Introduction

You are probably familiar with the attacks of February 2000 on eBay, Yahoo, Amazon, and other major e-commerce and non e-commerce Web sites. Those attacks were all distributed denial of service (DDoS) attacks, and all occurred at the server level. Those same attacks moved hacking to center stage in the IT community and in the press. With that spotlight comes an increased awareness by information security specialists, project managers, and other IT professionals. More and more companies are looking to tighten up security. As a result, hackers have become more creative and more talented, raising the bar on security from a network administration and applications development standpoint.

To create a defense, you must try to understand where these attacks could originate, from whom, and why they would target you. Your systems and applications can be targeted or chosen randomly, so your defense strategy must be comprehensive and under constant evaluation. If you can test and evaluate your programs by emulating attacks, you will be more capable of finding vulnerabilities before an uninvited guest does so. Hackers range from inexperienced vandals just showing off by defacing your site to master hackers who will compromise your databases for possible financial gain. All of them may attain some kind of public infamy.

Just say the name "Kevin Mitnick" to those in the Internet world, and they instantly recognize his name. Mitnick served years in prison for hacking crimes and became the media's poster child for hackers everywhere, while being viewed in the hacker community as...