Gudaitis Terry - Low tech hacking : street smarts for security professionals

Front matter

Copyright

Syngress is an imprint of Elsevier

225 Wyman Street, Waltham, MA 02451, USA

2012 Elsevier, Inc. All rights reserved.

No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher's permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions.

This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein).

Application submitted

A catalogue record for this book is available from the British Library.

ISBN: 978-1-59749-665-0

For information on all Syngress publications visit our website at www.syngress.com

Printed in the United States of America

121314151610987654321

For information on all Syngress publications visit our website at www.syngress.com

Acknowledgments

It's difficult to write an acknowledgments page for fear of forgetting to thank someone who has been so important in my life. Having spent many decades working and learning in the fields of both physical and technical security, I have been honored to become friends with many of the top professionals in the world who live and work in both areas of expertise.

I always like to start my acknowledgments by letting the world know that I can do nothing without the help of my Lord and Savior, Jesus Christ. I dedicate this book to Him, my wonderful wife Valerie and my son Tyler as he prepares to finish his college career and move on into the business world. My partner Don Withers is like a brother to me in every way. For 12 years now, we have been fortunate to produce our Techno Security, Techno Forensics, and our new Mobile Forensics conferences, which have had attendees from over 48 countries. I want to especially thank all of the other authors and interviewed experts of this book. I know them all well and I know that you will enjoy getting to know them through their impressive chapters. These are some of the most respected and talented security minds in the world and I am honored to have them share this incredible experience with me. I'd also like to thank my good friend Matt Cater, Syngress/Elsevier Editorial Project Manager for his frequent editing help and for being so patient as we worked our way through getting my fourth Syngress/Elsevier book ready to be published. I would not have started on this 6 month-plus project without Matt as my Project Manager.

I'm going to do my best to include the names of as many of my close friends as I can in this book. I haven't done that with past books, and I wish that I had. Please forgive me if I forget someone. If I do, I'll try to find a way to make it up to you, I promise.

My thanks go out to:

All my best,

Foreword

Come on, what did we really think was going to happen?

For well over a decade as network defenders we have relied upon the same failed defenses; Signature-based AV, IDP/IPS along with Port Centric Firewalls. We have placed all of our emphasis on Holy Grail security products at the network gateway to the public Internet and we have completely disregarded our endpoints. Further, we have neglected two of the most fundamental requirements of network security that historically have always proven to reduce the threat envelopeserver hardening and flaw remediation. Lastly, over time we have developed an acceptance of meeting technical security challenges with our written policies without any technical enforcement.