nd outlining methods to test computer systems for possible weaknesses, this guide to system security provides the tools necessary for approaching computers with the skill and understanding of an outside hacker. A useful tool for those involved in securing networks from outside tampering, this guide to CEH 312-50 certification provides a vendor-neutral perspective for security officers, auditors, security professionals, site admistrators, and others concerned with the integrity of network infrastructures. Complete coverage of footprinting, trojans and backdoors, sniffers, viruses and worms, and hacking Novell and Linux exposes common vulnerabilities and reveals the tools and methods used by security professionals when implementing countermeasures.If you are reading this courseware, it is quite possible that you realize the importance of information systems security. However, we would like to put forth our motive behind compiling a resource such as this one, and what you can gain from this course.

You might find yourself asking, why choose this course, when there are several out there. The truth is that there cannot be any single courseware that can address all the issues in a detailed manner. Moreover, the rate at which exploits/tools/methods are being discovered by the security community makes it difficult for anybody to cover it at one go.

This book is designed to help all programmers who have ever written their own software to better protect their software from illegal copying. It will also be useful to programmers creating freeware who wish to protect their source code.

The idea to write a book like this came to me some time ago when I realized how poorly the topic is covered and how difficult it is to acquire the information necessary to adequately protect software. When I was involved with game production in the Czech and Slovak Republics, I was astonished at how simple their protection was, and that very often they had no protection at all — yet it is so easy to protect software, at least at a basic level.

The problem lies in the lack of information and experience in this field. That’s why I wrote this book, which will present many previously unaddressed topics concerning software protection.

This is a book about hacking. It’s not a novel about a set of elusive cyberpunks, it’s a do-it-yourself manual. Are we trying to tell you how to break into other people’s systems? No, we’re trying to help you make your own systems more secure by breaking into them yourself. Yes, this has the side effect that you might learn how to break into someone else’s system as well, and therein lies much of the controversy surrounding hacking.Who Should Read This Book?
You should read this book if you work in the information security field, or have an interest in that field. You should have a pretty good idea of how to use a computer, and ideally have some experience installing an operating system, and various application programs. You should be an Internet user. The material is aimed at mid to advanced level, but we do our best to provide some of the basics for beginners. If you’re a beginning information security student, you may struggle a bit with some of the material, but it is all understandable if you spend the effort. There are some beginner techniques taught, such as diffing, which will serve the learner through all levels of skill.

What Will This Book Teach You?
We want to teach you the skills and rules that are used by hackers to review systems for security holes. To this end, we’ve assembled some of the world’s best hackers to instruct you on topics they have expertise in. You’ll learn about cracking simple encoding schemes, how to write buffer overflows, how to use packet sniffing utilities, and how to feed carefully crafted data to both clients and servers to defeat security mechanisms. This book will teach you the role of the attacker in the battle for securing your systems.

Can you guard against Google Hacking? Google’s advanced search capabilities are being used on an increasing basis by some to harvest information from the Web. Sensitive documents, stolen credit card information, even servers behind corporate firewalls can be found using Google searches.

Are you the type of person who needs to know how to torque Google to detect SQL injection points and login portals, execute port scans and CGI scans, fingerprint web servers, locate incredible information caches such as firewall and IDS logs, password databases, SQL dumps and much more – all without sending a single packet to the target! Then Google Hacking for Penetration Testers is for you. By reverse engineering the techniques of malicious “Google hackers,” this book shows security practitioners how to properly protect their servers from this often overlooked and dangerous form of information leakage.

What’s the worst an attacker can do to you? You’d better find out, right? That’s what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.