Commencez à lire The Art of Intrusion sur votre Kindle dans moins d'une minute. Vous n'avez pas encore de Kindle ? Achetez-le ici Ou commencez à lire dès maintenant avec l'une de nos applications de lecture Kindle gratuites.

Envoyer sur votre Kindle ou un autre appareil

 
 
 

Essai gratuit

Découvrez gratuitement un extrait de ce titre

Envoyer sur votre Kindle ou un autre appareil

N'importe qui peut lire un ebook Kindle - même sans posséder un Kindle - grâce à nos applications de lecture Kindle gratuites.
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers
 
Agrandissez cette image
 

The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers [Format Kindle]

William L. Simon , Kevin D. Mitnick

Prix conseillé : EUR 15,24 De quoi s'agit-il ?
Prix éditeur - format imprimé : EUR 12,90
Prix Kindle : EUR 9,22 TTC & envoi gratuit via réseau sans fil par Amazon Whispernet
Économisez : EUR 3,68 (29%)

Formats

Prix Amazon Neuf à partir de Occasion à partir de
Format Kindle EUR 9,22  
Relié EUR 30,67  
Broché EUR 9,71  
Chaque jour, un ebook avec au moins 60% de réduction
Découvrez l'Offre Éclair Kindle et inscrivez-vous à la Newsletter Offre Éclair Kindle pour ne rater aucun ebook à prix exceptionnel. Abonnez-vous dès maintenant



Essayez gratuitement pendant 30 jours Amazon Premium et bénéficiez de la livraison en 1 jour ouvré gratuite et illimitée sur des millions d'articles, et d'autres avantages.



Descriptions du produit

Revue de presse

"...a valuable investment..." ( AccountingWeb UK , 30 th August 2005) “…he retells stories provided by his other hackers of how they managed, often with pitiful ease, to break supposedly secure companies all over the world.” ( Director , May 2005) “…a compilation of real hacking stories told to Mitnick by fellow hackers…” ( VNUnet.com , March 2005) It would be difficult to find an author with more credibility than Mitnick to write about the art of hacking. In 1995, he was arrested for illegal computer snooping, convicted and held without bail for two years before being released in 2002. He clearly inspires unusual fear in the authorities and unusual dedication in the legions of computer security dabblers, legal and otherwise. Renowned for his use of "social engineering," the art of tricking people into revealing secure information such as passwords, Mitnick ( The Art of Deception ) introduces readers to a fascinating array of pseudonymous hackers. One group of friends bilks Las Vegas casinos out of more than a million dollars by mastering the patterns inherent in slot machines; another fellow, less fortunate, gets mixed up with a presumed al–Qaeda–style terrorist; and a prison convict leverages his computer skills to communicate with the outside world, unbeknownst to his keepers. Mitnick′s handling of these engrossing tales is exemplary, for which credit presumably goes to his coauthor, writing pro Simon. Given the complexity (some would say obscurity) of the material, the authors avoid the pitfall of drowning readers in minutiae. Uniformly readable, the stories—some are quite exciting—will impart familiar lessons to security pros while introducing lay readers to an enthralling field of inquiry. Agent, David Fugate. (Mar.) ( Publishers Weekly , February 14, 2005) Infamous criminal hacker turned computer security consultant Mitnick offers an expert sequel to his best–selling The Art of Deception, this time supplying real–life rather than fictionalized stories of contemporary hackers sneaking into corporate servers worldwide. Each chapter begins with a computer crime story that reads like a suspense novel; it is a little unnerving to learn how one′s bank account is vulnerable to digital thieves or how hackers with an interest in gambling can rake in thousands of dollars in just minutes at a compromised slot machine. The hack revealed, Mitnick then walks readers step by step through a prevention method. Much like Deception, this book illustrates that hacking techniques can penetrate corporate and government systems protected by state–of–the–art security. Mitnick′s engaging writing style combines intrigue, entertainment, and education. As with Deception, information technology professionals can learn how to detect and prevent security breaches, while informed readers can sit back and enjoy the stories of cybercrime. Recommended for most public and academic libraries. ––Joe Accardi, William Rainey Harper Coll. Lib., Palatine, IL ( Library Journal , January 15, 2005)

