Bradley Tony - Hackers Challenge 3

The scenario-based testing in Hackers Challenge3 will help you identify deficiencies

in your security skills before an attacker does.

Erik Pace Birkholz, President and founder of Special Ops Security

Hackers Challenge 3 provides real-world scenarios that you can use to better react
to attacks that will affect your network. Leave your theoretics behind;
HC3 is as real as it gets and is a fantastic read.

Ben Rothke, CISSP, CISM, Director of Security Technology
Implementation AXA Technology Services

There isnt anything else quite like [Hackers Challenge] to instruct and
educate the reader on modern-day computer security incidents. And perhaps
even more so because theyre engaging, these books teach investigators and
defenders how to learn from the misfortune and mistakes of others to protect
their own networked assets.

Mike Schiffman, author of Hackers Challenge and Hackers Challenge 2

HACKERS CHALLENGE 3:

20 BRAND-NEW FORENSIC

SCENARIOS & SOLUTIONS

HACKERS CHALLENGE 3:

20 BRAND-NEW FORENSIC

SCENARIOS & SOLUTIONS

DAVID POLLINO
BILL PENNINGTON
TONY BRADLEY
HIMANSHU DWIVEDI

McGraw-Hill

New York Chicago San Francisco
Lisbon London Madrid Mexico City
Milan New Delhi San Juan
Seoul Singapore Sydney Toronto

Hackers Challenge 3: 20 Brand-New Forensic Scenarios & Solutions

Copyright 2006 by The McGraw-Hill Companies. All rights reserved. Except as permitted under the United States Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher.

ISBN: 978-0-07-149200-3

MHID: 0-07-149200-3

The material in this eBook also appears in the print version of this title: ISBN 978-0-07-226304-6, MHID 0-07-226304-0.

All trademarks are trademarks of their respective owners. Rather than put a trademark symbol after every occurrence of a trademarked name, we use names in an editorial fashion only, and to the benefit of the trademark owner, with no intention of infringement of the trademark. Where such designations appear in this book, they have been printed with initial caps.

McGraw-Hill eBooks are available at special quantity discounts to use as premiums and sales promotions, or for use in corporate training programs. To contact a representative please e-mail us at .

TERMS OF USE

This is a copyrighted work and The McGraw-Hill Companies, Inc. (McGraw-Hill) and its licensors reserve all rights in and to the work. Use of this work is subject to these terms. Except as permitted under the Copyright Act of 1976 and the right to store and retrieve one copy of the work, you may not decompile, disassemble, reverse engineer, reproduce, modify, create derivative works based upon, transmit, distribute, disseminate, sell, publish or sublicense the work or any part of it without McGraw-Hills prior consent. You may use the work for your own noncommercial and personal use; any other use of the work is strictly prohibited. Your right to use the work may be terminated if you fail to comply with these terms.

THE WORK IS PROVIDED AS IS. McGRAW-HILL AND ITS LICENSORS MAKE NO GUARANTEES OR WARRANTIES AS TO THE ACCURACY, ADEQUACY OR COMPLETENESS OF OR RESULTS TO BE OBTAINED FROM USING THE WORK, INCLUDING ANY INFORMATION THAT CAN BE ACCESSED THROUGH THE WORK VIA HYPERLINK OR OTHERWISE, AND EXPRESSLY DISCLAIM ANY WARRANTY, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. McGraw-Hill and its licensors do not warrant or guarantee that the functions contained in the work will meet your requirements or that its operation will be uninterrupted or error free. Neither McGraw-Hill nor its licensors shall be liable to you or anyone else for any inaccuracy, error or omission, regardless of cause, in the work or for any damages resulting therefrom. McGraw-Hill has no responsibility for the content of any information accessed through the work. Under no circumstances shall McGraw-Hill and/or its licensors be liable for any indirect, incidental, special, punitive, consequential or similar damages that result from the use of or inability to use the work, even if any of them has been advised of the possibility of such damages. This limitation of liability shall apply to any claim or cause whatsoever whether such claim or cause arises in contract, tort or otherwise.

To my wife, Michelle, and my children, Piero and Enzo.

David Pollino

To Lily and Dawn for making me complete.

Bill Pennington

To my wife, Nicki. You are my sunshine and my inspiration. I couldnt ask for a better friend and partner. Also, to my children, Jordan, Dalton, Paige, Teegan, Ethan, and Noah. You all make me proud in your own way and I love you all.

Tony Bradley

For my wife, Kusum; my parents, Chandradhar and Prabha Dwivedi; my brother and sister, Sudhanshu and Neeraja, the 1996 orientation leaders at the University of Minnesota and the 1997 New Student Weekend Co-Chairs. Go Gophers!

Himanshu Dwivedi

ABOUT THE AUTHORS

David Pollino has a strong background in security, wireless, and networking. David is currently a security practitioner working in financial services. During his career, he has worked for an industry-leading security consulting company, a large financial services company, and a tier 1 ISP. David often speaks at security events and has frequently been quoted in online and printed journals regarding security issues. During his career as a consultant and network engineer, David has worked for clients across multiple industries, including financial services, service providers, high technology, manufacturing, and government. He co-authored Wireless Security (RSA Press, 2002) and Hackers Challenge and Hackers (McGraw-Hill/Osborne, 2001 and 2002, respectively).

Bill Pennington, CISSP, has six years of professional experience in information security and eleven years in information technology. His duties at WhiteHat include managing research and development, guiding product and technology direction, managing web application assessment teams, and developing and delivering WhiteHat Security training. Bill has performed web application assessments for more than four years in a variety of industry verticals including financial services, e-commerce, and biotechnology. He is familiar with Mac OS X, Linux, Solaris, Windows, and OpenBSD, and he is a Certified Information Security Systems Practitioner (CISSP) and Certified Cisco Network Administrator (CCNA). He has broad experience in web application security, penetration testing, computer forensics, and intrusion detection systems. Prior to joining WhiteHat, Bill was a principal consultant and technical lead for assessment services at Guardent, a nationwide security services provider.