Authors: Brian Komar. Ronald Beekelaar. Joern Wettern.
Paperback, 432 pages
Publisher: For Dummies
Publication Date: 2003-06-27
Edition: 2

Reviews :

    What an amazing world we live in! Almost anything you can imagine can be researched, compared, admired, studied, and in many cases, bought, with the click of a mouse. The Internet has changed our lives, putting a world of opportunity before us. Unfortunately, it has also put a world of opportunity into the hands of those whose motives are less than honorable. A firewall, a piece of software or hardware that erects a barrier between your computer and those who might like to invade it, is one solution.

If you’ve been using the Internet for any length of time, you’ve probably received some unsavory and unsolicited e-mail. If you run a business, you may be worried about the security of your data and your customers’ privacy. At home, you want to protect your personal information from identity thieves and other shady characters. Firewalls For Dummies® will give you the lowdown on firewalls, then guide you through choosing, installing, and configuring one for your personal or bus iness network.

Firewalls For Dummies®  helps you understand what firewalls are, how they operate on different types of networks, what they can and can’t do, and how to pick a good one (it’s easier than identifying that perfect melon in the supermarket.) You’ll find out about

• Developing security policies
• Establishing rules for simple protocols
• Detecting and responding to system intrusions
• Setting up firewalls for SOHO or personal use
• Creating demilitarized zones
• Using Windows or Linux as a firewall
• Configuring ZoneAlarm, BlackICE, and Norton personal firewalls
• Installing and using ISA server and FireWall-1

With the handy tips and hints this book provides, you’ll find that firewalls are nothing to fear – that is, unless you’re a cyber-crook! You’ll soon be able to keep your data safer, protect your family’s privacy, and probably sleep better, too....

    With more and more small-office and home computers being left connected to the Internet at all times, the owners of those machines are being faced with problems that used to confront only big operations. The authors of Firewalls for Dummies spread the message: everyone with a cable modem, data satellite dish, or DSL connection needs a firewall now. Thankfully, though, these guys go beyond merely showing how to set up turnkey personal firewall products--too many Dummies books explain the obvious and the generally intuitive--and reveal how to set up the sorts of firewalls that protect sizable networks. By understanding these techniques, small operators can plan for growth and improve their level of protection. What's more, this book provides a serious explanation of corporate firewall products and techniques that's appropriate for people who build and maintain big systems.

The authors generally steer away from showing how to configure specific firewall products, though a few of the biggies--Microsoft Internet Security and Acceleration Server, BlackICE, ZoneAlarm, and Check Point FireWall-1--get comparative overview coverage. Mostly, they favor more general firewall configuration strategies and techniques. These they explain with a lot of prose, a fair number of conceptual diagrams, and tables that sum up permission rules. This is a worthwhile read. --David Wall

Topics covered: Firewalls and the ways they can be deployed to prevent unauthorized access to computers and networks without interfering with the protected users' ability to get out to the Internet. A summary of networking fundamentals as they apply to firewalls is followed by coverage of network address translation (NAT), demilitarized zones (DMZs) as created by multiple or even single computers, and filtering policies....

Authors: Mike Danseglio. Robbie Allen.
Paperback, 520 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2005-12-16


Reviews :

    In the last few years, security has become a hot-button issue for IT organizations of all sizes. Accordingly, many of the security features that were either optional or suspect in Windows 2000 have become solid, effective fixtures in Windows Server 2003-making it the most secure operating system Microsoft has ever produced. That is, if you know how to configure it properly.

The Windows Server 2003 Security Cookbook wants to make sure that you do know how. Picking up right where its predecessor, the Windows Server Cookbook, left off, this desktop companion is focused solely on Windows Server security. It teaches you how to perform important security tasks in the Windows Server 2003 OS using specific and adaptable recipes. Each recipe features a brief description of the problem, a step-by-step solution, and then a discussion of the technology at work. Whenever possible, the authors even tell you where to look for further information on a recipe.

The book is written in a highly modular format, with each chapter devoted to one or more technologies that Windows Server 2003 provides. This approach allows you to look up a task or scenario that you want to accomplish, find that page, and read that particular recipe only. Topics include:

• System preparation and administration
• Protecting the computer at the TCP/IP level
• Applying security options to Active Directory
• Improving security on domain controllers
• Securing DHCP controllers
• Encrypting and signing network traffic using IPSec
• Patch management

If you're an intermediate or advanced system administrator who wants to feel secure when deploying Windows Server 2003 and its related services, then you don't want to be without the Windows Server 2003 Security Cookbook.

...

