Authors: Ido Dubrawsky. F. Williams Lynch. Ed Mitchell. Wyman Miles. F. William Lynch.
Paperback, 608 pages
Publisher: Syngress
Publication Date: 2001-10-15
Edition: 1

Reviews :

    The only way to stop a hacker is to think like one!

Sun Microsystem's venerable and well-respected operating system Solaris is currently in version 8, and runs on both Intel and Sun Hardware. Solaris is one of the most comprehensive and popular UNIX operating systems available. Hundreds of thousands of business enterprises, both small and large, depend on Sun Solaris to keep their business alive - but have they protected themselves against hackers?

Hack Proofing Sun Solaris 8 is the latest addition to the popular Hack Proofing series from Syngress Publishing. Providing hands-on information written by both security professionals and self-proclaimed hackers, this book will give system administrators the edge they need to fortify their Sun Solaris operating system against the never-ending threat of hackers.

The fifth title in the popular series that brought us the bestseller Hack Proofing Your Network
Teaches strategy and techniques using forensic-based analysis
Up to the minute Web-based support with solutions@syngress.com...

    Two of Sun Solaris's prime attractions are its reliability and the high availability of servers running it. These advantages can be, however, negated by carelessness. Forget to apply a patch, or neglect to synchronize your servers' system clocks, and someone who's paying more attention will exploit the holes you've left in your system. The authors of Hack Proofing Sun Solaris 8 teach you how to run Solaris with flair. They show you how to implement wise security rules and implement popular services--like Common Gateway Interface (CGI) scripts--with a focus on improving security without reducing function. Most of the advice here has to do with Solaris boxes as Web servers, mail servers, and firewalls.

A lot of the authors' advice will be familiar to readers who have done security work before--their advice to disable all nonessential services, for example, falls into this category. Other information, such as the particular syntax of Solaris's native security utilities and third-party programs that are designed for Solaris, is very handy. It'll prove especially nice for people coming to Solaris from security administration on other operating systems. The organizational approach balances quick reference--the ability to quickly locate some detail via the index--with informative background that will help you head off emerging, undocumented attacks. There aren't many earth-shaking revelations in this book, but it contains good documentation of Solaris security tools and procedures. --David Wall

Topics covered: Sun Solaris 8 defensive policies and procedures. Native Solaris tools (like audit log) are documented, as are outside tools like Snort. There's advice on setting user and file permissions, and hints on how to configure network services like HTTP, SMTP, DHCP, and network address translation (NAT) in a secure way. Caching with Squid gets attention, too....

Authors: Madjid Nakhjiri. Mahsa Nakhjiri.
Hardcover, 318 pages
Publisher: Wiley
Publication Date: 2005-10-28


Reviews :

    AAA (Authentication, Authorization, Accounting) describes a framework for intelligently controlling access to network resources, enforcing policies, and providing the information necessary to bill for services. 

AAA and Network Security for Mobile Access is an invaluable guide to the AAA concepts and framework, including its protocols Diameter and Radius.  The authors give an overview of established and emerging standards for the provision of secure network access for mobile users while providing the basic design concepts and motivations.

AAA and Network Security for Mobile Access:

• Covers trust, i.e., authentication and security key management for fixed and mobile users, and various approaches to trust establishment.
• Discusses public key infrastructures and provides practical tips on certificates management.
• Introduces Diameter, a state-of-the-art AAA protocol designed to meet today’s reliability, security and robustness requirements, and examines Diameter-Mobile IP interactions.
• Explains RADIUS (Remote Authentication Dial-In User Services) and its latest extensions.
• Details EAP (Extensible Authentication Protocol) in-depth, giving a protocol overview, and covering EAP-XXX authentication methods as well as use of EAP in 802 networks.
• Describes IP mobility protocols including IP level mobility management, its security and optimizations, and latest IETF seamless mobility protocols.
• Includes a chapter describing the details of Mobile IP and AAA interaction, illustrating Diameter Mobile IP applications and the process used in CDMA2000.
• Contains a section on security and AAA issues to support roaming, discussing a variety of options for operator co-existence, including an overview of Liberty Alliance.

This text will provide researchers in academia and industry, network security engineers, managers, developers and planners, as well as graduate students, with an accessible explanation of the standards fundamental to secure mobile access....

