Authors: Markus Jakobsson. Zulfikar Ramzan.
Paperback, 608 pages
Publisher: Addison-Wesley Professional
Publication Date: 2008-04-16
Edition: 1

Reviews :

   

“This book is the most current and comprehensive analysis of the state of Internet security threats right now. The review of current issues and predictions about problems years away are critical for truly understanding crimeware. Every concerned person should have a copy and use it for reference.”

—Garth Bruen, Project KnujOn Designer

 

There’s a new breed of online predators—serious criminals intent on stealing big bucks and top-secret information—and their weapons of choice are a dangerous array of tools called “crimeware.” With an ever-growing number of companies, organizations, and individuals turning to the Internet to get things done, there’s an urgent need to understand and prevent these online threats.

 

Crimeware: Understanding New Attacks and Defenses will help security professionals, technical managers, students, and researchers understand and prevent specific crimeware threats. This book guides you through the essential security principles, techniques, and countermeasures to keep you one step ahead of the criminals, regardless of evolving technology and tactics. Security experts Markus Jakobsson and Zulfikar Ramzan have brought together chapter contributors who are among the best and the brightest in the security industry. Together, they will help you understand how crimeware works, how to identify it, and how to prevent future attacks before your company’s valuable information falls into the wrong hands. In self-contained chapters that go into varying degrees of depth, the book provides a thorough overview of crimeware, including not only concepts prevalent in the wild, but also ideas that so far have only been seen inside the laboratory.

 

With this book, you will 

• Understand current and emerging security threats including rootkits, bot networks, spyware, adware, and click fraud
• Recognize the interaction between various crimeware threats
• Gain awareness of the social, political, and legal implications of these threats
• Learn valuable countermeasures to stop crimeware in its tracks, now and in the future
• Acquire insight into future security trends and threats, and create an effective defense plan

With contributions by Gary McGraw, Andrew Tanenbaum, Dave Cole, Oliver Friedrichs, Peter Ferrie, and others.

...

Authors: Robert Stephens. Barry Stiefel. Stephen Watkins. Simon Desmeules. Eli Faskha.
Paperback, 608 pages
Publisher: Syngress
Publication Date: 2005-10-01
Edition: 1

Reviews :

    Configuring Check Point NGX VPN-1/FireWall-1 is the perfect reference for anyone migrating from earlier versions of Check Point's flagship firewall/VPN product as well as those deploying VPN-1/FireWall-1 for the first time. This book covers all of NGX's dramatic changes and new, enhanced features. You'll learn how to secure the integrity of your network's data, communications, and applications from a multitude of blended threats. Protect your network against breaches of its perimeter and Internet access points. Also, learn to recognize and prevent internal threats. Written by an all-star team of Check Point-Certified experts, this is the only book you will need to securely and efficiently deploy, troubleshoot, and maintain Check Point NGX. This book is also the perfect complementary study tool for Check Point's certification exams....

Authors: Joey Hirao. Mimi Choi. Perry Cox. Steven Passer.
Paperback, 392 pages
Publisher: Syngress
Publication Date: 2008-11-28
Edition: 1st

Reviews :

    Throughout the world, high-profile large organizations (aerospace and defense, automotive, banking, chemicals, financial service providers, healthcare, high tech, insurance, oil and gas, pharmaceuticals, retail, telecommunications, and utilities) and governments are using SAP software to process their most mission-critical, highly sensitive data. With more than 100,000 installations, SAP is the world's largest enterprise software company and the world's third largest independent software supplier overall.

Despite this widespread use, there have been very few books written on SAP implementation and security, despite a great deal of interest. (There are 220,000 members in an on-line SAP 'community' seeking information, ideas and tools on the IT Toolbox Website alone.) Managing SAP user authentication and authorizations is becoming more complex than ever, as there are more and more SAP products involved that have very different access issues. It's a complex area that requires focused expertise.

This book is designed for these network and systems administrator who deal with the complexity of having to make judgmental decisions regarding enormously complicated and technical data in the SAP landscape, as well as pay attention to new compliance rules and security regulations.

