Authors: Martijn Dashorst. Eelco Hillenius.
Paperback, 392 pages
Publisher: Manning Publications
Publication Date: 2008-09-15


Reviews :

    There are dozens of Java frameworks out there, but most of them require you to learn special coding techniques and new, often rigid, patterns of development. Wicket is different. As a component-based Web application framework, Wicket lets you build maintainable enterprise-grade web applications using the power of plain old Java objects (POJOs), HTML, Ajax, Spring, Hibernate and Maven. Wicket automatically manages state at the component level, which means no more awkward HTTPSession objects. Its elegant programming model enables you to write rich web applications quickly.

Wicket in Action is an authoritative, comprehensive guide for Java developers building Wicket-based Web applications. This book starts with an introduction to Wicket's structure and components, and moves quickly into examples of Wicket at work. Written by two of the project's earliest and most authoritative experts, this book shows you both the "how-to" and the "why" of Wicket. As you move through the book, you'll learn to use and customize Wicket components, how to interact with other technologies like Spring and Hibernate, and how to build rich, Ajax-driven features into your applications....

Authors: Edward Skoudis. Tom Liston.
Paperback, 784 pages
Publisher: Prentice Hall PTR
Publication Date: 2006-01-02
Edition: 2

Reviews :

    "I finally get it! I used to hear words like rootkit, buffer overflow, and idle scanning, and they just didn't make any sense. I asked other people and they didn't seem to know how these things work, or at least they couldn't explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!" --Stephen Northcutt, CEO, SANS Institute "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery "Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It's technically intriguing and very clear...A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field."--From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World "What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks." --Lenny Zeltser, coauthor of Malware: Fighting Malicious Code "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery"In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis's real strength is in his ability to show complex topics in an understandable form. By the time he's done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar.This book is your best source for understanding attack strategies, attack tools, and the defenses against both." --William Stearns, network security expert, www.stearns.org"This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written." --Warwick Ford, coauthor of Secure Electronic Commerce For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks. For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic.You'll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments. Important features of this new edition include *All-new "anatomy-of-an-attack" scenarios and tools *An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more *Fully updated coverage of reconnaissance tools, including Nmap port scanning and "Google hacking" *New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit *New information on dangerous, hard-to-detect, kernel-mode rootkits...

    In defending your systems against intruders and other meddlers, a little knowledge can be used to make the bad guys--particularly the more casual among them--seek out softer targets. Counter Hack aims to provide its readers with enough knowledge to toughen their Unix and Microsoft Windows systems against attacks in general, and with specific knowledge of the more common sorts of attacks that can be carried out by relatively unskilled "script kiddies." The approach author Ed Skoudis has chosen is effective, in that his readers accumulate the knowledge they need and generally enjoy the process.

The best part of this book may be two chapters, one each for Windows and Unix, that explain the essential security terms, conventions, procedures, and behaviors of each operating system. This is the sort of information that readers need--a Unix person getting into Windows administration for the first time needs an introduction to the Microsoft security scheme, and vice versa. A third chapter explains TCP/IP with focus on security. With that groundwork in place, Skoudis explains how (with emphasis on tools) attackers look for vulnerabilities in systems, gain access, and maintain their access for periods of time without being discovered. You'll probably want to search online resources for more specific information--Skoudis refers to several--but this book by itself will provide you with the vocabulary and foundation knowledge you need to get the details you want. --David Wall

Topics covered: How black-hat hackers work, what tools and techniques they use, and how to assess and improve your systems' defenses. The author explains how Windows, Unix, and TCP/IP can be exploited for nefarious purposes, and details a modus operandi that's typical of the bad guys. ...

Authors: Brian Carrier.
Paperback, 600 pages
Publisher: Addison-Wesley Professional
Publication Date: 2005-03-27
Edition: 1

Reviews :

    This is an advanced cookbook and reference guide for digital forensic practitioners. File System Forensic Analysis focuses on the file system and disk. The file system of a computer is where most files are stored and where most evidence is found; it also the most technically challenging part of forensic analysis. This book offers an overview and detailed knowledge of the file system and disc layout. The overview will allow an investigator to more easily find evidence, recover deleted data, and validate his tools. The cookbook section will show how to use the many open source tools for analysis, many of which Brian Carrier has developed himself....