"...a valuable investment..." ( AccountingWeb UK , 30 th August 2005) “…he retells stories provided by his other hackers of how they managed, often with pitiful ease, to break supposedly secure companies all over the world.” ( Director , May 2005) “…a compilation of real hacking stories told to Mitnick by fellow hackers…” ( VNUnet.com , March 2005) "Uniformly readable, some quite exciting...will impart familiar lessons to security pros while introducing lay readers to an enthralling field of inquiry." ( Publishers Weekly , February 14, 2005) "...engaging writing style combines intrigue, entertainment, and education". ( Library Journal , January 15, 2005)

Présentation de l'éditeur

Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception
Kevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling The Art of Deception, Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use "social engineering" to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair-raising stories of real-life computer break-ins-and showing how the victims could have prevented them. Mitnick's reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him-and whose exploits Mitnick now reveals in detail for the first time, including:
  • A group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines
  • Two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems
  • Two convicts who joined forces to become hackers inside a Texas prison
  • A "Robin Hood" hacker who penetrated the computer systems of many prominent companies-andthen told them how he gained access
With riveting "you are there" descriptions of real computer break-ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick's own acerbic commentary on the crimes he describes, this book is sure to reach a wide audience-and attract the attention of both law enforcement agencies and the media.

Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 873 KB
  • Nombre de pages de l'édition imprimée : 288 pages
  • Editeur : Wiley; Édition : 1 (17 mars 2009)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B000S1M0DG
  • Synthèse vocale : Activée
  • X-Ray :
  • Classement des meilleures ventes d'Amazon: n°92.042 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  •  Souhaitez-vous faire modifier les images ?


En savoir plus sur les auteurs

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Commentaires en ligne 

Il n'y a pas encore de commentaires clients sur Amazon.fr
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles
Commentaires client les plus utiles sur Amazon.com (beta)
Amazon.com: 4.2 étoiles sur 5  76 commentaires
31 internautes sur 34 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 A rare glimpse into the underbelly of the computer world 24 mars 2005
Par Eric Barna - Publié sur Amazon.com
Format:Relié
Love him or hate him Kevin Mitnick is the most celebrated hacker of our time. The Art of Intrusion gives the public and security practitioners a rare glimpse into the minds of hackers and their dedication in accomplishing their work.

This book is highly entertaining for everyone, security practitioner or not. I've never hacked my way into a video poker machine, but Kevin Mitnick and William Simon made me feel as if I had been there with a wearable computer in my shoe tapping out the codes that would let me beat the casino. Mitnick and Simon do a great job of breaking down technology in terms everyone can understand.

Chapters 1-5 take you along with hackers as they beat the casinos in Vegas, hack for terrorists, create a network out of nothing in a Texas prison and break into the New York Times.

Chapter 6 takes a slight detour to discuss penetration testing, used to legitimately test vulnerabilities at companies. This was a very insightful chapter for me and some of the techniques will be helpful to me. Some companies will never know (and sometimes don't want to know) how vulnerable they are. It is always better to find out your vulnerabilities from the "white hats" instead of finding out about vulnerabilities from the "black hats". One is a fixed cost the other isn't.

Chapters 7 through 9 take you back into the world of the hackers as they hack into banks, steal intellectual property and hack a prison transport company.

Chapter 10 describes social engineering attacks and countermeasures. If you want to learn about social engineering, what better source the Kevin Mitnick, the world's most notorious social engineer.

Chapter 11 contains a few short takes on some hackers which, I guess, Mitnick and Simon didn't feel deserved a full chapter.

I was a little dismayed to read in Chapter 6 about Robert, the "respected security consultant", who plays hacker at night. I think the term, respected, must be only in this hackers mind. A better term would have been "deceptive security consultant". I was not satisfied with argument that this person hacked into computers out of curiosity and the need for a challenge. There are many legitimate (and paying) ways to satisfy your curiosity and challenge that are completely legal.

If you take anything from this book it must be the tenacity of the hackers. Some of the compromises took months or years to carry out. In the process of committing the compromise the hacker learned more about the systems than the people charged with taking care of them on a daily basis. The hackers went undetected for months and years, sometimes grabbing information from the CEO's computer. This is very disturbing.

