Hacker's Challenge: Test Your Incident Response Skills Using 20 Scenarios

Jacket Description/Back: "A solve-it-yourself mystery that will draw you in with entertaining, yet realistic scenarios that both challenge and inform you." --Tim Newsham, security research scientist, @stake, Inc. Malicious hackers are everywhere these days, so how do you keep them out of your networks? This unique volume challenges your forensics and incident response skills with 20 real-world hacks presented by upper-echelon security experts. Important topics are covered, including Denial of Service, wireless technologies, Web attacks, and malicious code. Each challenge includes a detailed explanation of the incident--how the break-in was detected, evidence and possible clues, technical background such as log files and network maps, and a series of questions for you to solve. Then, in Part II, you get a detailed analysis of how the experts solved each incident. Excerpt from "The Insider": The Challenge: Kris, a software company's senior I. T. staffer, got a call from the helpdesk.... Users were complaining that the entire contents of their inbox, outbox, and deleted items folders had completely disappeared.... The following Monday, Kris found that the entire Exchange database had been deleted.... The attacker sent an email from a Yahoo! account taking responsibility for the attacks.... The e-mail had been sent from a machine within the victim's network. Kris brought in an external security team who immediately began their investigation... In addition to gathering physical security logs, Microsoft Exchange logs, and virtual private network (VPN) logs they interviewed key people inside the company.... The Solution: After reviewing the log files included in the challenge, propose your assessment--whendid the deletion of e-mail accounts begin and end, which users were connected to the VPN at the time, and what IP addresses were the users connecting from? Then, turn to the experts' answers to find out what really happened. Contributing authors include: Top security professionals from @stake, Foundstone, Guardent, The Honeynet Project, University of Washington, Fortrex Technologies, SecureMac.com, AnchorIS.com, and the National Guard Information Warfare unit. Publisher Marketing: Find out if you have what it takes to keep the bad guys out of your network. This real-world resource contains 20+ hacking challenges for you to solve. Plus, you'll get in-depth solutions for each, all written by experienced security consultants.

Contributor Bio:  Schiffman, Mike Mike Schiffman is the director of research and development at Guardent, the leading provider of professional security services. He has written for numerous technical journals, has written white papers, and has contributed to Hacking Exposed.