Authors: Jalal Feghhi. Peter Williams.
Paperback, 480 pages
Publisher: Addison-Wesley Professional
Publication Date: 1998-10-09


Reviews :

    Detailed & practical guide to understanding & working with digital certificates. Presents an overview of this important technology & its role in Internet security, and looks at the business infrastructure that is essential to its effective utilization. Paper. CD ROM included. DLC: Internet (Computer network) - Security. ...

    Because the Internet is based on connectionless protocols that route messages through more or less public machines, standard means of Internet communication offer no guarantees of integrity or authenticity. A variety of schemes have sprung up to solve this problem, and Digital Certificates: Applied Internet Security does a great job of explaining the Microsoft approach to securing Internet communications.

Helpfully, the authors spend a fair amount of time explaining the problem of network security and the broad technologies (public-key encryption, key length considerations, authentication, and so on). Having explained the universe in which a security system must work, they then show how to acquire a digital certificate from a certification authority (CA). From there, they show how to use the digital certificate with several pieces of software, including Internet Explorer 3 and 4 (but not 5), Netscape Communicator 4, and Outlook Express 4.

Of more interest to administrators and developers are code snippets that show how to request and process digital certificates in a variety of environments, including Active Server Pages (ASP) and Java. There's background information on the newly standardized Public Key Infrastructure with X.509 (PKIX) and the Secure Electronic Transaction (SET) standard for financial operations too. Coverage of Microsoft Certificate Server includes a lot of programming information, including coverage of the Policy and Exit Modules. --David Wall

Topics covered: Encryption, authentication, X.509 digital certificates, certification authorities, S/MIME, trust relationships, and Microsoft Certificate Server....

Authors: Jesper M. Johansson.
Paperback, 750 pages
Publisher: Microsoft Press
Publication Date: 2008-03-10


Reviews :

    Get the definitive reference for planning and implementing security features in Windows Server 2008 with expert insights from Microsoft Most Valuable Professionals (MVPs) and the Windows Server Security Team at Microsoft. This official Microsoft RESOURCE KIT delivers the in-depth, technical information and tools you need to help protect your Windows® based clients, server roles, networks, and Internet services. Leading security experts explain how to plan and implement comprehensive security with special emphasis on new Windows security tools, security objects, security services, user authentication and access control, network security, application security, Windows Firewall, Active Directory® security, group policy, auditing, and patch management. The kit also provides best practices based on real-world implementations. You also get must-have tools, scripts, templates, and other key job aids, including an eBook of the entire RESOURCE KIT on CD.

Key Book Benefits

Definitive technical information and expert insights straight from the Windows Server Security Team and leading Microsoft MVPs

Provides in-depth information that every Windows administrator needs to know about helping protect Windows-based environments

Includes best practices from real-world implementations

CD includes additional job aids, including tools, scripts, and a fully searchable version of the entire RESOURCE KIT book

Q&A with Jesper M. Johansson, author of Windows Server 2008 Security Resource Kit

The credentials of the contributors to Windows Server 2008 Security Resource Kit are quite impressive. How important was it to assemble such a group for this title?

In my opinion, it was necessary. Server products are necessarily complex, and security, by its very nature, requires a very broad understanding of the product. Developing that understanding in a single person is possible, but very time consuming and still does not lead to the breadth of perspective that you find in a group of people. No single person can truly understand both what it is like to implement Active Directory in a 50,000 seat organization, and how to run a 50-seat small business network long-term, and neither of them is probably going to also be one of the world's foremost experts on implementing public key cryptography infrastructures. By putting together this world-wide team of experts (representing four countries on three continents) we were able to produce a resource that had far more depth and breadth of knowledge than would otherwise have been possible, and you get the expertise of 12 of the foremost experts on Windows Security in a single package.

What extras are available on the Resource Kit CD?

First, you get a bonus chapter on Rights Management Services, as well as an electronic copy of the entire book. I am very excited about the electronic copy because it provides a searchable way to read the book. These types of books are always used as references and being able to search it is very valuable.

