted password or a particular known password. Thus if this code were installed in binary and the binary were used to compile the login command, I could log into that system as any user.

Such blatant code would not go undetected for long. Even the most casual perusal of the source of the C compiler would raise suspicions.

[figure 7]

The final step is represented in Figure 7. This simply adds a second Trojan horse to the one that already exists. The second pattern is aimed at the C compiler. The replacement code is a Stage I self-reproducing program that inserts both Trojan horses into the compiler. This requires a learning phase as in the Stage II example. First we compile the modified source with the normal C compiler to produce a bugged binary. We install this binary as the official C. We can now remove the bugs from the source of the compiler and the new binary will reinsert the bugs whenever it is compiled. Of course, the login command will remain bugged with no trace in source anywhere.

The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect.

After trying to convince you that I cannot be trusted, I wish to moralize. I would like to criticize the press in its handling of the "hackers," the 414 gang, the Dalton gang, etc. The acts performed by these kids are vandalism at best and probably trespass and theft at worst. It is only the inadequacy of the criminal code that saves the hackers from very serious prosecution. The companies that are vulnerable to this activity (and most large companies are very vulnerable) are pressing hard to update the criminal code. Unauthorized access to computer systems is already a serious crime in a few states and is currently being addressed in many more state legislatures as well as Congress.

There is an explosive situation brewing. On the one hand, the press, television, and movies make heroes of vandals by calling them whiz kids. On the other hand, the acts performed by these kids will soon be punishable by years in prison.

I have watched kids testifying before Congress. It is clear that they are completely unaware of the seriousness of their acts. There is obviously a cultural gap. The act of breaking into a computer system has to have the same social stigma as breaking into a neighbor's house. It should not matter that the neighbor's door is unlocked. The press must learn that misguided use of a computer is no more amazing than drunk driving of an automobile.

I first read of the possibility of such a Trojan horse in an Air Force critique (4) of the security of an early implementation of Multics.

        Bobrow, D.G., Burchfiel, J.D., Murphy, D.L., and Tomlinson, R.S. TENEX, a paged time-sharing system for the PDP-10. Commun. ACM 15, 3 (Mar. 1972), 135-143.
        Kernighan, B.W., and Ritchie, D.M. The C Programming Language. Prentice-Hall, Englewood Cliffs, N.J., 1978.
        Ritchie, D.M., and Thompson, K. The UNIX time-sharing system. Commun. ACM 17, 7(July 1974), 365-375.
        Karger, P.A., and Schell, R.R. Multics Security Evaluation: Vulnerability Analysis. ESD-TR-74-193, Vol II, June 1974, p 52.

Re:Protection from hackers? (1)

justforgetme (1814588) | more than 2 years ago | (#38457094)

Great read, very insightful. OTOH, while criminalization of unauthorized cracking into computer systems is quite sane, corporations should face criminal charges as well when exposed to be neglecting data security for sensitive information. Otherwise the punishment is one way and only unjust.

Disappointed (-1, Redundant)

Culture20 (968837) | more than 2 years ago | (#38453968)

I was totally looking forward to reading about salt, sunlamps, and holy water.

Re:Disappointed (4, Funny)

v1 (525388) | more than 2 years ago | (#38453986)

but then I saw the author wasn't Snape...

Re:Disappointed (1)

Anonymous Coward | more than 2 years ago | (#38454228)

Luckily it's not Ankit Fadia [amazon.com] either. Whenever I see a book about "hacking" I think of him. Don't ever buy his books, because you can learn more about "hacking" by watching Swordfish. But if you want a good laugh, do borrow one. The only thing his books are missing is an MST3K commentary.

Re:Disappointed (0)

Anonymous Coward | more than 2 years ago | (#38454946)

Info about him is at : http://attrition.org/errata/charlatan/ankit_fadia/fadia09.html

Re:Disappointed (0)

Anonymous Coward | more than 2 years ago | (#38462382)

I think that will be in volume 2 :)

Incompetency (0)

Anonymous Coward | more than 2 years ago | (#38454030)

Google Maps and public domain? Incompetent the reviewer is.

Re:Incompetency (1)

burhan11 (2536824) | more than 2 years ago | (#38454296)

Re:Incompetency (0)

Anonymous Coward | more than 2 years ago | (#38469146)

This is my first time to your website, I send you the very distinctive, deserve me to treasure. Your article I learned a lot of things, thank you.-- From Moncler Jackets [monclerjacketshere.com]

Re:Incompetency (0)

Anonymous Coward | more than 2 years ago | (#38458898)

What is the point....?
what is the mistake?

