Authors: Dr K.
Paperback, 256 pages
Publisher: Carlton Publishing Group
Publication Date: 2008-08-01
Edition: Expanded, Revised, Updated ed.

Reviews :

    This expanded, revised and updated edition of The Hackers Handbook 3.0 looks at the whole phenomenon of hacking, from its beginnings in the computer networks of the early 80s, through some of the legendary hackers and their exploits, to the basic tools that hackers use todayand how to guard against them, or apply them yourself to start learning the art of information retrieval. All the different areas of hacking are clearly discussed, along with their implications, what is at stake, ways to protect against potential damage, and how to try them out for yourself. There is also a full range of hints and tips for getting the most out of the basic Internet tools we all use, such as email, the World Wide Web, and more....

Authors: Bill McCarty.
Paperback, 254 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2004-10-11


Reviews :

    The intensive search for a more secure operating system has often left everyday, production computers far behind their experimental, research cousins. Now SELinux (Security Enhanced Linux) dramatically changes this. This best-known and most respected security-related extension to Linux embodies the key advances of the security field. Better yet, SELinux is available in widespread and popular distributions of the Linux operating system--including for Debian, Fedora, Gentoo, Red Hat Enterprise Linux, and SUSE--all of it free and open source. SELinux emerged from research by the National Security Agency and implements classic strong-security measures such as role-based access controls, mandatory access controls, and fine-grained transitions and privilege escalation following the principle of least privilege. It compensates for the inevitable buffer overflows and other weaknesses in applications by isolating them and preventing flaws in one application from spreading to others. The scenarios that cause the most cyber-damage these days--when someone gets a toe-hold on a computer through a vulnerability in a local networked application, such as a Web server, and parlays that toe-hold into pervasive control over the computer system--are prevented on a properly administered SELinux system. The key, of course, lies in the words "properly administered." A system administrator for SELinux needs a wide range of knowledge, such as the principles behind the system, how to assign different privileges to different groups of users, how to change policies to accommodate new software, and how to log and track what is going on. And this is where SELinux is invaluable. Author Bill McCarty, a security consultant who has briefed numerous government agencies, incorporates his intensive research into SELinux into this small but information-packed book. Topics include:

• A readable and concrete explanation of SELinux concepts and the SELinux security model
• Installation instructions for numerous distributions
• Basic system and user administration
• A detailed dissection of the SELinux policy language
• Examples and guidelines for altering and adding policies

With SELinux, a high-security computer is within reach of any system administrator. If you want an effective means of securing your Linux system--and who doesn't?--this book provides the means....

Authors: Eric Vyncke. Christopher Paggen.
Paperback, 360 pages
Publisher: Cisco Press
Publication Date: 2007-09-16
Edition: 1

Reviews :

   

LAN Switch Security: What Hackers Know About Your Switches

A practical guide to hardening Layer 2 devices and stopping campus network attacks

Eric Vyncke

Christopher Paggen, CCIE® No. 2659

Contrary to popular belief, Ethernet switches are not inherently secure. Security vulnerabilities in Ethernet switches are multiple: from the switch implementation, to control plane protocols (Spanning Tree Protocol [STP], Cisco® Discovery Protocol [CDP], and so on) and data plane protocols, such as Address Routing Protocol (ARP) or Dynamic Host Configuration Protocol (DHCP). LAN Switch Security explains all the vulnerabilities in a network infrastructure related to Ethernet switches. Further, this book shows you how to configure a switch to prevent or to mitigate attacks based on those vulnerabilities. This book also includes a section on how to use an Ethernet switch to increase the security of a network and prevent future attacks.

Divided into four parts, LAN Switch Security provides you with steps you can take to ensure the integrity of both voice and data traffic traveling over Layer 2 devices. Part I covers vulnerabilities in Layer 2 protocols and how to configure switches to prevent attacks against those vulnerabilities. Part II addresses denial-of-service (DoS) attacks on an Ethernet switch and shows how those attacks can be mitigated. Part III shows how a switch can actually augment the security of a network through the utilization of wirespeed access control list (ACL) processing and IEEE 802.1x for user authentication and authorization. Part IV examines future developments from the LinkSec working group at the IEEE. For all parts, most of the content is vendor independent and is useful for all network architects deploying Ethernet switches.

After reading this book, you will have an in-depth understanding of LAN security and be prepared to plug the security holes that exist in a great number of campus networks.

Eric Vyncke has a master’s degree in computer science engineering from the University of Liège in Belgium. Since 1997, Eric has worked as a Distinguished Consulting Engineer for Cisco, where he is a technical consultant for security covering Europe. His area of expertise for 20 years has been mainly security from Layer 2 to applications. He is also guest professor at Belgian universities for security seminars.