You also get some tools that may come in handy for managing servers. Scripting Guru Ed Wilson wrote some custom PowerShell scripts specifically for this book to manage user accounts and other security related aspects of your deployment. In addition, I wrote a couple of tools for the book. One is my password generator, which I first made available several years ago. It enables you to manage unique administrator account passwords and service account passwords on hundreds or thousands of servers on a network. I also included my elevation tools, which allow you to launch an elevated instance of Windows Explorer, as well as elevating any command you want from the command line. Having worked with User Account Control (UAC) daily for about two years I find that one of the biggest impediments to running under UAC is the multiple prompts you get when you perform many file operations. As an administrator, that is a very common task. Elevating Windows Explorer lets you do those operations with a single elevation prompt, and still leave UAC turned on.

Comparing the two programs, what are some of the fundamental differences between Windows Server 2008 and Windows Server 2003?

To me, the biggest difference is the fact that while Windows Server 2003 was built under the security best practices of 2002, Windows Server 2008 incorporates all the secure development practices Microsoft learned in the five years since. The field of secure software development has progressed immensely between 2002 and 2007, and incorporating them will make Windows Server 2008 much more able to stand up to the threats we will see in the next five years. By the way, it is with a heavy heart that I say that, as I worked hard on security in Windows Server 2003, but it is true.

Apart from the engineering process, the first thing people will notice is the completely new management model in Windows Server 2008. Instead of installing a lot of separate components, you now deploy roles to the server. This makes a lot of sense because the roles are what you bought the server to fill. By implementing that metaphor in the management tools the risk for misconfiguration is greatly reduced.

The new kernel features are also very important and will make a big difference for many. First, the new virtualization features are fundamentally going to change how we build and run data centers. The improvements in security, reliability, and performance in the kernel features, such as thread scheduling, and in the networking features, such as the new network file system, also are going to be valuable to many.

What do you feel is the biggest security oversight made by network admins?

Put a slightly different way, the area where I see the most room for improvement is in security posture management. Administrators are far too focused on vulnerabilities and on the types of "hardening" tweaks that were useful in the 1990s, when software shipped wide open by default. Today, those things are not nearly as important as it is to manage the security posture of your servers. Far too many administrators still believe in the perimeter and fail to recognize that just about every organizational network today is semi-hostile, at best. The biggest security oversight is not to analyze and manage the threats posed to servers by other actors on the network. The Security Resource Kit goes into depth in discussing what I refer to as Network Threat Modeling, as the analysis phase of Server and Domain Isolation – probably the most powerful security tool in the arsenal today. Yet, the proportion of networks that use these tools is infinitesimal.

What are your thoughts on the constant hype surrounding potential security flaws in Vista?

As I have written elsewhere (http://msinfluentials.com/blogs/jesper/archive/2008/01/24/do-vista-users-need-fewer-patches-than-xp-users.aspx) I fail to see any data backing up the argument. Certainly, there have been flaws in Vista – and anyone who expected it to be flawless was unrealistic – but the improvements are tremendous over Windows XP. Windows Vista has about half as many critical problems as Windows XP in the same time-frame. I'm not sure that it would have been reasonable to expect it to perform much better than that given how large and complex modern software is and how fast the security landscape is moving.

Therefore, I have to think that the reasons for the hype are something other than data. The popular press seems to operate on the assumption that complaining about Microsoft generates advertising revenue, and they are probably correct. The fact of the matter today is that a significant portion of the software industry, specifically the security portion, has built its business almost exclusively on selling software that purports to protect Microsoft's customers from Microsoft's screw-ups. It is simply terrifying to it, and a grave threat to its business model, that Microsoft should actually manage to produce software, and particularly operating systems, that are so secure they do not need most of the products that portion of the industry sells.

The popular press, being a largely advertising funded business, has happily latched on to this perception and boosted the unsubstantiated claims of Windows Vista's vulnerability to the benefit of their major advertisers. It is truly a sick eco-system that harms the customer in both the short and long term. The threats today, as I mentioned above, are trending toward the types of things that the security software industry cannot protect against. The new threats are against people, and the focus needs to shift to helping people make better security decisions and take responsibility for their own actions. Unfortunately, the current unsubstantiated hype about Windows Vista is not about protecting customers, it is about selling unnecessary security software and inculcating users and IT managers alike in the belief that they must buy third party software to run Windows safely; a belief that, with a few notable exceptions, such as anti-virus software, is falsified by the data. In fact, the hype has even lead to a huge growth industry in malicious, fake, security software. I have seen a lot of people lured by the hype into buying security software that is not security software at all, but simply malware in disguise. The average consumer, inundated with hype, is unable to make out what to really believe. This sick ecosystem is harmful and the press and the pundits are not helping, but only increasing the hype.

