Kanclirz - Netcat Power Tools

Copyright 2008 by Elsevier, Inc. All rights reserved.

Elsevier, Inc., the author(s), and any person or firm involved in the writing, editing, or production (collectively Makers) of this book (the Work) do not guarantee or warrant the results to be obtained from the Work.

There is no guarantee of any kind, expressed or implied, regarding the Work or its contents. The Work is sold AS IS and WITHOUT WARRANTY. You may have other legal rights, which vary from state to state.

In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or its contents. Because some states do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you.

You should always use reasonable care, including backup and other appropriate precautions, when working with computers, networks, data, and files.

Syngress Media, Syngress, Career Advancement Through Skill Enhancement, Ask the Author UPDATE, and Hack Proofing, are registered trademarks of Elsevier, Inc. Syngress: The Definition of a Serious Security Library, Mission Critical, and The Only Way to Stop a Hacker is to Think Like One are trademarks of Elsevier, Inc. Brands and product names mentioned in this book are trademarks or service marks of their respective companies.

PUBLISHED BY

Elsevier, Inc.

30 Corporate Drive

Burlington, MA 01803

Netcat Power Tools

Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication.

Printed in the United States of America

1 2 3 4 5 6 7 8 9 0

Page Layout and Art: SPi Publishing Services

Copy Editor: Judy Eby

.

Jan Kanclirz Jr. (CCIE #12136-Security, CCSP, CCNP, CCIP, CCNA, CCDA, INFOSEC Professional, Cisco WLAN Support/Design Specialist) is currently a Senior Network Information Security Architect at IBM Global Services. Jan specializes in multivendor designs and post-sale implementations for several technologies such as VPNs, IPS/IDS, LAN/WAN, firewalls, content networking, wireless, and VoIP. Beyond network designs and engineering, Jan's background includes extensive experience with open source applications and Linux. Jan has contributed to several Syngress book titles: Managing and Securing Cisco SWAN, Practical VoIP Security, and How to Cheat at Securing a Wireless Network.

In addition to Jan's full-time position at IBM G.S., Jan runs a security portal www.MakeSecure.com, where he dedicates his time to security awareness and consulting. Jan lives in Colorado, where he enjoys outdoor adventures. Jan would like to thank his family, slunicko, and friends for all of their support.

Brian Baskin [MCP, CTT+] is a researcher and developer for Computer Sciences Corporation. In his work, he researches, develops, and instructs computer forensic techniques for members of the government, military, and law enforcement. Brian currently specializes in Linux/Solaris intrusion investigations, as well as in-depth analysis of various network protocols. He also has a penchant for penetration testing and is currently developing and teaching basic exploitation techniques for clients.

Brian has been developing and instructing computer security courses since 2000, including presentations and training courses at the annual Department of Defense Cyber Crime Conference. He is an avid amateur programmer in many languages, beginning when his father purchased QuickC for him when he was 11, and has geared much of his life around the implementations of technology. Brian has written a handful of Mozilla Firefox extensions; some, like Passive Cache, are publicly available. He currently spends most of his time writing insecure PHP/MySQL web-based apps. Brian has been a Linux fanatic since 1994, and is slowly being drawn to the dark side of Apples and Macs.

Aaron W. Bayles is an INFOSEC Principal in Houston, Texas. He has provided services to clients with penetration testing, vulnerability assessment, risk assessments, and security design/architecture for enterprise networks. He has over 12 years experience with INFOSEC, with specific experience with wireless security, penetration testing, and incident response. Aaron's background includes work as a senior security engineer with SAIC in Virginia and Texas. He is also the lead author of the Syngress book, InfoSec Career Hacking, Sell your Skillz, Not Your Soul, as well as a contributing author of the First Edition of Penetration Tester's Open Source Toolkit.

Aaron has provided INFOSEC support and penetration testing for multiple agencies in the U.S. Department of the Treasury, such as the Financial Management Service and Securities and Exchange Commission, and the Department of Homeland Security, such as U. S. Customs and Border Protection. He holds a Bachelor's of Science degree in Computer Science with post-graduate work in Embedded Linux Programming from Sam Houston State University and is also a CISSP.

Dan Connelly (MSIA, GSNA) is a Senior Penetration Tester for a Federal Agency in the Washington, D.C. area. He has a wide range of information technology experience including: web applications and database development, system administration, and network engineering. For the last 5 years, he has been dedicated to the information security industry providing: penetration testing, wireless audits, vulnerability assessments, and network security engineering for many federal agencies. Dan holds a Bachelor's degree in Information Systems from Radford University, and a Master's degree in Information Assurance from Norwich University.

Michael J. Schearer is an active-duty Naval Flight Officer and Electronic Countermeasures Officer with the U.S. Navy. He flew combat missions during Operations Enduring Freedom, Southern Watch, and Iraqi Freedom. He later took his electronic warfare specialty to Iraq, where he embedded on the ground with Army units to lead the counter-IED fight. He currently serves as an instructor of Naval Science at the Pennsylvania State University Naval Reserve Officer Training Corps Unit, University Park, PA.

Michael is an active member of the Church of WiFi and has spoken at Shmoocon, DEFCON, and Penn State's Security Day, as well as other forums. His work has been cited in Forbes, InfoWorld and Wired.

Michael is an alumnus of Bloomsburg University where he studied Political Science and Georgetown University where he obtained his degree in National Security Studies. While at Penn State, he is actively involved in IT issues. He is a licensed amateur radio operator, moderator of the Church of WiFi and Remote-Exploit Forums, and a regular on the DEFCON and NetStumbler forums.