I highly recommended reading Art Of Intrusion for everyone. The book immerses the reader into a world very few of us will ever see, one of the underbellies created by our reliance of technology. The problem of hackers will only get worse and the Art of Intrusion lets us know what we are up against.
74 internautes sur 88 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 How much would you pay to get inside the enemy's mind? 24 mars 2005
Par Richard Bejtlich - Publié sur Amazon.com
Format:Relié
Over two years ago I read and reviewed 'The Art of Deception,' also by Mitnick and Simon. I thought that book was 'original, entertaining, [and] scary.' Those same adjectives apply to 'The Art of Intrusion' (TAOI). While I also add 'disappointing' and 'disturbing' to the description of TAOI, sections of the new book make it an absolute must-read. If you want to understand the consequences of systematic, long-term compromise of your enterprise, you must read and heed the lessons of TAOI.

This book may provide the closest look inside an intruder's mind the security community has yet seen. There is simply no substitute for understanding the methodology, goals, and determination of a skilled intruder. Chapter 8 brings the world of the enemy to life, describing separate incidents where crackers stole intellectual property from enterprise networks. These intruders were patient and methodical, taking months to locate, acquire, and transfer their prey. I have encountered this sort of adversary as a real security consultant (explanation follows), but never read supposed first-hand accounts from the enemy's point of view. Chapter 8 alone makes the book worth purchasing.

Why is the book 'disappointing' and 'disturbing' then? I was repeatedly disgusted to read about so-called 'security consultants' who are 'published authors on security topics' (p. 168), who describe themselves as 'white-hats' but acknowledge defacing sites 'where security was so shoddy someone needed to be taught a lesson (p. 143), and who are 'respected security professionals by day and become a black-hat hacker by night, honing the skills that pay their mortgage by hacking into the most resilient software companies on the planet' (p. 166). Attaching the label 'security professional' to these criminals -- still active by some accounts -- is a crime itself. At least Mitnick perpetrated his crime and did his time. These people, however skilled, are a black mark on the security community -- they literally perform the crimes for which their 'skills' are then required. The mitigating factor for me is that these intruders shared their stories for the benefit of the community. For that I am grateful, but I'd also like to hear they've hung up their black hats!

In some places Mitnick seems to close to his subjects to render a fair opinion of their skills. Chapter 5 talks about Adrian Lamo, named by Mitnick 'The Robin Hood Hacker.' It begins with a story about rescuing a kitten from a 'dirty storm drain' that belongs in an after-school TV special, and smells of social engineering on Mr. Lamo's part. After reading about this 'purist... the thinking man's hacker,' we learn his only real skill was 'exploiting misconfigured proxy servers.' When asked what operating system the New York Times was running when he infiltrated it via proxy server, 'Adrian answered that he doesn't know. 'I don't analyze a network that way.' I doubt someone who 'secured' a proxy server at Excite@Home by cutting the cat 5 cable to the box knows anything more than how to use his 'favorite tool... ProxyHunter' and his 'intellectual gift of finding misconfigured proxy servers' (p. 112). This mischaracterization of Adrian Lamo hurts the authors' credibility, at least as far as chapter 5 goes. I felt the same sense of being too close to the characters when reading of 'two convicted murderers' in chapter 3, although their story should catch the eyes of prison wardens everywhere.

Besides the war stories in TAOI, I found many of the authors' insights appropriate and helpful. In places Mitnick and Simon describe how victims never believe they are compromised, and when they are shown proof, they 'figure they just dropped the ball on this one occasion' (p. 216). Repeatedly through the book, network security monitoring is offered as a means of incident detection and response. I wish those who advocate the supposed defender's advantage of knowing their network would read this gem on p. 164: 'I knew their network better than anyone there knew it. If they were having problems, I could probably have fixed them.' This is so true, because the intruder's interest goes so much deeper than an administrator who sees security as part of his over-stressed and under-resourced job.

Not all of the book was written from the perspective of black hats masquerading as 'security professionals' by day. Chapter 4 features a tale by former Boeing employee Don Boelling, a real security professional. Other chapters present the stories of unnamed penetration testers, all of which I found intriguing.

Despite my negative opinion of the ethics of some of this book's contributors, I still highly recommend reading TAOI. I suspect the validity of some of the earlier reviews, as three are posted by people whose only review is for TAOI and one is by TAOI co-author W.L. Simon! Does the social engineering never end?
14 internautes sur 14 ont trouvé ce commentaire utile 
3.0 étoiles sur 5 Same idea, different perspective 28 juin 2005
Par Cyberdude - Publié sur Amazon.com
Format:Relié
These are all tales from the crypt - known exploits in some shape or form. The book simply "personalizes" them a bit more and adds a bit of color.

