Authors: Jonathan Land.
Paperback, 336 pages
Publisher: No Starch Press
Publication Date: 2004-06
Edition: 1st

Reviews :

    From the man behind TheSpamLetters.com - featured in Entertainment Weekly, The New York Times, and Slashdot - comes a collection of brilliant and entertaining correspondence with the people who send out mass junk emailings (a.k.a. spam). Compiled from the nearly 200 entries written by Jonathan Land, The Spam Letters taunts, prods, and parodies the faceless salespeople in your inbox, giving you a chuckle at their expense. If you hate spam, you'll love The Spam Letters. ...

Authors: Gert DeLaet. Gert Schauwers.
Paperback, 480 pages
Publisher: Cisco Press
Publication Date: 2004-09-18
Edition: 1

Reviews :

   

An introduction to the key tools and technologies used to secure network access

• Examine common security vulnerabilities and the defenses used to protect network resources
• Learn about cryptography, including modern-day techniques like 3DES, RSA, hashing, and the use of certificates
• Learn how to design, adopt, and enforce security policies
• Evaluate the nuances of secure network design
• Secure HTTP traffic by hardening operating systems, servers, and browsers
• Protect routers through administrative access policies and services
• Understand what firewalls do and how to implement them to maximum effect
• Inspect and monitor network activity with IDS
• Utilize VPNs for secure remote access
• Learn about PKI technologies
• Examine secure wireless design techniques
• Use logging and auditing tools, such as syslog, SNMP, RMON, and SAA, to manage network traffic

Companies have long been struggling with threats from the hacking community. Keeping pace with the rapid evolution of security technology and the growing complexity of threats is a challenge even in the best of times. The increased focus on security has sent IT managers and engineers scrambling to acquire the proper expertise to implement complex, multilayered solutions.

Network Security Fundamentals introduces the topic of network security in an easy-to-understand and comprehensive manner. This book is designed to provide a fundamental understanding of the various components of a network security architecture and to demonstrate how each component can be implemented to achieve best results. The book uses straightforward language to introduce topics and to show the features, mechanics, and functionality of various network security devices. A series of case studies helps illuminate concepts and shows how you can apply the concepts to solve real-world problems.

Divided into four parts, Network Security Fundamentals takes you on a tour of all the essential technologies and modern defenses at your disposal to help you maintain network uptime and data integrity. Part I covers the basics, introducing terms and concepts and laying the foundation of a solid security structure. The discussion focuses on weaknesses and vulnerabilities along with an overview of the traditional defenses used to thwart attacks. Part II examines two components of security-cryptography and security policies. Part III looks at the various security components. Separate chapters cover web security, router security, firewalls, intrusion detection systems (IDS), remote access security, virtual private networks (VPN), Public Key Infrastructure (PKI), wireless security, and logging and auditing. Each chapter in this section is a self-contained tutorial, allowing you to skip to those topics of greatest interest or primary concern. Part IV includes several reference appendixes, including the Cisco SAFE Blueprint, NSA guidelines, and SANS policies.

Whether you are looking for an introduction to network security principles and practices or a security configuration reference, this book provides you with the invaluable insight you need to protect valuable company resources.

...

Authors: John Paul Mueller.
Paperback, 448 pages
Publisher: Sybex
Publication Date: 2003-09-16
Edition: 1

Reviews :

    Security is completely different in the .NET framework than it was in older versions of Visual Studio. This Official DevX title from Sybex, leads you through those differences, helps you understand the new rules for .NET security, and helps you fix problems created by holes in the .NET security by using Visual Basic.NET and Visual C#.NET. Perfect for intermediate and advanced .NET application developers who already know Visual Basic.NET or Visual C# .NET, .NET Development Security Solutions emphasizes code over theory and offers real practical solutions to vexing problems. Expert author John Mueller covers the gamut of security-related issues for desktop, server, Web, and wireless environments. More specifically, he focuses on: Avoiding common errors and traps; .NET rule-based security techniques; Validation and verification issues; .NET cryptographic techniques; Web server security; Securing XML and Web pages; Wireless device security....

Authors: Honeynet Project The.
Paperback, 800 pages
Publisher: Addison-Wesley Professional
Publication Date: 2004-05-27
Edition: 2

Reviews :

    Very few organizations today know who their enemy is or how they might attack; when they might attack; what the enemy does once they compromise a system; and, perhaps most important, why they attack. The Honeynet Project is changing this. With the help of members of the Honeynet Research Alliance and active contributors throughout the security community, this organization is researching the tools, tactics, and motives of the blackhat community. Their primary weapon is the Honeynet, a relatively new security technology made up of networks of systems that are designed to be compromised. ***This second edition is divided into three parts: how to set up a honeynet, how to analyze the collected data, and what the authors have learned about "the enemy" from the data. It covers new techniques and technologies never published before, including second-generation and distributed Honeynets. It also explains data analysis in much greater detail, with entire chapters dedicated to Window forensics, UNIX forensics, reverse engineering, and network forensics....

