Never in the history of computing has there been such a great opportunity for hackers to gain access to computers. This book is designed to give systems and security managers insight into the minds of hackers and to provide the tools to fight systems attacks. The book looks through the eyes of potential intruders as well as through systems managers’ eyes. It shows methods of sealing the cracks by which hackers can gain access to computer systems. This is not a cookbook, but it explains how and why a problem can be leveraged into a security breach and how to fix the problem. Several examples of actual events are used to show how security problems can be resolved. A CD-ROM contains programs that can be used to detect and eliminate potential security problems.

The book provides an overview of hackers, their motives, and the legal implications of hacking. It discusses the tactics hackers use to get information from both the computer and the people who use it. The details of how hackers gain access to computer systems are examined.

A close examination of what a hacker will do to a system is provided, including how to halt the hacker once he or she gains access. The procedures hackers use to monitor systems once they gain access are outlined, including system logs, shell histories, email monitoring, and examination of system backups. The author outlines the methods hackers use to cover their tracks, including stealth connection, masquerading, UTMP modification, IP spoofing, process hiding, log doctoring, backdoors, and changing the system time.

Once a hacker gains access to a system, methods must be used to contain that access. The ease of access to networked resources increases the complexity of this problem. The author discusses how hackers can use network resources to invade other systems. He outlines the problems caused by spoofs, logic bombs, parasites, viruses, worms, and snoopers. He also outlines the use of systems for implementing the appropriate level of security in relation to the risk for a computer system. Methods for detecting and responding to break-ins, including restoring data and service, determining the cause of an outage, repairing the problem, prosecuting the attacker, and managing public relations, are detailed.

The book is written for uninformed readers and provides a good overview of computer security and the problems caused by hackers. In its coverage of many topics, the text lacks the depth needed for classroom use. For example, chapter references and footnotes are not provided. On the other hand, the appendices include a list of computer security organizations, other sources of information (including Web sites and newsgroups), and a glossary, and the CD-ROM includes a variety of software packages and information archives.

This book is recommended for people with limited backgrounds in computer security or for security professionals who want a refresher on general issues related to computer security. It distinctly emphasizes the Unix operating system, which readers using Unix will appreciate, while those using other operating systems will find this topic of limited value. A discussion of network operating systems would improve the book’s coverage. Brief but well-organized, this text is useful as a quick reference for those interested in computer security.