I'm Mad As Hell, and I'm Not Gonna Take it Anymore!
There is a certain satisfaction for me in seeing this book published. When I presented my "strike-back" concept to the security community years ago, I was surprised by the ensuing criticism from my peers. I thought they would support our right to defend ourselves, and that the real challenge would be educating the general public. It was the other way around, however. This is why I'm happy to see Aggressive Network Self-Defense published. It shows that people are beginning to consider the reality of today's internet. Many issues are not black and white, right or wrong, legal or illegal. Some of the strike-back approaches in this book I support. Others, I outright disagree with. But that's good--it gives us the chance to truly think about each situation--and thinking is the most important part of the security business. Now is the time to analyze the technologies and consider the stories presented in this book before fiction becomes reality.--Timothy M. Mullen, CIO and Chief Software Architect for AnchorIS.Com
- Analyze the technical, legal, and financial ramifications of revolutionary and controversial network strike-back and active defense techniques.
- Follow the travails of eight system administrators who take cyber law into their own hands.
- See chillingly realistic examples of everything from a PDA to the MD5 hash being used as weapons in cyber dog fights.
- When the Worm Turns... Analyze the technical and legal implications of "neutralizing" machines that propagate malicious worms across the Internet.
- Are You the Hunter or the Hunted? Discover for yourself how easy it is to cross the line from defender to aggressor, and understand the potential consequences.
- Reverse Engineer Working Trojans, Viruses, and Keyloggers Perform forensic analysis of malicious code attacking a Pocket PC to track down, identify, and strike back against the attacker.
- To Catch a Thief... Track stolen software as it propagates through peer-to-peer networks and learn to bypass MD5 checksum verification to allow multiple generations of attackers to be traced.
- Learn the Definition of "Hostile Corporate Takeover" in Cyberspace Find out who will own the fictional Primulus Corporation as attacker and defender wage war.
- Understand the Active Defense Algorithm Model (ADAM) Analyze the primary considerations of implementing an active defense strategy in your organization: ethical, legal, unintended consequences, and risk validation.
- See What Can Happen when the Virtual World Meets the Real World Use keyloggers, Bluetooth device exploitation, and Windows forensics to discover if your cubicle mate has been stealing more than post-it notes.
- Where the Wild Things Are... Follow along as a real-life "in-the-wild" format string bug is morphed into strike-back code that launches a listening shell on the attacker's own machine.
- Implement Passive Strike-Back Technologies Learn the strategy and implement the tools for responding to footprinting, network reconnaissance, vulnerability scanning, and exploit code.