- Table View
- List View
Nagios 3 Enterprise Network Monitoring: Including Plug-Ins and Hardware Devices
by Andrew Hay Max Schubert Derrick Bennett Jonathan Gines John StrandThe future for Nagios in the enterprise is certainly bright! Nagios 3 Enterprise Network Monitoring can help you harness the full power of Nagios in your organization. Nagios 3 contains many significant new features and updates, and this book details them all for you. Once up and running, you'll see how a number of useful add-ons and enhancements for Nagios can extend the functionality of Nagios throughout your organization. And, if you want to learn how to write your own plugins...this is the book for you! In these pages you'll find a cookbook-style chapter full of useful plugins that monitor a variety of devices, from HTTP-based applications to CPU utilization to LDAP servers and more.Complete Case Study Demonstrates how to Deploy Nagios Globally in an Enterprise NetworkMonitor Third Party Hardware Devices with Nagios
The IT Regulatory and Standards Compliance Handbook: How to Survive Information Systems Audit and Assessments
by Craig S. WrightThe IT Regulatory and Standards Compliance Handbook provides comprehensive methodology, enabling the staff charged with an IT security audit to create a sound framework, allowing them to meet the challenges of compliance in a way that aligns with both business and technical needs. This "roadmap" provides a way of interpreting complex, often confusing, compliance requirements within the larger scope of an organization's overall needs.The ulitmate guide to making an effective security policy and controls that enable monitoring and testing against themThe most comprehensive IT compliance template available, giving detailed information on testing all your IT security, policy and governance requirementsA guide to meeting the minimum standard, whether you are planning to meet ISO 27001, PCI-DSS, HIPPA, FISCAM, COBIT or any other IT compliance requirementBoth technical staff responsible for securing and auditing information systems and auditors who desire to demonstrate their technical expertise will gain the knowledge, skills and abilities to apply basic risk analysis techniques and to conduct a technical audit of essential information systems from this bookThis technically based, practical guide to information systems audit and assessment will show how the process can be used to meet myriad compliance issues
Microsoft Exchange Server 2007 with SP1: Tony Redmond's Guide to Successful Implementation
by Tony RedmondExchange 2007 represents the biggest advance in the history of Microsoft Exchange Server technology. Given Exchange's leap to x64 architecture and its wide array of new features, it isn't surprising that the SP1 release of 2007 would be particularly robust in terms of hotfixes, security enhancements and additional functionality. Tony Redmond's upgraded edition of his popular Microsoft Exchange Server 2007 bible features extensive coverage of the significant changes and additions offered with SP1. Every chapter has been updated, with particular focus on the most pivotal aspects of SP1, including:*install enabling on Windows Server 2008 *IVp6 support*Unified Messaging inclusion*EMC enhancements*Client Access Improvements for Outlook Web Access and Activesync*New user interfaces for POP3 and IMAP4*System resource monitoring and message routing improvements*New features for the mailbox server role*.pst file data managment improvements*new high-availability features*optimization for mobile access*and much more!*Complete coverage of all the updates in SP1 ensure admins skip the initial 2007 release's bugs and upgrade with ease*Written by HP Services CTO Tony Redmond, the world's most trusted author of Exchange books for over a decade*250+ pages of updates throughout, including totally new sections on Windows 2008 compatibility, Microsoft Yona, Windows Mobile 6 and 6.1 devices, Apple iPhone, and more!
