- Table View
- List View
Google Talking
by Joshua Brashars Johnny LongNationwide and around the world, instant messaging use is growing, with more than 7 billion instant messages being sent every day worldwide, according to IDC. comScore Media Metrix reports that there are 250 million people across the globe--and nearly 80 million Americans--who regularly use instant messaging as a quick and convenient communications tool. Google Talking takes communication to the next level, combining the awesome power of Text and Voice! This book teaches readers how to blow the lid off of Instant Messaging and Phone calls over the Internet.This book will cover the program “Google Talk" in its entirety. From detailed information about each of its features, to a deep-down analysis of how it works. Also, we will cover real techniques from the computer programmers and hackers to bend and tweak the program to do exciting and unexpected things.Google has 41% of the search engine market making it by far the most commonly used search engineThe Instant Messaging market has 250 million users world wideGoogle Talking will be the first book to hit the streets about Google Talk
Elsevier's Dictionary of Information Security
by G. Manoilov B. RadichkovaThe dictionary will contain terms currently used in the broad fields of electronics data protection and data management in today's interconnected world - the Global Village. The terminology will cover all aspects of the modern technology's best practices in multiple subfields, namely: physical (hardware and perimeter) security, wired and wireless telecommunication infrastructure security, internet (e-commerce and business-to-business) security, anti-virus and anti-spyware applications, virtual private networking, theory and practices of cryptography, corporate security policies'methodology, design, implementation and enforcement.5000 terms in English, German, French and Russian* a valuable reference tool for both the general public and the industry experts* can be used as knowledge support in theoretical projects * could also serve as a handy desktop reference book in day-to-day operations in a multilingual environment
Dictionary of Information Security
by Robert SladeThe Dictionary of Information Security is a compilation of security terms and definitions that working security professionals and IT students will find helpful.IT professionals and IT students will find this a handy reference to help them identify terms used in practice, in journals and articles, and on websites. The dictionary has complete coverage of security terms and includes cutting-edge technologies and newer terminology only now becoming accepted use amongst security practitioners. Certification candidates for security specializations like CISSP and Security+ will also find this a valuable resource.* Your one stop shop coverage of malware, wireless technologies, and phishing *An easy to use tol featuring the ability to cross references makeing navigation easy* Includes special coverage of military and government terms for the latest hot topics
Deploying Citrix MetaFrame Presentation Server 3.0 with Windows Server 2003 Terminal Services
by Melissa CraftAlmost 100% of all Fortune 500 and Fortune 1000 companies use Citrix. Deploying Citrix MetaFrame Presentation Server 3.0 with Windows Server 2003 Terminal Services covers the new release to Citrix MetaFrame and how companies can deploy it in their disaster recovery plans. Server Based Computing has been established as a solid networking model for any size business. Why? Because it guarantees cost savings, fast deployment, scalability, performance, security and fast recoverability. Think "mainframe," but updated, pretty, shiny, and effective! Server based computing is the mainframe with a vengeance. Terminal Server and Citrix MetaFrame offer the advantages of the old mainframe coupled with the benefits, gadgets, and appeal of the personal computer.Manage applications from a central location and access them from anywhereBuild scalable, flexible, and secure access solutions that reduce computing costs and increase the utility of your networkThe first book that covers Citrix MetaFrame Presentation Server 3.0 and Windows Server 2003 Terminal Services
Deploying IP and MPLS QoS for Multiservice Networks: Theory and Practice (ISSN)
by John William Evans Clarence FilsfilsQoS, short for “quality of service," is one of the most important goals a network designer or administrator will have. Ensuring that the network runs at optimal precision with data remaining accurate, traveling fast, and to the correct user are the main objectives of QoS. The various media that fly across the network including voice, video, and data have different idiosyncrasies that try the dimensions of the network. This malleable network architecture poses an always moving potential problem for the network professional.The authors have provided a comprehensive treatise on this subject. They have included topics such as traffic engineering, capacity planning, and admission control. This book provides real world case studies of QoS in multiservice networks. These case studies remove the mystery behind QoS by illustrating the how, what, and why of implementing QoS within networks. Readers will be able to learn from the successes and failures of these actual working designs and configurations.Helps readers understand concepts of IP QoS by presenting clear descriptions of QoS components, architectures, and protocolsDirects readers in the design and deployment of IP QoS networks through fully explained examples of actual working designsContains real life case studies which focus on implementation
