ONE-VOLUME INTRODUCTION TO COMPUTER SECURITY
Clearly explains core concepts, terminology, challenges, technologies, and skills
Covers today's latest attacks and countermeasures
The perfect beginner's guide for anyone interested in a computer security career
Dr. Chuck Easttom brings together complete coverage of all basic concepts, terminology, and issues, along with all the skills you need to get started. Drawing on 30 years of experience as a security instructor, consultant, and researcher, Easttom helps you take a proactive, realistic approach to assessing threats and implementing countermeasures. Writing clearly and simply, he addresses crucial issues that many introductory security books ignore, while addressing the realities of a world where billions of new devices are Internet-connected.
This guide covers web attacks, hacking, spyware, network defense, security appliances, VPNs, password use, and much more. Its many tips and examples refl ect new industry trends and the state-of-the-art in both attacks and defense. Exercises, projects, and review questions in every chapter help you deepen your understanding and apply all you've learned.
LEARN HOW TO
- Identify and prioritize potential threats to your network
- Use basic networking knowledge to improve security
- Get inside the minds of hackers, so you can deter their attacks
- Implement a proven layered approach to network security
- Resist modern social engineering attacks
- Defend against today's most common Denial of Service (DoS) attacks
- Halt viruses, spyware, worms, Trojans, and other malware
- Prevent problems arising from malfeasance or ignorance
- Choose the best encryption methods for your organization
- Compare security technologies, including the latest security appliances
- Implement security policies that will work in your environment
- Scan your network for vulnerabilities
- Evaluate potential security consultants
- Master basic computer forensics and know what to do if you're attacked
- Learn how cyberterrorism and information warfare are evolving
Table of Contents:
Introduction xxix
Chapter 1: Introduction to Computer Security 2
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
How Seriously Should You Take Threats to Network Security?. . . . . . . . . . 4
Identifying Types of Threats.. . . . . . . . . . . . . . . . . . . . . . . . 7
Assessing the Likelihood of an Attack on Your Network.. . . . . . . . . . . . 17
Basic Security Terminology. . . . . . . . . . . . . . . . . . . . . . . . 18
Concepts and Approaches.. . . . . . . . . . . . . . . . . . . . . . . . 21
How Do Legal Issues Impact Network Security?.. . . . . . . . . . . . . . . 24
Online Security Resources.. . . . . . . . . . . . . . . . . . . . . . . . 25
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Chapter 2: Networks and the Internet 34
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Network Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
How the Internet Works. . . . . . . . . . . . . . . . . . . . . . . . . 43
History of the Internet.. . . . . . . . . . . . . . . . . . . . . . . . . . 50
Basic Network Utilities.. . . . . . . . . . . . . . . . . . . . . . . . . 52
Other Network Devices.. . . . . . . . . . . . . . . . . . . . . . . . . 59
Advanced Network Communications Topics.. . . . . . . . . . . . . . . . 60
Cloud Computing. . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Chapter 3: Cyber Stalking, Fraud, and Abuse 74
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
How Internet Fraud Works.. . . . . . . . . . . . . . . . . . . . . . . . 75
Identity Theft.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Cyber Stalking.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Protecting Yourself Against Cybercrime.. . . . . . . . . . . . . . . . . . 91
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
Chapter 4: Denial of Service Attacks 106
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
DoS Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Illustrating an Attack.. . . . . . . . . . . . . . . . . . . . . . . . . . 107
Common Tools Used for DoS Attacks.. . . . . . . . . . . . . . . . . . . 109
DoS Weaknesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Specific DoS Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . 112
Real-World Examples of DoS Attacks.. . . . . . . . . . . . . . . . . . . 120
How to Defend Against DoS Attacks.. . . . . . . . . . . . . . . . . . . 121
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Chapter 5: Malware 130
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Viruses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Trojan Horses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
The Buffer-Overflow Attack. . . . . . . . . . . . . . . . . . . . . . . 145
Spyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
Other Forms of Malware.. . . . . . . . . . . . . . . . . . . . . . . . 149
Detecting and Eliminating Viruses and Spyware. . . . . . . . . . . . . . . 153
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
Chapter 6: Techniques Used by Hackers 166
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Basic Terminology.. . . . . . . . . . . . . . . . . . . . . . . . . . . 167
The Reconnaissance Phase.. . . . . . . . . . . . . . . . . . . . . . . 167
Actual Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Malware Creation. . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Penetration Testing.. . . . . . . . . . . . . . . . . . . . . . . . . . 187
The Dark Web. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
Chapter 7: Industrial Espionage in Cyberspace 200
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
What Is Industrial Espionage?.. . . . . . . . . . . . . . . . . . . . . . 202
Information as an Asset. . . . . . . . . . . . . . . . . . . . . . . . . 203
Real-World Examples of Industrial Espionage.. . . . . . . . . . . . . . . 205
How Does Espionage Occur?. . . . . . . . . . . . . . . . . . . . . . 207
Protecting Against Industrial Espionage.. . . . . . . . . . . . . . . . . . 212
Trade Secrets.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
The Industrial Espionage Act.. . . . . . . . . . . . . . . . . . . . . . 218
Spear Phishing.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
Chapter 8: Encryption 226
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Cryptography Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . 227
History of Encryption.. . . . . . . . . . . . . . . . . . . . . . . . . . 228
Modern Cryptography Methods.. . . . . . . . . . . . . . . . . . . . . 236
Public Key (Asymmetric) Encryption.. . . . . . . . . . . . . . . . . . . 245
PGP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