Continuing to use his legacy, Kevin Mitnick continues to give us his best Rod Serling tour of the dark side of the internet. He goes out of his way in the introduction to thank William Simon who did a good job increasing the readability. Although there are some technical parts, they're not excruciatingly unbearable and Simon does a good job eliminating much technical jargon.

The question is though who to recommend this book to? The seasoned pros know it all, the novices are too busy exploring on their own.

It's probably best suited as supplemental reading for a course on enterprise security management and I would include it in my class since the vignettes make interesting case studies and as a professor I could easily springboard into many a security concept above and beyond the basics of the chapter.

Mitnick, being the consummate social engineer, couldn't help but include a section on this topic and you can see how comfortable he is with this. It flows naturally.

A concern overall is whether this is really a tongue in cheek guide for the "on the fringe" hacker, and rather than looking in deep dark chat rooms can find all they need here to launch the next latest and greatest exploit. There are no moral lessons or lecturing so one can only wonder whether the it's true that the best camouflage is broad daylight since he who laughs last, laughs best.
13 internautes sur 14 ont trouvé ce commentaire utile 
3.0 étoiles sur 5 entertaining but not groundbreaking 18 avril 2005
Par James J. Lippard - Publié sur Amazon.com
Format:Relié
Mitnick's followup to his excellent Art of Deception is a collection of hacker stories, mostly attributed to pseudonyms, each followed up with a description of how the successful exploitation of vulnerabilities could have been prevented.

The stories are mixed in quality and plausibility, but the defensive advice is generally quite good and on-target. The story from the l0pht is particularly amusing, the story of company that enters into negotiations to purchase them, only to make the mistake of agreeing to a no-holds-barred penetration test of their infrastructure as a preliminary.

The initial story in the book, about hacking slot machines, seems rather implausible, especially given the apparent necessity of a plus-or-minus 5 ms accuracy in response time (p. 8), since human beings take 10-20 times that amount of time to perceive and respond to a stimulus.

Particularly disappointing was that Mitnick gave so much space and sympathy to "Robert," a seriously ethically challenged hacker in chapter 8. "Robert" is a hacker who worked for porn spammers by breaking into porn websites to collect email addresses, yet allegedly works in security for a "very religious and upstanding company" (p. 168).

This book doesn't quite measure up to its predecessor, but it is an entertaining book. Most of the defensive advice is old hat for security professionals, but could prove useful to executives, small business owners, and novices interested in security.
15 internautes sur 17 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Not to be ignored! 10 février 2006
Par A. Chopra - Publié sur Amazon.com
Format:Relié
The Art of Intrusion is an excellent book. It is entertaining, informative, and helps you in understanding your threat level as an IT manager of your company. Who else can be a better teacher than Kevin Mitnick? Kevin, was an excellent social engineer, and if you will read more about him, you will also know that most of his attacks were not so technical, but he pulled them out successfully because of his social engineering skills.

Don't expect this book to teach you some hacking skills. But, this one will sure make you aware of the situations when human beings turn weak and give an opportunity to social engineers who with their skills in computers can wipe or steal all the information stored on your company's IT systems. If you are managing a large IT Department, don't ignore this book.
Ces commentaires ont-ils été utiles ?   Dites-le-nous

Passages les plus surlignés

 (Qu'est-ce que c'est ?)
&quote;
Every time [some software engineer] says, Nobody will go to the trouble of doing that, theres some kid in Finland who will go to the trouble.  Alex Mayfield &quote;
Marqué par 25 utilisateurs Kindle
&quote;
popular site hackers use to check for locations with default passwords is www.phenoelit.de/dpl/dpl.html. If your company is listed there, take heed. &quote;
Marqué par 21 utilisateurs Kindle
&quote;
10phtCrack. The magic this program performs is taken for granted by those who use it, and I suspect thoroughly hated by a great many others. The l0pht group garnered media attention because they wrote a tool (called 10phtCrack) that quickly cracked password hashes. &quote;
Marqué par 18 utilisateurs Kindle

Discussions entre clients

Le forum concernant ce produit
Discussion Réponses Message le plus récent
Pas de discussions pour l'instant

Posez des questions, partagez votre opinion, gagnez en compréhension
Démarrer une nouvelle discussion
Thème:
Première publication:
Aller s'identifier
 

Rechercher parmi les discussions des clients
Rechercher dans toutes les discussions Amazon
   



Rechercher des articles similaires par rubrique


ARRAY(0xaf01d18c)