Christopher Paggen, CCIE® No. 2659, obtained a degree in computer science from IESSL in Liège (Belgium) and a master’s degree in economics from University of Mons-Hainaut (UMH) in Belgium. He has been with Cisco since 1996 where he has held various positions in the fields of LAN switching and security, either as pre-sales support, post-sales support, network design engineer, or technical advisor to various engineering teams. Christopher is a frequent speaker at events, such as Networkers, and has filed several U.S. patents in the security area.

Contributing Authors:

Jason Frazier is a technical leader in the Technology Systems Engineering group for Cisco.

Steinthor Bjarnason is a consulting engineer for Cisco.

Ken Hook is a switch security solution manager for Cisco.

Rajesh Bhandari is a technical leader and a network security solutions architect for Cisco.

• Use port security to protect against CAM attacks

• Prevent spanning-tree attacks

• Isolate VLANs with proper configuration techniques

• Protect against rogue DHCP servers

• Block ARP snooping

• Prevent IPv6 neighbor discovery and router solicitation exploitation

• Identify Power over Ethernet vulnerabilities

• Mitigate risks from HSRP and VRPP

• Stop information leaks with CDP, PaGP, VTP, CGMP and other Cisco ancillary protocols

• Understand and prevent DoS attacks against switches

• Enforce simple wirespeed security policies with ACLs

• Implement user authentication on a port base with IEEE 802.1x

• Use new IEEE protocols to encrypt all Ethernet frames at wirespeed.

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

Category: Cisco Press—Security

Covers: Ethernet Switch Security

$60.00 USA / $69.00 CAN

LAN Switch Security: What Hackers Know About Your Switches

A practical guide to hardening Layer 2 devices and stopping campus network attacks

Eric Vyncke

Christopher Paggen, CCIE® No. 2659

Contrary to popular belief, Ethernet switches are not inherently secure. Security vulnerabilities in Ethernet switches are multiple: from the switch implementation, to control plane protocols (Spanning Tree Protocol [STP], Cisco® Discovery Protocol [CDP], and so on) and data plane protocols, such as Address Routing Protocol (ARP) or Dynamic Host Configuration Protocol (DHCP). LAN Switch Security explains all the vulnerabilities in a network infrastructure related to Ethernet switches. Further, this book shows you how to configure a switch to prevent or to mitigate attacks based on those vulnerabilities. This book also includes a section on how to use an Ethernet switch to increase the security of a network and prevent future attacks.

Divided into four parts, LAN Switch Security provides you with steps you can take to ensure the integrity of both voice and data traffic traveling over Layer 2 devices. Part I covers vulnerabilities in Layer 2 protocols and how to configure switches to prevent attacks against those vulnerabilities. Part II addresses denial-of-service (DoS) attacks on an Ethernet switch and shows how those attacks can be mitigated. Part III shows how a switch can actually augment the security of a network through the utilization of wirespeed access control list (ACL) processing and IEEE 802.1x for user authentication and authorization. Part IV examines future developments from the LinkSec working group at the IEEE. For all parts, most of the content is vendor independent and is useful for all network architects deploying Ethernet switches.

After reading this book, you will have an in-depth understanding of LAN security and be prepared to plug the security holes that exist in a great number of campus networks.

Eric Vyncke has a master’s degree in computer science engineering from the University of Liège in Belgium. Since 1997, Eric has worked as a Distinguished Consulting Engineer for Cisco, where he is a technical consultant for security covering Europe. His area of expertise for 20 years has been mainly security from Layer 2 to applications. He is also guest professor at Belgian universities for security seminars.

Christopher Paggen, CCIE® No. 2659, obtained a degree in computer science from IESSL in Liège (Belgium) and a master’s degree in economics from University of Mons-Hainaut (UMH) in Belgium. He has been with Cisco since 1996 where he has held various positions in the fields of LAN switching and security, either as pre-sales support, post-sales support, network design engineer, or technical advisor to various engineering teams. Christopher is a frequent speaker at events, such as Networkers, and has filed several U.S. patents in the security area.

Contributing Authors:

Jason Frazier is a technical leader in the Technology Systems Engineering group for Cisco.

Steinthor Bjarnason is a consulting engineer for Cisco.

Ken Hook is a switch security solution manager for Cisco.

Rajesh Bhandari is a technical leader and a network security solutions architect for Cisco.

• Use port security to protect against CAM attacks

• Prevent spanning-tree attacks

• Isolate VLANs with proper configuration techniques

• Protect against rogue DHCP servers

• Block ARP snooping

• Prevent IPv6 neighbor discovery and router solicitation exploitation

• Identify Power over Ethernet vulnerabilities

• Mitigate risks from HSRP and VRPP

  ......
  
