ALL IN ONE CEH Certified Ethical Hacker - DropPDF
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4 / blind folio: iiiALL IN ONECEH CertifiedEthical HackerEXAM GUIDEMatt WalkerNew York Chicago San Francisco LisbonLondon Madrid Mexico City Milan New DelhiSan Juan Seoul Singapore Sydney TorontoMcGraw-Hill is an independent entity from the International Council of E-Commerce Consultants (EC-Council)and is not affiliated with EC-Council in any manner. This study/training guide and/or material is not sponsored by,endorsed by, or affiliated with EC-Council in any manner. This publication and CD may be used in assisting studentsto prepare for The Certified Ethical Hacker (CEH ) exam. Neither EC-Council nor McGraw-Hill warrant that use ofthis publication and CD will ensure passing any exam. CEH is a trademark or registered trademark of EC-Council inthe United States and certain other countries. All other trademarks are trademarks of their respective owners.FM.indd 38/2/11 8:34 PM
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4 / blind folio: ivCataloging-in-Publication Data is on file with the Library of CongressMcGraw-Hill books are available at special quantity discounts to use as premiums and sales promotions, or for use incorporate training programs. To contact a representative, please e-mail us at bulksales@mcgraw-hill.com.CEH Certified Ethical Hacker All-in-One Exam GuideCopyright 2012 by The McGraw-Hill Companies. All rights reserved. Printed in the United States of America. Except aspermitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any formor by any means, or stored in a database or retrieval system, without the prior written permission of publisher, with theexception that the program listings may be entered, stored, and executed in a computer system, but they may not bereproduced for publication.All trademarks or copyrights mentioned herein are the possession of their respective owners and McGraw-Hill makesno claim of ownership by the mention of products that contain these marks.1234567890 QFR QFR10987654321ISBN: Book p/n 978-0-07-177230-3 and CD p/n 978-0-07-177231-0of set 978-0-07-177229-7MHID: Book p/n 0-07-177230 8 and CD p/n 0-07-177231-6of set 0-07-177229-4Sponsoring EditorTimothy GreenTechnical EditorBrad HortonProduction SupervisorJames KussowEditorial SupervisorJody McKenzieCopy EditorBart ReedCompositionApollo Publishing ServicesProject EditorEmilia Thiuri, Fortuitous PublishingServicesProofreaderLouise WatsonIllustrationLyssa WaldIndexerJack LewisArt Director, CoverJeff WeeksAcquisitions CoordinatorStephanie EvansThe views and opinions expressed in all portions of this publication belong solely to the author and/or editor and donot necessarily state or reflect those of the Department of Defense or the United States Government. References withinthis publication to any specific commercial product, process, or service by trade name, trademark, manufacturer, orotherwise, do not necessarily constitute or imply its endorsement, recommendation, or favoring by the United StatesGovernment.Some glossary terms included in this book may be considered public information as designated by The NationalInstitute of Standards and Technology (NIST). NIST is an agency of the U.S. Department of Commerce. Please visitwww.nist.gov for more information.Information has been obtained by McGraw-Hill from sources believed to be reliable. However, because of the possibility of human ormechanical error by our sources, McGraw-Hill, or others, McGraw-Hill does not guarantee the accuracy, adequacy, or completeness ofany information and is not responsible for any errors or omissions or the results obtained from the use of such information.FM.indd 48/2/11 8:34 PM
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4 / blind folio: vThis book is dedicated to my children:Faith, Hope, Christian, and Charity.They are the world to me.FM.indd 58/2/11 8:34 PM
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4 / blind folio: viAbout the AuthorMatt Walker, an IT Security and Education professional for over 20 years, has served asthe Director of the Network Training Center and the Curriculum Lead/Senior Instructorfor the local Cisco Networking Academy on Ramstein AB, Germany. After leaving theU.S. Air Force, Matt served as a Network Engineer for NASA’s Secure Network Systems(NSS), designing and maintaining secured data, voice, and video networking for theAgency. Soon thereafter, Matt took a position as Instructor Supervisor and Senior Instructor at Dynetics, Inc., in Huntsville, Alabama, providing onsite certification awarding classes for ISC2, Cisco, and CompTIA, and after two years came right back to NASAas the IT Security Manager for UNITeS, SAIC, at Marshall Space Flight Center. He haswritten and contributed to numerous technical training books for NASA, Air Educationand Training Command, the U.S. Air Force, as well as commercially, and he continues totrain and write certification and college-level IT and IA Security courses. Matt holds numerous commercial certifications, including CEHv7, CPTS, CNDA, CCNA, and MCSE.Matt is currently the IT Security Manager for Lockheed Martin at Kennedy Space Center.About the Technical EditorBrad Horton currently works as an Information Security Specialist with the U.S. Department of Defense. Brad has worked as a security engineer, commercial security consultant, penetration tester, and information systems researcher in both the private andpublic sectors.This