Data Modeling Essentials (The Morgan Kaufmann Series in Data Management Systems)
by Graeme Simsion Graham WittData Modeling Essentials, Third Edition, covers the basics of data modeling while focusing on developing a facility in techniques, rather than a simple familiarization with "the rules". In order to enable students to apply the basics of data modeling to real models, the book addresses the realities of developing systems in real-world situations by assessing the merits of a variety of possible solutions as well as using language and diagramming methods that represent industry practice. This revised edition has been given significantly expanded coverage and reorganized for greater reader comprehension even as it retains its distinctive hallmarks of readability and usefulness. Beginning with the basics, the book provides a thorough grounding in theory before guiding the reader through the various stages of applied data modeling and database design. Later chapters address advanced subjects, including business rules, data warehousing, enterprise-wide modeling and data management. It includes an entirely new section discussing the development of logical and physical modeling, along with new material describing a powerful technique for model verification. It also provides an excellent resource for additional lectures and exercises. This text is the ideal reference for data modelers, data architects, database designers, DBAs, and systems analysts, as well as undergraduate and graduate-level students looking for a real-world perspective.Thorough coverage of the fundamentals and relevant theoryRecognition and support for the creative side of the processExpanded coverage of applied data modeling includes new chapters on logical and physical database designNew material describing a powerful technique for model verificationUnique coverage of the practical and human aspects of modeling, such as working with business specialists, managing change, and resolving conflict
Cyber Spying Tracking Your Family's (Sometimes) Secret Online Lives: Tracking Your Family's (sometimes) Secret Online Lives
by Eric Cole Michael Nordfelt Sandra Ring Ted FairCyber Spying Tracking Your Family's (Sometimes) Secret Online Lives shows everyday computer users how to become cyber-sleuths. It takes readers through the many different issues involved in spying on someone online. It begins with an explanation of reasons and ethics, covers the psychology of spying, describes computer and network basics, and takes readers step-by-step through many common online activities, and shows what can be done to compromise them. The book's final section describes personal privacy and counter-spy techniques. By teaching by both theory and example this book empowers readers to take charge of their computers and feel confident they can be aware of the different online activities their families engage in.Expert authors have worked at Fortune 500 companies, NASA, CIA, NSA and all reside now at Sytex, one of the largest government providers of IT servicesTargets an area that is not addressed by other books: black hat techniques for computer security at the personal computer levelTargets a wide audience: personal computer users, specifically those interested in the online activities of their families
Configuring VMware ESX Server 2.5
by Al Muller Seburn WilsonThis book will detail the default and custom installation of VMware’s ESx server as well as basic and advanced virtual machine configurations. It will also discuss the requirements for a server virtualization and consolidation project and the cost savings surrounding such an effort. Furthermore, the book will provide a thorough understanding of the benefits of a virtual infrastructure and a comprehensive examination of how VMware eases administration and lowers overall IT costs. Lastly, the book delivers a thorough understanding of the virtual evolution which is underway in many IT organizations and how the reader will benefit from shifting from the physical to a virtual* A detailed resource on the default and custom installation of VMware's ESx server* Covers all the requirements for a server virtualization and consolidation project and the cost savings surrounding such an effort* Delivers a thorough understanding of the virtual evolution occuring in the IT industry
Configuring Check Point NGX VPN-1/Firewall-1
by Barry J Stiefel Simon DesmeulesCheck Point NGX VPN-1/Firewall-1 is the next major release of Check Point's flagship firewall software product, which has over 750,000 registered users. The most significant changes to this release are in the areas of Route Based VPN, Directional VPN, Link Selection & Tunnel Management, Multiple Entry Points, Route Injection Mechanism, Wire Mode, and SecurePlatform Pro. Many of the new features focus on how to configure and manage Dynamic Routing rules, which are essential to keeping an enterprise network both available *and* secure. Demand for this book will be strong because Check Point is requiring all of its 3rd party developers to certify their products for this release.* Packed full with extensive coverage of features new to the product, allowing 3rd party partners to certify NGX add-on products quickly* Protect your network from both internal and external threats and learn to recognize future threats* All yuou need to securly and efficiently deploy, troubleshoot, and maintain Check Point NXG
Computer Networks: A Systems Approach (ISSN)