Authors: Suranjan Choudhury. Suranijan Choudhury.
Paperback, 408 pages
Publisher: Wiley
Publication Date: 2002-01-15
Edition: 1st

Reviews :

    Public Key Infrastructure Implementation and Design is a complete, concise guide for professionals. This book offers a complete reference on all aspects of public key infrastructure including architecture, planning, implementation, cryptography, standards and certificates....

Authors: Qiang Huang. Jazib Frahim.
Paperback, 384 pages
Publisher: Cisco Press
Publication Date: 2008-06-20
Edition: 1

Reviews :

   

SSL Remote Access VPNs

 

An introduction to designing and configuring SSL virtual private networks

 

Jazib Frahim, CCIE® No. 5459

Qiang Huang, CCIE No. 4937

 

Cisco® SSL VPN solutions (formerly known as Cisco WebVPN solutions) give you a flexible and secure way to extend networking resources to virtually any remote user with access to the Internet and a web browser. Remote access based on SSL VPN delivers secure access to network resources by establishing an encrypted tunnel across the Internet using a broadband (cable or DSL) or ISP dialup connection.

 

SSL Remote Access VPNs provides you with a basic working knowledge of SSL virtual private networks on Cisco SSL VPN-capable devices. Design guidance is provided to assist you in implementing SSL VPN in existing network infrastructures. This includes examining existing hardware and software to determine whether they are SSL VPN capable, providing design recommendations, and guiding you on setting up the Cisco SSL VPN devices. Common deployment scenarios are covered to assist you in deploying an SSL VPN in your network.

 

SSL Remote Access VPNs gives you everything you need to know to understand, design, install, configure, and troubleshoot all the components that make up an effective, secure SSL VPN solution.

 

Jazib Frahim, CCIE® No. 5459, is currently working as a technical leader in the Worldwide Security Services Practice of the Cisco Advanced Services for Network Security. He is responsible for guiding customers in the design and implementation of their networks, with a focus on network security. He holds two CCIEs, one in routing and switching and the other in security.

 

Qiang Huang, CCIE No. 4937, is a product manager in the Cisco Campus Switch System Technology Group, focusing on driving the security and intelligent services roadmap for market-leading modular Ethernet switching platforms. During his time at Cisco, Qiang has played an important role in a number of technology groups, including the Cisco TAC security and VPN team, where he was responsible for trouble-shooting complicated customer deployments in security and VPN solutions. Qiang has extensive knowledge of security and VPN technologies and experience in real-life customer deployments. Qiang holds CCIE certifications in routing and switching, security, and

ISP Dial.

 

• Understand remote access VPN technologies, such as Point-to-Point Tunneling Protocol (PPTP), Internet Protocol Security (IPsec), Layer 2 Forwarding (L2F), Layer 2 Tunneling (L2TP) over IPsec, and SSL VPN

• Learn about the building blocks of SSL VPN, including cryptographic algorithms and SSL and Transport Layer Security (TLS)

• Evaluate common design best practices for planning and designing an SSL VPN solution

• Gain insight into SSL VPN functionality on Cisco Adaptive Security Appliance (ASA) and Cisco IOS® routers
• Install and configure SSL VPNs on Cisco ASA and Cisco IOS routers
• Manage your SSL VPN deployment using Cisco Security Manager

 

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Networking: Security

Covers: SSL VPNs

 

...

Authors: Robert Ellis Smith.
Paperback, 407 pages
Publisher: Privacy Journal
Publication Date: 2004-04-30


Reviews :

    This new book explores the hidden niches of American history to discover the tug between Americans' yearning for privacy and their insatiable curiosity. The book describes Puritan monitoring in Colonial New England, then shows how the attitudes of the founders placed the concept of privacy in the Constitution. This panoramic view continues with the coming of tabloid journalism in the Nineteenth Century, and the reaction to it in the form of a new right - the right to privacy. The book includes histories of wiretapping, of credit reporting, of sexual practices, of Social Security numbers and ID cards, of modern principles of privacy protection, and of the coming of the Internet and the new challenges to personal privacy it brings.

"Robert Ellis Smith's expose of privacy invasion will be one of the sleeper best-selling books..." wrote columnist William Safire in The New York Times, December 1999. "His numerous books are required reading for anyone concerned about the ongoing threats," said Simson Garfinkel in Database Nation, 2000.

Here's a chapter-by-chapter description: "Watchfulness" describes church monitoring in the Colonial period. "Serenity" shows the craving for solitude by our founders, which shaped the rights they enshrined in the Constitution. "Mistrust" recounts early battles over confidentiality in the Post Office, the Census, and Western Union. "Space" describes the quest for privacy in living arrangements (including the first moves to suburbia after the Civil War) and the lack of privacy on Southern plantations. "Curiosity" traces the epic development of sensational journalism in the Nineteenth Century. "Brandeis" chronicles how Louis Brandeis reacted to gossip journalism and other new technology by "inventing" a legal right to privacy. "Wiretaps" is the story of electronic surveillance from the invention of the telephone to the 1970s.

