Roger A. Grimes - Hacking the Hacker

Hacking the Hacker: Learn from the Experts Who Take Down Hackers

Published by

John Wiley & Sons, Inc.

10475 Crosspoint Boulevard

Indianapolis, IN 46256

www.wiley.com

Copyright 2017 by John Wiley & Sons, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 9781119396215

ISBN: 9781119396239 (ebk)

ISBN: 9781119396222 (ebk)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate percopy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 7508400, fax (978) 6468600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 7486011, fax (201) 7486008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or website may provide or recommendations it may make. Further, readers should be aware that Internet websites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services please contact our Customer Care Department within the United States at (877) 7622974, outside the United States at (317) 5723993 or fax (317) 5724002.

Wiley publishes in a variety of print and electronic formats and by printondemand. Some material included with standard print versions of this book may not be included in ebooks or in printondemand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 2017934291

Trademarks: Wiley and the Wiley logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

I dedicate this book to my wife, Tricia. She is truly the woman behind the man in every sense of the saying.

(ISC)2 books published by Wiley provide aspiring and experienced cybersecurity professionals with unique insights and advice for delivering on (ISC)2s vision of inspiring a safe and secure world.

(ISC)2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. (ISC)2s membership is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry.

Roger A. Grimes has been fighting malicious computer hackers for three decades (since 1987). Hes earned dozens of computer security certifications (including CISSP, CISA, MCSE, CEH, and Security+), and he even passed the very tough Certified Public Accountants (CPA) exam, although it has nothing to do with computer security. He has created and updated computer security classes, been an instructor, and taught thousands of students how to hack or defend. Roger is a frequent presenter at national computer security conferences. Hes been paid as a professional penetration tester to break into companies and their web sites, and it has never taken him more than three hours to do so. Hes previously written or cowritten eight books on computer security and nearly a thousand magazine articles. Hes been the InfoWorld magazine computer security columnist (http://www.infoworld.com/blog/securityadviser/) since August 2005, and hes been working as a fulltime computer security consultant for more than two decades. Roger currently advises companies, large and small, around the world on how to stop malicious hackers and malware. And in that time and those experiences, hes learned that most malevolent hackers arent as smart as most people believe, and they are definitely not as smart as most of the defenders.

Project Editor

Kelly Talbot

Production Editor

Barath Kumar Rajasekaran

Copy Editor

Kelly Talbot

Production Manager

Kathleen Wisor

Manager of Content

Development & Assembly

Mary Beth Wakefield

Marketing Manager

Carrie Sherrill

Professional Technology & Strategy Director

Barry Pruett

Business Manager

Amy Knies

Executive Editor

Jim Minatel

Project Coordinator, Cover

Brent Savage

Proofreader

Nancy Bell

Indexer

Johnna VanHoose Dinse

Cover Designer

Wiley

Cover Image

CTRd/Getty Images

I would like to thank Jim Minatel for greenlighting this book, which has been living in my head for 10 years, and Kelly Talbot for being the best book editor Ive had in over 15 years of book writing. Kelly is great at fixing the problems while not changing the voice. I want to thank Microsoft, my employer for over 10 years, for being the best company Ive worked for and pushing us to recognize the strength that diversity brings to the table. I want to thank Bruce Schneier for his unofficial mentoring of me and everyone else in the industry. Kudos to Brian Krebs for his great investigative reporting and pulling back the curtain on the big business that cybercrime has become. Thanks to Ross Greenberg, Bill Cheswick, and other early authors who wrote so interestingly about computer security that I decided to make a career of it as well. Lastly, I wouldnt be who I am today without my twin brother, Richard Grimes, the better writer of the family, encouraging me to write over 20 years ago. To everyone in our industry, thanks for your help on the behalf of all of us.