Michael G. Solomon - Ethical Hacking: Techniques, Tools, and Countermeasures

World Headquarters
Jones & Bartlett Learning
25 Mall Road
Burlington, MA 01803
978-443-5000
www.jblearning.com

Jones & Bartlett Learning books and products are available through most bookstores and online booksellers. To contact Jones & Bartlett Learning directly, call 800-832-0034, fax 978-443-8000, or visit our website, www.jblearning.com.

Substantial discounts on bulk quantities of Jones & Bartlett Learning publications are available to corporations, professional associations, and other qualified organizations. For details and specific discount information, contact the special sales department at Jones & Bartlett Learning via the above contact information or send an email to .

Copyright 2024 by Jones & Bartlett Learning, LLC, an Ascend Learning Company

All rights reserved. No part of the material protected by this copyright may be reproduced or utilized in any form, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the copyright owner.

The content, statements, views, and opinions herein are the sole expression of the respective authors and not that of Jones & Bartlett Learning, LLC. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not constitute or imply its endorsement or recommendation by Jones & Bartlett Learning, LLC and such reference shall not be used for advertising or product endorsement purposes. All trademarks displayed are the trademarks of the parties noted herein. Ethical Hacking: Techniques, Tools, and Countermeasures, Fourth Edition is an independent publication and has not been authorized, sponsored, or otherwise approved by the owners of the trademarks or service marks referenced in this product.

There may be images in this book that feature models; these models do not necessarily endorse, represent, or participate in the activities represented in the images. Any screenshots in this product are for educational and instructive purposes only. Any individuals and scenarios featured in the case studies throughout this product may be real or fictitious but are used for instructional purposes only.

24911-8

Production Credits

Vice President, Product Management: Marisa R. Urbano

Vice President, Content Strategy and Implementation: Christine Emerton

Director, Product Management: Ray Chew

Product Owner, Labs: Garret Donaldson

Director, Content Management: Donna Gridley

Manager, Content Strategy: Carolyn Pershouse

Content Strategist: Melissa Duffy

Content Coordinator: Mark Restuccia

Director, Project Management and Content Services: Karen Scott

Manager, Program Management: Kristen Rogers

Program Manager: Kathryn Leeber

Senior Digital Project Specialist: Angela Dooley

Director, Marketing: Andrea DeFronzo

Marketing Manager: Mark Adamiak

Content Services Manager: Colleen Lamy

Vice President, Manufacturing and Inventory Control: Therese Connell

Product Fulfillment Manager: Wendy Kilborn

Composition: Straive

Cover Design: Briana Yates

Media Development Editor: Faith Brosnan

Rights & Permissions Manager: John Rusk

Rights Specialist: James Fortney

Cover Image (Title Page, Part Opener, Chapter Opener): Bocos Benedict/Shutterstock

Printing and Binding: McNaughton & Gunn

Library of Congress Cataloging-in-Publication Data

Names: Solomon, Michael (Michael G.), 1963 author.

Title: Ethical hacking : techniques, tools, and countermeasures / Michael G. Solomon, PhD, CISSP, PMP, CISM, PenTest+, CySA+.

Other titles: Hacker techniques, tools, and incident handling

Description: Fourth edition. | Burlington, Massachusetts : Jones & Bartlett Learning, [2024] | Previous edition: Hacker techniques, tools, and incident handling. Third edition. Burlington, MA : Jones & Bartlett Learning, 2020. | Includes bibliographical references and index.

Identifiers: LCCN 2022026903 | ISBN 9781284248999 (paperback)

Classification: LCC TK5105.59 .O786 2024 | DDC 005.8dc23/eng/20220826

LC record available at https://lccn.loc.gov/2022026903

6048

Printed in the United States of America

262524232210987654321

This text is dedicated to our readers and students and the IT professionals who are pursuing careers in information systems security. May you find learning about hacking for ethical purposes to be a rewarding endeavor, and have a lot of fun in the process.

Bocos Benedict/Shutterstock.

Bocos Benedict/Shutterstock.

This text is part of the Information Systems Security & Assurance Series from Jones & Bartlett Learning (www.jblearning.com). Designed for courses and curricula in IT security, cybersecurity, information assurance, and information systems security, this series features a comprehensive, consistent treatment of the most current thinking and trends in this critical subject area. These titles deliver fundamental information security principles packed with real-world applications and examples. Authored by Certified Information Systems Security Professionals (CISSPs), the text delivers comprehensive information on all aspects of information security. Reviewed word for word by leading technical experts in the field, these texts are not just current but also forward-thinkingputting you in the position to solve the cybersecurity challenges not just of today, but of tomorrow as well.

The first part of this text on information security examines the landscape, key terms, and concepts that a security professional needs to know about hackers and computer criminals who break into networks, steal information, and corrupt data. It covers the history of hacking and the standards of ethical hacking. The second part provides a technical overview of hacking: how attackers target networks and the methodology they follow. It reviews the various techniques attackers apply, including passive and active reconnaissance, port scanning, enumeration, malware, sniffers, denial of service, and social engineering. The third part of the text reviews incident response and defensive technologies, including how to respond to hacking attacks and how to fend them off, especially in an age of increased reliance on cloud environments and distributed applications.

The writing style of this text is practical and conversational. Each chapter begins with a statement of learning objectives. Step-by-step examples of information security concepts and procedures are presented throughout the text. Illustrations are used to both clarify the material and vary the presentation. Sprinkled throughout are a wealth of Notes, Tips, FYIs, Warnings, and sidebars to alert the reader to additional helpful information related to the subject under discussion. Chapter Assessments appear at the end of each chapter, with solutions provided in the back of the text.