"Sex" traces changing attitudes towards sexual privacy over two centuries, and provides a chronicle of a Clintonesque sex scandal that changed attitudes forever after the 1880s. "Torts" describes court battles that eventually provided great latitude for gossip journalism. "The Constitution" is a remarkable new look at the very narrow decisions of the Supreme Court that shaped the very narrow Constitutional protections for privacy in the Twenty-first Century.

"Numbers" tells for the first time where Social Security numbers came from and how they are used now, and describes subtle political efforts to create a universal identity document in the U.S. "Databanks" provides histories of credit reporting, database marketing, and government record keeping from the 1950s to the present. "Cyberspace" is a look back at the overnight development of the World Wide Web and its impact on personal privacy.

Lastly, the epilogue entitled "Ben Franklin's Web Site" offers specific tips for protecting your privacy. It is modern guidance that Ben Franklin himself would have provided on his Web site....

Authors: Elizabeth D. Zwicky. Simon Cooper. D. Brent Chapman.
Paperback, 869 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2000-01-15
Edition: 2nd

Reviews :

    In the five years since the first edition of this classic book, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. Like the highly respected, bestselling first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes a variety of firewall technologies and architectures. It also contains a new set of chapters describing the issues involved in a variety of Internet services and protocols through a firewall. In addition to the standard email, News, FTP, DNS, and Telnet services, the book now covers web services and scripting languages, Windows NT services, authentication and auditing services, intermediary protocols, and database protocols. The book also has a complete list of resources, including the location of many publicly available firewall construction tools....

    In the vast and varied universe of computer books, only a few stand out as the best in their subject areas. Building Internet Firewalls is one of those. It's deep, yet carefully focused, so that almost anything you might want to know about firewall strategies for protecting networks is here. In addition, there's lots of information on the reasons that we build firewalls in the first place, which is to say the security risks that come with Internet connectivity. You'll learn a great deal about Internet services and the protocols that provide them as you follow this book's recommendations for stifling attacks.

If there's a shortcoming to this book, it's its lack of coverage of the turnkey firewall products that are becoming popular among home and small-office users. Emphasis here is on more complicated network defenses that require careful design and setup--both design and implementation are the order of the day here. The authors carefully enumerate the threats they see in various situations, go into some detail on how those threats manifest themselves, and explain what configuration changes you can make to your perimeter defenses to repulse those threats. Plenty of illustrations make points about good and bad security strategies (you want to put the routers here and here, not here or here). You'll learn a lot by reading this book from cover to cover, no matter how much experience you have. --David Wall

Topics covered: Means of protecting private networks from external security threats. The authors go into detail on attackers' means of exploiting security holes in common Internet services, and show how to plug those holes or at least limit the damage that can be done through them. With coverage of Unix, Linux, and Windows NT, the authors detail their philosophies of firewall design and general security policy....

Authors: Andrew Jones. Craig Valli.
Paperback, 304 pages
Publisher: Butterworth-Heinemann
Publication Date: 2008-10-07


Reviews :

    The need to professionally and successfully conduct computer forensic investigations of incidents and crimes has never been greater. This has caused an increased requirement for information about the creation and management of computer forensic laboratories and the investigations themselves. This includes a great need for information on how to cost-effectively establish and manage a computer forensics laboratory. This book meets that need: a clearly written, non-technical book on the topic of computer forensics with emphasis on the establishment and management of a computer forensics laboratory and its subsequent support to successfully conducting computer-related crime investigations.

* Provides guidance on creating and managing a computer forensics lab
* Covers the regulatory and legislative environment in the US and Europe
* Meets the needs of IT professionals and law enforcement as well as consultants...

Authors: Jack Koziol.
Paperback, 360 pages
Publisher: Sams
Publication Date: 2003-05-30
Edition: 2nd

Reviews :

   

With over 100,000 installations, the Snort open-source network instrusion detection system is combined with other free tools to deliver IDS defense to medium - to small-sized companies, changing the tradition of intrusion detection being affordable only for large companies with large budgets.

Until now, Snort users had to rely on the official guide available on snort.org. That guide is aimed at relatively experience snort administrators and covers thousands of rules and known exploits.

The lack of usable information made using Snort a frustrating experience. The average Snort user needs to learn how to actually get their systems up-and-running.

Snort Intrusion Detection provides readers with practical guidance on how to put Snort to work. Opening with a primer to intrusion detection and Snort, the book takes the reader through planning an installation to building the server and sensor, tuning the system, implementing the system and analyzing traffic, writing rules, upgrading the system, and extending Snort.

...