"I finally get it! I used to hear words like rootkit, buffer overflow, and idle scanning, and they just didn't make any sense. I asked other people and they didn't seem to know how these things work, or at least they couldn't explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!" --Stephen Northcutt, CEO, SANS Institute "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery "Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It's technically intriguing and very clear...A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field."--From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World "What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks." --Lenny Zeltser, coauthor of Malware: Fighting Malicious Code "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery"In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis's real strength is in his ability to show complex topics in an understandable form. By the time he's done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar.This book is your best source for understanding attack strategies, attack tools, and the defenses against both." --William Stearns, network security expert, www.stearns.org"This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written." --Warwick Ford, coauthor of Secure Electronic Commerce For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks. For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic.You'll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments. Important features of this new edition include *All-new "anatomy-of-an-attack" scenarios and tools *An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more *Fully updated coverage of reconnaissance tools, including Nmap port scanning and "Google hacking" *New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit *New information on dangerous, hard-to-detect, kernel-mode rootkits
In defending your systems against intruders and other meddlers, a little knowledge can be used to make the bad guys--particularly the more casual among them--seek out softer targets. Counter Hack aims to provide its readers with enough knowledge to toughen their Unix and Microsoft Windows systems against attacks in general, and with specific knowledge of the more common sorts of attacks that can be carried out by relatively unskilled "script kiddies." The approach author Ed Skoudis has chosen is effective, in that his readers accumulate the knowledge they need and generally enjoy the process.

The best part of this book may be two chapters, one each for Windows and Unix, that explain the essential security terms, conventions, procedures, and behaviors of each operating system. This is the sort of information that readers need--a Unix person getting into Windows administration for the first time needs an introduction to the Microsoft security scheme, and vice versa. A third chapter explains TCP/IP with focus on security. With that groundwork in place, Skoudis explains how (with emphasis on tools) attackers look for vulnerabilities in systems, gain access, and maintain their access for periods of time without being discovered. You'll probably want to search online resources for more specific information--Skoudis refers to several--but this book by itself will provide you with the vocabulary and foundation knowledge you need to get the details you want. --David Wall

Topics covered: How black-hat hackers work, what tools and techniques they use, and how to assess and improve your systems' defenses. The author explains how Windows, Unix, and TCP/IP can be exploited for nefarious purposes, and details a modus operandi that's typical of the bad guys.

Customer Rating:
Summary: On a path to being a Ethical Hacker.
Comment: This book is absolutely awesome. It's very organized, which is my number one need in a book. It's narrowed down, it's technical, but Ed writes things in a way that just sticks. The way this book starts out is very logical, it's a progression. It starts you off with:

-TCP/IP(Which is a must)
-Windows Overview(Which is a must)
-Unix/Linux Overview(Get the picture?)

Then it goes into
-Recon(gathering information)
-Scanning(Port Scanning, and Vulnerability scanning)
-Gaining access- This chapter explains Boffer Overflows very well, and
Metasploit)--I enjoyed this chapter.

-Network Attacks( Privelage Escalation, hoping from one computer to the next, collecting passwords by sniffing)
-Maintaining Access(Backdoors, viruses, Rootkits)
-Covering tracks

This book is just a good read. I think I'm going to read again, this time taking notes. I tried to read Hacking Exposed, but it jumps around to much, and it's boring. My two cents.

---

Customer Rating:
Summary: Counter Hack Reloaded
Comment: This is great book I would recomend it to someone interested in learning the basic fundamentals of computer security.

---

Customer Rating:
Summary: Another winner
Comment: Nutshell review - Another great book by Ed Skoudis. Covers all the popular attack vectors and a variety of possible defence techniques. A solid book from which further study and investigation can be undertaken. Management people should read this too.

---

Customer Rating:
Summary: Excellent book for a broad overview of Computer/Network Security
Comment: Counter Hack Reloaded (CHR) is an excellent book for someone looking for a broad overview of computer/network security written in a very clear, logical, and even enjoyable manner.

After CHR's Introductory chapter, the reader is given an overview on Networking, Linux/Unix, and Windows. These three chapters give the reader enough to be able to understand the subsequent chapters which deal with specific phases of an attack. These phases are, Reconnaissance, Scanning, Gaining Access (with different chapters for different methods of gaining access,) Maintaining Access, and Covering Tracks. Throughout these chapters, CHR introduces the reader to the tools used by attackers; how they work, where to get them, and how to defend yourself against them (often by using the tools themselves.) Finally, CHR "puts it all together" with different scenarios of attacks. The scenarios show how attackers use different phases of an attack, and different tools, to penetrate a network/system. Throughout this chapter CHR highlights the mistakes the victims make in their networks/systems to allow the attacks to succeed.

CHR is exceptionally well written, especially for a technical subject. Explanations of complex topics are clear, simple and even entertaining. I would even go so far to say that it is a joy to read.

Overall, CHR is about core concepts. It's about understanding how attacks occur, and understanding why they can succeed. Only then can you have any hope in understanding how to go about defending yourself.

---

Customer Rating:
Summary: awesome
Comment: I'm technically not finished reading this book yet and probably never will be until they update it again and still it will be a good reference manual for several years anyway. Skoudis and Liston do have a way of making complex issues seem to make sense. I thank them for writing it and thank Amazon for making it available to me.

---