Dr. K. 2000. A Complete Hacker’s Handbook: everything you need to know about hacking in the age of the web.  London, UK: Carlton Books Limited.

 

 

Dr. K, the author of A Complete Hacker’s Handbook is a self-proclaimed hacker and the editor of Phrack/Hack, a UK-based ezine popular in the hacker community.

 

            The author’s purpose in writing this book seems to be to provide the reader with a general overview of many of the major techniques used by hackers and crackers to penetrate individual servers, LANS and telecommunication networks and some countermeasures to protect systems from them.  In the process, he also provides an intriguing glimpse into the history and psychology of the hacker community. Based upon the title, the casual computer user looking to become a system hacker will probably be disappointed in this book. The author provides enough detail to afford the knowledgeable reader a basic understanding of how certain exploits are contrived and implemented, but seldom does he give the step-by-step detail needed to actually perform the hack. In fact, the author often expresses his contempt for the so-called “script kiddies” who use the software and techniques of real hackers to penetrate a system without actually knowing what they are doing.  Interestingly, he never addresses the ethics of the real hackers who develop cracking utilities and then dispense them freely on the Internet to anyone, regardless of their intentions.  However, throughout the book, the author covers himself pretty well as relates to the legal and ethical consequences of his subject matter.

 

            Overall, the text is very clearly written and well organized.  Chapter 5 which introduces the fundamentals of networking technology should be required reading for any NET 101 class.  The most technical chapters, 7 and 8, deal with the architecture of popular exploits like ping flooding, forced stack and buffer overflows, TCP sequence prediction, SYN floods, and backdoors in popular TCP/IP utilities like FTP, HTTP, SMTP, etc.  Due to an excellent explanation and some very clear diagrams, this reader finally understands how a SYN DOS attack really works.  The section on CGI-based attacks was also of particular interest to this reader as one of his employer’s web servers still retains some of the default test CGI scripts that the author mentions as being of particular value to the cracker as a vehicle for running commands on the system that could compromise security.  The author does provide a pretty good tutorial for faking email origination points, but also show how easy it is to spot the fakes by looking closely at the full SMTP header which is often masked by the mail client. 

 

            In chapters 6 and 12, the author emphasizes the crucial non-technical aspects of well-planned cracking exploits.  He divides these offensives into 3 distinct categories: 1. Trashing, as the name might imply involves delving through corporate and organizational dumpsters and garbage sites to find such useful materials as phone numbers, employee names, account numbers, passwords, printouts, discarded floppies and backup tapes; anything which might provide the cracker with information to either directly attack the system or to assist in further information gathering through 2. Social Engineering which involves convincing organization employees and affiliates that the cracker is someone who can be trusted with additional information useful in penetrating system security, and finally 3. Infiltration hacking which involves using the information gathered in the previous 2 exploits to actually gain physical access to the target facility.  The author’s analysis of these three phases is enlightening in that it thoroughly debunks the Hollywood-inspired myth that crackers get access to remote systems quickly and with little effort due to their extreme technical skills.  The author implies that cracking exploits may last for months or even years.  

 

            Despite his protestations against “script kiddies,” perhaps the best assistance the author affords wannabee crackers is in outlining and critiquing a useful array of hacker/cracker software resources available on the Internet.  In the author’s defense, most of this software also performs dual roles as invaluable security analysis tools for system administrators to detect security holes in their own systems.

 

            Chapter 9 which discusses “phone phreaking” was a bit over this reader’s head.  You would really need a fundamental telephony background to get the full value from this part of the book.  However, the author does provide some very clear and sound advice for organizations to use in securing their PBX’s, VMB’s and telephony SWITCHS from being exploited by long distance thieves.

 

            Chapter 10 is a fair survey of different types of viruses and how they infiltrate and damage computers and networks.  Most of the information here is pretty standard but nevertheless of value, including the author’s tips for preventing infections.  The discussion of virus writers, virus creation packages and the virus writing community go a little beyond textbook fare and provide some insight into the psychology and motivations behind the people who, however misguided, find some sense of purpose in this activity.  Both this chapter and the following one, covering software piracy and the “warez” community provide a pretty fair insight into what this reader perceives as the social/psychological immaturity rampant in these black-hat subcultures.

 

            Chapters 12 and 13 bring everything together in terms of describing chains of exploits that could lead to system infiltration and countermeasures the system administrator can take to break the chain before any damage is done. One of the more important pieces of advice the author provides in this section is a plea to system administrators to be especially aware of all the trust relationships present within their networks.  Trust relationships can result in a cracker being awarded access to an entire network of resources by accessing just one member of the trust.  The author suggests that all non-critical network filing service relationships, RPC’s, remote management tools, ”r” commands, NIS services, etc. be subject to critical scrutiny and disabled or removed whenever possible.

 

            The last chapter, 14, is a resource list for learning more about the concepts introduced in the book.  It is an extremely valuable collection of web links, group addresses, books, software citations, papers and pamphlets, which cover both black and white-hat approaches to system security.

 

            Although this book, in and of itself, will not a cracker make, it is, nevertheless, a clear and concise explanation of key concepts coupled with powerful resource links that could provide a solid starting point for anyone so inclined.  As it stands, this book probably has greater value as an introduction to system security from the “dark side,” so to speak.  It is, therefore, of no small interest to entry/mid-level system administrators who will benefit greatly from getting into the mindset of the hacker community.