Secrets of computer espionage : tactics and countermeasures / Joel McNamara.

Format:

Book

Author/Creator:

McNamara, Joel.

Language:

English

Subjects (All):

Electronic surveillance.

Computer security.

Physical Description:

xxi, 362 pages : illustrations ; 24 cm

Place of Publication:

Indianapolis, IN : Wiley, [2003]

Summary:

It could be your boss, your competition, or a private investigator, but it could just as easily be a foreign intelligence agent -- or the whiz kid down the street. More and more people today want to know what's on your computer, your PDA, your cell phone, or your wireless network. And as soon as one vulnerable chink in your security is identified and plugged, a new spy tool or method will arise to circumvent the countermeasure. Joel McNamara takes you inside the mind of the computer espionage artist -- amateur or professional -- and shows you appropriate defenses for a wide array of potential vulnerabilities. This is not just another book on network security. This is the book that teaches you to think like a spy, because that's the only way to outwit one.

Contents:

Chapter 1 Spies 1

Getting to Know Spies 1

What Spies Are After and Who They Are 2

Business Spies

Economic Espionage 4

Bosses

Employee Monitoring 6

Cops

Law Enforcement Investigations 7

Private Eyes and Consultants

Private Investigations 9

Spooks

Government-Sponsored Intelligence Gathering 11

Criminals

Ill-Gotten Gains 14

Whistleblowers

For the Public Good 15

Friends and Family

with Friends like These 16

Determining Your Level of Paranoia 18

Risk Analysis 101 20

Five-Step Risk Analysis 21

Chapter 2 Spying and the Law 25

Laws that Relate to Spying 25

Omnibus Crime Control and Safe Streets Act of 1968 (Title III

Wiretap Act) 26

Foreign Intelligence Surveillance Act of 1978 27

Electronic Communications Privacy Act of 1986 29

Computer Fraud and Abuse Act of 1986 32

Economic Espionage Act of 1996 34

State Laws 34

Implications of the USA Patriot Act of 2001 35

Wiretap and Stored Communications Access Acts 36

Foreign Intelligence Surveillance Act 36

Computer Fraud and Abuse Act 37

Other Provisions 39

State Laws 39

The Realities of Enforcement 39

Civil versus Criminal Court 41

Bosses and Employees

Legal Spying 42

Legal Issues with Family Members 43

Chapter 3 Black Bag Jobs 47

A Look Inside the Black Bag 47

Physical and Network Black Bag Jobs 48

Planned and Opportunistic Black Bag Jobs 49

Spy Tactics 50

Spy Games 50

Inside a Government Black Bag Job 51

Exploiting the Vulnerabilities 55

Researching and Planning the Operation 55

Gaining Entry 57

Documenting the Scene 60

Countermeasures 62

Physical Security 63

Security Policies 64

Chapter 4 Breaching the System 67

Spy Tactics 67

Exploiting the Vulnerabilities 68

System-Breaching Tools 83

Countermeasures 89

Security Settings 89

Effective Passwords 93

Encryption 93

Chapter 5 Searching for Evidence 95

Legal Spying 95

How Computer Cops Work 95

Seizure 98

Forensic Duplication 100

Examination 101

Spy Tactics 102

Exploiting the Vulnerabilities 102

Evidence-Gathering Tools 117

Countermeasures 122

Encryption 122

Steganography 127

File Wipers 130

Evidence-Eliminating Software 133

Chapter 6 Unprotecting Data 135

Spy Tactics 135

Exploiting Vulnerabilities 136

Cracking Tools 146

Countermeasures 153

Strong Encryption 153

Password Policies 154

Password Lists 156

Password Alternatives 157

Chapter 7 Copying Data 163

Spy Tactics 163

Use Available Resources 164

Use Compression Tools 164

Consider Other Data 164

Understand What's Involved in Copying Data 164

Storage Media to Target 165

Floppy Disks 166

CD-R/CD-RWs 166

DVDs 168

ZIP Disks 169

Memory Storage Devices 169

Hard Drives 171