by Larry L. Peterson Bruce S. DavieIn this new edition of their classic and bestselling textbook, authors Larry Peterson and Bruce Davie continue to emphasize why networks work the way they do. Their "system approach" treats the network as a system composed of interrelated building blocks (as opposed to strict layers), giving students and professionals the best possible conceptual foundation on which to understand current networking technologies, as well as the new ones that will quickly take their place.Incorporating instructor and user feedback, this edition has also been fully updated and includes all-new material on MPLS and switching, wireless and mobile technology, peer-to-peer networks, Ipv6, overlay and content distribution networks, and more. As in the past, all instruction is rigorously framed by problem statements and supported by specific protocol references, C-code examples, and thought-provoking end-of-chapter exercises.Computer Networks: A Systems Approach remains an essential resource for a successful classroom experience and a rewarding career in networking.Written by an author team with over thirty years of first-hand experience in networking research, development, and teaching--two leaders in the work of defining and implementing many of the protocols discussed in the book.Includes all-new coverage and updated material on MPLS and switching, wireless and mobile technology, peer-to-peer networks, Ipv6, overlay and content distribution networks, VPNs, IP-Telephony, network security, and multimedia communications (SIP, SDP).Additional and earlier focus on applications in this edition makes core protocols more accessible and more meaningful to readers already familiar with networked applications.Features chapter-framing statements, over 400 end-of-chapter exercises, example exercises(with solutions), shaded sidebars covering advanced topics, web resources and other proven pedagogical features.
Compaq Visual Fortran: A Guide to Creating Windows Applications
by Norman LawrenceCompaq Visual Fortran: A Guide to Creating Windows Applications is the only book that shows developers how to create Windows applications using Visual Fortran software. It complements Digital Press's successful reference, the Digital Visual Fortran Programmer's Guide. Lawrence details development methods and techniques for creating Fortran applications for Windows, the platform upon which developers can use Compaq Visual Fortran (CVF; to be Intel Visual Fortran in the future) to create applications. The book teaches CVF programming progressively, beginning with simple tasks and building up to writing professional-level Win32 applications. Readers will learn about the powerful new CVF graphical user interface, as well as the intricacies of Windows development from a CVF perspective. They can master QuickWin, the Win32 APIs including multiple document interfaces, and Open GL with 3D and interactive graphics.Provides practical, step-by-step instructions for developing Visual Fortran applicationsOnly tutorial text for Compaq Visual Fortran (CVF)Doesn't require the programmer to learn C or C++
Communication Networking: An Analytical Approach (ISSN)
by Anurag Kumar D. Manjunath Joy KuriCommunication Networking is a comprehensive, effectively organized introduction to the realities of communication network engineering. Written for both the workplace and the classroom, this book lays the foundation and provides the answers required for building an efficient, state-of-the-art network—one that can expand to meet growing demand and evolve to capitalize on coming technological advances. It focuses on the three building blocks out of which a communication network is constructed: multiplexing, switching, and routing. The discussions are based on the viewpoint that communication networking is about efficient resource sharing. The progression is natural: the book begins with individual physical links and proceeds to their combination in a network. The approach is analytical: discussion is driven by mathematical analyses of and solutions to specific engineering problems. Fundamental concepts are explained in detail and design issues are placed in context through real world examples from current technologies. The text offers in-depth coverage of many current topics, including network calculus with deterministically-constrained traffic; congestion control for elastic traffic; packet switch queuing; switching architectures; virtual path routing; and routing for quality of service. It also includes more than 200 hands-on exercises and class-tested problems, dozens of schematic figures, a review of key mathematical concepts, and a glossary. This book will be of interest to networking professionals whose work is primarily architecture definition and implementation, i.e., network engineers and designers at telecom companies, industrial research labs, etc. It will also appeal to final year undergrad and first year graduate students in EE, CE, and CS programs.Systematically uses mathematical models and analyses to drive the development of a practical understanding of core network engineering problems.Provides in-depth coverage of many current topics, including network calculus with deterministically-constrained traffic, congestion control for elastic traffic, packet switch queuing, switching architectures, virtual path routing, and routing for quality of service.Includes over 200 hands-on exercises and class-tested problems, dozens of schematic figures, a review of key mathematical concepts, and a glossary.