Front cover scare tactics! (1, Offtopic)

multiben (1916126) | more than 2 years ago | (#38454040)

That's what most crackers imagine they look like. Rather than the pale, pudgy, neck beards they are in reality.

hacking (0)

Anonymous Coward | more than 2 years ago | (#38454094)

nothing will protect you against
too much anti-biotics / growth hormones
in pig, chicken cow.
lead in paint
L-left and R-right version of
a molecule used as medicine
V-8 powered wars in a dessert
short term benefit of radioactive decay produced
overall "crappy" code
hopeful home buyers retro-active financing the
banks that gave them money ... so they can survive
to claim the outstanding loans back
[insert your hack here]

Why oh why (0)

Anonymous Coward | more than 2 years ago | (#38454108)

is /. so busy today? I can't keep up with all these stories!

co-authors (4, Funny)

tverbeek (457094) | more than 2 years ago | (#38454120)

The books is co-authored by Quirinus Quirrell, Gilderoy Lockhart, Remus Lupin, Alastor Moody, Dolores Umbridge, and Severus Snape.

Re:co-authors (1)

jd (1658) | more than 2 years ago | (#38454340)

That would explain why they're dead set against hackers rather than crackers. Gotta protect the Slytherins!

Re:co-authors (0)

Anonymous Coward | more than 2 years ago | (#38458124)

You gave the Professor of DADA in chronological order tho... Lockhard would talk about him on the book and nothing about "hacking", Alastor Moody was a "hacker" posting as Moody and Umbridge won't teach you nothing because she may be afraid that you will use it against the ministry.

Hah (2)

DnaK (1306859) | more than 2 years ago | (#38454122)

I read the title to see some crazy harry potter fan writing a book on defense of dark arts. Oh man i've been on the rss feed too long.

So my employer has to defend itself (1)

rrohbeck (944847) | more than 2 years ago | (#38454162)

...against my work, which consists of hacking to some extent - figuring out the arcane properties of software components to debug them and make them work?

suspension of disbelief fail (0)

Anonymous Coward | more than 2 years ago | (#38454212)

"By page 4, the author has the reader downloading BackTrack Linux. BackTrack is a *Ubuntu* distro..."

and no need to take this seriously, or, in fact, read any further.

Re:suspension of disbelief fail (0)

Anonymous Coward | more than 2 years ago | (#38455010)

ok, I am missing something...what is the problem here?

Re:suspension of disbelief fail (1)

wmbetts (1306001) | more than 2 years ago | (#38455130)

I'm guessing the poster has an issue with Ubuntu for some unknown reason.

Re:suspension of disbelief fail (0)

Anonymous Coward | more than 2 years ago | (#38455482)

Maybe I am missing something here...but what is the terrible mistake?

Re:suspension of disbelief fail (0)

Anonymous Coward | more than 2 years ago | (#38456652)

Page four! Don't you get it?

Re:suspension of disbelief fail (2)

retchdog (1319261) | more than 2 years ago | (#38456676)

the most hardcore security work [network and static binary analysis] i've seen has been done in windows, which isn't surprising; dos and win95 were great places to start cutting your teeth on exploiting security flaws.

for this kind of thing, the OS doesn't really matter as much as the tools available, and here's a real surprise for you: there are plenty of technical skills more impressive and valuable than dealing with the quirks of linux. plenty of meritorious technical types, just like normal people, want an OS that "just works" so they can get on with their interests and careers.

Aether? (0)

Anonymous Coward | more than 2 years ago | (#38454258)

Apparently I'm the only one who doesn't get the aethereal metaphor here, but what does

rather aether to describe

mean to convey?

Nowadays, if it is in a book... (0)

Anonymous Coward | more than 2 years ago | (#38454300)

...you can buy at some common bookstore, the info is common knowledge, out of date, and useless.

Is this mostly a cookbook? (2)

Roobles (1880882) | more than 2 years ago | (#38454480)

From the review, it really sounds like this book is only demonstrating how to use specific tools/programs. Is that just what the reviewer is highlighting? Or is this book really lacking in the theories/principals of vulnerabilities and their exploits? I know very little about "hacking," but the last way I'd want to learn about it is through something that amounts to little more than a script kiddy's field guide. To me it feels like a very immature and impractical approach to a very serious/important problem of how to protect yourself and your network.

Re:Is this mostly a cookbook? (2)

Anrego (830717) | more than 2 years ago | (#38454590)


I was a fan of "Hacking: the art of exploitation" and "Silence on the Wire".

The first one doesn't really give you much of practical use.. but gives you the basic foundation of buffer overflows and shellcode and such, a long with a fairly decent amount of background. There is a bit at the end on wireless network that kind of delves out of that curve (and in truth, feels kinda tacked on.. almost like it doesn't belong in the book but was added at the very end of writing for some reason).

Silence on the Wire gives you even less practical, but the amount of background knowledge that is given to lead up to the end "exploit" is well worth it. The section on network itself is better than any networking textbook I've ever read.

Well then (1)

koan (80826) | more than 2 years ago | (#38454510)

Is there a well regarded hacking book out there?
Most comments suggest there is not and I get the feeling hackers are primarily self taught so if you're grabbing Backtrack and using youtube tutorials you most likely are not a "hacker" (cracker?)

Re:Well then (1)

Anrego (830717) | more than 2 years ago | (#38454624)

I just made a comment about this above, but I'm a fan of "hacking: the art of exploitation" and "silence on the wire".

