Item description for Aggressive Network Self-Defense by Neil R. Wyler...
If a robber breaks into your house, do you have the right to defend yourself and your property? If a menacing figure assaults you on the street, does the law allow you to hit back? Of course. But, what if a criminal hacker launches a worm at your network or tries to compromise your server to steal your data? Now...things get interesting.
Promise Angels is dedicated to bringing you great books at great prices. Whether you read for entertainment, to learn, or for literacy - you will find what you want at promiseangels.com!
Est. Packaging Dimensions: Length: 9.1" Width: 7" Height: 1.1" Weight: 1.3 lbs.
Release Date Feb 1, 2005
ISBN 1931836205 ISBN13 9781931836203
Availability 127 units. Availability accurate as of Oct 25, 2016 01:01.
Usually ships within one to two business days from La Vergne, TN.
Orders shipping to an address other than a confirmed Credit Card / Paypal Billing address may incur and additional processing delay.
Reviews - What do customers think about Aggressive Network Self-Defense?
Interesting and helpful, but the legal ramifications still unclear Sep 18, 2006
It is fair to say that most of the current strategies for network defense are passive, in that they involve setting up elaborate security shields to thwart or redirect intruders. The reason for this no doubt is that network administrators and IT departments do not want to face the legal consequences if they do as the authors of this book advocate, namely launching an attack on an intruder (human or otherwise) that will effectively disable it or at least frustrate it to a large degree. Interestingly though, the legal framework surrounding "aggressive" network self-defense is far from being clear. It would seem that existing laws on the books dealing with harassment and public nuisance would in fact support a large degree of "strike-back" network defense. The authors of this book seem to agree on this legal right, but the initial discussions in the book do illustrate the severe consequences that could arise if a security administrator were to take up the strike-back philosophy.
The weapons of aggressive self-defense include the PDA, which is discussed in the first chapter of the book, and which are described as being "easy to infect" by the author of the chapter. After bragging how he was able to compromise other people's PDA via the exchange of games, he discovered that his own PDA had been compromised by a key logger. He then describes how he found out exactly how he was infected, called naturally "computer forensics." To carry out the `reverse engineering' requires a debugger, a disassembler, and a hex editor. His discussion will be fascinating reading, especially those readers (such as this reviewer) who are not committed hackers or security specialists, but who need a good understanding of the issues in order to attempt to emulate them in more sophisticated, distributed computing environments. To get down to the assembly language after possibly many years of high-level programming is intoxicating to say the least. The author's analysis leads him to the conclusion that a backdoor FTP server running on port 69 (instead of the usual port 21). His plan was then to find out who installed the FTP server and then launch a reverse attack. The attack consisted of two phases, with the first one preventing the attacker from having access to his information and trick the attacker into downloading a file of his choice. The manner in which the author communicates convinces the reader that he knows what he is talking about. In order to know for sure one would have to go through the attack procedures as he organizes them. Unfortunately he author lost his job over his escapades, when instead he should have been rewarded for his ingenuity and skill. He was acting properly in taking action against an attack originally targeted to his machine.
The next chapter discusses an attack scenario in a common place these days: the cybercafe. The goal of the chapter is convince the reader to be wary of wireless hotspots that can easily be compromised. The author describes a scenario that actually began with criminal intent, and occurring in a WLAN environment, consisted of tricking users into logging into a person's own laptop. The author describes in detail what this person had to create and install on his laptop in order to pull off this deception, becoming the notorious "man-in-the-middle." He did this in order to obtain the credit card numbers of the customers who unwittingly logged into his machine instead of the correct access point. His scam was discovered and he was rightly arrested after he had run up over $10,000 in charges. But interestingly, his man-in-the-middle scam was detected by the WLAN administrator, and when this individual took it on himself to perform the investigation he attacked the scammer's machine and in the process broke some many laws that the evidence he collected was ruled inadmissible. The credit card companies sued the administrator since he nullified the federal case against the original scammer. Even though he won the case against him, his culpability is a grey area for sure, and this case reflects some of the ambiguities in digital law at the present time (both criminal and civil).