In your opinion, which network faces the biggest security risk today: the small office with multiple power users or large corporation with a large LUA base?

The unmanaged networks. I have seen very well managed and very secure networks in both small and large organizations, and I have seen poorly managed and very insecure networks in both as well. It is not really a matter of size but of how much time and effort is put into the security aspects of it. One of the largest weaknesses seems to be training. Security today is about end-points. The attacks are against people far more prevalent than those against technology and vulnerabilities. We need to, as an industry, understand how to push the security out to the assets that we are trying to protect. In the past we have centralized security because it was a way to centralize management of security. The challenge now is to de-centralize security, while still permitting centralized management. This is a non-trivial task, but it must be done. As a starting point, I dare every IT manager to start analyzing the risks to his or her network, and specifically, what it is they want the network to be used for. Once you understand what it is you want the network to provide you have a chance to work on making it provide that and nothing else. To me, that is the most important thing we can do. A properly staffed IT group, with adequate training and resources to train its users, an organizational mandate to protect the organization's assets, and a keen understanding of the business they serve will build a network that is adequately secured regardless of the size of the network. Windows Server 2008 certainly provides some very powerful technologies to help you manage security in your network, but while that is a necessary component, it is insufficient by itself. At a very base level, it is about the people and the processes you have, more than about the technology. Technology will help, but it is just a tool that your people will implement using a process that helps or hurts....

Authors: Kathy Ivens.
Paperback, 224 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2005-01-25


Reviews :

    The beauty of a home network is that it can make life so easy--what could be better than sharing an Internet connection so that everyone can be online at the same time? With home networking you can move files from one computer to another, share resources, print to a single printer or multiple printers from any computer in the house, and IM the kids when they're holed up in their rooms. And the downside? Anyone who's ever had to troubleshoot a network glitch doesn't need to ask that question. The simple words, "Why can't I print? Why can't I get to the Internet? Why does my computer say 'Access Denied' today, when it worked fine yesterday?" are enough to send the home network administrator running for cover. And the concept of "network security" can keep the soundest sleeper tossing and turning all night. Currently, more than 8 million homes in the US have installed a network of some kind, and within five years, that number is expected to jump to 37 million. This speaks to the availability of easy-to-install home networking products. Unfortunately, there's also a glut of potential headaches that can occur after installation (and during, sometimes) with no warning label on the box saying, "This product sure to cause annoyances." But help is here. Home Networking Annoyances will ease the headaches and annoyances of anyone who runs a home network. This book tackles all the common annoyances associated with running your network--whether it's wired or wireless, or a combination thereof. Its friendly, off-the-cuff approach will put you in a position of power over those home networking glitches, including file sharing, printing, cabling, security, and much more. You'll find dozens of on-target tips, workarounds, and fixes that will help you improve your home networking experience in every way possible. Whether you're a mainstream business user or a home user with newly installed network hardware, you've probably had your patience tested by frustrating network maintenance issues. Take a stand against annoyances now: just as the bestselling PC Annoyances brought peace and happiness to PC users everywhere, Home Networking Annoyances is your ticket to serenity....

Authors: Peter Thermos. Ari Takanen.
Paperback, 384 pages
Publisher: Addison-Wesley Professional
Publication Date: 2007-08-11
Edition: 1

Reviews :

   

In Securing VoIP Networks, two leading experts systematically review the security risks and vulnerabilities associated with VoIP networks and offer proven, detailed recommendations for securing them. Drawing on case studies from their own fieldwork, the authors address VoIP security from the perspective of real-world network implementers, managers, and security specialists. The authors identify key threats to VoIP networks, including eavesdropping, unauthorized access, denial of service, masquerading, and fraud; and review vulnerabilities in protocol design, network architecture, software, and system configuration that place networks at risk. They discuss the advantages and tradeoffs associated with protection mechanisms built into SIP, SRTP, and other VoIP protocols; and review key management solutions such as MIKEY and ZRTP. Next, they present a complete security framework for enterprise VoIP networks, and provide detailed architectural guidance for both service providers and enterprise users.

 

1       Introduction

2       VoIP Architectures and Protocols

3       Threats and Attacks

4       VoIP Vulnerabilites

5       Signaling Protection Mechanisms

6       Media Protection Mechanisms

7       Key Management Mechanisms

8       VoIP and Network Security Controls

9       A Security Framework for Enterprise VoIP Networks

10     Provider Architectures and Security

11     Enterprise Architectures and Security

...