Network Security: Know It All
by James JoshiNetwork Security: Know It All explains the basics, describes the protocols, and discusses advanced topics, by the best and brightest experts in the field of network security.Assembled from the works of leading researchers and practitioners, this best-of-the-best collection of chapters on network security and survivability is a valuable and handy resource. It consolidates content from the field’s leading experts while creating a one-stop-shopping opportunity for readers to access the information only otherwise available from disparate sources.* Chapters contributed by recognized experts in the field cover theory and practice of network security technology, allowing the reader to develop a new level of knowledge and technical expertise. * Up-to-date coverage of network security issues facilitates learning and lets the reader remain current and fully informed from multiple viewpoints.* Presents methods of analysis and problem-solving techniques, enhancing the reader’s grasp of the material and ability to implement practical solutions.* Examples illustrate core security concepts for enhanced comprehension
Building the Agile Enterprise: With SOA, BPM and MBM (The MK/OMG Press)
by Fred A. CumminsIn the last ten years IT has brought fundamental changes to the way the world works. Not only has it increased the speed of operations and communications, but it has also undermined basic assumptions of traditional business models and increased the number of variables. Today, the survival of major corporations is challenged by a world-wide marketplace, international operations, outsourcing, global communities, a changing workforce, security threats, business continuity, web visibility, and customer expectations. Enterprises must constantly adapt or they will be unable to compete. Fred Cummins, an EDS Fellow, presents IT as a key enabler of the agile enterprise. He demonstrates how the convergence of key technologies—including SOA, BPM and emerging enterprise and data models—can be harnessed to transform the enterprise. Cummins mines his 25 years experience to provide IT leaders, as well as enterprise architects and management consultants, with the critical information, skills, and insights they need to partner with management and redesign the enterprise for continuous change. No other book puts IT at the center of this transformation, nor integrates these technologies for this purpose.Shows how to integrate and deploy critical technologies to foster agilityDetails how to design an enterprise architecture that takes full advantage of SOA, BPM, business rules, enterprise information management, business models, and governanceOutlines IT's critical mission in providing an integration infrastructure and key services, while optimizing technology adoption throughout the enterpriseIllustrates concepts with examples and cases from large and small commercial enterprisesShows how to create systems that recognize and respond to the need for changeIdentifies the unique security issues that arise with SOA and shows how to deploy a framework of technologies and processes that address them
The Best Damn Windows Server 2008 Book Period
by Anthony PiltzeckerBest Damn Windows Server 2008 Book Period, Second Edition is completely revised and updated to Windows Server 2008. This book will show you how to increase the reliability and flexibility of your server infrastructure with built-in Web and virtualization technologies; have more control over your servers and web sites using new tools like IIS7, Windows Server Manager, and Windows PowerShell; and secure your network with Network Access Protection and the Read-Only Domain Controller.Web server management with Internet Information Services 7.0Virtualize multiple operating systems on a single serverHardening Security, including Network Access Protection, Federated Rights Management, and Read-Only Domain Controller
Designing Storage for Exchange 2007 SP1 (Digital Press Storage Technologies)
by Pierre Bijaoui Juergen HasslauerDesigning Storage for Exchange 2007 SP1 will help you understand the new choices and possibilities available in designing your storage environment for Microsoft Exchange Server 2007 SP1. The move of Microsoft Exchange Server from a 32-bit application to the 64-bit world reduced the I/O footprint on the storage subsystem. This allows users to consider shared storage deployments or go the opposite way and focus on direct attached storage. Supporting large mailboxes is now possible, but how do you back up and recover the increased amount of data? Exchange Server 2007 Continuous Replication and new features in Windows Server 2008 Failover Clustering provides interesting possibilities for geographically dispersed deployments. This book explains these new built-in features of Exchange Server 2007 and compares them with application independent data replication solutions provided by high-end storage subsystems. It is critical to understand these key technologies to make the right decision which storage solution best fits your business needs. The authors share their experience from large scale deployments and depict configurations used during their projects.Includes a description of how the move to a 64-bit application reduced the I/O behaviorStorage hardware technologies and Windows storage stack features for Exchange serverExchange Server 2007 Continuous Replication and Windows Server 2008 Failover ClusteringPerformance monitoring and analysis to optimize the Exchange Server 2007 configuration
The IT / Digital Legal Companion: A Comprehensive Business Guide to Software, IT, Internet, Media and IP Law