Most SAP users experience significant challenges when trying to manage and mitigate the risks in existing or new security solutions and usually end up facing repetitive, expensive re-work and perpetuated compliance challenges. This book is designed to help them properly and efficiently manage these challenges on an ongoing basis. It aims to remove the 'Black Box' mystique that surrounds SAP security.

* The most comprehensive coverage of the essentials of SAP security currently available: risk and control management, identity and access management, data protection and privacy, corporate governance, legal and regulatory compliance.

* This book contains information about SAP security that is not available anywhere else to help the reader avoid the "gotchas" that may leave them vulnerable during times of upgrade or other system changes

*Companion Web site provides custom SAP scripts, which readers can download to install, configure and troubleshoot SAP....

Authors: Alexander R. Galloway.
Paperback, 286 pages
Publisher: The MIT Press
Publication Date: 2006-04-01


Reviews :

    Is the Internet a vast arena of unrestricted communication and freely exchanged information or a regulated, highly structured virtual bureaucracy? In Protocol, Alexander Galloway argues that the founding principle of the Net is control, not freedom, and that the controlling power lies in the technical protocols that make network connections (and disconnections) possible. He does this by treating the computer as a textual medium that is based on a technological language, code. Code, he argues, can be subject to the same kind of cultural and literary analysis as any natural language; computer languages have their own syntax, grammar, communities, and cultures. Instead of relying on established theoretical approaches, Galloway finds a new way to write about digital media, drawing on his backgrounds in computer programming and critical theory. "Discipline-hopping is a necessity when it comes to complicated socio-technical topics like protocol," he writes in the preface.

Galloway begins by examining the types of protocols that exist, including TCP/IP, DNS, and HTML. He then looks at examples of resistance and subversion—hackers, viruses, cyberfeminism, Internet art—which he views as emblematic of the larger transformations now taking place within digital culture. Written for a nontechnical audience, Protocol serves as a necessary counterpoint to the wildly utopian visions of the Net that were so widespread in earlier days....

Authors: David Rice.
Hardcover, 384 pages
Publisher: Addison-Wesley Professional
Publication Date: 2007-12-09
Edition: 1

Reviews :

   

“The clarity of David’s argument and the strength of his conviction are truly inspiring. If you don’t believe the world of software affects the world in which you live, you owe it to yourself to read this book.”
–Lenny Zeltzer, SANS Institute faculty member and the New York Security Consulting Manager at Savvis, Inc.

 

“Geekonomics stays with you long after you finish reading the book. You will reconsider every assumption you have had about software costs and benefits.”
–Slava Frid, Gemini Systems, CTO, Resilience Technology Solutions

 

“Information Security is an issue that concerns governments, companies and, increasingly, citizens. Are the computer systems and software to which we entrust our sensitive and critical information, technologies that are out of control? David Rice has written an important and welcome book that goes to the heart of this issue, and points to solutions that society as a whole needs to debate and embrace.”
–Nick Bleech, IT Security Director, Rolls-Royce

 

“If you are dependent upon software (and of course, all of us in the modern world are) this book is a fabulous discussion of how and why we should worry.”
–Becky Bace

 

The Real Cost of Insecure Software

•   In 1996, software defects in a Boeing 757 caused a crash that killed 70 people…

•   In 2003, a software vulnerability helped cause the largest U.S. power outage in decades…

•   In 2004, known software weaknesses let a hacker invade T-Mobile, capturing everything from passwords to Paris Hilton’s photos…

•   In 2005, 23,900 Toyota Priuses were recalled for software errors that could cause the cars to shut down at highway speeds…

•   In 2006 dubbed “The Year of Cybercrime,” 7,000 software vulnerabilities were discovered that hackers could use to access private information…

•   In 2007, operatives in two nations brazenly exploited software vulnerabilities to cripple the infrastructure and steal trade secrets from other sovereign nations…

Software has become crucial to the very survival of civilization. But badly written, insecure software is hurting people–and costing businesses and individuals billions of dollars every year. This must change. In Geekonomics, David Rice shows how we can change it.

