Authors: Peter Gregory.
Kindle Edition, 360 pages
Publisher: For Dummies
Publication Date: 2007-12-26


Reviews :

    If you have a business or a nonprofit organization, or if you’re the one responsible for information systems at such an operation, you know that disaster recovery planning is pretty vital. But it’s easy to put it off. After all, where do you start?

IT Disaster Recovery Planning For Dummies shows you how to get started by creating a safety net while you work out the details of your major plan. The right plan will get your business back on track quickly, whether you're hit by a tornado or a disgruntled employee with super hacking powers. Here's how to assess the situation, develop both short-term and long-term plans, and keep your plans updated.

This easy-to-understand guide will help you

• Prepare your systems, processes, and people for an organized response to disaster when it strikes
• Identify critical IT systems and develop a long-range strategy
• Select and train your disaster recovery team
• Conduct a Business Impact Analysis
• Determine risks to your business from natural or human-made causes
• Get management support
• Create appropriate plan documents
• Test your plan

Some disasters get coverage on CNN, and some just create headaches for the affected organization. With IT Disaster Recovery Planning For Dummies, you’ll be prepared for anything from hackers to hurricanes!...

Authors: Wenbo Mao.
Hardcover, 648 pages
Publisher: Prentice Hall PTR
Publication Date: 2003-08-04


Reviews :

    Appropriate for all graduate-level and advanced undergraduate courses in cryptography and related mathematical fields. Modern Cryptography is an indispensable resource for every advanced student of cryptography who intends to implement strong security in real-world applications. Leading HP security expert Wenbo Mao explains why conventional crypto schemes, protocols, and systems are profoundly vulnerable, introducing both fundamental theory and real-world attacks. Next, he shows how to implement crypto systems that are truly "fit for application," and formally demonstrate their fitness. He begins by reviewing the foundations of cryptography: probability, information theory, computational complexity, number theory, algebraic techniques, and more. He presents the "ideal" principles of authentication, comparing them with real-world implementation. Mao assesses the strength of IPSec, IKE, SSH, SSL, TLS, Kerberos, and other standards, and offers practical guidance on designing stronger crypto schemes and using formal methods to prove their security and efficiency.Finally, he presents an in-depth introduction to zero-knowledge protocols: their characteristics, development, arguments, and proofs. Mao relies on practical examples throughout, and provides all the mathematical background students will need....

Authors: Omar Santos.
Paperback, 480 pages
Publisher: Cisco Press
Publication Date: 2007-09-03
Edition: 1

Reviews :

   

End-to-End Network Security

Defense-in-Depth

 

Best practices for assessing and improving network defenses and responding to security incidents

 

Omar Santos

 

Information security practices have evolved from Internet perimeter protection to an in-depth defense model in which multiple countermeasures are layered throughout the infrastructure to address vulnerabilities and attacks. This is necessary due to increased attack frequency, diverse attack sophistication, and the rapid nature of attack velocity–all blurring the boundaries between the network and perimeter.

 

End-to-End Network Security is designed to counter the new generation of complex threats. Adopting this robust security strategy defends against highly sophisticated attacks that can occur at multiple locations in your network. The ultimate goal is to deploy a set of security capabilities that together create an intelligent, self-defending network that identifies attacks as they occur, generates alerts as appropriate, and then automatically responds.

 

End-to-End Network Security provides you with a comprehensive look at the mechanisms to counter threats to each part of your network. The book starts with a review of network security technologies then covers the six-step methodology for incident response and best practices from proactive security frameworks. Later chapters cover wireless network security, IP telephony security, data center security, and IPv6 security. Finally, several case studies representing small, medium, and large enterprises provide detailed example configurations and implementation strategies of best practices learned in earlier chapters.

 

Adopting the techniques and strategies outlined in this book enables you to prevent day-zero attacks, improve your overall security posture, build strong policies, and deploy intelligent, self-defending networks.

 

“Within these pages, you will find many practical tools, both process related and technology related, that you can draw on to improve your risk mitigation strategies.”

 

–Bruce Murphy, Vice President, World Wide Security Practices, Cisco

 

Omar Santos is a senior network security engineer at Cisco®. Omar has designed, implemented, and supported numerous secure networks for Fortune 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations.