by Gene K. Landy Amy J. MastrobattistaThe IT/Digital Legal Companion is a comprehensive business and legal guidance covering intellectual property for digital business; digital contract fundamentals; open source rules and strategies; development, consulting and outsourcing; software as a service; business software licensing, partnering, and distribution; web and Internet agreements; privacy on the Internet; digital multimedia content clearance and distribution; IT standards; video game development and content deals; international distribution; and user-created content, mash-ups, MMOGs, and web widgets. Chapters deal with topics such as copyrights on the Internet, for software protection and around the world; trademarks and domain names; patents and digital technology companies; trade secrets and non-disclosure agreements; confidentiality, rights transfer, and non-competition agreements for employees; introduction to digital product and service contracts; a pragmatic guide to open source; IT services - development, outsourcing, and consulting; beta test agreements; commercial end-user agreements; terms of use for web sites and online applications; privacy and use of personal data; digital technology standards - opportunities, risks, and strategies; content for digital media; and deals in the web and mobile value chains. This book is intended for executives, entrepreneurs, finance and business development officers; technology and engineering officers; marketers, licensing professionals, and technology professionals; in-house counsel; and anyone else that deals with software or digital technology in business.Comprehensive Business and Legal Guidance including* Securing Intellectual Property for Digital Business* Digital Contract Fundamentals* Open Source Rules and Strategies* Development, Consulting and Outsourcing* Software as a Service* Business Software Licensing, Partnering, and Distribution* Web and Internet Agreements* Privacy on the Internet* Digital Multimedia Content Clearance and Distribution* IT Standards* Video Game Development and Content Deals* International Distribution* User-Created Content, Mash-Ups, MMOGs, and Web Widgets* And Much MoreKey Features:* Up-to-the-Moment Legal Guide* In Plain English* Includes 38 Contract and Web Forms in the Book
TechnoSecurity's Guide to E-Discovery and Digital Forensics: A Comprehensive Handbook
by Jack WilesTechnoSecurity's Guide to E-Discovery and Digital Forensics provides IT security professionals with the information (hardware, software, and procedural requirements) needed to create, manage and sustain a digital forensics lab and investigative team that can accurately and effectively analyze forensic data and recover digital evidence, while preserving the integrity of the electronic evidence for discovery and trial.Internationally known experts in computer forensics share their years of experience at the forefront of digital forensicsBonus chapters on how to build your own Forensics Lab50% discount to the upcoming Techno Forensics conference for everyone who purchases a book
Secrets Stolen, Fortunes Lost: Preventing Intellectual Property Theft and Economic Espionage in the 21st Century
by Richard Power Christopher BurgessThe threats of economic espionage and intellectual property (IP) theft are global, stealthy, insidious, and increasingly common. According to the U.S. Commerce Department, IP theft is estimated to top $250 billion annually and also costs the United States approximately 750,000 jobs. The International Chamber of Commerce puts the global fiscal loss at more than $600 billion a year.Secrets Stolen, Fortunes Lost offers both a fascinating journey into the underside of the Information Age, geopolitics, and global economy, shedding new light on corporate hacking, industrial espionage, counterfeiting and piracy, organized crime and related problems, and a comprehensive guide to developing a world-class defense against these threats. You will learn what you need to know about this dynamic global phenomenon (how it happens, what it costs, how to build an effective program to mitigate risk and how corporate culture determines your success), as well as how to deliver the message to the boardroom and the workforce as a whole. This book serves as an invaluable reservoir of ideas and energy to draw on as you develop a winning security strategy to overcome this formidable challenge.• It’s Not “Someone Else’s" Problem: Your Enterprise is at RiskIdentify the dangers associated with intellectual property theft and economic espionage• The Threat Comes from Many SourcesDescribes the types of attackers, threat vectors, and modes of attack• The Threat is RealExplore case studies of real-world incidents in stark relief• How to Defend Your EnterpriseIdentify all aspects of a comprehensive program to tackle such threats and risks• How to Deliver the Message: Awareness and EducationAdaptable content (awareness and education materials, policy language, briefing material, presentations, and assessment tools) that you can incorporate into your security program now
Reverse Engineering Code with IDA Pro
by IOActiveIf you want to master the art and science of reverse engineering code with IDA Pro for security R&D or software debugging, this is the book for you. Highly organized and sophisticated criminal entities are constantly developing more complex, obfuscated, and armored viruses, worms, Trojans, and botnets. IDA Pro’s interactive interface and programmable development language provide you with complete control over code disassembly and debugging. This is the only book which focuses exclusively on the world’s most powerful and popular took for reverse engineering code.*Reverse Engineer REAL Hostile CodeTo follow along with this chapter, you must download a file called !DANGER!INFECTEDMALWARE!DANGER!... ‘nuff said.*Portable Executable (PE) and Executable and Linking Formats (ELF)Understand the physical layout of PE and ELF files, and analyze the components that are essential to reverse engineering.*Break Hostile Code Armor and Write your own ExploitsUnderstand execution flow, trace functions, recover hard coded passwords, find vulnerable functions, backtrace execution, and craft a buffer overflow.*Master DebuggingDebug in IDA Pro, use a debugger while reverse engineering, perform heap and stack access modification, and use other debuggers.*Stop Anti-ReversingAnti-reversing, like reverse engineering or coding in assembly, is an art form. The trick of course is to try to stop the person reversing the application. Find out how!*Track a Protocol through a Binary and Recover its Message StructureTrace execution flow from a read event, determine the structure of a protocol, determine if the protocol has any undocumented messages, and use IDA Pro to determine the functions that process a particular message.*Develop IDA Scripts and Plug-insLearn the basics of IDA scripting and syntax, and write IDC scripts and plug-ins to automate even the most complex tasks.
