Copyright
Acquiring Editor: Angelina Ward
Development Editor: Heather Scherer
Project Manager: Jessica Vaughan
Designer: Alisa Andreola
Syngress is an imprint of Elsevier
225 Wyman Street, Waltham, MA 02451, USA
2011 Elsevier Inc. All rights reserved
No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publishers permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.
This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).
Notices
Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility.
To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein.
Library of Congress Cataloging-in-Publication Data
Engebretson, Pat (Patrick Henry), 1974-
The basics of hacking and penetration testing : ethical hacking and penetration testing made easy / Patrick Engebretson.
p. cm. (Syngress basics series)
Includes bibliographical references and index.
ISBN 978-1-59749-655-1 (alk. paper)
1. Computer security. 2. Computer hackers. 3. Computer softwareTesting. 4. Computer crimesPrevention. I. Title.
QA76.9.A25E5443 2010
005.8dc23
2011018388
British Library Cataloguing-in-Publication Data
A catalogue record for this book is available from the British Library
ISBN: 978-1-59749-655-1
Printed in the United States of America
11 12 13 14 15 10 9 8 7 6 5 4 3 2 1
For information on all Syngress publications visit our website at www.syngress.com
Acknowledgments
Like most people, I have a list. The list is made up of life goals and dreamsthings I would like to accomplish at some point in my life. Some of the items on the list are big, some small, some well-defined, stable, and concrete, whereas others are more transient and ambiguouslike early morning fog on the Lutsen Mountains, constantly changing and moving, sometimes even disappearing altogether only to reappear at a later date and time. Obviously, the list is not a stone tablet; it changes and updates as I move through life. A few things, however, have never moved off the list; they stand as the Mount Rushmores in my life. Hundreds of feet high, carved into solid granite. Never changing. Always there. They gracefully weather the storms and vicissitudes of life and simply wait to be crossed off. Some are nobler, some are egotistical, and some are even whimsical. I have had the good fortune in my life to be able to cross off many of the items on my list. Even the big ones. This book represents the crossing off of one of my Rushmore items. A presidential face to be sure (although I am not sure which face it actually represents!).
As with most things in life, this book, the end product that you see, is the culmination of many peoples efforts and energies. So while I do get to cross this off my list, and while my name appears on the cover, please do not take that to mean that this book is my sole creation. Without the dedication, support, help, and advice from everyone involved, there is no doubt you would not be reading these words right now. Writing a proper Acknowledgments section by truly listing everyone involved would fill many, many pagesbelow you will find a simple attempt to say thanks. I apologize in advance if I forgot to mention anyone.
My Wife
What can I say that would justify or somehow verbalize what you mean to me? There is no doubt that this book is as much an effort on your part as mine. You gave me the wings of encouragement to fly and the dedication of long lonely days and nights while I worked on it. You never complained, never resisted, and were never upset when I needed more from you. Every man should be so lucky. I am who I am because of you. Thank you.
My Girls
To my little Liebchensyou are the light of my life! I apologize for all early mornings, late nights, and long weekends. Bring on the sunroom, Little People, Mary and Joseph, princesses, Barbies, and the Pirate Ship! Daddy loves you more than life itself.
My Family
Thanks to my mother and father for the gift of education and teaching me to understand the value of hard work and dedication to a project. Thanks also to my other mother, who dedicated countless hours to reading and correcting my initial rough drafts.
To the Syngress Team
Thanks for the opportunity! Thanks to the editing team; I appreciate all the hard work and dedication you gave to this project. Special thanks to Angelina Ward who ultimately earned a green light for the project, to Heather Scherer, my editor, for the countless hours and assistance, and to James Broad for the excellent eye and great suggestions throughout the technical review process.
To keep up with news and happenings about the book, or other security-related content, feel free to follow: pengebretson on Twitter or visit my homepage: http://homepages.dsu.edu/pengebretson
About the Author
Dr. Patrick Engebretson obtained his Doctor of Science degree with a specialization in information security from Dakota State University. He currently serves as an assistant professor of information assurance and also works as a senior penetration tester for a security firm in the Midwest. His research interests include penetration testing, hacking, intrusion detection, exploitation, honey pots, and malware. In the past several years, he has published many peer-reviewed journal and conference papers in these areas. He has been invited by the Department of Homeland Security to share his research at the Software Assurance Forum in Washington, DC, and has also spoken at Black Hat in Las Vegas. He regularly attends advanced exploitation and penetration testing trainings from industry-recognized professionals and holds several certifications. He teaches graduate and undergraduate courses in penetration testing, wireless security, and intrusion detection, and advanced exploitation.
AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO 