Authors: Julia H. Allen.
Paperback, 480 pages
Publisher: Addison-Wesley Professional
Publication Date: 2001-06-17


Reviews :

    Now, the world's leading information security response organization has written the ultimate guide to system and network security for working administrators. SEI's Computer Emergency Response Team (CERT) offers a practical, start-to-finish approach to developing secure networks, covering every stage of the process: planning, implementation, maintenance, intrusion detection, response, recovery, and beyond. Reflecting CERT's role as the world's #1 computer security response team, this book presents up-to-the-minute information on new attacks, viruses, and other IT security threats. Coverage includes: establishing effective security practices and policies, deploying firewalls, securing network servers and public web servers, security desktop workstations, intrusion detection, response, and recovery. This book not only shows how to enhance computer security today: it shows how to learn from experience to build even more secure systems tomorrow. For all system and network professionals, and other IT professionals concerned with security....

    Black-hat hackers--that is, malicious people who want to break into your networks and machines--are proliferating, it's true. But the number of systems available for them to attack is growing at an even faster clip, which means you can head off a lot of attacks on your Internet-connected resources by following the advice in The CERT Guide to System and Network Security Practices. Julia Allen has distilled a series of "best practices" documents from the CERT Coordination Center (a clearing-house for information about computer attacks) into readily absorbable advice on computer security. She shows how to configure systems for inherent resistance to attack, how to set up logs and intrusion detection tools as early and reliable tripwires, and, to a lesser extent, how to deal with an attack in progress.

Allen's approach is not focused on the details of particular operating systems, applications, or items of equipment, though she does include some such information in a sizable appendix. Most of the time, procedural outlines are phrased generically ("Disable the serving of Web server file directory listings"). It's up to you to figure out what the steps mean, specifically, in terms of your hardware and software. The advice is carefully researched and therefore valuable. If implemented carefully, Allen's recommended practices should deter all but the most determined hackers from harassing your systems. --David Wall

Topics covered: Techniques for hardening computers and networks against compromise by malice-minded hackers, detecting break-ins and other attacks when they occur, and designing security policies to minimize potential damage. Specific advice has to do with locked-down workstations, servers in DMZs, firewalls, and intrusion detection utilities. ...

Authors: Marc Blanchet.
Paperback, 384 pages
Publisher: Wiley
Publication Date: 2008-10-27


Reviews :

    * Asterisk allows everyone from home users to enterprise administrators to roll out a robust, internet-based, and inexpensive yet powerful telephony solution
* Shows how Asterisk runs on all computing platforms, including Linux, Unix, Windows, FreeBSD, Mac OS X, and Solaris
* Includes coverage of Asterisk installation, configuration, and troubleshooting
* Reviews common features such as call forwarding, call transferring, voicemail, hold music, and conferencing
* Also discusses advanced features including interactive voice response, call recording, call distribution, faxing, and deployment in different environments...

Authors: Angela Orebaugh. Simon Biles. Jacob Babbin.
Paperback, 400 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2005-03-29


Reviews :

    If you are a network administrator, you're under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is an essential--but often overwhelming--challenge. Snort, the defacto open source standard of intrusion detection tools, is capable of performing real-time traffic analysis and packet logging on IP network. It can perform protocol analysis, content searching, and matching. Snort can save countless headaches; the new Snort Cookbook will save countless hours of sifting through dubious online advice or wordy tutorials in order to leverage the full power of SNORT. Each recipe in the popular and practical problem-solution-discussion O'Reilly cookbook format contains a clear and thorough description of the problem, a concise but complete discussion of a solution, and real-world examples that illustrate that solution. The Snort Cookbook covers important issues that sys admins and security pros will us everyday, such as:

• installation
• optimization
• logging
• alerting
• rules and signatures
• detecting viruses
• countermeasures
• detecting common attacks
• administration
• honeypots
• log analysis

But the Snort Cookbook offers far more than quick cut-and-paste solutions to frustrating security issues. Those who learn best in the trenches--and don't have the hours to spare to pore over tutorials or troll online for best-practice snippets of advice--will find that the solutions offered in this ultimate Snort sourcebook not only solve immediate problems quickly, but also showcase the best tips and tricks they need to master be security gurus--and still have a life....