has included work with several defense contractors, including General DynamicsC4S, SAIC, and Dynetics, Inc. Mr. Horton currently holds CISSP, CEH, CISA, and CCNAtrade certifications. Brad holds a bachelor’s degree in Commerce and Business Administration from the University of Alabama, a master’s degree in Management of Information Systems from the University of Alabama in Huntsville (UAH), and a graduatecertificate in Information Assurance from UAH. When not hacking, Brad can be foundat home with his family or on a local golf course.The views and opinions expressed in all portions of this publication belong solelyto the author and/or editor and do not necessarily state or reflect those of the Department of Defense or the United States Government. References within this publicationto any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise, do not necessarily constitute or imply its endorsement, recommendation, or favoring by the United States Government.FM.indd 68/2/11 8:34 PM
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4/ blind folio: viiAbout the Contributing EditorAngie Walker is currently an Information Systems Security Engineer for Harris Corporation, located in Melbourne, Florida. Among the many positions she has filled overthe course of her 20-plus years in Information Technology and Information Assuranceare Chief Information Security Officer for the University of North Alabama, Manager ofthe Information Systems Security (ISS) office for the Missile Defense Agency (MDS)South, and lead for the MDA Alternate Computer Emergency Response Team (ACERT).She served as Superintendent of the United States Air Forces in Europe (USAFE) Communications and Information Training Center, Superintendent of the 385 Communications Squadron on Ali Al Saleem AB, Kuwait, and Senior Information SecurityAnalyst for Army Aviation Unmanned Aircraft Systems. Angie holds several industrycertifications, including CISSP, Network and Security , and a master’s degree in Information Systems Management. She has developed and taught courseware worldwidefor the U.S. Air Force, as well as several computer science courses for the University ofAlabama in Huntsville and Kaplan University in Fort Lauderdale, Florida.FM.indd 78/2/11 8:34 PM
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4Contents at a GlanceChapter 1Ethical Hacking BasicsChapter 2Cryptography 101. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27Chapter 3Reconnaissance: Information Gathering for the Ethical Hacker . . . .53Chapter 4Scanning and Enumeration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85Chapter 5Hacking Through the Network: Sniffers and Evasion. . . . . . . . . . . .121Chapter 6Attacking a System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155Chapter 7Low Tech: Social Engineering and Physical Security . . . . . . . . . . . . . .193Chapter 8Web-Based Hacking: Servers and Applications . . . . . . . . . . . . . . . . .219Chapter 9Wireless Network Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251Chapter 10Trojans and Other Attacks283Chapter 11The Pen Test: Putting It All Together. . . . . . . . . . . . . . . . . . . . . . . . .311Appendix ATool, Sites, and References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325Appendix BAbout the CD. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .337Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .339Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .373. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .ixFM.indd 98/2/11 8:34 PM
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4ContentsAcknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Chapter 1Chapter 2Chapter 3Ethical Hacking Basicsxviixix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1Introduction to Ethical Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . .Security Basics: CIA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Defining the Ethical Hacker . . . . . . . . . . . . . . . . . . . . . . . . . .Hacking Terminology and Attacks . . . . . . . . . . . . . . . . . . . . .Legal Hacking: Laws and Guidelines You Need to Know . . . . . . . . .U.S. Cyber Crime Laws . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .International Cyber Crime Laws . . . . . . . . . . . . . . . . . . . . . . .Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22511141518202224Cryptography 101. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27Cryptography and Encryption Overview . . . . . . . . . . . . . . . . . . . . .Encryption Algorithms and Techniques . . . . . . . . . . . . . . . . .PKI, the Digital Certificate, and Digital Signatures . . . . . . . . . . . . .The PKI System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Digital Signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Encrypted Communication and Cryptography Attacks . . . . . . . . . .Data Encryption: At Rest and While Communicating . . . . . .Cryptography Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282838394043444446474951Reconnaissance: Information Gathering for the Ethical Hacker . . . .53Vulnerability Research . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Footprinting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Footprinting with DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Determining Network Range . . . . . . . . . . . . . . . . . . . . . . . . .Google Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Other Tips and Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .545862717477788183xiFM.indd 118/2/11 8:34 PM