Tape Backup Systems 174

Alternate Methods of Copying Data 174

Transferring Data Over a Network 174

Digital Cameras 175

Chapter 8 Snooping with Keyloggers 177

An Introduction to Keyloggers 177

Spy Tactics 178

Exploiting the Vulnerabilities 179

Keylogger Tools 186

Countermeasures 191

Viewing Installed Programs 191

Examining Startup Programs 191

Examining Running Processes 193

Monitoring File Writes 195

Removing Visual Basic Runtimes 196

Searching for Strings 196

Using Personal Firewalls 196

Using File Integrity and Registry Checkers 196

Using Keylogger-Detection Software 197

Using Sniffers 198

Detecting Hardware Keyloggers 199

Exploiting Keylogger Passwords 200

Using Linux 200

Watching for Unusual Crashes 201

Removing Keyloggers 202

Chapter 9 Spying with Trojan Horses 205

Spy Tactics 205

Exploiting the Vulnerabilities 206

Trojan Horse Tools 216

Countermeasures 221

Network Defenses 221

Using Registry Monitors and File-Integrity Checkers 222

Using Antivirus Software 223

Using Trojan Detection Software 223

Removing Trojan Horses 224

Using Non-Microsoft Software 224

Chapter 10 Network Eavesdropping 227

Introduction to Network Spying 227

Types of Network Attacks 227

Network Attack Origin Points 228

Information Compromised During Network Attacks 229

Broadband Risks 230

Spy Tactics 232

Exploiting the Vulnerabilities 232

Network-Information and -Eavesdropping Tools 242

Countermeasures 246

Applying Operating System and Application Updates 246

Using Intrusion Detection Systems 246

Using Firewalls 247

Running a Virtual Private Network 250

Monitoring Network Connections 251

Using Sniffers 251

Using Port and Vulnerability Scanners 252

Encrypting Your E-Mail 253

Encrypting Your Instant Messages 253

Using Secure Protocols 254

Don't Trust "Strange" Computers and Networks 254

Hardening Windows File Sharing 254

Using Secure Web E-Mail 255

Using Anonymous Remailers 255

Using Web Proxies 256

Chapter 11 802.11b Wireless Network Eavesdropping 259

An Introduction to Wireless Networks 259

History of the Wireless Network 259

Spy Tactics 260

Exploiting the Vulnerabilities 261

Wireless-Network-Eavesdropping Tools 266

Countermeasures 284

Audit Your Own Network 284

Position Antennas Correctly 284

Detect Wireless Discovery Tools 285

Fool Discovery Tools 285

Enable WEP 286

Change WEP Keys Regularly 286

Authenticate MAC Addresses 286

Rename the SSID 286

Disable Broadcast SSID 287

Change the Default AP Password 287

Use Static IP Addresses versus DHCP 287

Locate APs Outside Firewalls 287

Use VPNs 287

Don't Rely on Distance as Security 288

Turn Off the AP 288

Chapter 12 Spying on Electronic Devices 289

Office Devices 289

Fax Machines 289

Shredders 292

Communication Devices 294

Telephones 294

Cellular Phones 299

Answering Machines and Voice-Mail 303

Pagers 305

Consumer Electronics 307

PDAs 307

Digital Cameras 309

GPS Units 309

Video Game Consoles 310

MP3 Players 311

Television Digital Recorders 311

Chapter 13 Advanced Computer Espionage 313

TEMPEST

Electromagnetic Eavesdropping 313

Emanation Monitoring: Fact or Fiction? 314

EMSEC Countermeasures 318

Optical TEMPEST

LEDs and Reflected Light 319

HIJACK and NONSTOP 319

ECHELON

Global Surveillance 320

How ECHELON Works 321

ECHELON Controversy and Countermeasures 322

Carnivore/DCS-1000 325

An Overview of Carnivore 325

Carnivore Controversy and Countermeasures 326

Magic Lantern 327

Modified Applications and Operating System Components 329

Intelligence-Gathering Viruses and Worms 332

Viruses and Worms 333

Countermeasures 336

Surveillance Cameras 336

Webcams 337

Commercial Surveillance Cameras 339.

Notes:

Includes index.

ISBN:

0764537105

OCLC:

52491336