Tuesday, December 30, 2008

Oracle Database 10g or No Tech Hacking

Oracle Database 10g: The Complete Reference

Author: Kevin Loney

Get a thorough understanding of Oracle Database 10g from the most comprehensive Oracle database reference on the market, published by Oracle Press. From critical architecture concepts to advanced object-oriented concepts, this powerhouse contains nearly 50 chapters designed to enlighten you. Upgrade from earlier versions, use SQL, SQL Plus, and PL/SQL. Get code examples and access popular documentation PDFs--plus a full electronic copy of the book on the included CD-ROM. Go beyond the basics and learn security, text searches, external tables, using Java in Oracle, and a great deal more.



Interesting textbook: 15 Minute Total Body Workout or Everything Gluten Free Cookbook

No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing

Author: Johnny Long

As the cliché reminds us, information is power. In this age of computer systems and technology, an increasing majority of the world's information is stored electronically. It makes sense then that as an industry we rely on high-tech electronic protection systems to guard that information. As a professional hacker, I get paid to uncover weaknesses in those systems and exploit them. Whether breaking into buildings or slipping past industrial-grade firewalls, my goal has always been the same: extract the informational secrets using any means necessary. After hundreds of jobs, I discovered the secret to bypassing every conceivable high-tech security system. This book reveals those secrets, and as the title suggests, it has nothing to do with high technology. As it turns out, the secret isn't much of a secret at all. Hackers have known about these techniques for years. Presented in a light, accessible style, you'll get to ride shotgun with the authors on successful real-world break-ins as they share photos, videos and stories that prove how vulnerable the high-tech world is to no-tech attacks.

As you browse this book, you'll hear old familiar terms like "dumpster diving", "social engineering", and "shoulder surfing". Some of these terms have drifted into obscurity to the point of becoming industry folklore; the tactics of the pre-dawn information age. But make no mistake; these and other old-school tactics work with amazing effectiveness today. In fact, there's a very good chance that someone in your organization will fall victim to one or more of these attacks this year. Will they be ready?

•Dumpster Diving Be a good sport and don't read the two "D" wordswritten in big bold letters above, and act surprised when I tell you hackers can accomplish this without relying on a single bit of technology (punny).
•Tailgating Hackers and ninja both like wearing black, and they do share the ability to slip inside a building and blend with the shadows.
•Shoulder Surfing If you like having a screen on your laptop so you can see what you're working on, don't read this chapter.
•Physical Security Locks are serious business and lock technicians are true engineers, most backed with years of hands-on experience. But what happens when you take the age-old respected profession of the locksmith and sprinkle it with hacker ingenuity?
•Social Engineering with Jack Wiles Jack has trained hundreds of federal agents, corporate attorneys, CEOs and internal auditors on computer crime and security-related topics. His unforgettable presentations are filled with three decades of personal "war stories" from the trenches of Information Security and Physical Security.
•Google Hacking A hacker doesn't even need his own computer to do the necessary research. If he can make it to a public library, Kinko's or Internet cafe, he can use Google to process all that data into something useful.
•P2P Hacking Let's assume a guy has no budget, no commercial hacking software, no support from organized crime and no fancy gear. With all those restrictions, is this guy still a threat to you? Have a look at this chapter and judge for yourself.
•People Watching Skilled people watchers can learn a whole lot in just a few quick glances. In this chapter we'll take a look at a few examples of the types of things that draws a no-tech hacker's eye.
•Kiosks What happens when a kiosk is more than a kiosk? What happens when the kiosk holds airline passenger information? What if the kiosk holds confidential patient information? What if the kiosk holds cash?
•Vehicle Surveillance Most people don't realize that some of the most thrilling vehicular espionage happens when the cars aren't moving at all!



Table of Contents:
Foreword     xvii
Introduction     xix
Dumpster Diving     1
Introduction to Dumpster Diving     2
Tailgating     13
Introduction to Tailgating     14
Dressing the Part     17
Real-World Tailgating Exercise     24
Shoulder Surfing     27
What is Shoulder Surfing?     28
Outside of the box     30
Great Locations for Should Surfing     33
Electronic Deduction     39
Killer Real-Life Surfing Sessions     47
Military Intelligence     47
Airliner Espionage     50
Robbing a Bank     53
Robbing Banks in Uganda, Africa     58
Physical Security     61
Introduction     62
Lock Bumping     62
Shimming Padlocks (With Deviant Ollam)     63
Master Lock Combo Lock Brute Forcing     67
Toilet Paper vs. Tubular Locks     72
Electric Flossers: A Low-Tech Classic     73
Laptop Locks Defeated by Beer (With Matt Fiddler and Marc Weber Tobias)     75
TSA Locks (With Marc Weber Tobias)     78
Gun Trigger Locks vs. Drinking Straw (With Marc Tobias and Matt Fiddler)     80
Entry Techniques: Loiding (aka the Old Credit Card Trick)     83
Entry Techniques: Motion Sensor Activation     87
Bypassing Passive Infrared (PIR) Motion Sensors     90
Camera Flaring     92
Real World: Airport Restricted Area Simplex Lock Bypass     96
Social Engineering: Here's How I Broke Into Their Buildings     101
Introduction     102
How Easy Is It?     102
Human Nature, Human Weakness     105
Hello? Is this thing on?     106
The Mind of a Victim     108
"Social engineering would never work against our company!"     108
What Was I Able to Social Engineer Out of Mary?     110
The Final Sting     110
Why did this scam work?     111
Countering Social Engineering Attacks     112
Be Willing To Ask Questions     112
Security Awareness Training     113
Posters     113
Videos     115
Certificates     117
Google Hacking Showcase     121
Introduction to the Introduction     122
Introduction     122
Geek Stuff     123
Utilities     123
Open Network Devices     128
Open Applications     137
Cameras     143
Telco Gear     153
Power     160
Sensitive Info     166
Police Reports     175
Social Security Numbers     179
Credit Card Information     185
Beyond Google     190
Summary     195
P2P Hacking     197
Understanding P2P Hacking     198
Real World P2P Hacking: The Case of the Naughty Chiropractor     212
People Watching     217
How to "People Watch"     218
Kiosks     227
Understanding Kiosk Hacking     228
Real World: ATM Hacking     239
Vehicle Surveillance     245
How Easy Is Vehicle Surveillance?     246
Badge Surveillance     259
Where Are Your Badges?     260
Electronic Badge Authentication     264
Real World Badge Surveillance     266
Epiloque Top Ten Ways to Shut Down No-Tech Hackers     273
Go Undercover     274
Shred Everything     274
Get Decent Locks     275
Put that Badge Away     276
Check Your Surveillance Gear     276
Shut Down Shoulder Surfers     277
Block Tailgaters     277
Clean your Car     278
Watch your Back Online     279
Beware of Social Engineers     279
Index     281

No comments:

Post a Comment