Physical and Logical Security Convergence: Powered By Enterprise Security Management
by William P Crowell Brian T Contos Colby DeRodeff Dan DunkelGovernment and companies have already invested hundreds of millions of dollars in the convergence of physical and logical security solutions, but there are no books on the topic.This book begins with an overall explanation of information security, physical security, and why approaching these two different types of security in one way (called convergence) is so critical in today’s changing security landscape. It then details enterprise security management as it relates to incident detection and incident management. This is followed by detailed examples of implementation, taking the reader through cases addressing various physical security technologies such as: video surveillance, HVAC, RFID, access controls, biometrics, and more.This topic is picking up momentum every day with every new computer exploit, announcement of a malicious insider, or issues related to terrorists, organized crime, and nation-state threats The author has over a decade of real-world security and management expertise developed in some of the most sensitive and mission-critical environments in the worldEnterprise Security Management (ESM) is deployed in tens of thousands of organizations worldwide
OSSEC Host-Based Intrusion Detection Guide
by Rory Bray Daniel Cid Andrew HayThis book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented...until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems. -- Stephen Northcutt OSSEC determines if a host has been compromised in this manner by taking the equivalent of a picture of the host machine in its original, unaltered state. This "picture" captures the most relevant information about that machine's configuration. OSSEC saves this "picture" and then constantly compares it to the current state of that machine to identify anything that may have changed from the original configuration. Now, many of these changes are necessary, harmless, and authorized, such as a system administrator installing a new software upgrade, patch, or application. But, then there are the not-so-harmless changes, like the installation of a rootkit, trojan horse, or virus. Differentiating between the harmless and the not-so-harmless changes determines whether the system administrator or security professional is managing a secure, efficient network or a compromised network which might be funneling credit card numbers out to phishing gangs or storing massive amounts of pornography creating significant liability for that organization. Separating the wheat from the chaff is by no means an easy task. Hence the need for this book. The book is co-authored by Daniel Cid, who is the founder and lead developer of the freely available OSSEC host-based IDS. As such, readers can be certain they are reading the most accurate, timely, and insightful information on OSSEC.* Nominee for Best Book Bejtlich read in 2008!* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html• Get Started with OSSECGet an overview of the features of OSSEC including commonly used terminology, pre-install preparation, and deployment considerations. • Follow Steb-by-Step Installation InstructionsWalk through the installation process for the "local", “agent", and "server" install types on some of the most popular operating systems available.• Master ConfigurationLearn the basic configuration options for your install type and learn how to monitor log files, receive remote messages, configure email notification, and configure alert levels.• Work With RulesExtract key information from logs using decoders and how you can leverage rules to alert you of strange occurrences on your network.• Understand System Integrity Check and Rootkit DetectionMonitor binary executable files, system configuration files, and the Microsoft Windows registry.• Configure Active ResponseConfigure the active response actions you want and bind the actions to specific rules and sequence of events.• Use the OSSEC Web User InterfaceInstall, configure, and use the community-developed, open source web interface available for OSSEC.• Play in the OSSEC VMware Environment Sandbox• Dig Deep into Data Log MiningTake the “high art" of log analysis to the next level by breaking the dependence on the lists of strings or patterns to look for in the logs.
OS X Exploits and Defense: Own it...Just Like Windows or Linux!