  

Authors: Dave Kleiman. Craig Wright. Jesse "James" Varsalone. Timothy Clinton. Michael Gregg.
Paperback, 512 pages
Publisher: Syngress
Publication Date: 2007-10-08
Edition: Stg

Reviews :

    This is the only official, EC-Council-endorsed CHFI (Computer Hacking Forensics Investigator) study guide. It was written for security professionals, systems administrators, IT consultants, legal professionals, IT managers, police and law enforcement personnel studying for the CHFI certification, and professionals needing the skills to identify an intruder's footprints and properly gather the necessary evidence to prosecute. Key features include:

. The Only Official Study Guide for CHFI
Provides 100% coverage of all exam objectives.
. Full Web-based Exam
Modeled after the real exam, it also includes explanations of correct and incorrect answers.
. Exam Objectives
Each is clearly explained at the beginning of the chapter.
. Notes and Alerts
Highlight crucial points of the exam modules.
. Exam Objectives Fast Track
Bulleted highlights emphasize the important points from the exam's perspective at the end of the chapter.
. Key Terms
All concepts are defined and explained as they appear.
. Exam Objectives Frequently Asked Questions
Test what you have learned by reading FAQs based on the material covered in the chapter. Log on to the Syngress Web site to access review questions based on the exam....

Authors: Alan Calder.
Paperback, 120 pages
Publisher: IT Governance Ltd
Publication Date: 2006-01-01


Reviews :

    ISO 27001:2005 replaced the information security standard BS7799-2 from October 2005. Read the world's first practical guidance on achieving ISO 27001 certification and the 9 essential steps to an effective ISMS implementation - 9 critical steps that are the absolute difference between project success and abject failure. Contents include: . how to get management and board buy-in; . how to get cross-organizational, cross functional buy-in; . the gap analysis: how much do you really need to do? . how to integrate with ISO9001 and other management systems; . use consultants or do it youself? . the PDCA cycle; . risk assessment methodologies and tools; . the documentation challenges; Alan Calder, the author of "IT Governance: a Manager's Guide to Data Protection and BS7799/ISO17799", led one of the first successful BS7799 certification efforts in the world. He also belongs to the committee of experts of a global certification body. This book contains the experience and secrets drawn from many successful BS7799 implementations...

Authors: Roger A. Grimes. Jesper M. Johansson.
Paperback, 582 pages
Publisher: Wiley
Publication Date: 2007-07-02


Reviews :

    Written by two veteran Windows security experts—one a Microsoft Security MVP and Foundstone Security Consultant, and the other a former senior member of Microsoft's Security Engineering Team—this essential resource prepares end users and technical administrators to handle various security problems that exist in Windows Vista as well as possible future threats. Offering in-depth coverage of all significant new security technologies in Windows Vista, this book addresses User Account Control, the new Firewall, Internet Explorer 7.0, Windows Defender, Service Hardening, and BitLocker....

Authors: John Viega. Gary McGraw.
Hardcover, 528 pages
Publisher: Addison-Wesley Professional
Publication Date: 2001-10-04


Reviews :

    In the age of e-Business, information security is no longer a minor detail: it's at the heart of every business process and relationship. And software -- not firewalls, intrusion detection systems, or anything else -- is at the heart of most security problems. In Building Secure Software, two of the field's leading experts present a start-to-finish methodology for developing secure systems. They cover the entire software lifecycle, showing how to identify and respond to vulnerabilities as early in the process as possible, when security enhancements cost less -- and are more effective. In Part I, the authors focus on the security issues developers should face before writing any code, demonstrating how to integrate security into your entire software engineering practice. Part II focuses on implementation, showing developers how to avoid a wide range of common security problems. Viega and McGraw show how to determine acceptable levels of risk, develop effective security testing processes, and understand in advance how applications would behave in response to an attack. The book contains extensive C-based source code examples....

Authors: Debra S. Herrmann.
Hardcover, 848 pages
Publisher: Auerbach Publications
Publication Date: 2007-01-22
Edition: 1

Reviews :

    While it has become increasingly apparent that individuals and organizations need a security metrics program, it has been exceedingly difficult to define exactly what that means in a given situation. There are hundreds of metrics to choose from and an organization’s mission, industry, and size will affect the nature and scope of the task as well as the metrics and combinations of metrics appropriate to accomplish it. Finding the correct formula for a specific scenario calls for a clear concise guide with which to navigate this sea of information.

Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI defines more than 900 ready to use metrics that measure compliance, resiliency, and return on investment. The author explains what needs to be measured, why and how to measure it, and how to tie security and privacy metrics to business goals and objectives. The book addresses measuring compliance with current legislation, regulations, and standards in the US, EC, and Canada including Sarbanes-Oxley, HIPAA, and the Data Protection Act-UK. The metrics covered are scaled by information sensitivity, asset criticality, and risk, and aligned to correspond with different lateral and hierarchical functions within an organization. They are flexible in terms of measurement boundaries and can be implemented individually or in combination to assess a single security control, system, network, region, or the entire enterprise at any point in the security engineering lifecycle. The text includes numerous examples and sample reports to illustrate these concepts and stresses a complete assessment by evaluating the interaction and interdependence between physical, personnel, IT, and operational security controls.

Bringing a wealth of complex information into comprehensible focus, this book is ideal for corporate officers, security managers, internal and independent auditors, and system developers and integrators....

Authors: Steven Levy.
Hardcover, 352 pages
Publisher: Viking Adult
Publication Date: 2001-01


Reviews :

    From the author who made "hackers" a household word, a groundbreaking book about the most hotly debated subject of the digital age.

Crypto is about privacy in the information age and about the nerds and visionaries who, nearly twenty years ago, predicted that the Internet's greatest virtue-free access to information-was also its most perilous drawback: a possible end to privacy.

Levy explores what turned out to be a decisive development in the crypto wars: the unlikely alliance between the computer geeks and big business as they fought the government's stranglehold on the keys to information in a networked world.

The players come alive here in a narrative that reads like the best of futuristic spy fiction. There is Whit Diffie, the long-haired Newton of crypto who invented the astounding "public key"solution; David Chaum, whose "anony-mous digital money"actually threatened the global financial infrastructure; and "cypherpunks"like Phil Zimmermann, who freely distributed military-strength codes under the nose of the U. S. government. There is also the first behind-the-scenes account of what the secretive National Security Agency really had in mind when it created the controversial "clipper chip"-and how the Clinton administration bungled the operation.

Cryptography-the use of secret codes-has traditionally been the province of puzzle geeks and government spies. But just in time for the Internet-which radically alters the way we share information-a band of outsiders triggered a revolution in this once-cloistered field. But this was a revolution that the government wanted to kill.......

    If the National Security Agency (NSA) had wanted to make sure that strong encryption would reach the masses, it couldn't have done much better than to tell the cranky geniuses of the world not to do it. Author Steven Levy, deservedly famous for his enlightening Hackers, tells the story of the cypherpunks, their foes, and their allies in Crypto: How the Code Rebels Beat the Government. From the determined research of Whitfield Diffie and Marty Hellman, in the face of the NSA's decades-old security lock, to the commercial world's turn-of-the-century embrace of encrypted e-commerce, Levy finds drama and intellectual challenge everywhere he looks. Although he writes, "Behind every great cryptographer, it seems, there is a driving pathology," his respect for the mathematicians and programmers who spearheaded public key encryption as the solution to Information Age privacy invasion shines throughout. Even the governmental bad guys are presented more as hapless control fetishists who lack the prescience to see the inevitability of strong encryption as more than a conspiracy of evil.

Each cryptological advance that was made outside the confines of the NSA's Fort Meade complex was met with increasing legislative and judicial resistance. Levy's storytelling acumen tugs the reader along through mathematical and legal hassles that would stop most narratives in their tracks--his words make even the depressingly silly Clipper chip fiasco vibrant. Hardcore privacy nerds will value Crypto as a review of 30 years of wrangling; those readers with less familiarity with the subject will find it a terrific and well-documented launching pad for further research. From notables like Phil Zimmerman to obscure but important figures like James Ellis, Crypto dishes the dirt on folks who know how to keep a secret. --Rob Lightner...

Authors: Andrew Lockhart.
Paperback, 478 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2006-10-30
Edition: 2

Reviews :

    In the fast-moving world of computers, things are always changing. Since the first edition of this strong-selling book appeared two years ago, network security techniques and tools have evolved rapidly to meet new and more sophisticated threats that pop up with alarming regularity. The second edition offers both new and thoroughly updated hacks for Linux, Windows, OpenBSD, and Mac OS X servers that not only enable readers to secure TCP/IP-based services, but helps them implement a good deal of clever host-based security techniques as well.

This second edition of Network Security Hacks offers 125 concise and practical hacks, including more information for Windows administrators, hacks for wireless networking (such as setting up a captive portal and securing against rogue hotspots), and techniques to ensure privacy and anonymity, including ways to evade network traffic analysis, encrypt email and files, and protect against phishing attacks. System administrators looking for reliable answers will also find concise examples of applied encryption, intrusion detection, logging, trending and incident response.

In fact, this "roll up your sleeves and get busy" security book features updated tips, tricks & techniques across the board to ensure that it provides the most current information for all of the major server software packages. These hacks are quick, clever, and devilishly effective.

...