“A solve-it-yourself mystery that will draw you in with entertaining, yet realistic scenarios that both challenge and inform you.” —Tim Newsham, security research scientist, @stake, Inc.

Malicious hackers are everywhere these days, so how do you keep them out of your networks? This unique volume challenges your forensics and incident response skills with 20 real-world hacks presented by upper-echelon security experts. Important topics are covered, including Denial of Service, wireless technologies, Web attacks, and malicious code. Each challenge includes a detailed explanation of the incident—how the break-in was detected, evidence and possible clues, technical background such as log files and network maps, and a series of questions for you to solve. Then, in Part II, you get a detailed analysis of how the experts solved each incident.

Excerpt from “The Insider”:

The Challenge:

Kris, a software company's senior I.T. staffer, got a call from the helpdesk....Users were complaining that the entire contents of their inbox, outbox, and deleted items folders had completely disappeared....The following Monday, Kris found that the entire Exchange database had been deleted....The attacker sent an email from a Yahoo! account taking responsibility for the attacks....The e-mail had been sent from a machine within the victim's network. Kris brought in an external security team who immediately began their investigation...In addition to gathering physical security logs, Microsoft Exchange logs, and virtual private network (VPN) logs they interviewed key people inside the company....

The Solution:

After reviewing the log files included in the challenge, propose your assessment—when did the deletion of e-mail accounts begin and end, which users were connected to the VPN at the time, and what IP addresses were the users connecting from? Then, turn to the experts' answers to find out what really happened.

Contributing authors include:

Top security professionals from @stake, Foundstone, Guardent, The Honeynet Project, University of Washington, Fortrex Technologies, SecureMac.com, AnchorIS.com, and the National Guard Information Warfare unit.

Part I: Challenges

Chapter 1: The French Connection

Chapter 2: The Insider

Chapter 3: The Parking Lot

Chapter 4: The Hinge Factor

Chapter 5: Maggie’s Moment

Chapter 6: The Genome Injection

Chapter 7: Up in the Air

Chapter 8: The Tip of the Iceberg

Chapter 9: FDIC, Insecured

Chapter 10: Jack and Jill

Chapter 11: The Accidental Tourist

Chapter 12: Run for the Border

Chapter 13: Malpractice

Chapter 14: An Apple a Day

Chapter 15: A Thousand Razors

Chapter 16: One Hop Too Many

Chapter 17: Gluttony

Chapter 18: The Sharpest Tool in the Shed

Chapter 19: Omerta

Chapter 20: Nostalgia

Part II : Solutions

Chapter 1: The French Connection

Chapter 2: The Insider

Chapter 3: The Parking Lot

Chapter 4: The Hinge Factor

Chapter 5: Maggie’s Moment

Chapter 6: The Genome Injection

Chapter 7: Up in the Air

Chapter 8: Tip of the Iceberg

Chapter 9: FDIC, Insecured

Chapter 10: Jack and Jill

Chapter 11: The Accidental Tourist

Chapter 12: Run for the Border

Chapter 13: Malpractice

Chapter 14: An Apple a Day

Chapter 15: A Thousand Razors

Chapter 16: One Hop Too Many

Chapter 17: Gluttony

Chapter 18: The Sharpest Tool in the Shed

Chapter 19: Omerta

Chapter 20: Nostalgia

Mike Schiffman is the director of research and development at Guardent, the leading provider of professional security services. He has written for numerous technical journals, has written white papers, and has contributed to Hacking Exposed.