Cognitive Science (Handbook of Perception and Cognition, Second Edition)
by Benjamin Martin Bly David E. RumelhartThe interdisciplinary field of cognitive science brings together elements of cognitive psychology, mathematics, perception, and linguistics. Focusing on the main areas of exploration in this field today, Cognitive Science presents comprehensive overviews of research findings and discusses new cross-over areas of interest. Contributors represent the most senior and well-established names in the field. This volume serves as a high-level introduction, with sufficient breadth to be a graduate-level text, and enough depth to be a valued reference source to researchers.
Clustering Windows Server: A Road Map for Enterprise Solutions
by Gary Mauler Milt BeebeAn IT decision-maker's road map to creating scalable and reliable Windows 2000 clustered systems.Clustering Windows 2000 explains what a cluster is and what it is not. It explains the concepts and technology from the perspective of Microsoft's Windows family of operating systems. Mauler and Beebe thoroughly explore the critical interaction and integration of state-of-the-art computer hardware with these operating systems and also with third-party layered solutions. However, more than teaching technology, the book provides a unique framework by which readers can evaluate their organizations' own clustering needs. The new Cluster Configuration MatrixC presented here allows them to determine the utility of the many clustering products and solutions given their companies' specific requirements for high availability. Clustering Windows 2000 enables IT professionals to create a highly effective clustering strategy that can grow with their organizations' needs and accommodate ongoing developments in clustering technology. This unique book is for everyone from system designers to IT managers who want a solid understanding of the optimal products and technologies they can use in creating "clusters" of computers to support truly enterprise-caliber programs.Demystifies Windows clustering from both a hardware and software viewpointDefines clustering terminology and concepts from a vendor-neutral perspectiveProvides a matrix for evaluating the multitude of cluster technology offerings
Cisco PIX Firewalls: Configure / Manage / Troubleshoot
by Umer KhanUmer Khan's first book, Cisco Security Specialist's Guide to PIX Firewalls, ISBN: 1931836639, has consistently maintained its spot as the #1 best-selling PIX book on amazon.com by providing readers with a clear, comprehensive, and independent introduction to PIX Firewall configuration. With the market for PIX Firewalls maintaining double digit growth and several major enhancements to both the PIX Firewall and VPN Client product lines, this book will have enormous appeal with the audience already familiar with his first book.The Cisco Pix firewall is the #1 market leading firewall, owning 43% market share. Cisco is poised to release the newest, completely re-designed version 7 of the Pix operating system in the first quarter of 2004"Cisco Pix Firewalls: configure | manage | troubleshoot" Covers all objectives on the new Cisco Pix certification exam, making this book the perfect study guide in addition to professional referenceUmer Khan's first book "Cisco Security Specialist's Guide to PIX Firewall" has been the #1 market leading Cisco Pix book since it was published in 2002
How to Cheat at Managing Microsoft Operations Manager 2005 (How to Cheat)
by Anthony PiltzeckerMicrosoft Operations Manager (MOM) is a network monitoring tool that provides enterprise-class event and performance management for Windows Server System technologies. MOM's event and performance management tools discover problems before system administrators would ever find them, thereby enabling administrators to lower their costs of operations and simplify management of their Windows Server System infrastructure. MOM can notify system administrators of overloaded processors, depleted memory, or failed network connections affecting their Windows servers long before these problems bother users.Microsoft Operations Manager (MOM) 2005 delivers open and scalable enterprise-class operational management by providing comprehensive event management, proactive monitoring and alerting, reporting and trend analysis, and system and application specific knowledge and tasks to improve the manageability of Windows Server System environments, including Windows, Exchange, SQL, IIS, Active Directory etc.* A users guide to Microsoft Operations Manager (MOM) enabling a cost reduction and simplification in managing your Windows Server System Infrastructure * Companion Web site for book offers dozens of customized scripts and tools for automating MOM 2005 and many other Windows Server products * There is no other compact resource like this for this core, Microsoft Server product
