Description

One of the few books available about the Certified Ethical Hacker certification and exam. The book is divided into 15 chapters with the following structure:

Chapter 1 – Introduction to Ehical Hacking, Ethics, and Legality
Chapter 2 – Footprinting and Social Engineering
Chapter 3 – Scanning and Enumeration
Chapter 4 – System Hacking
Chapter 5 – Trojans, Backdoors, Viruses, and Worms
Chapter 6 – Sniffers
Chapter 7 – Denial of Service and Session Hijacking
Chapter 8 – Hacking Web Servers, Web Application Vulnerabilities, and Web-Based Password Cracking Techniques
Chapter 9 – SQL Injection and Buffer Overflows
Chapter 10 – Wireless Hacking
Chapter 11 – Physical Security
Chapter 12 – Linux Hacking
Chapter 13 – Evading IDSs, Honeypots, and Firewalls
Chapter 14 – Cryptography
Chapter 15 – Penetration Testing Methodologies

The first chapter should introduce the reader into the topic, therefore covered topics include those phases which are involved in hacking and gives a general overview on terms and conditions about ethical hacking, such as hacktivism, hackertypes, laws and so on. So this chapter is really very basic and shouldn't have anything new for someone who would like to take the exam.

The next chapter goes on with footprinting and social engineering as its main topics. Here the reader will get to know what phishing means, what shoulder surfing and dumpster diving are and which tools can be used for footprinting (DNS, whois, traceroute, IANA, etc.)

Scanning and Enumeration, the third chapter, introduces the reader first into the different types of scanning and the CEH scanning methodology. Bannergrabbing and OS fingerprinting get mentioned too, as well as a few Nmap command switches and scanning possibilities. The enumeration part focuses on NetBIOS and null sessions and a little SNMP Enumeration is included as well.

The fourth chapter is all about password cracking and privilege escalation. The reader will also read a short introduction into bufferoverflows and rootkits (more to come in chapter 9). NTFS Streams are explained too.

Trojans, Backdoors, Viruses, and Worms contains information about.. well, Trojans, Backdoors, Viruses, and Worms. Not too much details, just enough to get the reader know about these things and how they work.

It then goes on with Sniffing: What is it and how does it work, difference between active and passive sniffing, how APR poisoning and MAC flooding works and how it can be prevented.

The seventh chapter is mainly about (D)DoS attacks, bots and botnets, and session hijacking (types of session hijacking and sequence prediction). Land and smurf attacks get mentioned too, so does SYN flooding and some countermeasures (SNT cookies, RST cookies, micro blocks, stack tweaking, etc.). The TCP three-way-handshake is explained as well.

The eighth and nineth chapter are about web server hacking, web application vulnerabilities and SQL injections. Shortly it is described what everything means and how it works, possible attacks a hacker may launch against those systems (such as IIS unicode exploit), how Google can be used as a hacking utility, and how different types of buffer overflows (stack- and heap-based) can be detected and identified.

WLAN is focused next, so topics briefly discussed include WEP, WPA(2), cracking techniques, open system and shared key authentication as well as RC4, IVs, AES and SSID.

Physical access, one of the topics which gets often neglected, is covered next. Main focus lies within the question, why it is as important as technical and operational security.

Linux is covered next, though the reader will only get to know how C and C++ source files can be compiled using gcc and how a linux kernel could be compiled.

The thirtheenth chapter will introduce Intrusion Detection Systems (host- and network-based) and explains how they work in general. Firewall types and honeypots are included in this chapter as well as an explanation on session splicing and reverse WWW shells.

After this the reader will be introduced on two and a half page into cryptography and encryption techniques (symmetric and asymmetric key encryption), public and private key generation, MD5, SHA, RC4 and RC5, and Blowfish..

The last chapter explains the difference between vulnerability assessment and penetration test and shows some pentesting methodologies and pentesting steps (pre-attack-, attack, and post-attack-phase). The top-10 list of vulnerability scanning tools with regards to Fyodor and insecure.org are listed and briefly explained too. The chapter closes then with information a final report should contain.


Each chapter contains at the very beginning the exam objectives, which informs the reader about what he/ she should be familiar with before attending the exam. Also each chapter contains a tool field, where several tools are listed and briefly described. Occasionally there are also 'Notes' inserted, which should be memorized very well. Additionally there is a short summary of the exam essentials. Lastly the reader will get after each chapter a few review questions, which should check if the reader understood the concepts discussed in the current chapter.

About the author

Kimberly Graves has over 10 years of IT experience and holds several certifications, including CEH, CWSP, CWNP and others. Currently she works with Symbol Technologies and other leading wireless and security vendors as an instructor.

Résumé

I don't share all statements in the book, such as "It's important to use commercial applications to clean a system instead of freeware tools, because many freeware tools can further infect the system.", and I don't know if those are more the opinion of the author or if they mirror EC-Council's thoughts. However, I think it is a good addition to have for preperation if you are new to this field, don't care about the money and want to get your feet wet with CEH to start, especially when going the self-study route as it explains everything quite easy and briefly (though not everything seems to be correct..). As the title already says, it is a review guide and not a study guide - therefore I would recommend this book when preparing for the exam the last time before attending or at the very beginning of the studying process in order to get an overview of covered topics. If you decide to use this this book be prepared for bad proof-reading and editing, as there are quite a few typos and errors.

If you have already basic security skills, you won't find anything new in the book though you might find some information which seems important for the CEH exam. Again, I don't review this book in terms of a professional security book (which it certainly is not for many reasons) but as a material which can be used for the CEH exam. Therefore I gave it 2 out of 5 stars, otherwise it would be probably 1.