Legitimate Versus Fraudulent Encryption Methods.. . . . . . . . . . . . . 251
Digital Signatures. . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Hashing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
MAC and HMAC.. . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Steganography. . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
Cryptanalysis.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
Cryptography Used on the Internet.. . . . . . . . . . . . . . . . . . . . 259
Quantum Computing Cryptography. . . . . . . . . . . . . . . . . . . . 259
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
Chapter 9: Computer Security Technology 268
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268
Virus Scanners.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 269
Firewalls.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Antispyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
IDSs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Digital Certificates.. . . . . . . . . . . . . . . . . . . . . . . . . . . 292
SSL/TLS.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
Virtual Private Networks.. . . . . . . . . . . . . . . . . . . . . . . . 296
Wi-Fi Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Chapter 10: Security Policies 304
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304
What Is a Policy?.. . . . . . . . . . . . . . . . . . . . . . . . . . . 305
Important Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . 305
Defining User Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 308
Defining System Administration Policies.. . . . . . . . . . . . . . . . . . 316
Security Breaches.. . . . . . . . . . . . . . . . . . . . . . . . . . . 319
Defining Access Control.. . . . . . . . . . . . . . . . . . . . . . . . 321
Development Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 322
Standards, Guidelines, and Procedures.. . . . . . . . . . . . . . . . . . 323
Disaster Recovery.. . . . . . . . . . . . . . . . . . . . . . . . . . . 324
Zero Trust.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
Important Laws.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 328
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330
Chapter 11: Network Scanning and Vulnerability Scanning 336
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336
Basics of Assessing a System.. . . . . . . . . . . . . . . . . . . . . . 337
Securing Computer Systems.. . . . . . . . . . . . . . . . . . . . . . 346
Scanning Your Network. . . . . . . . . . . . . . . . . . . . . . . . . 352
Testing and Scanning Standards.. . . . . . . . . . . . . . . . . . . . . 363
Getting Professional Help.. . . . . . . . . . . . . . . . . . . . . . . . 366
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Chapter 12: Cyber Terrorism and Information Warfare 378
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 379
Weapons of Cyber Warfare.. . . . . . . . . . . . . . . . . . . . . . . 382
Economic Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . 384
Military Operations Attacks. . . . . . . . . . . . . . . . . . . . . . . 386
General Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
Supervisory Control and Data Acquisitions (SCADA).. . . . . . . . . . . . . 387
Information Warfare.. . . . . . . . . . . . . . . . . . . . . . . . . . 388
Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 391
Future Trends.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
Defense Against Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 399
Terrorist Recruiting and Communication.. . . . . . . . . . . . . . . . . . 399
TOR and the Dark Web.. . . . . . . . . . . . . . . . . . . . . . . . . 400
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Chapter 13: Cyber Detective 408
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
General Searches. . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Company Searches.. . . . . . . . . . . . . . . . . . . . . . . . . . 413
Court Records and Criminal Checks.. . . . . . . . . . . . . . . . . . . 413
Usenet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417
Google.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Maltego. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421
Chapter 14: Introduction to Forensics 426
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426
General Guidelines. . . . . . . . . . . . . . . . . . . . . . . . . . . 427
Finding Evidence on a PC. . . . . . . . . . . . . . . . . . . . . . . . 440
Finding Evidence in System Logs.. . . . . . . . . . . . . . . . . . . . 441
Getting Back Deleted Files.. . . . . . . . . . . . . . . . . . . . . . . 442
Operating System Utilities. . . . . . . . . . . . . . . . . . . . . . . . 445
The Windows Registry. . . . . . . . . . . . . . . . . . . . . . . . . 447
Mobile Forensics: Cell Phone Concepts.. . . . . . . . . . . . . . . . . . 452
The Need for Forensic Certification.. . . . . . . . . . . . . . . . . . . . 457
Expert Witnesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 458
Additional Types of Forensics.. . . . . . . . . . . . . . . . . . . . . . 459
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463
Chapter 15: Cybersecurity Engineering 466
Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466
Defining Cybersecurity Engineering.. . . . . . . . . . . . . . . . . . . . 467
Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
SecML. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480
Modeling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
Glossary 494
Appendix A: Resources 500
Appendix B: Answers to the Multiple Choice Questions 502
9780137984787, TOC, 12/6/2022
About the Author :
Dr. Chuck Easttom is the author of 37 books, including several on computer security, forensics, and cryptography. He has also authored scientific papers on digital forensics, cyber warfare, cryptography, and applied mathematics. He is an inventor with 25 computer science patents. He holds a doctor of science degree in cybersecurity (dissertation topic: a study of lattice-based algorithms for post quantum cryptography), a Ph.D. in Computer Science (dissertation topic: "A Systematic Framework for Network Forensics Using Graph Theory"), and a Ph.D. in Nanotechnology (dissertation topic: "The Effects of Complexity on Carbon Nanotube Failures") and three master's degrees (one in applied computer science, one in education, and one in systems engineering). He also holds more than 70 industry certifications (CISSP, CEH, etc.). He is a frequent speaker at cybersecurity, computer science, and engineering conferences. He is a Distinguished Speaker and senior member of the ACM and a senior member of the IEEE. You can find out more about Dr. Easttom and his research at www.ChuckEasttom.com.