by Paul Baccas Kevin Finisterre Larry H. David Harley Gary Porteus Chris Hurley Johnny LongContrary to popular belief, there has never been any shortage of Macintosh-related security issues. OS9 had issues that warranted attention. However, due to both ignorance and a lack of research, many of these issues never saw the light of day. No solid techniques were published for executing arbitrary code on OS9, and there are no notable legacy Macintosh exploits. Due to the combined lack of obvious vulnerabilities and accompanying exploits, Macintosh appeared to be a solid platform. Threats to Macintosh's OS X operating system are increasing in sophistication and number. Whether it is the exploitation of an increasing number of holes, use of rootkits for post-compromise concealment or disturbed denial of service, knowing why the system is vulnerable and understanding how to defend it is critical to computer security. Macintosh OS X Boot Process and Forensic Software All the power, all the tools, and all the geekery of Linux is present in Mac OS X. Shell scripts, X11 apps, processes, kernel extensions...it's a UNIX platform....Now, you can master the boot process, and Macintosh forensic softwareLook Back Before the Flood and Forward Through the 21st Century Threatscape Back in the day, a misunderstanding of Macintosh security was more or less industry-wide. Neither the administrators nor the attackers knew much about the platform. Learn from Kevin Finisterre how and why that has all changed!Malicious Macs: Malware and the Mac As OS X moves further from desktops, laptops, and servers into the world of consumer technology (iPhones, iPods, and so on), what are the implications for the further spread of malware and other security breaches? Find out from David HarleyMalware Detection and the Mac Understand why the continuing insistence of vociferous Mac zealots that it "can't happen here" is likely to aid OS X exploitationgMac OS X for Pen Testers With its BSD roots, super-slick graphical interface, and near-bulletproof reliability, Apple's Mac OS X provides a great platform for pen testingWarDriving and Wireless Penetration Testing with OS X Configure and utilize the KisMAC WLAN discovery tool to WarDrive. Next, use the information obtained during a WarDrive, to successfully penetrate a customer's wireless networkLeopard and Tiger Evasion Follow Larry Hernandez through exploitation techniques, tricks, and features of both OS X Tiger and Leopard, using real-world scenarios for explaining and demonstrating the concepts behind themEncryption Technologies and OS X Apple has come a long way from the bleak days of OS9. THere is now a wide array of encryption choices within Mac OS X. Let Gareth Poreus show you what they are.Cuts through the hype with a serious discussion of the security vulnerabilities of the Mac OS X operating systemReveals techniques by which OS X can be "owned"Details procedures to defeat these techniquesOffers a sober look at emerging threats and trends
No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing
by Johnny LongJohnny Long's last book sold 12,000 units worldwide. Kevin Mitnick's last book sold 40,000 units in North America.As the cliché goes, information is power. In this age of technology, an increasing majority of the world's information is stored electronically. It makes sense then that we rely on high-tech electronic protection systems to guard that information. As professional hackers, Johnny Long and Kevin Mitnick get paid to uncover weaknesses in those systems and exploit them. Whether breaking into buildings or slipping past industrial-grade firewalls, their goal has always been the same: extract the information using any means necessary. After hundreds of jobs, they have discovered the secrets to bypassing every conceivable high-tech security system. This book reveals those secrets; as the title suggests, it has nothing to do with high technology.• Dumpster DivingBe a good sport and don’t read the two “D" words written in big bold letters above, and act surprised when I tell you hackers can accomplish this without relying on a single bit of technology (punny). • TailgatingHackers and ninja both like wearing black, and they do share the ability to slip inside a building and blend with the shadows.• Shoulder SurfingIf you like having a screen on your laptop so you can see what you’re working on, don’t read this chapter.• Physical SecurityLocks are serious business and lock technicians are true engineers, most backed with years of hands-on experience. But what happens when you take the age-old respected profession of the locksmith and sprinkle it with hacker ingenuity?• Social Engineering with Jack WilesJack has trained hundreds of federal agents, corporate attorneys, CEOs and internal auditors on computer crime and security-related topics. His unforgettable presentations are filled with three decades of personal "war stories" from the trenches of Information Security and Physical Security. • Google HackingA hacker doesn’t even need his own computer to do the necessary research. If he can make it to a public library, Kinko's or Internet cafe, he can use Google to process all that data into something useful.• P2P HackingLet’s assume a guy has no budget, no commercial hacking software, no support from organized crime and no fancy gear. With all those restrictions, is this guy still a threat to you? Have a look at this chapter and judge for yourself.• People WatchingSkilled people watchers can learn a whole lot in just a few quick glances. In this chapter we’ll take a look at a few examples of the types of things that draws a no-tech hacker’s eye.• KiosksWhat happens when a kiosk is more than a kiosk? What happens when the kiosk holds airline passenger information? What if the kiosk holds confidential patient information? What if the kiosk holds cash?• Vehicle SurveillanceMost people don’t realize that some of the most thrilling vehicular espionage happens when the cars aren't moving at all!
