Cyber Operations
Apress (Verlag)
978-1-4842-4293-3 (ISBN)
- Completely updates the previous edition to cover systems released between 2011 and 2017, including new operating systems (Windows 10, etc.)
- Covers Windows Management Instrumentation—one of the hottest topics in cybersecurity—in detail, both defensively and offensively
- Features defensive cybersecurity techniques, including how to use Sysmon to detect Mimikatz use on a domain and track that back to the attacker’s command and control server
Know how to set up, defend, and attack computer networks with this revised and expanded second edition.
You will learn to configure your network from the ground up, beginning with developing your own private virtual test environment, then setting up your own DNS server and AD infrastructure. You will continue with more advanced network services, web servers, and database servers and you will end by building your own web applications servers, including WordPress and Joomla!.
Systems from 2011 through 2017 are covered, including Windows 7, Windows 8, Windows 10, Windows Server 2012, and Windows Server 2016 as well as a range of Linux distributions, including Ubuntu, CentOS, Mint, and OpenSUSE.
Key defensive techniques are integrated throughout and you will develop situational awareness of your network and build a complete defensive infrastructure, including log servers, network firewalls, web application firewalls, and intrusion detection systems.
Of course, you cannot truly understand how to defend a network if you do not know how to attack it, so you will attack your test systems in a variety of ways. You will learn about Metasploit, browser attacks, privilege escalation, pass-the-hash attacks, malware, man-in-the-middle attacks, database attacks, and web application attacks.
You'll learn how to
- Construct a testing laboratory to experiment with software and attack techniques
- Build realistic networks that include active directory, file servers, databases, web servers, and web applications such as WordPress and Joomla!
- Manage networks remotely with tools, including PowerShell, WMI, and WinRM
- Use offensive tools such as Metasploit, Mimikatz, Veil, Burp Suite, and John the Ripper
Exploit networks starting from malware and initial intrusion to privilege escalation through password cracking and persistence mechanisms - Defend networks by developing operational awareness using auditd and Sysmon to analyze logs, and deploying defensive tools such as the Snort intrusion detection system, IPFire firewalls, and ModSecurity web application firewalls
This study guide is intended for everyone involved in or interested in cybersecurity operations (e.g., cybersecurity professionals, IT professionals, business professionals, and students).
Mike O'Leary is a professor at Towson University and the founding director of the School of Emerging Technologies. He developed and teaches hands-on capstone courses in computer security for both undergraduate and graduate students. He has coached the Towson University Cyber Defense team to the finals of the National Collegiate Cyber Defense Competition in 2010, 2012, and 2014.
Chapter 1. System Setup
Introduction
Virtualization Tools
Building Linux Systems
Building Window Systems
Exercises
Notes & References
Chapter 2. Basic Offense
Introduction
Metasploit: EternalBlue
Metasploit: Attacking the Browser
Metasploit: Attacking Flash
Metasploit: Attacking Java
Malware
Metasploit and Meterpreter Commands
Armitage
Exercises
Notes & References
Chapter 3. Operational Awareness
Introduction
Linux Tools
Windows Tools
Network Tools
Exercises
Notes & References
Chapter 4. DNS & BIND
Introduction
Installing BIND
Configuring BIND
Querying DNS
Advanced Configuration
Attacking BIND
Exercises
Notes & References
Chapter 5. Scanning the Network
Introduction
NMap
Network Scanning and Metasploit
Exercises
Notes & Resources
Chapter 6. Active Directory
Introduction
Installing Active Directory
Windows DNS
Managing a Windows Domain
Organizing a Domain
Exercises
Notes & References
Chapter 7. Remote Windows Management
Introduction
Managing Systems Remotely
Windows Management Instrumentation
Exercises
Notes & References
Chapter 8. Attacking the Windows Domain
Introduction
Windows Reconnaissance
Windows Local Privilege Escalation
Obtaining Domain Credentials
Exploiting the Domain
Exercises
Notes & References
Chapter 9. Privilege Escalation in Linux
Introduction
Linux Reconnaissance
Linux Privilege Escalation with Metasploit
Linux Direct Privilege Escalation
Dirty COW
Linux Configuration Attacks
Linux Password Attacks
Exercises
Notes & References
Chapter 10. Logging
Introduction
Logging in Linux
Logging in Windows
Integrating Windows and Linux Logs
Exercises
Notes & References
Chapter 11. Malware and Persistence
Introduction
Creating Malware
Windows Persistence
Linux Persistence
Exercises
Notes & References
Chapter 12. Defending the Domain
Introduction
Applications
Detecting and Blocking Persistence
Credentials
Manage the Network
Exercises
Notes & References
Chapter 13. Network Services
Introduction
SSH
FTP
Windows File Sharing
Remote Desktop
Exercises
Notes & References
Chapter 14. Apache and ModSecurity in Linux
Introduction
Apache Installation
Apache Configuration
ModSecurity
Exercises
Notes & References
Chapter 15. IIS and ModSecurity
Introduction
Installation
IIS Configuration
ModSecurity
Exercises
Notes & References
Chapter 16. Web Attacks
Introduction
Pillaging the Browser
Man-in-the-Middle
Password Attacks
Server Reconnaissance
Slowloris
Heartbleed
Exercises
References & Notes
Chapter 17. Firewalls
Introduction
Network Firewalls
IPFire
Attacks through a Network Firewall
Exercises
Notes & References
Chapter 18. MySQL and MariaDB
Introduction
Installation
Using MySQL
Attacking MySQL
Exercises
References & Notes
Chapter 19. Snort
Introduction
Installing Snort
Tuning Snort
Barnyard2
Exercises
Notes & References
Chapter 20. PHP
Introduction
Installing PHP
PHP Applications, Configuration, and Security
Attacking PHP
Exercises
Notes & References
Chapter 21. Web Applications
Introduction
SnortReport
BASE
PHPMyAdmin
Joomla
Wordpress
Zencart
Exercises
Notes & References
| Erscheinungsdatum | 15.03.2019 |
|---|---|
| Zusatzinfo | 210 Illustrations, black and white |
| Verlagsort | Berkley |
| Sprache | englisch |
| Maße | 178 x 254 mm |
| Gewicht | 2140 g |
| Einbandart | kartoniert |
| Themenwelt | Informatik ► Netzwerke ► Sicherheit / Firewall |
| Informatik ► Theorie / Studium ► Kryptologie | |
| Schlagworte | Active Directory • Apache • DNS & BIND • Firewalls • IIS • Malware • ModSecurity • MySQL • PHP • Snort • web attacks • WMI |
| ISBN-10 | 1-4842-4293-9 / 1484242939 |
| ISBN-13 | 978-1-4842-4293-3 / 9781484242933 |
| Zustand | Neuware |
| Haben Sie eine Frage zum Produkt? |
aus dem Bereich