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4CEH Certified Ethical Hacker All-in-One Exam GuidexiiChapter 4Chapter 5Chapter 6Chapter 7FM.indd 12Scanning and Enumeration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85Scanning for Targets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Identifying Active Machines . . . . . . . . . . . . . . . . . . . . . . . . . .Port Scanning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Other Scanning Tips and Tools . . . . . . . . . . . . . . . . . . . . . . . .Enumeration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Windows Security Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Enumeration Techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . .Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .868791105107108110113117119Hacking Through the Network: Sniffers and Evasion. . . . . . . . . . . .121Sniffing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Communications Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Sniffing Techniques and Tools . . . . . . . . . . . . . . . . . . . . . . . .Network Roadblocks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Intrusion Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Firewalls and Honeypots . . . . . . . . . . . . . . . . . . . . . . . . . . . .Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122122127136136144149151153Attacking a System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155Windows System Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Password Cracking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Escalating Privileges and Maintaining Stealth . . . . . . . . . . . .Linux Hacking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Linux Essentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Hardening a Linux Machine . . . . . . . . . . . . . . . . . . . . . . . . . .Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .156156168177177184187189192Low Tech: Social Engineering and Physical Security . . . . . . . . . . . . . .193Social Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Human-Based Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Computer-Based Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Physical Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Physical Security 101 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Chapter Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Answers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1941951972022022132142178/2/11 8:34 PM
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4ContentsxiiiChapter 8Chapter 9Chapter 10Chapter 11Appendix AFM.indd 13Web-Based Hacking: Servers and Applications . . . . . . . . . . . . . . . . .219Attacking Web Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Web Services Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . .Web Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Web Applications . . . . . . . . . . . . . . . . . . . . .
All-in-1 /CEH Certified Ethical Hacker Exam Guide / Walker / 229-4/ blind folio: vii About the Contributing Editor Angie Walker is currently an Information Systems Security Engineer for Harris Corpo- ration, located in Melbourne, Florida. Among the many positions she has filled over the course of her 20-plus years in Information Technology and Information Assurance
Contain all hacking tools from the CEH v6 Lab Files DVD-ROMs resident on the hard drive in CEH tools folder at the Desktop (The lab files DVD-ROMs are available from CEH v6 courseware kit) Contain all Windows 2003 source files in c:\i386 Have PowerPoint, Word and Ex
Aug 04, 2011 · Certified Secure Computer User (CSCU) 16 EC-Council Certified Security Specialist (ECSS) 17 EC-Council Certified Encryption Specialist (ECES) 18 Certified Network Defender (CND) 19 Certified Ethical Hacker (CEH) 20 Certified Penetration Testing Professional (CPENT)
to the CEH pump's exceptional performance is an integrated first-stage centrifugal pump impeller that makes low-NPSHR operation possible. This combination side channel-centrifugal pump design enables SIHI CEH pumps to move gas-entrained fluids at net positive suction heads less than 0.5 m (1.64 ft).
CEH Certified Ethical Hacker. Study Guide Version 9 Sean-Philip Oriyano. Development Editor: Kim Wimpsett . Exam 312-50 Exam Objectives Assessment Test Answers to Assessment Test Chapter 1: Introduction to Ethical Hacking Hacking: the Evolution So, What Is an Ethical Hacker? Summary
EC-Council Certified Ethical Hacker (CEH 312-50) Background - 21.79% Network and Communication Technologies - Networking technologies (e.g., hardware, infrastructure). - Web technologies (e.g., web 2.0, skype). Systems technologie
CERTIFIED ETHICAL HACKER 03 Certiied Ethical Hacker (CEH) Version 11 CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so that you will be better positioned to set up your security infrastructure and defend future .
Certified Ethical Hacker - CEH v12 Syllabus Module 01: Introduction to Ethical Hacking 2 Hours - 11 Topics Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures. Key topics covered:
Beyond Illustration aims to survey recent, pioneering research in the application of visualisation technologies in archaeology, moving beyond the tacit assumption that visualisation is only for teaching and illustration, and employing the computer model as a research tool to generate new archaeological knowledge.