Authors: Charl Van Der Walt. HD Moore. Roelof Temmingh. Haroon Meer. Johnny Long. Chris Hurley. James Foster.
Paperback, 750 pages
Publisher: Syngress
Publication Date: 2005-12-23
Edition: 1

Reviews :

    This is the first fully integrated Penetration Testing book and bootable Linux CD containing the Auditor Security Collection which includes over 300 of the most effective and commonly used open source attack and penetration testing tools. This powerful tool kit and authoritative reference is written by the security industry's foremost penetration testers including HD Moore, Jay Beale, and SensePost. This unique package provides you with a completely portable and bootable Linux attack distribution and authoritative reference to the toolset included and the required methodology.

Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine all possible attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan and meticulously document their results. This book provides both the art and the science. The authors of the book are expert penetration testers who have developed many of the leading pen testing tools; such as the Metasploit framework. The authors allow the reader inside their heads to unravel the mysteries of thins like identifying targets, enumerating hosts, application fingerprinting, cracking passwords, and attacking exposed vulnerabilities. Along the way, the authors provide an invaluable reference to the hundreds of hijacking tools; sniffers; scanners; Web application; and vulnerability assessment tools from the bootable-Linux CD including the Metasploit Framework; ettercap, dsniff, Ethereal, Nmap, Paketto, Scanrand, Hydra, Paros, Nessus, and many more.

...

Authors: Thomas W. Shinder. Martin Grasdal.
Paperback, 1024 pages
Publisher: Syngress
Publication Date: 2004-08-01
Edition: 2nd

Reviews :

    "The Shinders’ Books Are the Final Word on All Things ISA"

?        Written by the Industry’s Most Trusted Source on ISA Server, Microsoft "Most Valuable Professionals" Tom and Deb Shinder

?        Provides a Clear Migration Path from Earlier Versions of ISA Server

Covers All New Features, Including Advanced Application-Layer Firewalls, VPNs, and Web Cache Solutions

Go Under the Hood of ISA Server 2004

Get Inside Application Layer Filtering (ALF), VPN quarantine, and SSL Bridging.

Create a Supporting Infrastructure

Make certain your network will support the ISA Server 2004 firewall and the clients for DHCP, WINS, DNS, and RADIUS.

Automate the Client Provisioning Process

Reduce administrative overhead by automating Web proxy and firewall client configurations.

Troubleshoot Upgrade Issues

Get it right the first time, including ISA Server 2000 and Microsoft Proxy Server 2.0 upgrades.

Control Access through the Firewall

Create your policy elements in advance, and use the Access Rule toolset to simplify creation of Access Rules.

Publish to all Major Internet Protocols

Includes coverage of HTTPS, FTP, NNTP, SMTP, POP3, IMAP4, VNC, pcAnywhere, Terminal Services, PPTP and L2TP/IPSec VPN servers

Control VPN Clients’ Access to Resources

For example, allow a group’s access to the Exchange Server only when using the protocols required connecting using the full Outlook MAPI client.

Provide Secure Remote Access to Exchange Servers

No Exchange Server should be deployed without an ISA Server 2004 firewall in front of it.

Speed up Web Access for Your Corporate Network Users

At the same time, reduce overall bandwidth usage on all your Internet links....

Authors:
Paperback, 540 pages
Publisher: Syngress
Publication Date: 2008-12-15
Edition: 1st

Reviews :

    This book and companion DVD provide digital forensic investigators, security professionals, and law enforcement with all of the information, tools, and utilities required to conduct forensic investigations of computers running any variant of the Macintosh OS X operating system, as well as the almost ubiquitous iPod and iPhone. Digital forensic investigators and security professionals subsequently can use data gathered from these devices to aid in the prosecution of criminal cases, litigate civil cases, audit adherence to federal regulatory compliance issues, and identify breech of corporate and government usage policies on networks. The companion DVD contains custom tools developed by the authors, which can be used in real-life digital forensic investigations.

MAC Disks, Partitioning, and HFS File System Manage multiple partitions on a disk, and understand how the operating system stores data.
FileVault and Time Machine Decrypt locked FileVault files and restore files backed up with Leopard's Time Machine.
Recovering Browser History Uncover traces of Web-surfing activity in Safari with Web cache and .plist files
Recovering Email Artifacts, iChat, and Other Chat Logs Expose communications data in iChat, Address Book, Apple's Mail, MobileMe, and Web-based email.
Locating and Recovering Photos Use iPhoto, Spotlight, and shadow files to find artifacts pof photos (e.g., thumbnails) when the originals no longer exist.
Finding and Recovering QuickTime Movies and Other Video Understand video file formats--created with iSight, iMovie, or another application--and how to find them.
PDF, Word, and Other Document Recovery Recover text documents and metadata with Microsoft Office, OpenOffice, Entourage, Adobe PDF, or other formats.
Forensic Acquisition and Analysis of an iPod Documentseizure of an iPod model and analyze the iPod image file and artifacts on a Mac.
Forensic Acquisition and Analysis of an iPhone Acquire a physical image of an iPhone or iPod Touch and safely analyze without jailbreaking.