 

• Guard your network with firewalls, VPNs, and intrusion prevention systems
• Control network access with AAA
• Enforce security policies with Cisco Network Admission Control (NAC)
• Learn how to perform risk and threat analysis
• Harden your network infrastructure, security policies, and procedures against security threats
• Identify and classify security threats
• Trace back attacks to their source
• Learn how to best react to security incidents
• Maintain visibility and control over your network with the SAVE framework
• Apply Defense-in-Depth principles to wireless networks, IP telephony networks, data centers, and IPv6 networks

 

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Networking: Security

Covers: Network security and incident response

 

$55.00 USA / $63.00 CAN

...

Authors: Ted Roche.
Paperback, 228 pages
Publisher: Hentzenwerke Publishing
Publication Date: 2001-06-01


Reviews :

    This training aid and reference manual assists casual users, software developers, and SourceSafe administrators in installing, configuring, and maintaining SourceSafe in a variety of development environments. A broad spectrum of topics are covered, from the basics of installation and maintenance, to more advanced features such as reporting, to very advanced features like automation. The book starts with the basics of installation and configuration and goes on to explain the theory behind SourceSafe. Thorough coverage includes using SourceSafe as a standalone tool and how to integrate it into other Microsoft products such as Visual Studio, Microsoft Office, and SQL Server. Common problems and their solutions are discussed for all of these environments. Also included are several advanced chapters: for developers, how to manipulate source code control features via Automation or the command-line interface, and for administrators, how to optimally test and
maintain SourceSafe data and security models. Numerous software and batch file examples, included in the body text and available for download, illustrate key points and provide a good starting point for anyone looking to customize and optimize their SourceSafe platform.
...

Authors: Andy Walker.
Paperback, 480 pages
Publisher: Que
Publication Date: 2008-08-07
Edition: 2nd

Reviews :

   

 Today, if you own a Windows computer you need to understand the risks and the potential damage security threats pose. The mere act of turning on an Internet-connected computer can put you, your family, and even your personal finances at risk!

This book defines all the threats an average household might face and provides strategies to turn novice and basic users into adept home security experts, making you safer and more secure from cyber criminals.

 

We start off with plain English definitions for security mumbo jumbo, and then we dig in with step-by-step instructions to help you cut your exposure in less than 10 minutes! Finally, we provide steps for more involved security measures that you can do in a weekend.

 

We also take an in-depth look at the security measures Microsoft put in Windows Vista. We also look at how Vista responds to the key threats. It teaches you how to tweak the system and make Microsoft’s new security features–like the User Access Control–less annoying and helps you adjust the system to be usable. It shows you how to set up Vista to protect your system from your kids–the biggest security hazard to your computer.

 

     •    More than 5 million spam emails flood the Internet daily–many with your name on them–we show you how to make yourself invisible to detestable spammers!

     •    Did you know that hackers are snooping around your IP address right now, while you read this? They might already have breached what security you have and could be running amok with your personal data. Stop them dead in their tracks with a few simple steps!

     •    Identity theft is the most popular form of consumer fraud today, and last year thieves stole more than $100 million from people just like you. Put a stop to the madness with the steps provided in this book!

     •    Spyware–nasty little programs that you might not even know you have installed on your PC–could be causing your PC to crash.  We show you how to root it out of your system and prevent further infection.

 

Andy Walker is one of North America’s top technology journalists and is the author of Que’s Absolute Beginner’s Guide to Security, Spam, Spyware & Viruses and Microsoft Windows Vista Help Desk. Since 1995, he has written about personal computer technology for dozens of newspapers, magazines, and websites. Today, his columns (and hundreds more technology how-to articles) are published at Cyberwalker.com where more than 5 million unique

visitors read the advice annually. Andy co-hosted the internationally syndicated TV show Call for Help with Leo Laporte. Alongside his ongoing TV guest appearances, he also hosts the popular tech video podcast Lab Rats at LabRats.tv.

 

Category Microsoft Operating System

Covers    Windows Vista and XP Security

User Level    Beginner–Intermediate

 

informit.com/que

cyberwalker.com

 

 

...