Authors: Shon Harris. Allen Harper. Chris Eagle. Jonathan Ness.
Paperback, 550 pages
Publisher: McGraw-Hill Osborne Media
Publication Date: 2007-12-20
Edition: 2

Reviews :

   

"A fantastic book for anyone looking to learn the tools and techniques needed to break in and stay in." --Bruce Potter, Founder, The Shmoo Group

"Very highly recommended whether you are a seasoned professional or just starting out in the security business." --Simple Nomad, Hacker

...

Authors: Ivan Ristic.
Paperback, 432 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2005-03-15


Reviews :

    With more than 67% of web servers running Apache, it is by far the most widely used web server platform in the world. Apache has evolved into a powerful system that easily rivals other HTTP servers in terms of functionality, efficiency, and speed. Despite these impressive capabilities, though, Apache is only a beneficial tool if it's a secure one. To be sure, administrators installing and configuring Apache still need a sure-fire way to secure it--whether it's running a huge e-commerce operation, corporate intranet, or just a small hobby site. Our new guide, Apache Security, gives administrators and webmasters just what they crave--a comprehensive security source for Apache. Successfully combining Apache administration and web security topics, Apache Security speaks to nearly everyone in the field. What's more, it offers a concise introduction to the theory of securing Apache, as well as a broad perspective on server security in general. But this book isn't just about theory. The real strength of Apache Security lies in its wealth of interesting and practical advice, with many real-life examples and solutions. Administrators and programmers will learn how to:

• install and configure Apache
• prevent denial of service (DoS) and other attacks
• securely share servers
• control logging and monitoring
• secure custom-written web applications
• conduct a web security assessment
• use mod_security and other security-related modules

And that's just the tip of the iceberg, as mainstream Apache users will also gain valuable information on PHP and SSL/ TLS. Clearly, Apache Security is packed and to the point, with plenty of details for locking down this extremely popular and versatile web server....

Authors: Adam Shostack. Andrew Stewart.
Hardcover, 288 pages
Publisher: Addison-Wesley Professional
Publication Date: 2008-04-05
Edition: 1

Reviews :

    <>“It is about time that a book like The New School came along. The age of security as pure technology is long past, and modern practitioners need to understand the social and cognitive aspects of security if they are to be successful. Shostack and Stewart teach readers exactly what they need to know--I just wish I could have had it when I first started out.”

--David Mortman, CSO-in-Residence Echelon One, former CSO Siebel Systems

 

Why is information security so dysfunctional? Are you wasting the money you spend on security? This book shows how to spend it more effectively. How can you make more effective security decisions? This book explains why professionals have taken to studying economics, not cryptography--and why you should, too. And why security breach notices are the best thing to ever happen to information security. It’s about time someone asked the biggest, toughest questions about information security. Security experts Adam Shostack and Andrew Stewart don’t just answer those questions--they offer honest, deeply troubling answers. They explain why these critical problems exist and how to solve them. Drawing on powerful lessons from economics and other disciplines, Shostack and Stewart offer a new way forward. In clear and engaging prose, they shed new light on the critical challenges that are faced by the security field. Whether you’re a CIO, IT manager, or security specialist, this book will open your eyes to new ways of thinking about--and overcoming--your most pressing security challenges. The New School enables you to take control, while others struggle with non-stop crises.

• Better evidence for better decision-making
  Why the security data you have doesn’t support effective decision-making--and what to do about it
• Beyond security “silos”: getting the job done together
  Why it’s so hard to improve security in isolation--and how the entire industry can make it happen and evolve
• Amateurs study cryptography; professionals study economics
  What IT security leaders can and must learn from other scientific fields
• A bigger bang for every buck
  How to re-allocate your scarce resources where they’ll do the most good

...

