Authors: John Sherwood. Andrew Clark. David Lynas.
Hardcover, 608 pages
Publisher: cmp
Publication Date: 2005-11-12


Reviews :

    Security is too important to be left in the hands of just one department or employee — it's a concern of an entire enterprise. Enterprise Security Architecture shows that having a comprehensive plan requires more than the purchase of security software — it requires a framework for developing and maintaining a system that is proactive. Explaining how a proactive system provides business assurance and can enable new business opportunities, this book provides a complete framework — the SABSA model — for developing an enterprise's security architecture. Charts and graphs, as well as descriptions of actual businesses, show how this model can be used in various situations. Furthermore, the SABSA model is flexible enough that its process for architecture development can be adapted to any enterprise, forming a unique solution for each individual business. Useful both to technical security personnel and business managers as a tutorial or as a reference tool, Enterprise Security Architecture outlines a comprehensive security strategy....

Authors: Niels Ferguson. Bruce Schneier.
Paperback, 432 pages
Publisher: Wiley
Publication Date: 2003-03-28
Edition: 1st

Reviews :

    Security is the number one concern for businesses worldwide. The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold more than 150,000 copies.
Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. Previously, Ferguson was a cryptographer for DigiCash and CWI. At CWI he developed the first generation of off-line payment protocols. He has published numerous scientific papers.
Bruce Schneier (Minneapolis, MN) is Founder and Chief Technical Officer at Counterpane Internet Security, a managed-security monitoring company. He is also the author of Secrets and Lies: Digital Security in a Networked World (0-471-25311-1)....

Authors: Steve Sinchak.
Paperback, 316 pages
Publisher: Wiley
Publication Date: 2007-05-29


Reviews :

    Vista is the most radical revamping of Windows since 1995. However, along with all the fantastic improvements, there are a couple of things that likely drive you up the wall. Don’t worry, though—just join forces with author Steve Sinchak and you’ll end up feeling as though Microsoft designed Vista just for you! He shows you how to tweak logon screen settings, build custom Sidebar gadgets, personalize Aero Glass with themes and visual styles, turn your PC into an HDTV media center, fine-tune your firewall, and more....

Authors: Preston Gralla.
Paperback, 572 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2005-02-23
Edition: 2

Reviews :

    A smart collection of insider tips and tricks, Windows XP Hacks, Second Edition covers the XP operating system from start to finish. Among the multitude of topics addressed, this must-have resource includes extensive coverage of hot-button issues such as:

• security
• web browsing
• controlling the control panel
• removing uninstallable XP components
• pop-up ads

You'll also find timesaving hacks for file distribution; digital media, such as iTunes; and high-visibility web software, services, and exploits that have emerged since the book's last edition. Each hack in the book can be read easily in just a few minutes, saving countless hours of searching for the right answer. Now completely revised and updated to cover Service Pack 2 (SP2), the second edition of this bestseller carefully breaks down the new features that come with SP2, including IE pop-up blocker, Windows Firewall, and the new wireless client. Written by Preston Gralla, the compact and affordable Windows XP Hacks, Second Edition provides direct, hands-on solutions that can be applied to the challenges facing XP beginners, as well as the more experienced power user. Each year, Windows XP is pre-installed on 90 million PCs worldwide, making it the world's most popular operating system....

Authors: Johnny Long.
Paperback, 448 pages
Publisher: Syngress
Publication Date: 2007-11-02
Edition: 1

Reviews :

    A self-respecting Google hacker spends hours trolling the Internet for juicy stuff. Firing off search after search, they thrive on the thrill of finding clean, mean, streamlined queries and get a real rush from sharing those queries and trading screenshots of their findings. I know because I've seen it with my own eyes. As the founder of the Google Hacking Database (GHDB) and the Search engine hacking forums at http://johnny.ihackstuff.com, I am constantly amazed at what the Google hacking community comes up with. It turns out the rumors are true-creative Google searches can reveal medical, financial, proprietary and even classified information. Despite government edicts, regulation and protection acts like HIPPA and the constant barking of security watchdogs, this problem still persists. Stuff still makes it out onto the web, and Google hackers snatch it right up. Protect yourself from Google hackers with this new volume of information.
-Johnny Long

. Learn Google Searching Basics
Explore Google's Web-based Interface, build Google queries, and work with Google URLs.
. Use Advanced Operators to Perform Advanced Queries
Combine advanced operators and learn about colliding operators and bad search-fu.
. Learn the Ways of the Google Hacker
See how to use caches for anonymity and review directory listings and traversal techniques.
. Review Document Grinding and Database Digging
See the ways to use Google to locate documents and then search within the documents to locate information.
. Understand Google's Part in an Information Collection Framework
Learn the principles of automating searches and the applications of data mining.
. Locate Exploits and Finding Targets
Locate exploit code and then vulnerable targets.
. See Ten Simple Security Searches
Learn a few searches that give good results just about every time and are good for a security assessment.
. Track Down Web Servers
Locate and profile web servers, login portals, network hardware and utilities.
. See How Bad Guys Troll for Data
Find ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information.
. Hack Google Services
Learn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more....

