Hacking Exposed 5th Edition - Softcover

About the Authors

Stuart McClure, CNE, CCSE, Global CTO for McAfee/Intel, is responsible for a nearly $3B consumer and corporate security products business. During his tenure at McAfee, Stuart has also held the General Manager position for the Security Management Business for McAfee/Intel, which enabled all McAfee corporate security products to be operationalized, managed, and measured. Alongside those roles, Stuart has also run an elite team of good guy hackers inside McAfee called TRACE that discovered new vulnerabilities and emerging threats. Previously, Stuart helped run security at the largest healthcare company in the U.S., Kaiser Permanente. In 1999, Stuart was also the original founder of Foundstone, Inc., a global consulting and products company, which was acquired by McAfee in 2004. Stuart is the lead author and original founder of the Hacking Exposed series of books and has been hacking for the good guys for over 25 years. Widely recognized and asked to present his extensive and in-depth knowledge of hacking and exploitation techniques, Stuart is considered one of the industrys leading authorities on information security risk today. A well-published and acclaimed security visionary, McClure brings a wealth of technical and executive leadership with a profound understanding of both the threat landscape and the operational and financial risk requirements to be successful in todays world. Stuart is often quoted in most all mainstream news outlets.

Joel Scambray, CISSP, is Managing Principal with Citigal as well as Co-Founder of Consciere LLC. He was previously chief strategy officer for Leviathan Security Group. He has assisted companies ranging from newly minted startups to members of the Fortune 50 in addressing information security challenges and opportunities for over a dozen years. Joel's background includes roles as an executive, technical consultant, and entrepreneur. He was a senior director at Microsoft Corporation, where he led Microsoft's online services security efforts for three years before joining the Windows platform and services division to focus on security technology architecture. Joel also co-founded security software and services startup Foundstone, Inc. He has also held positions as a Manager for Ernst & Young, Chief Strategy Officer for Leviathan, security columnist for Microsoft TechNet, Editor at Large for InfoWorld Magazine, and director of IT for a major commercial real estate firm. Joel has spoken widely on information security at forums including Black Hat, I-4, and The Asia Europe Meeting (ASEM), as well as organizations including CERT, CSI, ISSA, ISACA, SANS, private corporations, and government agencies such as the Korean Information Security Agency (KISA), FBI, and the RCMP. Joel Scambray is the co-author of all 6 editions of Hacking Exposed. He is also the lead author of Hacking Exposed Windows and Hacking Exposed Web Applications.

George Kurtz is co-founder and CEO of CrowdStrike, a cutting-edge big data security technology company focused on helping enterprises and governments protect their most sensitive intellectual property and national security information. George Kurtz is also an internationally recognized security expert, author, entrepreneur, and speaker. He has almost twenty years of experience in the security space and has helped hundreds of large organizations and government agencies around the world tackle the most demanding security problems. His entrepreneurial background and ability to commercialize nascent technologies has enabled him to drive innovation throughout his career by identifying market trends and correlating them with customer feedback, resulting in rapid growth for the businesses he has run. In 2011 George relinquished his role as McAfees Worldwide Chief Technology Officer to his co-author and raised $26M in venture capital to create CrowdStrike. During his tenure as McAfees CTO, Kurtz was responsible for driving the integrated security architectures and platforms across the entire McAfee portfolio. Kurtz also helped drive the acquisition strategy that allowed McAfee to grow from $1b in revenue in 2007 to over $2.5b in 2011. In one of the largest tech M&A deals in 2011, Intel (INTC) acquired McAfee for nearly $8b. Prior to joining McAfee, Kurtz was Chief Executive Officer and co-founder of Foundstone, Inc., which was acquired by McAfee in October 2004. You can follow George on Twitter @george_kurtz or his blog at http://www.securitybattlefield.com.

From the Back Cover

"A must-read for anyone in security…. One of the best security books available." --Tony Bradley, CISSP, About.com

"Authoritative….Even readers of earlier editions will find critical new insight on the more modern attacks." --From the Foreword by Gene Hodges, President of McAfee

"A cross between a spy novel and a tech manual." --Mark A. Kellner, Washington Times

"The seminal book on white-hat hacking and countermeasures.... Should be required reading for anyone with a server or a network to secure." ―Bill Machrone, PC Magazine

"With every edition this book keeps getting better and better. I can recommend it to anyone interested in computer security, as it will certainly give you a real-world course on the subject." ―Mirko Zorz, Net-security.org

The fifth edition of this world-renowned security reference offers completely up-to-date coverage of today's most devastating hacks and how to prevent them. Using the proven Hacking Exposed methodology, the book shows you, step by step, how to locate and patch system vulnerabilities and explains what you need to know to stay vigilant in today's 24x7 digital world.

New and Updated Material:

• New chapter on hacking code, with contributions by Michael Howard, covering the ways flaws get introduced into software and how best to prevent them
• New Windows hacks including RPCSS (Blaster), LSASS (Sasser), and PCT (Download.ject) buffer overflow exploits
• Updated denial of service chapter with descriptions of large scale zombie attacks and practical countermeasures
• Coverage of new web hacking tools and techniques including HTTP response splitting and automated vulnerability scanners
• New content on remote connectivity including VoIP hacking
• New coverage of web and e-mail client hacking, including the latest Internet
• Explorer exploits, phishing, spyware, rootkits, and bots
• New hacks and countermeasures using Google as a reconnaissance tool
• An updated footprinting chapter that deals with changes regarding finding information from Internet databases
• Brand new case studies covering relevant and timely security attacks including Google, wireless, UNIX/Linux, and Mac OS X hacks

From the Inside Flap

"A must-read for anyone in security . One of the best security books available." --Tony Bradley, CISSP, About.com

"Authoritative .Even readers of earlier editions will find critical new insight on the more modern attacks." --From the Foreword by Gene Hodges, President of McAfee

"A cross between a spy novel and a tech manual." --Mark A. Kellner, Washington Times

"The seminal book on white-hat hacking and countermeasures.... Should be required reading for anyone with a server or a network to secure." Bill Machrone, PC Magazine

"With every edition this book keeps getting better and better. I can recommend it to anyone interested in computer security, as it will certainly give you a real-world course on the subject." Mirko Zorz, Net-security.org

The fifth edition of this world-renowned security reference offers completely up-to-date coverage of today's most devastating hacks and how to prevent them. Using the proven Hacking Exposed methodology, the book shows you, step by step, how to locate and patch system vulnerabilities and explains what you need to know to stay vigilant in today's 24x7 digital world.

New and Updated Material:

New chapter on hacking code, with contributions by Michael Howard, covering the ways flaws get introduced into software and how best to prevent them
New Windows hacks including RPCSS (Blaster), LSASS (Sasser), and PCT (Download.ject) buffer overflow exploits
Updated denial of service chapter with descriptions of large scale zombie attacks and practical countermeasures
Coverage of new web hacking tools and techniques including HTTP response splitting and automated vulnerability scanners
New content on remote connectivity including VoIP hacking
New coverage of web and e-mail client hacking, including the latest Internet
Explorer exploits, phishing, spyware, rootkits, and bots
New hacks and countermeasures using Google as a reconnaissance tool
An updated footprinting chapter that deals with changes regarding finding information from Internet databases
Brand new case studies covering relevant and timely security attacks including Google, wireless, UNIX/Linux, and Mac OS X hacks