Authors: Michael Gough.
Paperback, 336 pages
Publisher: Syngress
Publication Date: 2006-06-01


Reviews :

    Until recently, the reality of video conferencing didn't live up to the marketing hype. That's all changed. The network infrastructure and broadband capacity is now in place to deliver clear, real time video and voice feeds between multiple points of contacts, with market leaders such as Cisco and Microsoft continuing to invest heavily in development. In addition, newcomers Skype and Google are poised to launch services and products targeting this market.

Video Conferencing over IP is the perfect guide to getting up and running with video teleconferencing for small to medium size enterprises. Topic coverage includes how to determine bandwidth needs; configure network routers, gateways, firewalls and switches; and configure, secure and troubleshoot your deployment. Major software solutions from Microsoft, Yahoo, AOL, VidiTel, iVisit, Vibe Phone and Skype are also covered.

...

Authors: Dan Verton.
Hardcover, 219 pages
Publisher: McGraw-Hill Osborne Media
Publication Date: 2002-03-26
Edition: 1

Reviews :

   

To many who knew him, there was nothing odd about him. He was a normal kid...

On February 7, 2000, Yahoo.com was the first victim of the biggest distributed denial-of-service attack ever to hit the Internet. On May 8^th, Buy.com was battling a massive denial-of-service attack. Later that afternoon, eBay.com also reported significant outages of service, as did Amazon.com. Then CNN's global online news operation started to grind to a crawl. By the following day, Datek and E-Trade entered crisis mode...all thanks to an ordinary fourteen-year-old kid.

Friends and neighbors were shocked to learn that the skinny, dark-haired, boy next door who loved playing basketball--almost as much as he loved computers--would cause millions of dollars worth of damage on the Internet and capture the attention of the online world--and the federal government. He was known online as "Mafiaboy" and, to the FBI, as the most notorious teenage hacker of all time. He did it all from his bedroom PC. And he's not alone.

Computer hacking and Web site defacement has become a national pastime for America's teenagers, and according to the stories you'll read about in The Hacker Diaries--it is only the beginning. But who exactly are these kids and what motivates a hacker to strike? Why do average teenagers get involved in hacking in the first place? This compelling and revealing book sets out to answer these questions--and some of the answers will surprise you. Through fascinating interviews with FBI agents, criminal psychologists, law-enforcement officials--as well as current and former hackers--you'll get a glimpse inside the mind of today's teenage hacker. Learn how they think, find out what it was like for them growing up, and understand the internal and external pressures that pushed them deeper and deeper into the hacker underground. Every hacker has a life and story of his or her own. One teenager's insatiable curiosity as to how the family's VCR worked was enough to trigger a career of cracking into computer systems. This is a remarkable story of technological wizardry, creativity, dedication, youthful angst, frustration and disconnection from society, boredom, anger, and jail time. Teenage hackers are not all indifferent punks. They're just like every other kid and some of them probably live in your neighborhood. They're there. All you have to do is look.

...

Authors: Gregg Schudel. David J. Smith.
Paperback, 672 pages
Publisher: Cisco Press
Publication Date: 2008-01-08
Edition: 1

Reviews :

   

Router Security Strategies: Securing IP Network Traffic Planes provides a compre-hensive approach to understand and implement IP traffic plane separation and protection on IP routers. This book details the distinct traffic planes of IP networks and the advanced techniques necessary to operationally secure them. This includes the data, control, management, and services planes that provide the infrastructure for IP networking. 

 

The first section provides a brief overview of the essential components of the Internet Protocol and IP networking. At the end of this section, you will understand the fundamental principles of defense in depth and breadth security as applied to IP traffic planes. Techniques to secure the IP data plane, IP control plane, IP management plane, and IP services plane are covered in detail in the second section.

 

The final section provides case studies from both the enterprise network and the service provider network perspectives. In this way, the individual IP traffic plane security techniques reviewed in the second section of the book are brought together to help you create an integrated, comprehensive defense in depth and breadth security architecture.