Nmap in the Enterprise: Your Guide to Network Scanning
by Angela Orebaugh Becky PinkardNmap, or Network Mapper, is a free, open source tool that is available under the GNU General Public License as published by the Free Software Foundation. It is most often used by network administrators and IT security professionals to scan corporate networks, looking for live hosts, specific services, or specific operating systems. Part of the beauty of Nmap is its ability to create IP packets from scratch and send them out utilizing unique methodologies to perform the above-mentioned types of scans and more. This book provides comprehensive coverage of all Nmap features, including detailed, real-world case studies.• Understand Network ScanningMaster networking and protocol fundamentals, network scanning techniques, common network scanning tools, along with network scanning and policies.• Get Inside NmapUse Nmap in the enterprise, secure Nmap, optimize Nmap, and master advanced Nmap scanning techniques.• Install, Configure, and Optimize NmapDeploy Nmap on Windows, Linux, Mac OS X, and install from source.• Take Control of Nmap with the Zenmap GUIRun Zenmap, manage Zenmap scans, build commands with the Zenmap command wizard, manage Zenmap profiles, and manage Zenmap results.• Run Nmap in the EnterpriseStart Nmap scanning, discover hosts, port scan, detecting operating systems, and detect service and application versions• Raise those FingerprintsUnderstand the mechanics of Nmap OS fingerprinting, Nmap OS fingerprint scan as an administrative tool, and detect and evade the OS fingerprint scan.• “Tool" around with NmapLearn about Nmap add-on and helper tools: NDiff--Nmap diff, RNmap--Remote Nmap, Bilbo, Nmap-parser.• Analyze Real-World Nmap ScansFollow along with the authors to analyze real-world Nmap scans.• Master Advanced Nmap Scanning TechniquesTorque Nmap for TCP scan flags customization, packet fragmentation, IP and MAC address spoofing, adding decoy scan source IP addresses, add random data to sent packets, manipulate time-to-live fields, and send packets with bogus TCP or UDP checksums.
Netcat Power Tools
by Jan KanclirzOriginally released in 1996, Netcat is a netowrking program designed to read and write data across both Transmission Control Protocol TCP and User Datagram Protocol (UDP) connections using the TCP/Internet Protocol (IP) protocol suite. Netcat is often referred to as a "Swiss Army knife" utility, and for good reason. Just like the multi-function usefullness of the venerable Swiss Army pocket knife, Netcat's functionality is helpful as both a standalone program and a backe-end tool in a wide range of applications. Some of the many uses of Netcat include port scanning, transferring files, grabbing banners, port listening and redirection, and more nefariously, a backdoor. This is the only book dedicated to comprehensive coverage of the tool's many features, and by the end of this book, you'll discover how Netcat can be one of the most valuable tools in your arsenal.* Get Up and Running with Netcat Simple yet powerful...Don't let the trouble-free installation and the easy command line belie the fact that Netcat is indeed a potent and powerful program. * Go PenTesting with Netcat Master Netcat's port scanning and service identification capabilities as well as obtaining Web server application information. Test and verify outbound firewall rules and avoid detection by using antivirus software and the Window Firewall. Also, create a backdoor using Netcat. * Conduct Enumeration and Scanning with Netcat, Nmap, and More! Netcat's not the only game in town...Learn the process of network of enumeration and scanning, and see how Netcat along with other tools such as Nmap and Scanrand can be used to thoroughly identify all of the assets on your network. * Banner Grabbing with Netcat Banner grabbing is a simple yet highly effective method of gathering information about a remote target, and can be performed with relative ease with the Netcat utility. * Explore the Dark Side of Netcat See the various ways Netcat has been used to provide malicious, unauthorized access to their targets. By walking through these methods used to set up backdoor access and circumvent protection mechanisms through the use of Netcat, we can understand how malicious hackers obtain and maintain illegal access. Embrace the dark side of Netcat, so that you may do good deeds later. * Transfer Files Using Netcat The flexability and simple operation allows Netcat to fill a niche when it comes to moving a file or files in a quick and easy fashion. Encryption is provided via several different avenues including integrated support on some of the more modern Netcat variants, tunneling via third-party tools, or operating system integrated IPsec policies. * Troubleshoot Your Network with Netcat Examine remote systems using Netat's scanning ability. Test open ports to see if they really are active and see what protocls are on those ports. Communicate with different applications to determine what problems might exist, and gain insight into how to solve these problems. * Sniff Traffic within a System Use Netcat as a sniffer within a system to collect incoming and outgoing data. Set up Netcat to listen at ports higher than 1023 (the well-known ports), so you can use Netcat even as a normal user.* Comprehensive introduction to the #4 most popular open source security tool available* Tips and tricks on the legitimate uses of Netcat* Detailed information on its nefarious purposes* Demystifies security issues surrounding Netcat* Case studies featuring dozens of ways to use Netcat in daily tasks
Microsoft Forefront Security Administration Guide
by Jesse VarsaloneMicrosoft Forefront is a comprehensive suite of security products that will provide companies with multiple layers of defense against threats. Computer and Network Security is a paramount issue for companies in the global marketplace. Businesses can no longer afford for their systems to go down because of viruses, malware, bugs, trojans, or other attacks. Running a Microsoft Forefront Suite within your environment brings many different benefits. Forefront allows you to achieve comprehensive, integrated, and simplified infrastructure security. This comprehensive suite of tools provides end-to-end security stretching from Web servers back to the desktop. This book will provide system administrators familiar with Syngress' existing Microsoft networking and security titles with a complete reference to Microsoft's flagship security products.* First book to address securing an entire Microsoft network from Web servers all the way back to the desktop.* Companion Web site provides best practices checklists for securing Microsoft operating systems, applications, servers, and databases.* Companion Web site provides special chapter on designing and implementing a disaster recover plan for a Microsoft network.