* Companion DVD Contains Custom Materials )Movies, Spreadsheet, Code, Utilities, Etc.) That Can Be Used in a Real Digital Forensic Investigation
* Includes Unique Information about Mac OS X, iPod, iMac, and iPhone Forensic Analysis Unavailable Anywhere Else
* Authors Are Pioneering Researchers in the Field of Macintosh Forensics, with Combined Experience in Law Enforcement, Military, and Corporate Forensics...

Authors: Preston Gralla.
Paperback, 652 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2007-10-23
Edition: 1

Reviews :

    Bigger, better, and broader in scope, the Big Book of Windows Hacks gives you everything you need to get the most out of your Windows Vista or XP system, including its related applications and the hardware it runs on or connects to. Whether you want to tweak Vista's Aero interface, build customized sidebar gadgets and run them from a USB key, or hack the "unhackable" screensavers, you'll find quick and ingenious ways to bend these recalcitrant operating systems to your will.

The Big Book of Windows Hacks focuses on Vista, the new bad boy on Microsoft's block, with hacks and workarounds that also work for Windows XP. You can read each hack in just a few minutes, saving countless hours of searching for the right answer. The step-by-step instructions let you apply the solutions in no time. This book takes you beyond the operating system with hacks for applications like Internet Explorer 7 and Office 2007, and hardware such as the Zune, your wireless router, and the PC itself.

The Big Book of Windows Hacks includes:

• Expanded tutorials, new background material, a series of "quick hacks", and informative sidebars
• Security hacks, including protection at wireless hotspots, hacking Vista file permissions and user account protection, and more
• Efficiency hacks, such as tweaking your PC hardware, troubleshooting hardware problems, and speeding up system performance
• Fun hacks, like building a custom Media Center PC or turning a PC into a digital video recorder
• "Beyond Windows" hacks for running Linux inside Vista, dual-booting Linux/Windows or XP/Vista, or emulate classic video games on your PC

In all, this remarkable book contains more than 100 hacks so that the power user in you never again needs to be at the mercy of systems and hardware run by Microsoft's omnipotent Vista and XP operating systems....

Authors: Stuart McClure. Joel Scambray. George Kurtz.
Paperback, 752 pages
Publisher: McGraw-Hill Osborne Media
Publication Date: 2009-02-02
Edition: 6

Reviews :

   

The tenth anniversary edition of the world's bestselling computer security book!

The original Hacking Exposed authors rejoin forces on this new edition to offer completely up-to-date coverage of today's most devastating hacks and how to prevent them. Using their proven methodology, the authors reveal how to locate and patch system vulnerabilities. The book includes new coverage of ISO images, wireless and RFID attacks, Web 2.0 vulnerabilities, anonymous hacking tools, Ubuntu, Windows Server 2008, mobile devices, and more.

Hacking Exposed 6 applies the authors' internationally renowned computer security methodologies, technical rigor, and "from-the-trenches" experience to make computer technology usage and deployments safer and more secure for businesses and consumers.

"A cross between a spy novel and a tech manual." --Mark A. Kellner, Washington Times

Andquot;The seminal book on white-hat hacking and countermeasures . . . Should be required reading for anyone with a server or a network to secure.Andquot; --Bill Machrone, PC Magazine

Andquot;A must-read for anyone in security . . . One of the best security books available.Andquot; --Tony Bradley, CISSP, About.com

....

Authors: Scott Barman.
Paperback, 240 pages
Publisher: Sams
Publication Date: 2001-11-12


Reviews :

    Administrators, more technically savvy than their managers, have started to secure the networks in a way they see as appropriate. When management catches up to the notion that security is important, system administrators have already altered the goals and business practices. Although they may be grateful to these people for keeping the network secure, their efforts do not account for all assets and business requirementsFinally, someone decides it is time to write a security policy. Management is told of the necessity of the policy document, and they support its development. A manager or administrator is assigned to the task and told to come up with something, and fast!Once security policies are written, they must be treated as living documents. As technology and business requirements change, the policy must be updated to reflect the new environment--at least one review per year. Additionally, policies must include provisions for security awareness and enforcement while not impeding corporate goals. This book serves as a guide to writing and maintaining these all-important security policies....

Authors: Jesper M. Johansson. Steve Riley.
Paperback, 608 pages
Publisher: Addison-Wesley Professional
Publication Date: 2005-05-30

Authors: Rich Cannings. Himanshu Dwivedi. Zane Lackey.
Paperback, 258 pages
Publisher: McGraw-Hill Osborne Media
Publication Date: 2007-12-17
Edition: 1

Reviews :

   

Lock down next-generation Web services

"This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook

Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You'll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings.

• Plug security holes in Web 2.0 implementations the proven Hacking Exposed way
• Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms
• Prevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacks
• Circumvent XXE, directory traversal, and buffer overflow exploits
• Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls
• Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons
• Use input validators and XML classes to reinforce ASP and .NET security
• Eliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications
• Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls
• Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks 
  
  

...