Extreme Exploits: Advanced Defenses Against Hardcore Hacks (Hacking Exposed)
Chapter 1: Internet Infrastructure for Security Professionals
- Figure 1-1: Example hierarchy of Internet routing
- Figure 1-2: Example of exit gateways within an ISP network
Chapter 2: ISP Security PracticesSeparating Fact from Fiction
- Figure 2-1: Packet flow through a network using an IGP
- Figure 2-2: Example of BGP next hop vs. IGP next hop
- Figure 2-3: Example of a route specificity attack
- Figure 2-4: Packets falling into the bogon black hole
Chapter 4: Reliable Connectivity
- Figure 4-1: Example IP border interface
- Figure 4-2: Multihoming to a single ISP
- Figure 4-3: Multihoming to multiple ISPs
- Figure 4-4: A simple multihomed network to a single ISP
- Figure 4-5: Non- geographically diverse MX and DNS servers
- Figure 4-6: Anycast use in a large wide area network
Chapter 6: Redefining the DMZSecuring Critical Systems
- Figure 6-1: A traditional DMZ
- Figure 6-2: A modern DMZ
- Figure 6-3: An example of an end-to-end DMZ security zone
- Figure 6-4: An alternative end-to-end DMZ security zone
- Figure 6-5: A traditional design for a DMZ
- Figure 6-6: A modern DMZ design
- Figure 6-7: A DMZ design with hierarchical firewalls
- Figure 6-8: A simple example of a forward-proxy
- Figure 6-9: A simple example of a reverse-proxy
Chapter 9: Data LeaksExploiting Egress
- Figure 9-1: Traffic ingress and egress
- Figure 9-2: A Trojan phoning home to provide a remote shell
- Figure 9-3: A data leak occurring between branch offices
- Figure 9-4: A firewall being used to connect internal network segments while also serving as the Internet gateway
- Figure 9-5: A DDoS attack rendering internal networks unreachable
Chapter 10: Sinkholes and Backscatter
- Figure 10-1: An attack on IP address 192.0.2.13 (before sinkholing)
- Figure 10-2: An attack on IP address 192.0.2.13 (while sinkholing)
- Figure 10-3: A reference physical topology for darknets
- Figure 10-4: A reference logical topology for darknets
- Figure 10-5: An example of backscatter during a DDoS attack
Chapter 16: Exploiting Digital Forensics
- Figure 16-1: High-level process diagram of investigation and recovery process
- Figure 16-2: Passive network tap configuration example
Chapter 18: Exploiting Software
- Figure 18-1: Attack through buffer overflow to install Trojan and facilitate local attacks
- Figure 18-2: Privilege escalation and attack on local processes
- Figure 18-3: Privilege escalation and attack on local user accounts
- Figure 18-4: Attack on SSH shared keys for access to other systems
- Figure 18-5: Allocation and alignment of memory for function call
- Figure 18-6: Deadlock caused by third process
- Figure 18-7: Data corruption of shared value between two threads without atomicity