Managing Catastrophic Loss of Sensitive Data: A Guide for IT and Security Professionals
by Constantine PhotopoulosOffering a structured approach to handling and recovering from a catastrophic data loss, this book will help both technical and non-technical professionals put effective processes in place to secure their business-critical information and provide a roadmap of the appropriate recovery and notification steps when calamity strikes.*Addresses a very topical subject of great concern to security, general IT and business management*Provides a step-by-step approach to managing the consequences of and recovering from the loss of sensitive data.*Gathers in a single place all information about this critical issue, including legal, public relations and regulatory issues
Kismet Hacking
by Brad Haines Frank Thornton Michael J. SchearerKismet is the industry standard for examining wireless network traffic, and is used by over 250,000 security professionals, wireless networking enthusiasts, and WarDriving hobbyists.Unlike other wireless networking books that have been published in recent years that geared towards Windows users, Kismet Hacking is geared to those individuals that use the Linux operating system. People who use Linux and want to use wireless tools need to use Kismet. Now with the introduction of Kismet NewCore, they have a book that will answer all their questions about using this great tool. This book continues in the successful vein of books for wireless users such as WarDriving: Drive, Detect Defend.*Wardrive Running Kismet from the BackTrack Live CD*Build and Integrate Drones with your Kismet Server*Map Your Data with GPSMap, KisMap, WiGLE and GpsDrive
InfoSecurity 2008 Threat Analysis
by Craig Schiller Seth Fogie Colby DeRodeff Michael GreggAn all-star cast of authors analyze the top IT security threats for 2008 as selected by the editors and readers of Infosecurity Magazine. This book, compiled from the Syngress Security Library, is an essential reference for any IT professional managing enterprise security. It serves as an early warning system, allowing readers to assess vulnerabilities, design protection schemes and plan for disaster recovery should an attack occur. Topics include Botnets, Cross Site Scripting Attacks, Social Engineering, Physical and Logical Convergence, Payment Card Industry (PCI) Data Security Standards (DSS), Voice over IP (VoIP), and Asterisk Hacking. Each threat is fully defined, likely vulnerabilities are identified, and detection and prevention strategies are considered. Wherever possible, real-world examples are used to illustrate the threats and tools for specific solutions.* Provides IT Security Professionals with a first look at likely new threats to their enterprise * Includes real-world examples of system intrusions and compromised data * Provides techniques and strategies to detect, prevent, and recover * Includes coverage of PCI, VoIP, XSS, Asterisk, Social Engineering, Botnets, and Convergence
How to Cheat at Securing Linux
by James StangerLinux servers now account for 33% of all networks servers running worldwide (Source: IDC). The top 3 market share holders in the network server space (IBM, Hewlett-Packard, and Dell) all use Linux as their standard operating system. This book teaches Linux system administrators how to protect their servers from malicious threats.As with any technologies, increased usage results in increased attention from malicious hackers. For years a myth existed that Windows was inherently less secure than Linux, because there were significantly more attacks against Windows machines than Linux. This was a fallacy. There were more attacks against Windows machines because there were simply so many more Windows machines to attack. Now, the numbers tell the exact opposite story. Linux servers account for 1/3 of all servers worldwide, but in 2005 there were 3 times as many high-severity security vulnerabilities discovered on Linux servers (Source: IDC).This book covers Open Source security, implementing an intrusion detection system, unearthing Rootkits, defending against malware, creating Virtual Private Networks, and much more.The Perfect Reference for the Multitasked SysAdmin* Discover Why "Measure Twice, Cut Once" Applies to Securing Linux* Complete Coverage of Hardening the Operating System, Implementing an Intrusion Detection System, and Defending Databases* Short on Theory, History, and Technical Data that Is Not Helpful in Performing Your Job
Check Point NGX R65 Security Administration
by Ralph BonnellCheck Point NGX R65 is the next major release of Check Point's flagship firewall software product, which has over 750,000 registered users. Check Point's NGX is the underlying security software platform for all of the company's enterprise firewall, VPN and management solutions. It enables enterprises of all sizes to reduce the cost and complexity of security management and ensure that their security systems can be easily extended to adapt to new and emerging threats. This title is a continuation of Syngress' best-selling references on Check Point's market leading Firewall and VPN products.* First book to market covering Check Point's new, flagship NGX R65 Firewall/VPN. * Provides bonus coverage for Check Point's upcoming NGX R65 Certification exams.* Companion Web site offers customized scripts for managing log files.