Authors: Stefan Schackow.
Paperback, 648 pages
Publisher: Wrox
Publication Date: 2006-01-31


Reviews :

    Experienced developers who are looking to create reliably secure sites with ASP.NET 2.0 will find that Professional ASP.NET 2.0 Security, Membership, and Role Management covers a broad range of security features including developing in partial trust, forms authentication, and securing configuration. The book offers detailed information on every major area of ASP.NET security you’ll encounter when developing Web applications.

You’ll see how ASP.NET 2.0 version contains many new built-in security functions compared to ASP.NET 1.x such as Membership and Role Manager, and you’ll learn how you can extend or modify various features. The book begins with two chapters that walk you through the processing ASP.NET 2.0 performs during a web request and the security processing for each request, followed by a detailed explanation of ASP.NET Trust Levels.

With this understanding of security in place, you can then begin working through the following chapters on configuring system security, forms authentication, and integrating ASP.NET security with classic ASP including integrating Membership and Role Manager with classic ASP. The chapter on session state looks at the limitations of cookieless session identifiers, methods for heading off session denial of service attacks, and how session state is affected by trust level. After the chapter explaining the provider model architecture in ASP.NET 2.0 and how it is useful for writing custom security providers you go to the MembershipProvider class and configuring the two default providers in the Membership feature, SqlMembershipProvider and ActiveDirectoryMembershipProvider. You'll see how to use RoleManager to make it easy to associate users with roles and perform checks declaratively and in code and wrap up working with three providers for RoleProvider – WindowsTokenRoleProvider, SqlRoleProvider, and AuthorizationStoreRoleProvider (to work with Authorization Manager or AzMan).

This book is also available as part of the 5-book ASP.NET 2.0 Wrox Box (ISBN: 0-470-11757-5). This 5-book set includes:

• Professional ASP.NET 2.0 Special Edition (ISBN: 0-470-04178-1)
• ASP.NET 2.0 Website Programming: Problem - Design - Solution (ISBN: 0764584642 )
• Professional ASP.NET 2.0 Security, Membership, and Role Management (ISBN: 0764596985)
• Professional ASP.NET 2.0 Server Control and Component Development (ISBN: 0471793507)
• ASP.NET 2.0 MVP Hacks and Tips (ISBN: 0764597663)
• CD-ROM with more than 1000 pages of bonus chapters from 15 other .NET 2.0 and SQL Server(TM) 2005 Wrox books
• DVD with 180-day trial version of Microsoft(r) Visual Studio(r) 2005 Professional Edition

...

Authors: Angela Orebaugh. Becky Pinkard.
Paperback, 384 pages
Publisher: Syngress
Publication Date: 2008-01-14


Reviews :

    Nmap, or Network Mapper, is a free, open source tool that is available under the GNU General Public License as published by the Free Software Foundation. It is most often used by network administrators and IT security professionals to scan corporate networks, looking for live hosts, specific services, or specific operating systems. Part of the beauty of Nmap is its ability to create IP packets from scratch and send them out utilizing unique methodologies to perform the above-mentioned types of scans and more. This book provides comprehensive coverage of all Nmap features, including detailed, real-world case studies.

. Understand Network Scanning
Master networking and protocol fundamentals, network scanning techniques, common network scanning tools, along with network scanning and policies.
. Get Inside Nmap
Use Nmap in the enterprise, secure Nmap, optimize Nmap, and master advanced Nmap scanning techniques.
. Install, Configure, and Optimize Nmap
Deploy Nmap on Windows, Linux, Mac OS X, and install from source.
. Take Control of Nmap with the Zenmap GUI
Run Zenmap, manage Zenmap scans, build commands with the Zenmap command wizard, manage Zenmap profiles, and manage Zenmap results.
. Run Nmap in the Enterprise
Start Nmap scanning, discover hosts, port scan, detecting operating systems, and detect service and application versions
. Raise those Fingerprints
Understand the mechanics of Nmap OS fingerprinting, Nmap OS fingerprint scan as an administrative tool, and detect and evade the OS fingerprint scan.
. "Tool" around with Nmap
Learn about Nmap add-on and helper tools: NDiff--Nmap diff, RNmap--Remote Nmap, Bilbo, Nmap-parser.
. Analyze Real-World Nmap Scans
Follow along with the authors to analyze real-world Nmap scans.
. Master Advanced Nmap Scanning Techniques
Torque Nmap for TCP scan flags customization, packet fragmentation, IP and MAC address spoofing, adding decoy scan source IP addresses, add random data to sent packets, manipulate time-to-live fields, and send packets with bogus TCP or UDP checksums....