C# 2.0: Practical Guide for Programmers (The Practical Guides)
by Michel de Champlain Brian G. PatrickYou don’t need coddling; you don’t need to be told what you already know. What you need is a book that uses your experience as a Java or C++ programmer to give you a leg up into the challenges and rewards of C#. And this Practical Guide is precisely what you’re after. Written by a team that boasts extensive experience teaching C# to professionals, this book provides a practical, efficient explanation of the language itself, covering basic to advanced features and calling out all that’s new in 2.0. Its instruction is always firmly situated within the context of the .NET framework and bolstered by code examples, key lessons in object-oriented programming, and installments of a realistic application programming tutorial. Concise and incisive, this is the best way to master the world’s fastest-growing and most marketable programming language. Features: Provides a carefully focused explanation of every aspect of the C# language, including entire chapters on the unified type system, advanced types, collections, generics, reflection and attributes.Highlights all features new to the latest version of C# and organizes its presentation of C# according to the key principles of object-oriented programming and the .NET framework.Using end-of-chapter exercises, incrementally develops a cohesive application programming tutorial. Provides a carefully focused explanation of every aspect of the C# language, including entire chapters on the unified type system, advanced types, collections, generics, reflection and attributes.Highlights all features new to the latest version of C# and organizes its presentation of C# according to the key principles of object-oriented programming and the .NET framework.Using end-of-chapter exercises, incrementally develops a cohesive application programming tutorial.
Buffer Overflow Attacks: Detect, Exploit, Prevent
by Jason DeckardThe SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim’s machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.Over half of the "SANS TOP 10 Software Vulnerabilities" are related to buffer overflows. None of the current-best selling software security books focus exclusively on buffer overflows.This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.
Black Hat Physical Device Security: Exploiting Hardware and Software
by Drew MillerBlack Hat, Inc. is the premier, worldwide provider of security training, consulting, and conferences. In Black Hat Physical Device Security: Exploiting Hardware and Software, the Black Hat experts show readers the types of attacks that can be done to physical devices such as motion detectors, video monitoring and closed circuit systems, authentication systems, thumbprint and voice print devices, retina scans, and more. The Black Hat Briefings held every year in Las Vegas, Washington DC, Amsterdam, and Singapore continually expose the greatest threats to cyber security and provide IT mind leaders with ground breaking defensive techniques. There are no books that show security and networking professionals how to protect physical security devices. This unique book provides step-by-step instructions for assessing the vulnerability of a security device such as a retina scanner, seeing how it might be compromised, and taking protective measures. The book covers the actual device as well as the software that runs it. By way of example, a thumbprint scanner that allows the thumbprint to remain on the glass from the last person could be bypassed by pressing a "gummy bear" piece of candy against the glass so that the scan works against the last thumbprint that was used on the device. This is a simple example of an attack against a physical authentication system.First book by world-renowned Black Hat, Inc. security consultants and trainersFirst book that details methods for attacking and defending physical security devicesBlack Hat, Inc. is the premier, worldwide provider of security training, consulting, and conferences
Biometric Technologies and Verification Systems
by John R. VaccaBiometric Technologies and Verification Systems is organized into nine parts composed of 30 chapters, including an extensive glossary of biometric terms and acronyms. It discusses the current state-of-the-art in biometric verification/authentication, identification and system design principles. It also provides a step-by-step discussion of how biometrics works; how biometric data in human beings can be collected and analyzed in a number of ways; how biometrics are currently being used as a method of personal identification in which people are recognized by their own unique corporal or behavioral characteristics; and how to create detailed menus for designing a biometric verification system. Only biometrics verification/authentication is based on the identification of an intrinsic part of a human being. Tokens, such as smart cards, magnetic stripe cards, and physical keys can be lost, stolen, or duplicated. Passwords can be forgotten, shared, or unintentionally observed by a third party. Forgotten passwords and lost "smart cards" are a nuisance for users and an expensive time-waster for system administrators. Biometric security solutions offer some unique advantages for identifying and verifying/ authenticating human beings over more traditional security methods. This book will serve to identify the various security applications biometrics can play a highly secure and specific role in.