Hacking For Dummies,4th Edition -- Table of Contents -- Introduction -- Who Should Read This Book? -- About This Book -- How to Use This Book -- What You Don't Need to Read -- Foolish Assumptions -- How This Book Is Organized -- Icons Used in This Book -- Where to Go from Here -- Part I: Building the Foundation for Ethical Hacking -- Chapter 1: Introduction to Ethical Hacking -- Straightening Out the Terminology -- Recognizing How Malicious Attackers Beget Ethical Hackers -- Understanding the Need to Hack Your Own Systems -- Understanding the Dangers Your Systems Face -- Obeying the Ethical Hacking Commandments -- Using the Ethical Hacking Process -- Chapter 2: Cracking the Hacker Mindset -- What You're Up Against -- Who Breaks into Computer Systems -- Why They Do It -- Planning and Performing Attacks -- Maintaining Anonymity -- Chapter 3: Developing Your Ethical Hacking Plan -- Establishing Your Goals -- Determining Which Systems to Hack -- Creating Testing Standards -- Selecting Security Assessment Tools -- Chapter 4: Hacking Methodology -- Setting the Stage for Testing -- Seeing What Others See -- Scanning Systems -- Determining What's Running on Open Ports -- Assessing Vulnerabilities -- Penetrating the System -- Part II: Putting Ethical Hacking in Motion -- Chapter 5: Social Engineering -- Introducing Social Engineering -- Starting Your First Social Engineering Tests -- Why Attackers Use Social Engineering -- Understanding the Implications -- Performing Social Engineering Attacks -- Social Engineering Countermeasures -- Chapter 6: Physical Security -- Identifying Basic Physical Security Vulnerabilities -- Pinpointing Physical Vulnerabilities in Your Office -- Chapter 7: Passwords -- Understanding Password Vulnerabilities -- Cracking Passwords -- General Password-Cracking Countermeasures -- Securing Operating Systems.

Part III: Hacking Network Hosts -- Chapter 8: Network Infrastructure -- Understanding Network Infrastructure Vulnerabilities -- Choosing Tools -- Scanning, Poking, and Prodding the Network -- Detecting Common Router, Switch, and Firewall Weaknesses -- Putting Up General Network Defenses -- Chapter 9: Wireless LANs -- Understanding the Implications of Wireless Network Vulnerabilities -- Choosing Your Tools -- Discovering Wireless LANs -- Discovering Wireless Network Attacks and Taking Countermeasures -- Chapter 10: Mobile Devices -- Sizing Up Mobile Vulnerabilities -- Cracking Laptop Passwords -- Cracking Phones and Tablets -- Part IV: Hacking Operating Systems -- Chapter 11: Windows -- Introducing Windows Vulnerabilities -- Choosing Tools -- Gathering Information about Your Windows Vulnerabilities -- Detecting Null Sessions -- Checking Share Permissions -- Exploiting Missing Patches -- Running Authenticated Scans -- Chapter 12: Linux -- Understanding Linux Vulnerabilities -- Choosing Tools -- Gathering Information about Your Linux Vulnerabilities -- Finding Unneeded and Unsecured Services -- Securing the . rhosts and hosts. equiv Files -- Assessing the Security of NFS -- Checking File Permissions -- Finding Buffer Overflow Vulnerabilities -- Checking Physical Security -- Performing General Security Tests -- Patching Linux -- Part V: Hacking Applications -- Chapter 13: Communication and Messaging Systems -- Introducing Messaging System Vulnerabilities -- Recognizing and Countering E-Mail Attacks -- Understanding Voice over IP -- Chapter 14: Websites and Applications -- Choosing Your Web Application Tools -- Seeking Web Vulnerabilities -- Minimizing Web Security Risks -- Chapter 15: Databases and Storage Systems -- Diving into Databases -- Following Best Practices for Minimizing Database Security Risks -- Opening Up about Storage Systems.

Following Best Practices for Minimizing Storage Security Risks -- Part VI: Ethical Hacking Aftermath -- Chapter 16: Reporting Your Results -- Pulling the Results Together -- Prioritizing Vulnerabilities -- Creating Reports -- Chapter 17: Plugging Security Holes -- Turning Your Reports into Action -- Patching for Perfection -- Hardening Your Systems -- Assessing Your Security Infrastructure -- Chapter 18: Managing Security Processes -- Automating the Ethical-Hacking Process -- Monitoring Malicious Use -- Outsourcing Ethical Hacking -- Instilling a Security-Aware Mindset -- Keeping Up with Other Security Efforts -- Part VII: The Part of Tens -- Chapter 19: Ten Tips for Getting Upper Management Buy-In -- Cultivate an Ally and a Sponsor -- Don't Be a FUDdy Duddy -- Demonstrate How the Organization Can't Afford to Be Hacked -- Outline the General Benefits of Ethical Hacking -- Show How Ethical Hacking Specifically Helps the Organization -- Get Involved in the Business -- Establish Your Credibility -- Speak on Management's Level -- Show Value in Your Efforts -- Be Flexible and Adaptable -- Chapter 20: Ten Reasons Hacking Is the Only Effective Way to Test -- The Bad Guys Think Bad Thoughts, Use Good Tools, and Develop New Methods -- IT Governance and Compliance Are More Than High-Level Checklist Audits -- Ethical Hacking Complements Audits and Security Evaluations -- Clients and Partners Will Ask, " How Secure Are Your Systems?" -- The Law of Averages Works against Businesses -- Ethical Hacking Improves Understanding of Business Threats -- If a Breach Occurs, You Have Something to Fall Back On -- Ethical Hacking Brings Out the Worst in Your Systems -- Ethical Hacking Combines the Best of Penetration Testing and Vulnerability Assessments -- Ethical Hacking Can Uncover Weaknesses That Might Go Overlooked for Years -- Chapter 21: Ten Deadly Mistakes.

Not Getting Prior Approval -- Assuming That You Can Find All Vulnerabilities during Your Tests -- Assuming That You Can Eliminate All Security Vulnerabilities -- Performing Tests Only Once -- Thinking That You Know It All -- Running Your Tests without Looking at Things from a Hacker's Viewpoint -- Not Testing the Right Systems -- Not Using the Right Tools -- Pounding Production Systems at the Wrong Time -- Outsourcing Testing and Not Staying Involved -- Chapter 22: Tools and Resources -- Advanced Malware -- Bluetooth -- Certifications -- Databases -- Exploits -- General Research Tools -- Hacker Stuff -- Keyloggers -- Laws and Regulations -- Linux -- Live Toolkits -- Log Analysis -- Messaging -- Miscellaneous -- Mobile -- Networks -- Password Cracking -- Patch Management -- Security Education and Learning Resources -- Security Methods and Models -- Social Engineering -- Source Code Analysis -- Storage -- System Hardening -- User Awareness and Training -- Voice over IP -- Vulnerability Databases -- Websites and Applications -- Windows -- Wireless Networks -- Index.