AVIEN Malware Defense Guide for the Enterprise
by David HarleyMembers of AVIEN (the Anti-Virus Information Exchange Network) have been setting agendas in malware management for several years: they led the way on generic filtering at the gateway, and in the sharing of information about new threats at a speed that even anti-virus companies were hard-pressed to match. AVIEN members represent the best-protected large organizations in the world, and millions of users. When they talk, security vendors listen: so should you. AVIEN’s sister organization AVIEWS is an invaluable meeting ground between the security vendors and researchers who know most about malicious code and anti-malware technology, and the top security administrators of AVIEN who use those technologies in real life. This new book uniquely combines the knowledge of these two groups of experts. Anyone who is responsible for the security of business information systems should be aware of this major addition to security literature.* “Customer Power" takes up the theme of the sometimes stormy relationship between the antivirus industry and its customers, and tries to dispel some common myths. It then considers the roles of the independent researcher, the vendor-employed specialist, and the corporate security specialist.* “Stalkers on Your Desktop" considers the thorny issue of malware nomenclature and then takes a brief historical look at how we got here, before expanding on some of the malware-related problems we face today.* “A Tangled Web" discusses threats and countermeasures in the context of the World Wide Web. * “Big Bad Bots" tackles bots and botnets, arguably Public Cyber-Enemy Number One.* “Crème de la CyberCrime" takes readers into the underworld of old-school virus writing, criminal business models, and predicting future malware hotspots.* “Defense in Depth" takes a broad look at DiD in the enterprise, and looks at some specific tools and technologies.* “Perilous Outsorcery" offers sound advice on how to avoid the perils and pitfalls of outsourcing, incorporating a few horrible examples of how not to do it.* “Education in Education" offers some insights into user education from an educationalist’s perspective, and looks at various aspects of security in schools and other educational establishments.* “DIY Malware Analysis" is a hands-on, hands-dirty approach to security management, considering malware analysis and forensics techniques and tools.* “Antivirus Evaluation & Testing" continues the D-I-Y theme, discussing at length some of the thorny issues around the evaluation and testing of antimalware software.* “AVIEN & AVIEWS: the Future" looks at future developments in AVIEN and AVIEWS.* Unique, knowledgeable, unbiased and hype-free commentary.* Written by members of the anti-malware community; most malware books are written by outsiders.* Combines the expertise of truly knowledgeable systems administrators and managers, with that of the researchers who are most experienced in the analysis of malicious code, and the development and maintenance of defensive programs.
Nessus Network Auditing
by Russ RogersThe Updated Version of the Bestselling Nessus Book. This is the ONLY Book to Read if You Run Nessus Across the Enterprise. Ever since its beginnings in early 1998, the Nessus Project has attracted security researchers from all walks of life. It continues this growth today. It has been adopted as a de facto standard by the security industry, vendor, and practitioner alike, many of whom rely on Nessus as the foundation to their security practices. Now, a team of leading developers have created the definitive book for the Nessus community. Perform a Vulnerability Assessment Use Nessus to find programming errors that allow intruders to gain unauthorized access. Obtain and Install Nessus Install from source or binary, set up up clients and user accounts, and update your plug-ins. Modify the Preferences Tab Specify the options for Nmap and other complex, configurable components of Nessus. Understand Scanner Logic and Determine Actual Risk Plan your scanning strategy and learn what variables can be changed. Prioritize Vulnerabilities Prioritize and manage critical vulnerabilities, information leaks, and denial of service errors. Deal with False Positives Learn the different types of false positives and the differences between intrusive and nonintrusive tests. Get Under the Hood of Nessus Understand the architecture and design of Nessus and master the Nessus Attack Scripting Language (NASL). Scan the Entire Enterprise Network Plan for enterprise deployment by gauging network bandwith and topology issues.Nessus is the premier Open Source vulnerability assessment tool, and has been voted the "most popular" Open Source security tool several times.The first edition is still the only book available on the product.Written by the world's premier Nessus developers and featuring a foreword by the creator of Nessus, Renaud Deraison.