Authors: Paul Asadoorian; Larry Pesce.
Paperback, 412 pages
Publisher: Syngress
Publication Date: 2007-05-15
Edition: 1

Reviews :

    This book will teach the reader how to make the most of their WRT54G series hardware. These handy little inexpensive devices can be configured for a near endless amount of networking tasks. The reader will learn about the WRT54G's hardware components, the different third-party firmware available and the differences between them, choosing the firmware that is right for you, and how to install different third-party firmware distributions. Never before has this hardware been documented in this amount of detail, which includes a wide-array of photographs and complete listing of all WRT54G models currently available, including the WRTSL54GS.
Once this foundation is laid, the reader will learn how to implement functionality on the WRT54G for fun projects, penetration testing, various network tasks, wireless spectrum analysis, and more! This title features never before seen hacks using the WRT54G. For those who want to make the most out of their WRT54G you can learn how to port code and develop your own software for the OpenWRT operating system.

*Never before seen and documented hacks, including wireless spectrum analysis
*Most comprehensive source for documentation on how to take advantage of advanced features on the inexpensive wrt54g platform
*Full coverage on embedded device development using the WRT54G and OpenWRT...

Authors: Daniel J. Solove.
Paperback, 256 pages
Publisher: Yale University Press
Publication Date: 2008-10-28


Reviews :

    ...

Authors: Chris Seibold.
Paperback, 640 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2008-04-17


Reviews :

    Bigger in size, longer in length, broader in scope, and even more useful than our original Mac OS X Hacks, the new Big Book of Apple Hacks offers a grab bag of tips, tricks and hacks to get the most out of Mac OS X Leopard, as well as the new line of iPods, iPhone, and Apple TV.

With 125 entirely new hacks presented in step-by-step fashion, this practical book is for serious Apple computer and gadget users who really want to take control of these systems. Many of the hacks take you under the hood and show you how to tweak system preferences, alter or add keyboard shortcuts, mount drives and devices, and generally do things with your operating system and gadgets that Apple doesn't expect you to do. The Big Book of Apple Hacks gives you:

• Hacks for both Mac OS X Leopard and Tiger, their related applications, and the hardware they run on or connect to
• Expanded tutorials and lots of background material, including informative sidebars
• "Quick Hacks" for tweaking system and gadget settings in minutes
• Full-blown hacks for adjusting Mac OS X applications such as Mail, Safari, iCal, Front Row, or the iLife suite
• Plenty of hacks and tips for the Mac mini, the MacBook laptops, and new Intel desktops
• Tricks for running Windows on the Mac, under emulation in Parallels or as a standalone OS with Bootcamp

The Big Book of Apple Hacks is not only perfect for Mac fans and power users, but also for recent -- and aspiring -- "switchers" new to the Apple experience. Hacks are arranged by topic for quick and easy lookup, and each one stands on its own so you can jump around and tweak whatever system or gadget strikes your fancy. Pick up this book and take control of Mac OS X and your favorite Apple gadget today!

...

Authors: Brian Komar.
Paperback, 700 pages
Publisher: Microsoft Press
Publication Date: 2008-04-06


Reviews :

    Get in-depth guidance for designing and implementing certificate-based security solutions straight from PKI expert Brian Komar. No need to buy or outsource costly PKI services when you can use the robust PKI and certificate-based security services already built into Windows Server 2008! This in-depth reference teaches you how to design and implement even the most demanding certificate-based security solutions for wireless networking, smart card authentication, VPNs, secure email, Web SSL, EFS, and code-signing applications using Windows Server PKI and certificate services. A principal PKI consultant to Microsoft, Brian shows you how to incorporate best practices, avoid common design and implementation mistakes, help minimize risk, and optimize security administration. This definitive reference features a CD loaded with tools, scripts, and a fully searchable eBook.

Key Book Benefits

Guides system engineers and administrators how to design and implement PKI-based solutions

Explains how to exploit the tight integration of Windows Server 2008 PKI services with Active Directory® directory service

Features best practices based on real-world implementations
Includes a CD with tools, scripts, and a fully-searchable eBook...