Front Matter
Cyber Warfare
Cyber Warfare
Techniques, Tactics and Tools for Security Practitioners
Jason Andress
Steve Winterfeld
Russ Rogers, Technical Editor
Foreword by Stephen Northcutt
AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO
Syngress is an imprint of Elsevier
Copyright
Acquiring Editor: Angelina Ward
Development Editor: Matthew Cater
Project Manager: Paul Gottehrer
Designer: Kristen Davis
Syngress is an imprint of Elsevier
225 Wyman Street, Waltham, MA 02451, USA
2011 Elsevier, Inc. All rights reserved.
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher's permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.
This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).
NoticesKnowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.
To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.
Library of Congress Cataloging-in-Publication Data
Andress, Jason.
Cyber warfare : techniques, tactics and tools for security practitioners / Jason Andress, Steve Winterfeld ; Russ Rogers, technical editor ; foreword by Stephen Northcutt.
p. cm.
Includes bibliographical references and index.
ISBN 978-1-59749-637-7 (alk. paper)
1. Information warfareHandbooks, manuals, etc. 2. Computer networksSecurity measuresHandbooks, manuals, etc. I. Winterfeld, Steve. II. Rogers, Russ. III. Title.
U163.A64 2011
355.3'43dc23
2011019780
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British Library.
ISBN: 978-1-59749-637-7
Printed in the United States of America
11 12 13 14 15 10 9 8 7 6 5 4 3 2 1
Typeset by: diacriTech, India
For information on all Syngress publications visit our website at www.syngress.com
Acknowledgments
Jason Andress and Steve Winterfeld
We thank our families and friends for their guidance, support, and fortitude throughout this project. We dedicate this book to those in the security industry who are making the world a better place through efforts like Hackers for Charity (You may have seen their T-shirtsi hack charities. For more information, go to http://hackersforcharity.org/). To those who are not we sayget engaged!
Russ Rogers
Russ would like to thank his children, his father, and Tracie for being so supportive over the years. Thanks and shout outs go out to Chris Hurley, Mark Carey, Rob Bathurst, Pushpin, Paul Criscuolo, Ping Look, Greg Miles, Ryan Clarke, Luke McOmie, Curtis Letson, and Eddie Mize.
About the Authors
Jason Andress (ISSAP, CISSP, GPEN, CEH) is a seasoned security professional with a depth of experience in both the academic and business worlds. He is presently employed by a major software company, providing global information security oversight, and performing penetration testing, risk assessment, and compliance functions to ensure that the company's assets are protected.
Jason has taught undergraduate and graduate security courses since 2005 and holds a Doctorate in Computer Science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.
Steve Winterfeld (CISSP, PMP, SANS GSEC, Six Sigma, and holds TS/SCI clearance) has a strong technical and leadership background in Cybersecurity, Military Intelligence, Certification & Accreditation (C&A), Simulations and Project Management. Currently, he is the TASC Technical Lead for Cybersecurity and manager of their TERANet research labs. He also directs their Vulnerability Assessment and Penetration Test Team and is the primary instructor for their CyberWarrior Course on hacker mentality and methodology.
Previously, Steve built the Computer Emergency Response Center in support of U.S. Army South, responsible for monitoring security real-time and conducting forensic investigations on intrusions. He also led the team that produced the first Global Hawk Unmanned Aerial System (UAS) C&A package. Steve was an Airborne Ranger, EW Company Cdr, Armor Bn S2, Signal BN XO and finished his career as Command and General Staff Instructor in the USAR. He has a MS in Computer Information Systems and currently lives in Colorado with his family.
About the Technical Editor
Russ Rogers (CISSP, CISM, IAM, IEM, Hon. Sc.D.), author of the popular Hacking a Terror Network: The Silent Threat of Covert Channels (Syngress, ISBN: 978-1-928994-98-5), co-author of multiple books, including the best-selling Stealing the Network: How to Own a Continent (Syngress, ISBN 978-1-931836-05-0), and Network Security Evaluation Using the NSA IEM (Syngress, ISBN: 978-1-59749-035-1), and former Editor in Chief of The Security Journal is currently a penetration tester for a federal agency and the Co-Founder and Chief Executive Officer of Peak Security, Inc., a veteran-owned small business based in Colorado Springs, Colorado. Russ has been involved in Information Technology since 1980 and has spent the last 20 years working as both an IT and InfoSec consultant. Russ has worked with the United States Air Force (USAF), National Security Agency (NSA), Defense Information Systems Agency (DISA), and other federal agencies. He is a globally-renowned security expert, speaker, and author who has presented at conferences around the world in Amsterdam, Tokyo, Singapore, Sao Paulo, Abu Dhabi, and cities all over the United States.
Russ has an Honorary Doctorate of Science in Information Technology from the University of Advancing Technology, a Masters Degree in Computer Systems Management from the University of Maryland, a Bachelor of Science in Computer Information Systems from the University of Maryland, and an Associate's Degree in Applied Communications Technology from the Community College of the Air Force. Russ is currently pursuing a Bachelor of Science in Electrical Engineering from the University of Colorado at Colorado Springs. He is a member of ISSA and (ISC)2 (CISSP). Russ also teaches at and fills the role of Professor of Network Security for the University of Advancing Technology (www.uat.edu).