There are many more attack scenarios discussed in the book, all of which serve as tutorials in the many different tools that are have been exploited by both invaders and attackers. These include cache snooping, port knocking, TCPDump, Knoppix STD, Ethereal, Squid, honeypots, Sudo, cookie tracking, Trojan horses, keyloggers, Netcat, Nmap, PatriotBox, Traceroute, ping sweeping, IPSec rule injection, MD5 hashing, Stripwire, passive strike-back, and mass vulnerability scans. There is ample material here to educate oneself on how attacks can be accomplished and how therefore to defend systems against them. By far the most interesting part of the book though is the second one, since it goes into more of the conceptual background behind what the authors call `active defense.' They define this as an "action sequence performed between the time an attack is detected and the time it is known to be finished, in an automated or non-automated fashion, to mitigate a threat against a particular asset." This definition is one that is used in their model of network defense, which they call ADAM (Active Defense Algorithm and Model). The different steps to be taken, and the legal and ethical ramifications of ADAM are discussed in great detail. An interesting part of this discussion concerns the `scoring chart' that is used to compare the risk of a materializing threat with the risk of an active defense action. In addition, the calculation of risk is interesting in that it is similar to what is done in some areas of financial engineering.
A lively, satisfying book for all levels of computer user May 10, 2005
Most computer security books focus on how to defend a computer system or network from outside attack: that's the basic difference between them and Neil R. Wylder's Aggressive Network Self-Defense: I'm Mad As Hell, And I'm Not Gonna Take It Anymore! The focus here is on the technical, legal and financial ramifications of a 'strike-back' and 'active defense' program which promotes doing more than just defense. Chapters cover 'cyber dogfights' between hackers and defender/attackers, offers up tales of revenge and following the trail of an attacker, accounts of fights at different network levels, and stories of problem-solving in network attacks. Both fictional and many real-life scenarios are covered, with plenty of technical computer detail. A lively, satisfying book for all levels of computer user, but particularly administrators who want to do more than just defend.
"Vigilante" Network Self-Defense Apr 20, 2005
The title of this book says "Agressive." A better word might be "Vigilante."
I live in the west. Vigilante's came about because the law enforcement of the time was to weak to handle the problems. I don't know but that this is the situation out on the internet. I understand that CoolWebSearch is written/distributed from Russia. Who is going to go tell them that I don't want their stuff on my machine?
This book presents a series of "fictional" incidents where people being attacked strike back using technological means. Most of the time the police get involved at the end, usually finding the wrong man. None the less, the stories do an excellent job of describing how "aggressive" network defenders might attempt to strike back at attackers. These stories are certainly a more interesting approach than the typical computer manual.
The second part of the manual gets more technical and describes in greater depth the tools and techniques that the defenders in the fictional stories use.
The whole book brings up a series of moral questions. Where do you just build walls and defenses vs. where do you go out and counter-attack the attackers? Where are you counter-attacking illegally, with the potential to get caught yourself? It's quite a book and perhaps a sign of the coming times.
where do you stand on taking matters into your own hands? Apr 15, 2005
Continuing in the new theme of fiction and technical how-to, Aggressive Network Self-Defense brings together several authors to provide a wide range of material. Syngress' niche in this space seems to be breaking new ground -- and for the most part, it works. While you don't get as in-depth a treatment as a typical technical book gives you, there is an added dimension: namely, a more realistic scenario of how these tools fit together in a real, live series of actions.
Not being a big fan of most fiction (I tend to prefer history), it's hard to say definitively good or bad things about the quality of the writing. What I can say is that it's infinitely less irritating, and far more realistic, than Neal Stephenson's Cryptonomicon or Gibson's Neuromancer. No over-the-top smearing of adjectives to describe the mundane, and no unrealistic sequences of events. Then again, there's no character development and no real story progression, so it's not great fiction.
As a series of hacker vignettes, the book works just fine, and very well for the purposes at hand. Basically, what the authors want you to get from the book is two-fold: First, they want you to debate the issues around "strike back" attack methodologies. Several of the authors are open advocates of what are legal grey areas and open moral questions in the field of network security. Secondly, they want you to see how it's done, what you do when you actually use a tool to achieve a goal. Most books that do this, like Hacking Exposed, cover far more tools, but they usually do so without showing you each tool's use in a real-world scenario.
