This book on computer security (and ethical hacking) is aimed at any IT professional who is aware of the concept of computer security but is a novice.
This book on computer security (and ethical hacking) is aimed at any IT professional familiar with the concept of computer security but new to or beginners in the field of information systems security. Its objective is to introduce the reader to attacker techniques and teach them how to defend themselves. In this new edition, each chapter has been revised, corrected, or even rewritten to reflect current developments in computer security. New tools are presented, and topics not covered in previous editions have been added, such as in-depth memory analysis using specialized tools, Stack Cookie Bypassing in the chapter on application vulnerabilities, CAPTCHAs in the Web chapter, and more. The major new feature of this edition is the inclusion of a chapter on the highly topical security of Cloud Computing. After a precise definition of the different types of hackers and their objectives, the authors present the methodology of an attack and the means of identifying vulnerabilities that can be exploited to gain entry into a system. The chapter on Social Engineering, or social manipulation, illustrates why human vulnerabilities account for over 601% of successful attacks. Physical vulnerabilities, which allow direct access to targeted computers, as well as network and Wi-Fi vulnerabilities, are presented and illustrated, each time with suggested countermeasures. Cloud Computing is then presented (its history and operation) to better understand its security. Web security is also covered, and common vulnerabilities are identified using tools that readers can easily implement on their own systems. The goal is always to identify potential vulnerabilities in order to then implement the appropriate protection strategy. Finally, system vulnerabilities in Windows and Linux are listed, followed by application vulnerabilities, with some elements to familiarize oneself with assembly language and thus better understand attack possibilities. The authors of this book are a team of dedicated individuals whose mission is to make computer security accessible to everyone: learn how to attack to better defend yourself is their motto. White hat hackers at heart, they open the doors to underground knowledge for the reader. The book's chapters: Introduction and definitions – Methodology of an attack – Social engineering – Physical vulnerabilities – Fingerprinting – Network vulnerabilities – Cloud computing: strengths and weaknesses – Web vulnerabilities – System vulnerabilities – Application vulnerabilities – Legal risks and solutions
