Victor Oppleman - Extreme Exploits: Advanced Defenses Against Hardcore Hacks

McGraw-Hill/Osborne
2100 Powell Street, 10th Floor
Emeryville, California 94608
U.S.A.

To arrange bulk purchase discounts for sales promotions, premiums, or fund-raisers, please contact McGraw-Hill/Osborneat the above address. For information on translations or bookdistributors outside the U.S.A., please see the International ContactInformation page immediately following the index of this book.

Extreme Exploits: Advanced Defenses Against Hardcore Hacks

2005 The McGraw-Hill Companies.

All rights reserved. Except as permitted underthe Copyright Act of 1976, no part of this publication may bereproduced or distributed in any form or by any means, or stored in adatabase or retrieval system, without the prior written permission ofpublisher, with the exception that the program listings may be entered,stored, and executed in a computer system, but they may not bereproduced for publication.

234567890 FGR FGR 0198765

Executive Editor Jane K. Brownlow
Project Editor Claire Splan
Acquisitions Coordinator Jennifer Housh
Technical Editor Jim Lippard
Proofreader Paul Tyler
Composition & Illustration Apollo Publishing Services
Series Design Roberta Steele
Cover Design Dean Cook

This book was composed with Corel VENTURA Publisher.

Information has been obtained by McGraw-Hill/Osborne from sources believed to be reliable. However, because of the possibility of human or mechanical error by our sources, McGraw-Hill/Osborne, or others, McGraw-Hill/Osbornedoes not guarantee the accuracy, adequacy, or completeness of anyinformation and is not responsible for any errors or omissions or theresults obtained from the use of such information.

To my beloved wife, Sasha, and my sons, Chandlerand Carter, who bring happiness to my life and inspire me to dream. Tomy sister, Caroline, and my parents, whose wisdom and virtue havestrengthened my character and cultivated my ambition.

Victor

To my loving wife, Karin, who provided neverendingencouragement. To my mother-in-law, Janice, who never fails to supportmy imagination.

Oliver

To God for giving me the skills to do this work, and tomy wonderful family, who put up with me locked behind my office doorfor days on end.

Brett

About the Authors

Victor Oppleman Victor Oppleman is an accomplishedauthor, speaker, and teacher in the field of network security and aspecialized consultant to some of the world's most admired companies.Mr. Oppleman's open source software has been distributed to hundreds ofthousands of computers worldwide and some is used in graduate-levelcollege curricula to demonstrate advanced networking techniques. Earlyin his career as an engineer, Mr. Oppleman developed portions of thebackbone systems infrastructure for Genuity, the first Internet datacenter company. Later, as a senior architect for BBN and GTEInternetworking, Mr. Oppleman developed security-related products andservices centered on public key infrastructure (PKI). A great deal ofMr. Oppleman's professional career has been dedicated to tacticalengineering and consulting for global telecom operators and criticalinfrastructure organizations in industries such as power and water,financial services, and defense. Some of the largest global companiesfrequently call upon Mr. Oppleman to perform advanced vulnerabilityassessments, provide expert counsel, and navigate complex regulatoryissues concerning information security. An accomplished executive andengineer in network security, data hosting services, and softwaredevelopment, Mr. Oppleman also holds U.S. intellectual property patentsin distributed adaptive routing and wireless consumer applications.

Oliver Friedrichs Oliver Friedrichs is a SeniorManager in Symantec Security Response, the organization responsible forthe delivery of antivirus definitions, intrusion detection updates, andearly warning technologies within Symantec.

Mr. Friedrichs served as co-founder and Directorof Engineering at SecurityFocus until the company's acquisition bySymantec in 2002. At SecurityFocus Mr. Friedrichs managed thedevelopment of the industry's first early warning technology forInternet attacks, the DeepSight Threat Management System. Mr.Friedrichs also created and grew the DeepSight Threat Analyst team,providing thorough analysis of emerging Internet threats.

Prior to SecurityFocus, he served as co-founderand Vice President of Engineering at Secure Networks, Inc., which wasacquired by Network Associates in 1998. At Secure Networks, Mr.Friedrichs architected and managed the development of Ballista networksecurity auditing software, later rebranded CyberCop Scanner by NetworkAssociates. At Network Associates Mr. Friedrichs also founded COVERT(Computer Vulnerability Exploitation Research Team) with the exclusivegoal of researching and discovering new security vulnerabilities.

Mr. Friedrichs also architected and developed aprototype of the industry's first commercial penetration testingproduct, CORE Impact, developed and sold by CORE Security Technologies.

Mr. Friedrichs has over 13 years of expertise insecurity technologies, including network assessment, intrusiondetection systems, firewalls, penetration testing, and honeypots. As afrequent speaker, he has shared his expertise with many of the world'smost powerful organizations, including the Department of HomelandSecurity, U.S. Secret Service, the IRS, the DOD, NASA, AFOSI, and theCanadian DND.

Brett Watson Brett Watson has 17 years experiencein network architecture and security, including large-scale IPnetworking, optical networking, and security and vulnerabilityassessments. Mr. Watson currently works for Internet SystemsConsortium's DNS Operations, Analysis, and Research Center (DNS OARC)doing macroscopic analysis of global DNS behavior. Prior to joiningISC, Mr. Watson helped deploy and maintain the original MCI and GenuityIP backbones, and designed the first metropolitan IP-over-GigibitEthernet product for Metromedia Fiber Networks. Mr. Watson has spentthe last several years performing custom network and vulnerabilityassessments, and consulting on information security issues for some ofthe largest healthcare, water, and power industries in the UnitedStates. In addition, Mr. Watson holds a patent for one of the firstlarge-scale, content distribution platforms known as Hopscotch.

About the Contributing Authors

James Willett has over 12 years experienceexercising winning management strategies with customers and teammembers alike to produce successful results while solving customerbusiness problems. Mr. Willett is the founder of Jatell, a successfulproduct development-consulting firm and has specialized in servicingclients ranging from the Fortune 500 to critical Internetinfrastructure providers. Previously, Mr. Willett served as theDirector of Professional Services for MainNerve, Inc. and wasoperationally responsible for managing all consulting processes andcustomer service delivery including its high-stakes informationsecurity clients. Prior to joining MainNerve, he held engineering andconsulting positions where he was responsible for maintainingIntel-based systems and applications in production environments. Earlyin his career, Mr. Willett served with the United States Marine Corpsas a Communications-Electronics Maintenance Chief. In that position, hemanaged the maintenance and repair of over 900 radio, telephone,switchboard, and computer systems in garrison and the field as well asall equipment, manuals, and personnel required to complete this task.