* Contains elements such as Sidebars, Tips, Notes and URL links* Heavily illustrated with over 150 illustrations, screen captures, and photographs* Details the various biometric technologies and how they work while providing a discussion of the economics, privacy issues and challenges of implementing biometric security solutions
BigNum Math: Implementing Cryptographic Multiple Precision Arithmetic
by Tom St DenisImplementing cryptography requires integers of significant magnitude to resist cryptanalytic attacks. Modern programming languages only provide support for integers which are relatively small and single precision. The purpose of this text is to instruct the reader regarding how to implement efficient multiple precision algorithms.Bignum math is the backbone of modern computer security algorithms. It is the ability to work with hundred-digit numbers efficiently using techniques that are both elegant and occasionally bizarre. This book introduces the reader to the concept of bignum algorithms and proceeds to build an entire library of functionality from the ground up. Through the use of theory, pseudo-code and actual fielded C source code the book explains each and every algorithm that goes into a modern bignum library. Excellent for the student as a learning tool and practitioner as a reference alike BigNum Math is for anyone with a background in computer science who has taken introductory level mathematic courses. The text is for students learning mathematics and cryptography as well as the practioner who needs a reference for any of the algorithms documented within.* Complete coverage of Karatsuba Multiplication, the Barrett Algorithm, Toom-Cook 3-Way Multiplication, and More * Tom St Denis is the developer of the industry standard cryptographic suite of tools called LibTom. * This book provides step-by-step exercises to enforce concepts
Architecture and Patterns for IT Service Management, Resource Planning, and Governance: Making Shoes for the Cobbler's Children
by Charles T. BetzArchitecture and Patterns for IT Service Management, Resource Planning, and Governance: Making Shoes for the Cobbler's Children provides an independent examination of developments in Enterprise Resource Planning for Information. Major companies, research firms, and vendors are offering Enterprise Resource Planning for Information Technology, which they label as ERP for IT, IT Resource Planning and related terms. This book presents on-the-ground coverage of enabling IT governance in architectural detail, which can be used to define a strategy for immediate execution. It fills the gap between high-level guidance on IT governance and detailed discussions about specific vendor technologies. It provides a unique value chain approach to integrating the COBIT, ITIL, and CMM frameworks into a coherent, unified whole. It presents a field-tested, detailed conceptual information model with definitions and usage scenarios, mapped to both process and system architectures. This book is recommended for practitioners and managers engaged in IT support in large companies, particularly those who are information architects, enterprise architects, senior software engineers, program/project managers, and IT managers/directors.
Aggressive Network Self-Defense
by Neil R. WylerOver the past year there has been a shift within the computer security world away from passive, reactive defense towards more aggressive, proactive countermeasures. Although such tactics are extremely controversial, many security professionals are reaching into the dark side of their tool box to identify, target, and suppress their adversaries. This book will provide a detailed analysis of the most timely and dangerous attack vectors targeted at operating systems, applications, and critical infrastructure and the cutting-edge counter-measures used to nullify the actions of an attacking, criminal hacker.*First book to demonstrate and explore controversial network strike back and countermeasure techniques. *Provides tightly guarded secrets to find out WHO is really attacking you over the internet. *Provides security professionals and forensic specialists with invaluable information for finding and prosecuting criminal hackers.