 

Rice reveals why the software industry is rewarded for carelessness, and how we can revamp the industry’s incentives to get the reliability and security we desperately need and deserve. You’ll discover why the software industry still has shockingly little accountability–and what we must do to fix that.

Brilliantly written, utterly compelling, and thoroughly realistic, Geekonomics is a long-overdue call to arms. Whether you’re software user, decision maker, employee, or business owner this book will change your life…or even save it.

 

The Alarming Cost of Insecure, Badly Written Software...

and How to Finally Fix the Problem, Once and for All!

 

Six billion crash test dummies: why you’re at greater risk than you ever imagined.

You pay the price: why consumers are legally and financially responsible for the mistakes of software manufacturers.

Broken windows: how software promotes epidemic cyber crime and threatens national security.

Who runs the show?: Why software manufacturers fought against the U.S. Food and Drug Administration’s attempts to protect the U.S. blood supply.

Protecting national infrastructure: real incentives for transforming software manufacturing.

Surviving the information superhighway: practical, must-read advice in a world of insecure code.

 

Preface xiii

Acknowledgments xix

About the Author xx

 

Chapter 1: The Foundation of Civilization 1

Chapter 2: Six Billion Crash Test Dummies: Irrational Innovation and Perverse Incentives 19

Chapter 3: The Power of Weaknesses: Broken Windows and National Security 73

Chapter 4: Myopic Oversight: Blinded by Speed, Baffled by Churn 131

Chapter 5: Absolute Immunity: You Couldn’t Sue Us Even If You Wanted To 179

Chapter 6: Open Source Software: Free, But at What Cost? 243

Chapter 7: Moving Forward: Rational Incentives for a Different Future 273

 

Epilogue 321

Notes 325

Index 341

 

 

...

Authors: Mark Egan. Tim Mather.
Paperback, 288 pages
Publisher: Addison-Wesley Professional
Publication Date: 2004-12-10


Reviews :

    The book provides a pragmatic approach to evaluating security at a companyand putting together an effective information security program. The bookfocuses on three key themes; People, Processes, and Technology and isorganized according to the steps executives would follow in order to developan information security program for their company. Key elements of theprogram include staffing this function at a company, putting the necessaryinternal processes in place, and implementing the appropriate technology.Business executives will find this book a good primer for understanding the keyexisting and future security issues, and for taking the necessary action to ensurethe protection of their enterprise's information assets.The objective of this book is to provide a "short cut" for executives to learnmore about information security and how it will affect their business in thefuture. An overview of information security concepts is provided, so they canbe better prepared to evaluate how their company is addressing informationsecurity....

Authors: Ronald L. Krutz. Russell Dean Vines. Edward M. Stroz.
Hardcover, 528 pages
Publisher: Wiley
Publication Date: 2001-08-24
Edition: 1

Reviews :

    With the growing threat of computer viruses and Internet security breaches, companies are fiercely headhunting for CISSP certified security professionals. The industry standard test on IT security, the Certified Information Systems Security Professionals (CISSP) exam is administered 16 times per year throughout the U.S. and Europe. This book serves both as a prep guide for IT professionals seeking to advance their careers through CISSP certification and as a reference for readers who need a fundamental end-to-end security reference book. Co-authored by Ronald Krutz, this handy guide explains the ten security domains covered by the exam, from security management to cryptography to disaster recovery planning to legal and ethical issues. Sample questions and answers are also included....

    The Certified Information Systems Security Professional (CISSP) rating is difficult to earn and rare in the marketplace, which means you're a valuable commodity if you've proven your skills by passing the exam. The CISSP Prep Guide, one of only a handful of books on its subject, does a good job of giving readers a feel for the scope of the test and the style of its questions. It's ideal for use either as a preliminary survey of the CISSP subject areas (the test's publisher and the authors of this book call them "domains") for relative newcomers to computer security, or as a pure study guide to help more experienced professionals zero in on the weak spots in their knowledge. Don't expect to do well on the CISSP exam having only read this book. You'll want to have some practical experience and some specialized reading under your belt.