I won't bore you with a lengthy, detailed overview of the first part of the book. Like I said, it's a series of part fiction, part tutorial series of short stories. In them, you'll see tools like Metasploit, virus creation, some nmap, sniffers, and keystroke loggers, all in action, being used as an operator would use them, and achieving real goals. This is more valuable than a basic manual, and the stories themselves act as a nice setting. While not great fiction writers, the authors are decent enough at the job, and they write the technical material clearly.
The second part of the book is interesting. It makes up about a fifth of the book in volume, but a lot more in technical weight. The book bills this section as "The technologies and concepts behind network strike-back," and that's an accurate summary. It's a series of four unique perspectives and technical chapters that complement the rest of the book quite well.
The first introduces ADAM, the "Active Defense Algorithm and Model," which develops a methodology for network administrators to actively defend their networks against attacks. It's quite interesting, and brings together a number of risk models in an uncommon take. The authors are academic researchers from the University of Idaho, so it's a lot more academic than the previous material in Aggressive Network Self-Defense, but it formalizes a lot of the thinking that was present in the writing of the stories and techniques.
The second is Tim Mullen's classic "Defending your right to defend." This is the original position paper shared by Mullen with the information security community in 2002 or so. Here, Mullen makes a compelling case for actually striking back at worm infected hosts. After all, the position holds, someone should do something about them to help clean up the Internet. While it's a position I disagreed with at the time and still do, Mullen's writing is articulate and an important read. It really helps you understand a lot of the thinking that went into the book itself.
Dan Kaminsky wrote the next chapter, "MD5 to be considered harmful someday." Largely considered to be a follow-on to Joux and Wang's one-way hash function research, what it shows is how practical such an attack can be. Kaminsky never fails to come up with interesting ideas he puts into practice, and he adds another level of depth to this book.
Finally, Aggressive Network Self-Defense ends with an interesting paper, "When the tables turn: Passive strike-back." Like any good paper, it has a clear and thoughtful motivation, and really demonstrates the principles at play, namely building network resources that don't simply lure the attacker in, they trip her up. There are so many ways to do this, the authors show us, and ultimately it's almost fun. A good way to end the book.
An over-arching concern with the book that I have is the question of ethics. Mullen, in the foreword, states that he hopes the book stirs a debate about the ethics of the actions in the book. However, the book itself falls short in this area. Instead, sometimes the characters get busted, and sometimes they don't, but just because they didn't get caught doesn't mean some ethical lines weren't crossed. All too often the authors leave the ethical debate up in the air. While I prefer this to overt preaching or questions, the style leaves me wondering if this goal was achieved.
So, where do I stand on Aggressive Network Self-Defense? In the end, I like it, more so than a book like Hacking Exposed or other "hacking how-to" types. The style of presentation doesn't lend itself all that well to exploring a very wide number of tools, but it does give you a deeper context to see how they assemble into something larger. For many people I expect it will be a page turner, and I think the format has some utility, as shown here.
sloppy prose, blurry figures Apr 11, 2005
The book is riddled with sloppy prose that has not seen the attention of a careful editor. Throughout the book, most figures are annoying. They are screen or window captures. The authors chose the quick and dirty way of doing this and then pasting them into the text. But the resolution of the resultant printed images makes the contents out of focus. Yes, perhaps if you squint hard enought and interpolate, you can deduce the text. But this is what I mean. Annoying.
The chapters do offer amusing fictional plots that give tactics on both intruder and defender. Part of the appeal of the book is that these roles can switch. There are enough technical details supplied in the text to make the tactics credible to a computer person.
The discussion on the limitations of MD5 to a crafted collisions attack is well done. Very sneaky. Though still quite speculative, as the text rightfully points out.
The Strike Back chapter describes Armpit - a tool written as a "human detector". It is run as a daemon on a server. It permits access to resources only if the client browser can interpret Flash. This is seen as tantamount to implying that there is a human at the client, and not an automated attack tool, since most instances of the latter cannot do Flash. But this just begs the question. Surely if Armpit becomes common, it gives incentive for future attack tools to be able to run Flash? The narrative gives no technical reason why a cracker cannot take this logical countermeasure.
More importantly, the book fails to recognise that Armpit is a challenge response method. Those of you familiar with antispam ideas should realise this immediately. Plus, Mailblocks has a patent on challenge response. It would have been useful for the book to discuss whether this patent (or any others) could make any infringement claims against the company that wrote Armpit.