Scene of the Cybercrime
by Michael Cross Debra Littlejohn ShinderWhen it comes to computer crimes, the criminals got a big head start. But the law enforcement and IT security communities are now working diligently to develop the knowledge, skills, and tools to successfully investigate and prosecute Cybercrime cases. When the first edition of "Scene of the Cybercrime" published in 2002, it was one of the first books that educated IT security professionals and law enforcement how to fight Cybercrime. Over the past 5 years a great deal has changed in how computer crimes are perpetrated and subsequently investigated. Also, the IT security and law enforcement communities have dramatically improved their ability to deal with Cybercrime, largely as a result of increased spending and training. According to the 2006 Computer Security Institute's and FBI's joint Cybercrime report: 52% of companies reported unauthorized use of computer systems in the prior 12 months. Each of these incidents is a Cybecrime requiring a certain level of investigation and remediation. And in many cases, an investigation is mandates by federal compliance regulations such as Sarbanes-Oxley, HIPAA, or the Payment Card Industry (PCI) Data Security Standard. Scene of the Cybercrime, Second Edition is a completely revised and updated book which covers all of the technological, legal, and regulatory changes, which have occurred since the first edition. The book is written for dual audience; IT security professionals and members of law enforcement. It gives the technical experts a little peek into the law enforcement world, a highly structured environment where the "letter of the law" is paramount and procedures must be followed closely lest an investigation be contaminated and all the evidence collected rendered useless. It also provides law enforcement officers with an idea of some of the technical aspects of how cyber crimes are committed, and how technology can be used to track down and build a case against the criminals who commit them. Scene of the Cybercrime, Second Editions provides a roadmap that those on both sides of the table can use to navigate the legal and technical landscape to understand, prevent, detect, and successfully prosecute the criminal behavior that is as much a threat to the online community as "traditional" crime is to the neighborhoods in which we live. Also included is an all new chapter on Worldwide Forensics Acts and Laws. Companion Web site provides custom tools and scripts, which readers can download for conducting digital, forensic investigationsSpecial chapters outline how Cybercrime investigations must be reported and investigated by corporate IT staff to meet federal mandates from Sarbanes Oxley, and the Payment Card Industry (PCI) Data Security StandardDetails forensic investigative techniques for the most common operating systems (Windows, Linux and UNIX) as well as cutting edge devices including iPods, Blackberries, and cell phones
Google Hacking for Penetration Testers
by Johnny Long Bill Gardner Justin BrownThis book helps people find sensitive information on the Web.Google is one of the 5 most popular sites on the internet with more than 380 million unique users per month (Nielsen/NetRatings 8/05). But, Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web including: social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers Volume 2 shows the art of manipulating Google used by security professionals and system administrators to find this sensitive information and “self-police" their own organizations.Readers will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with MySpace, LinkedIn, and more for passive reconaissance.• Learn Google Searching BasicsExplore Google’s Web-based Interface, build Google queries, and work with Google URLs.• Use Advanced Operators to Perform Advanced QueriesCombine advanced operators and learn about colliding operators and bad search-fu.• Learn the Ways of the Google HackerSee how to use caches for anonymity and review directory listings and traversal techniques.• Review Document Grinding and Database DiggingSee the ways to use Google to locate documents and then search within the documents to locate information. • Understand Google’s Part in an Information Collection FrameworkLearn the principles of automating searches and the applications of data mining.• Locate Exploits and Finding TargetsLocate exploit code and then vulnerable targets.• See Ten Simple Security SearchesLearn a few searches that give good results just about every time and are good for a security assessment.• Track Down Web ServersLocate and profile web servers, login portals, network hardware and utilities.• See How Bad Guys Troll for DataFind ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.• Hack Google ServicesLearn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more.