 

“Understanding and securing IP traffic planes are critical to the overall security posture of the IP infrastructure.  The techniques detailed in this book provide protection and instrumentation enabling operators to understand and defend against attacks. As the vulnerability economy continues to mature, it is critical for both vendors and network providers to collaboratively deliver these protections to the IP infrastructure.”

–Russell Smoak, Director, Technical Services, Security Intelligence Engineering, Cisco

 

Gregg Schudel, CCIE® No. 9591, joined Cisco in 2000 as a consulting system engineer supporting the U.S. service provider organization. Gregg focuses on IP core network security architectures and technology for interexchange carriers and web services providers.

 

David J. Smith, CCIE No. 1986, joined Cisco in 1995 and is a consulting system engineer supporting the service provider organization. David focuses on IP core and edge architectures including IP routing, MPLS technologies, QoS, infrastructure security, and network telemetry.

 

• Understand the operation of IP networks and routers
• Learn about the many threat models facing IP networks, Layer 2 Ethernet switching environments, and IPsec and MPLS VPN services

• Learn how to segment and protect each IP traffic plane by applying defense in depth and breadth principles

• Use security techniques such as ACLs, rate limiting, IP Options filtering, uRPF, QoS, RTBH, QPPB, and many others to protect the data plane of IP and switched Ethernet networks

• Secure the IP control plane with rACL, CoPP, GTSM, MD5, BGP and ICMP techniques and Layer 2 switched Ethernet-specific techniques
• Protect the IP management plane with password management, SNMP, SSH, NTP, AAA, as well as other VPN management, out-of-band management, and remote access management techniques

• Secure the IP services plane using recoloring, IP fragmentation control, MPLS label control, and other traffic classification and process control techniques

 This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

 

...

Authors: Adam Young. Moti Yung.
Paperback, 416 pages
Publisher: Wiley
Publication Date: 2004-02-27


Reviews :

    Hackers have uncovered the dark side of cryptography—that device developed to defeat Trojan horses, viruses, password theft, and other cyber-crime. It’s called cryptovirology, the art of turning the very methods designed to protect your data into a means of subverting it. In this fascinating, disturbing volume, the experts who first identified cryptovirology show you exactly what you’re up against and how to fight back.

They will take you inside the brilliant and devious mind of a hacker—as much an addict as the vacant-eyed denizen of the crackhouse—so you can feel the rush and recognize your opponent’s power. Then, they will arm you for the counterattack.

This book reads like a futuristic fantasy, but be assured, the threat is ominously real. Vigilance is essential, now.

• Understand the mechanics of computationally secure information stealing
• Learn how non-zero sum Game Theory is used to develop survivable malware
• Discover how hackers use public key cryptography to mount extortion attacks
• Recognize and combat the danger of kleptographic attacks on smart-card devices
• Build a strong arsenal against a cryptovirology attack

...

Authors: William Jones.
Paperback, 448 pages
Publisher: Morgan Kaufmann
Publication Date: 2007-11-16
Edition: 1

Reviews :

    WE ARE ADRIFT IN A SEA OF INFORMATION. We need information to make good decisions, to get things done, to learn, and to gain better mastery of the world around us. But we do not always have good control of our information - not even in the "home waters" of an office or on the hard drive of a computer. Instead, information may be controlling us - keeping us from doing the things we need to do, getting us to waste money and precious time. The growth of available information, plus the technologies for its creation, storage, retrieval, distribution and use, is astonishing and sometimes bewildering. Can there be a similar growth in our understanding for how best to manage information and informational tools?

This book provides a comprehensive overview of personal information management (PIM) as both a study and a practice of the activities people do and need to be doing so that information can work for them in their daily lives.

Introductory chapters of Keeping Found Things Found: The Study and Practice of Personal Information Management provide an overview of PIM and a sense for its many facets. The next chapters look more closely at the essential challenges of PIM, including finding, keeping, organizing, maintaining, managing privacy, and managing information flow. The book also contains chapters on search, email, mobile PIM, web-based support, and other technologies relevant to PIM.

*For more information and author blog visit http://www.keepingthingsfound.com/.

* Focuses exclusively on one of the most interesting and challenging problems in today's world
* Explores what good and better PIM looks like, and how to measure improvements
* Presents key questions to consider when evaluating any new PIM informational tools or systems...