Ronald Krutz and Russell Vines are good writers and fine teachers; they explain the wide-ranging CISSP domains (which have to do with everything from cryptographic algorithms to fire-suppression techniques to legal principles). They take care to explain potentially unfamiliar terms--there's a good glossary in the back of this book--and employ conceptual diagrams well. However, the answer keys for the sample questions that conclude each chapter aren't annotated and some readers will wish for more references to specialized sources. --David Wall

Topics covered: The subjects covered by the Certified Information Systems Security Professional (CISSP) exam published by the International Information Systems Security Certification Consortium, including cryptography, access control, security policy, legal matters, and the physical safety of information, equipment, and people....

Authors: Thomas W Shinder. Debra Littlejohn Shinder. Adrian F. Dimcev. James Eaton-Lee. Jason Jones. Steve Moffat.
Paperback, 637 pages
Publisher: Syngress
Publication Date: 2007-08-08
Edition: Updated

Reviews :

    Dr. Tom Shinder's ISA Server 2006 Migration Guide provides a clear, concise, and thorough path to migrate from previous versions of ISA Server to ISA Server 2006. ISA Server 2006 is an incremental upgrade from ISA Server 2004, this book provides all of the tips and tricks to perform a successful migration, rather than rehash all of the features which were rolled out in ISA Server 2004. Also, learn to publish Exchange Server 2007 with ISA 2006 and to build a DMZ.

* Highlights key issues for migrating from previous versions of ISA Server to ISA Server 2006.
* Learn to Publish Exchange Server 2007 Using ISA Server 2006.
* Create a DMZ using ISA Server 2006.

* Dr. Tom Shinder's previous two books on configuring ISA Server have sold more than 50,000 units worldwide.
* Dr. Tom Shinder is a Microsoft Most Valuable Professional (MVP) for ISA Server and a member of the ISA Server beta testing team.
* This book will be the "Featured Product" on the Internet's most popular ISA Server site www.isaserver.org....

Authors: Matt Fearnow. Stephen Northcutt. Karen Frederick. Mark Cooper.
Paperback, 448 pages
Publisher: Sams
Publication Date: 2001-01-29


Reviews :

    Intrusion Signatures and Analysis opens with an introduction into the format of some of the more common sensors and then begins a tutorial into the unique format of the signatures and analyses used in the book. After a challenging four-chapter review, the reader finds page after page of signatures, in order by categories. Then the content digs right into reaction and responses covering how sometimes what you see isn¿t always what is happening. The book also covers how analysts can spend time chasing after false positives. Also included is a section on how attacks have shut down the networks and web sites of Yahoo, and E-bay and what those attacks looked like. Readers will also find review questions with answers throughout the book, to be sure they comprehend the traces and material that has been covered....

    Stephen Northcutt and his coauthors note in the superb Intrusion Signatures and Analysis that there's really no such thing as an attack that's never been seen before. The book documents scores of attacks on systems of all kinds, showing exactly what security administrators should look for in their logs and commenting on attackers' every significant command. This is largely a taxonomy of hacker strategies and the tools used to implement them. As such, it's an essential tool for people who want to take a scientific, targeted approach to defending information systems. It's also a great resource for security experts who want to earn their Certified Intrusion Analyst ratings from the Global Incident Analysis Center (GIAC)--it's organized, in part, around that objective.

The book typically introduces an attack strategy with a real-life trace--usually attributed to a real administrator--from TCPdump, Snort, or some sort of firewall (the trace's source is always indicated). The trace indicates what is happening (i.e., what weakness the attacker is trying to exploit) and the severity of the attack (using a standard metric that takes into account the value of the target, the attack's potential to do damage, and the defenses arrayed against the attack). The attack documentation concludes with recommendations on how defenses could have been made stronger. These pages are great opportunities to learn how to read traces and take steps to strengthen your systems' defenses.