Authors: Nitesh Dhanjani. Justin Clarke.
Paperback, 340 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2005-04-04


Reviews :

    If you're an advanced security professional, then you know that the battle to protect online privacy continues to rage on. Security chat rooms, especially, are resounding with calls for vendors to take more responsibility to release products that are more secure. In fact, with all the information and code that is passed on a daily basis, it's a fight that may never end. Fortunately, there are a number of open source security tools that give you a leg up in the battle. Often a security tool does exactly what you want, right out of the box. More frequently, you need to customize the tool to fit the needs of your network structure. Network Security Tools shows experienced administrators how to modify, customize, and extend popular open source security tools such as Nikto, Ettercap, and Nessus. This concise, high-end guide discusses the common customizations and extensions for these tools, then shows you how to write even more specialized attack and penetration reviews that are suited to your unique network environment. It also explains how tools like port scanners, packet injectors, network sniffers, and web assessment tools function. Some of the topics covered include:

• Writing your own network sniffers and packet injection tools
• Writing plugins for Nessus, Ettercap, and Nikto
• Developing exploits for Metasploit
• Code analysis for web applications
• Writing kernel modules for security applications, and understanding rootkits

While many books on security are either tediously academic or overly sensational, Network Security Tools takes an even-handed and accessible approach that will let you quickly review the problem and implement new, practical solutions--without reinventing the wheel. In an age when security is critical, Network Security Tools is the resource you want at your side when locking down your network....

Authors: Ori Pomerantz. Barbara Vander Weele. Mark Nelson. Tim Hahn.
Hardcover, 192 pages
Publisher: IBM Press
Publication Date: 2008-01-07
Edition: 1

Reviews :

   

Leverage Your Security Expertise in IBM^® System z™ Mainframe Environments

 

For over 40 years, the IBM mainframe has been the backbone of the world’s largest enterprises. If you’re coming to the IBM System z mainframe platform from UNIX^®, Linux^®, or Windows^®, you need practical guidance on leveraging its unique security capabilities. Now, IBM experts have written the first authoritative book on mainframe security specifically designed to build on your experience in other environments.

 

Even if you’ve never logged onto a mainframe before, this book will teach you how to run today’s z/OS^®  operating system command line and ISPF toolset and use them to efficiently perform every significant security administration task. Don’t have a mainframe available for practice? The book contains step-by-step videos walking you through dozens of key techniques. Simply log in and register your book at www.ibmpressbooks.com/register to gain access to these videos.

The authors illuminate the mainframe’s security model and call special attention to z/OS security techniques that differ from UNIX, Linux, and Windows. They thoroughly introduce IBM’s powerful Resource Access Control Facility (RACF) security subsystem and demonstrate how mainframe security integrates into your enterprise-wide IT security infrastructure. If you’re an experienced system administrator or security professional, there’s no faster way to extend your expertise into “big iron” environments.

Coverage includes

• Mainframe basics: logging on, allocating and editing data sets, running JCL jobs, using UNIX System Services, and accessing documentation
• Creating, modifying, and deleting users and groups
• Protecting data sets, UNIX file system files, databases, transactions, and other resources
• Manipulating profiles and managing permissions
• Configuring the mainframe to log security events, filter them appropriately, and create usable reports
• Using auditing tools to capture static configuration data and dynamic events, identify weaknesses, and remedy them
• Creating limited-authority administrators: how, when, and why

...

Authors: Andrew Whitaker. Keatron Evans. Jack B. Voth.
Hardcover, 330 pages
Publisher: Addison-Wesley Professional
Publication Date: 2009-02-13
Edition: 1

Authors: Craig Schiller. Jim Binkley.
Paperback, 504 pages
Publisher: Syngress
Publication Date: 2007-01-26


Reviews :

    As a conscientious system administrator, network administrator, or security professional, you've no doubt been frustrated by the lack of good usable information about the latest, and most deadly internet attack, botnets. From diagrams to help you explain botnets to management, to working code to help you detect and respond to them, Botnets: Killer Web App has it all. Botnets are being hired to take out the competition, via DDOS attacks, in Clicks4Hire schemes to defraud Internet Advertising sites, in launching targeted Spam and phishing attacks. They use trojan horse software with remote control capabilities, stealth features that kill A/V software. The Command and Control servers use Fast Flux domains, sites that rapidly change their domain name or even IP addresses, to play an Internet version of the shell game. They steal identity and financial account information from infected hosts. They can be used to store prohibited materials, like child pornography, on your Mom or Dad's computer rather than on one that might lead to the actual pedophile's conviction. Botnets: Killer Web App, answers your questions about this new technology threat. What are they? How do they spread? How do they work? How can I detect them when they don't want to be seen? What tools are available to fight this menace? What kind of help is there across the Internet and within Law Enforcement? Botnets: Killer Web App, covers all this and more....

Authors: Jelena Mirkovic. Sven Dietrich. David Dittrich. Peter Reiher.
Paperback, 400 pages
Publisher: Prentice Hall PTR
Publication Date: 2005-01-09