Authors: Brad Haines. Frank Thornton. Michael Schearer.
Paperback, 258 pages
Publisher: Syngress
Publication Date: 2008-06-25
Edition: Pap/Onl

Reviews :

    Kismet Hacking brings together the premiere wireless security experts to outline how to successfully use the top wireless tool, Kismet. As wireless networking continues to spread in home, corporate and government use, and as Linux continues to replace Windows for many advanced users, Kismet is increasingly the tool that they rely upon. Now with the introduction of Kismet NewCore, people who are using Kismet for applications from wireless network design to wireless security, have an improved version of their favorite wireless application. Kismet Hacking is for both new users who are just starting to use Kismet and those who have been using Kismet for years. Vital user information on getting the most out of wireless Linux setups is contained here. This book covers everything a Kismet user would need to know about Kismet, from the basic installation to advanced subjects such as creating Wireless Intrusion Detection Systems....

Authors: Alan Schwartz.
Paperback, 207 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2004-07
Edition: 1st

Reviews :

    The annoyance factor for individual users whose email is crammed with pitches for pornography, absurd moneymaking schemes, and dubious health products is fierce. But for organizations, the cost of spam in lost productivity and burned bandwidth is astronomical. While society is grappling with a solution to the burgeoning crisis of spam proliferation, the pressure is on system administrators to find a solution to this massive problem in-house. And fast.

Sys admins can field scores of complaints and spend months testing software suites that turn out to be too aggressive, too passive, or too complicated to setup only to discover that SpamAssassin (SA), the leading open source spam-fighting tool, is free, flexible, powerful, highly-regarded, and remarkably effective. The drawback? SpamAssassin's lack of published documentation.

SpamAssassin by Alan Schwartz, is the only published resource devoted to SpamAssassin and how to integrate it effectively into your networks. This clear, concise guide clarifies the installation, configuration, and use of the SpamAssassin spam-checking system (versions 2.63 and 3.0) for Unix system administrators using the Postfix, Sendmail, Exim, or qmail mail servers, helping administrators make the right integration decision for their particular environments.

It covers concrete advice on how to:
Customize SpamAssassin's rules, and even create new ones
Train SpamAssassin's Bayesian classifier, a statistical engine for detecting spam, to optimize it for the sort of email that you typically receive
Block specific addresses, hosts, and domains using third-party blacklists like the one maintained by Spamcop.net.
Whitelist known good sources of email, so that messages from clients, coworkers, and friends aren't inadvertently lost.
Configure SpamAssassin to work with newer spam-filtering methods such as Hashcash and Sender Policy Framework (SPF).
Sys admins, network administrators, and ISPs pay for spam with hours of experimentation and tedious junk email management, frayed user tempers, and their sanity.
SpamAssassin, together with this essential book, give you the tools you need to take back your organization's inboxes....

Authors: Mike Shema. Chris Davis.
Paperback, 799 pages
Publisher: McGraw-Hill Osborne Media
Publication Date: 2006-02-09
Edition: 3

Reviews :

    Stop hackers in their tracks

Organized by category, Anti-Hacker Tool Kit, Third Edition provides complete details on the latest and most critical security tools, explains their function, and demonstrates how to configure them to get the best results.

• Completely revised to include the latest security tools, including wireless tools
• New tips on how to configure the recent tools on Linux, Windows, and Mac OSX
• New on the CD-ROM -- Gnoppix, a complete Linux system, ClamAV anti-virus, Cain, a multi-function hacking tool, Bluetooth tools, protocol scanners, forensic tools, and more
• New case studies in each chapter

...

Authors: Jon Erickson.
Paperback, 264 pages
Publisher: No Starch Press
Publication Date: 2003-10
Edition: 1

Reviews :

    Emphasizing a true understanding of the techniques as opposed to just breaking the rules, the author helps readers determine which areas are prone to attack and why. Unlike other so-called hacking guides, this book does not gloss over technical details, and includes detailed sections on stack-based overflows, heap based overflows, format string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b....