The book admirably argues that security administrators should take some responsibility for the greater good of the Internet by, for example, using egress filtering to prevent people inside their networks from spoofing their source address (thus defending other networks from their own users' malice). The authors (and the community of white-hat security specialists that they represent) have done and continue to do a valuable service to all Internet users. Supplement this book with Northcutt's excellent Network Intrusion Detection, which takes a more general approach to log analysis and is less focused on specific attack signatures. --David Wall

Topics covered:

• External attacks on networks and hosts, as they appear to administrators and detection systems monitoring log files
• How to read log files generally
• How to report attacks and interact with the global community of good-guy security specialists
• The most commonplace critical security weaknesses
• Traces that document reconnaissance probes
• Denial-of-service attacks
• Trojans
• Overflow attacks
• Other black-hat strategies

...

Authors: Markus Feilner.
Paperback, 258 pages
Publisher: Packt Publishing
Publication Date: 2006-11-05


Reviews :

    This book is a comprehensive guide to using OpenVPN for building both secure VPNs. The book is written in a very friendly style that makes this complex topic easy and a joy to read. It first covers basic VPN concepts, then moves to introduce basic OpenVPN configurations, before covering advanced uses of OpenVPN. It's suitable for both experienced and new OpenVPN users.

OpenVPN is a powerful, open source SSL VPN application. It can secure site-to-site connections, WiFi and enterprise-scale remote connections. While being a full-featured VPN solution, OpenVPN is easy to use and does not suffer from the complexity that characterizes other IPSec VPN implementations. It uses the secure and stable TLS/SSL mechanisms for authentication and encryption.

This book is an easy introduction to this popular VPN application. After introducing the basics of security and VPN, the book moves on to cover using OpenVPN, from installing it on various platforms, through configuring basic tunnels, to more advanced features, such as using the application with firewalls, routers, proxy servers, and OpenVPN scripting. While providing the necessary theoretical background, the book takes a practical approach, presenting plenty of examples.

What you will learn from this book

Chapter 1 looks at what VPNs are, how they evolved during the last decade, why it is necessary to modern Benterprises, how typical VPNs work. The chapter also covers some essential networking concepts.

Chapter 2 explains VPN security issues, including symmetric and asymmetric encryption, the SSL/TLS library, and SSL certificates.

Chapter 3 introduces OpenVPN. In this chapter, we learn about the history of OpenVPN, how OpenVPN works, and how OpenVPN compares to IPSec VPN applications.

Chapter 4 covers installing OpenVPN on both Windows, the Mac, Linux, and FreeBSD. It covers the installation on Linux from the source code and RPM packages. Installation on Suse and Debian is covered in detail.

Chapter 5. Here an encryption key for OpenVPN is created and it is then used to setup up our first OpenVPN Tunnel between two windows systems in the same network. The key is then copied on a Linux system and this system is connected through a tunnel to the first windows machine.

Chapter 6 shows how to create x509 server and client certificates for use with OpenVPN. easy-rsa which comes with OpenVPN and is available for both Windows and Linux is used.

Chapter 7 reviews the syntax of the command line tool openvpn, which enables building tunnels quickly. The configuration options of openvpn are covered in detail with examples.

Chapter 8 shows how to make the example tunnels created earlier safer and persistent by choosing a reliable combination of configuration file parameters. It then covers how to configure firewalls on Linux and Windows to work with OpenVPN.

Chapter 9 focuses on using xca, the advanced Windows tool with which x509 certificates can be easily managed. Its Linux equivalent, Tinyca2, which can even manage multiple certificate authorities, is also covered.

Chapter 10 covers advanced OpenVPN configurations, including Tunneling through a proxy server, pushing routing commands to clients, pushing and setting the default route through a tunnel, Distributed compilation through VPN tunnels with distcc, and OpenVPN scripting.

Chapter 11 shows how to debug and monitor VPN tunnels. It covers standard networking tools that can be used for scanning and testing the connectivity of a VPN server.

Who this book is written for

Network administrators and any one who is interested in building secure VPNs using OpenVPN. It presumes basic knowledge of Linux, but no knowledge of VPNs is required. All basic VPN and relevant security concepts are covered....