"Silence on the Wire" is completely useless from a real world standpoint, but gives a tremendous amount of background knowledge. The section on network alone is better than any networking textbook I've ever read.

"hacking: the art of exploitation" gives you basic background in how buffer overflows work, shell code is written, and just basic core background. Again, nothing that you can actually go out and use.. but a very interesting read and much more theory than "tool of the week".

Long Gone (1)

interval1066 (668936) | more than 2 years ago | (#38454558)

I guess its not going to do any good AT ALL to bring up (yet again) how wrongly the term "hacking" is applied to script kiddies, hijackers, and black hat ops. The classic MIT (and correct) def of "hacker" is just a distant memory now.

Re:Long Gone (2)

Anrego (830717) | more than 2 years ago | (#38454700)

In my view, it is no longer wrong.

The definition of "hacker" has changed to include people who break into systems for evil purposes. The battle to prevent this is over, it's a done deal. Insisting people use the word "cracker" is at this point just annoying.. it was a stupid choice of word to begin with, and never caught on (and never will). If they'd chosen something that doesn't make you sound like a complete tool and had intuitive meaning, maybe something like "cyber criminal", it might have had a shot, but as it stands they went with "cracker" and no one could say it with a straight face and even if they did they than had to explain what the hell they were talking about and so no one did and so they used "hacker" instead and so here we are.

At this point, we'd be more likely to invent a new word for people who would fall under the "old" hacking definition. And for the love of the great fire cactus and the Aztec god of romance.. pick something that people would be happy to be refered to as! If we end up with "electrofiddler" it's not going to catch on either!

Defence Against the Dark Arts (2, Funny)

Anonymous Coward | more than 2 years ago | (#38454748)

Am I the only one who misread that as a title of Harry Potter fan books?

Re:Defence Against the Dark Arts (2)

suso (153703) | more than 2 years ago | (#38456368)

I think its an obvious parody. I do know that whoever the author of this book is, they will turn out to be the villain by the end.

Not available for Nook (0)

Anonymous Coward | more than 2 years ago | (#38455210)

Bummer. Guess I'll have to wait....

Nice artwork. (0)

Anonymous Coward | more than 2 years ago | (#38455532)

Look at the cover and then do an image search for "Jew Süß"


I'm a hacker. (0)

Anonymous Coward | more than 2 years ago | (#38455762)

The only "tools" I use besides the ones I make are GCC and a text editor.

How to protect against me? You don't; I'm a good guy. If I were a cracker you could protect yourself by promptly installing OS updates. Installing software from only trusted sources. Using secure passwords, and not telling them to anyone.

This or:
Don't own a computer.

Don't turn on a computer.

Certainly, don't use a computer.

Do these three things and you'll be safe... In otherwords, stay backed up. This whole place is a house of matches, and everyone's carrying torches; You can lose everything in a heartbeat. Hell, hardware failures are more worrisome to me than hackers!

Re:I'm a hacker. (0)

Anonymous Coward | more than 2 years ago | (#38459282)

I prefer:

Use iOS and OS X products. Wake me up when there is an actual exploit on the iPhone or Mac that isn't due to jailbreaking and leaving the root PW at `alpine` or downloading pirated .dmg files that have Trojans added. For all intents and purposes, Apple's devices have been 100% secure against the nasty stuff in the real world.

Ah, Backtrack 5! Highly Recommended... (3, Interesting)

alreaud (2529304) | more than 2 years ago | (#38456136)

My favorite OS for penetration testing and back-tracking those pesky shell attackers and phishers. If you really want to learn the "dark arts" go through some of their online/manuals and courses, like the Metaspoit one. BT5 has some awesome tools. Ones that Anonymous themselves would be proud of. Things like zenmap, openvas, maltego, msf, siege, etc. That is what gets installed in every laptop I own.

Lets see, using that I back-track every single shell attacker. The commonalities are HTTP TRACE, lots of open ports, usually mail servers. At least three attack vectors running in the wild. Fast single IP attacks, multiple-domain attacks, and these new Hail Mary's that are round robbing through numerous countries with a cycle time of 15 minutes to hours. These are trying to bypass tools like fail2ban.

So far I've knocked out the database on one, it hasn't bothered me again. Left a calling card on another, it hasn't bothered me again. I've fixed a few sites in the US via phone that the users where available on, and fixed a few via email. The rest, I log data and post the most interesting on my business website's BackHacker Blog. One can't fix all the compromised servers in the world, but we fix the ones we can, LOL!

Viva la wetware!

Misleading Title (1)

gblues (90260) | more than 2 years ago | (#38456628)

With a name like that, I expected this book to tell me how to defend myself from an evil voodoo priestess, or how to protect my body against necromancy, or warding against Magic Missile. Maybe I've just been playing too much Skyrim.

Re:Misleading Title (0)

Anonymous Coward | more than 2 years ago | (#38458614)

I think that info is in the appendix :)

WTF (0)

Anonymous Coward | more than 2 years ago | (#38458608)

No ebook on Amazon and the paperback is 59.35! Who is he trying to sell to?

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account