Counter Hack Reloaded: A Step-By-Step Guide to Computer Attacks and Effective Defenses

Please note this review is for the 2nd Edition of this book While "Counter Hack Reloaded" by Skoudis is an `Updated Edition of the Best-Seller' (per the book's cover), Counter Hack Reloaded (CHR) is really a new book in it's own right. CHR has gone through an extensive revision and is fully updated to meet today and tomorrow's emerging threats (i.e. wireless attacks). While 50% of the tools/exploits that are discussed in this book can be found in other `hack' books, the tools/exploits have been fully updated and document the latest commands. See page 21 of for a detailed explanation of CHR's updates. Some quick points of interest for me: * Page 228 - excellent, quick description of DNS's characteristics (when DNS uses UDP vs TCP). * Page 264 - good explanation of UDP vs ICMP pings (something to remember when troubleshooting connectivity from different platforms). * Chapter 7 - Gaining Access at the OS and App level - very good discussion of buffer overflows. The chapter also provides an updated list of access tools (i.e. WebGoat & password crackers). * Chapter 8 - Gaining Access via Network Attacks - great explanation of man-in-the-middle attacks by DSniff and Ettercap. I also enjoyed the explanation of NetCat (everyone's friend). * Chapter 9 - Denial of Service Attacks - the discussion on SYN cookies was new to me. While I thought chapter 2, Networking, deserved it's place, I thought that chapter 3, UNIX, went a little off course. I also thought that the 2nd half of chapter 5, Reconnaissance, was of much more value than the first half of chapter 5. Page 138 had a weak description of salting. All these demotions are trivial issues, and do not distract from the overall supremacy of CHR. Overall, I greatly enjoyed "Counter Hack Reloaded" by Skoudis. It is an update to a classic, that like the first edition, does not disappoint. I give this book 5 pings out of 5: !!!!!

Counter Hack is a great book overall. It encapsulates all that should be a good technical book. It's easy to read, easy to follow, contains lots of useful information, and doesn't bog down the reader with useless specifications or incredibly obtuse details. From the view of a security newbie, this book provides an all-encompassing view of hacking and counteracting it. The book starts out with a simple introduction to various system and network technologies, and then details the ways to hack into, and then prevent hacking into these technologies. The book takes a great view in each chapter. First it explains the evil hacker's view and how they could exploit vulnerabilities and weaknesses. Then it follows it up with how to shore everything up and prevent such hacking.This book also goes into the tools, websites, and methods to hack and to counter hack, providing an invaluable reference without annoying the reader with too much information. Include this with its remarkable readability, and I would say this should be required reading for anyone administrating networks or writing software applications.In short, I could not imagine a better security book around.

I am a senior engineer for network security operations, who has taught SANS, InfraGard, and FIRST audiences. Since late 1998 I've been looking for the one book I could recommend to newcomers to the digital security realm. Ed Skoudis' "Counter Hack" is that book. My previous reviews show I don't shelter weaker books, and I reserve praise for truly deserving titles. "Counter Hack" is a solid, accessible, practical title that merits my highest recommendation. "Counter Hack" contains all I could ask for in an introductory book. Chapters three (30 pages) and four (40 pages) provide the basics of UNIX and Windows (respectively). For each operating system, one reads about file architecture, accountability, privileges, trust, and services. Armed with this background, "Counter Hack" then explains reconnaissance, scanning, application/OS-based attacks, network-based attacks, denial of service, maintaining access, and covering tracks. Each chapter is thorough and very well written. Chapter twelve's three attack scenarios are a fitting conclusion, showing how the earlier tactics are utilized in realistic network intrusions. Veterans will find "Counter Hack" useful too. Some of the topics receiving exceptionally good coverage are Route's "Firewalk" tool, IDS evasion techniques, the Achilles web proxy/attack tool, netcat relays, Reverse WWW Shell, and Covert_TCP. "Counter Hack" includes the single clearest, most concise explanation of stack-based buffer overflows I've read. It offers novel material, like a comparison of netcat's superiority to telnet, and implementing source routing attacks. Most of these discussions include excellent diagrams and well-documented command line instructions. "Counter Hack" is not perfect. I think the mentions of sequence numbers could be more accurate (ACK with ISN B+1 rather than simply ISN B, for example). Also, early in the book MAC addresses are shown with four bytes, when they are actually six bytes. These minor errors were the only ones I found, however. If you are a new player in the security arena, I highly recommend reading "Counter Hack." I plan to buy several copies for my office. It's the single most useful volume published for entry level security personnel, and it also contains material which veterans will appreciate. (Disclaimer: I received a free review copy from the publisher.)

This is a "fun to read" book that fully describes the methodology of hacking attacks. It is by far the most enjoyable book I have read on the subject. The book is not a textbook or a reference book, yet I found that I learned a lot while I read it and I have continuously referenced it for specifics of the techniques that are described.Ed starts by providing short intros to UNIX, NT and IP networking, which provide valuable info to readers who don't have good backgrounds in all three. He then walks the reader through the typical steps of an attack. Each of the sections, Reconnaissance, Scanning, Gaining and Maintaining Access and Covering Your Tracks contain well-written, up-to-the minute descriptions of the current methodologies found in the field as well as descriptions of the tools that are used.He references the authors of the tools and points to their web-sites. There is great info on Sam Spade, THC-Scan, Cheops, nmap, nessus, IDS evasion techniques, buffer overflows, L0phtCrack, John the Ripper, Dsniff, Hunt, Netcat, TFN2K, BO2K, RootKit and others. Yet this isn't a set of man pages or an attempt to prove that he knows more tools than anyone else does. The usage of each tool is described in the context of the methodology that he is explaining.My favorite chapter is "Putting it all Together: Anatomy of an Attack", where Ed describes three different "real-life" attack scenarios. In each scenario, fictional hackers use the tools and methodologies described in the earlier chapters to break the security of fictional target companies. This chapter really ties it all together!Anybody who has heard Ed speak at numerous conferences will recognize his fun, fact-filled, informative style. This book is suitable for system administrators, technical experts, security practioners and business executives. I would recommend this book to everyone interested in the security of their systems and networks.

This has got to be one of the best books that I've read on computer security, hands down. Ed obviously put a great deal of time and creativity into designing a book that would give a system/network administrator exactly what s/he needs to do useful computer security work: a solid understanding of the fundamentals. He follows that up with excellent descriptions and tutorials on the hacking process, including tools and techniques. I loved Ed's introductory chapters, titled "Pretty Much Everything You Need to Know about {"TCP/IP","Windows NT/2000", "Unix"} to Follow the Rest of This Book, in N pages or Less." This was just an incredibly good idea. It provides a great introduction to what you need if you're new to this. It also provides great review on material that you might use every day but need to remember or understand more deeply. And, once you finish these, you're ready to learn about hacking/auditting tools and techniques. Now, Ed takes a much *better* approach than most of the other books coming out today: for every tool, technique, or topic, he works to help you understand it very deeply. For example, most books include a short description of a tool, possibly accompanied by a table listing its command-line options. Ed takes the opposite approach -- he explains the tool's use and functionality in the right amount of detail and describes how the tool works, turning you into an instant power-user for every tool you use! I knew this book got it right when I saw 17 pages on Fyodor's nmap (the premier network mapping and scanning tool) -- to truly use nmap effectively, you've got to understand what it is that you're doing. The whole book shows this strong attention to exactly the right amount of focus on each topic and it shows. This is one of the best designed well-written books on computer security that I've read in a while. If you don't buy anything else on network auditting or penetration testing, buy this book!