Authors: Chris Hurley.
Paperback, 448 pages
Publisher: Syngress
Publication Date: 2007-10-12


Reviews :

    Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester's toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.

. Perform Network Reconnaissance
Master the objectives, methodology, and tools of the least understood aspect of a penetration test.
. Demystify Enumeration and Scanning
Identify the purpose and type of the target systems, obtain specific information about the versions of the services that are running on the systems, and list the targets and services.
. Hack Database Services
Understand and identify common database service vulnerabilities, discover database services, attack database authentication mechanisms, analyze the contents of the database, and use the database to obtain access to the host operating system.
. Test Web Servers and Applications
Compromise the Web server due to vulnerabilities on the server daemon itself, its unhardened state, or vulnerabilities within the Web applications.
. Test Wireless Networks and Devices
Understand WLAN vulnerabilities, attack WLAN encryption, master information gathering tools, and deploy exploitation tools.
. Examine Vulnerabilities on Network Routers and Switches
Use Traceroute, Nmap, ike-scan, Cisco Torch, Finger, Nessus, onesixtyone, Hydra, Ettercap, and more to attack your network devices.
. Customize BackTrack 2
Torque BackTrack 2 for your specialized needs through module management, unique hard drive installations, and USB installations.
. Perform Forensic Discovery and Analysis with BackTrack 2
Use BackTrack in the field for forensic analysis, image acquisition, and file carving.
. Build Your Own PenTesting Lab
Everything you need to build your own fully functional attack lab....

Authors: Nicolai M. Josuttis.
Paperback, 342 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2007-08-24


Reviews :

    This book demonstrates service-oriented architecture (SOA) as a concrete discipline rather than a hopeful collection of cloud charts. Built upon the author's firsthand experience rolling out a SOA at a major corporation, SOA in Practice explains how SOA can simplify the creation and maintenance of large-scale applications. Whether your project involves a large set of Web Services-based components, or connects legacy applications to modern business processes, this book clarifies how -- and whether -- SOA fits your needs. SOA has been a vision for years. This book brings it down to earth by describing the real-world problems of implementing and running a SOA in practice. After defining SOA's many facets, examining typical use patterns, and exploring how loose coupling helps build stronger applications, SOA in Practice presents a framework to help you determine when to take advantage of SOA. In this book you will: Focus squarely on real deployment and technology, not just standards maps Examine business problems to determine which ones fit a SOA approach before plastering a SOA solution on top of them Find clear paths for building solutions without getting trapped in the mire of changing web services details Gain the experience of a systems analyst intimately involved with SOA "The principles and experiences described in this book played an important role in making SOA at T-Mobile a success story, with more than 10 million service calls per day." --Dr. Steffen Roehn, Member of the Executive Committee T-Mobile International (CIO) "Nicolai Josuttis has produced something that is rare in the over-hyped world of SOA; a thoughtful work with deep insights based on hands-on experiences. This bookis a significant milestone in promoting practical disciplines for all SOA practitioners." --John Schmidt, Chairman, Integration Consortium "The book belongs in the hands of every CIO, IT Director and IT planning manager." --Dr. Richard Mark Soley, Chairman and CEO, Object Management Group; Executive Director, SOA Consortium...

Authors: Silvia Hagen.
Paperback, 436 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2006-05-17
Edition: 2

Reviews :

    "IPv6 Essentials," Second Edition provides a succinct, in-depth tour of all the new features and functions in IPv6. It guides you through everything you need to know to get started, including how to configure IPv6 on hosts and routers and which applications currently support IPv6. The new IPv6 protocols offers extended address space, scalability, improved support for security, real-time traffic support, and auto-configuration so that even a novice user can connect a machine to the Internet. Aimed at system and network administrators, engineers, network designers, and IT managers, this book will help you understand, plan for, design, and integrate IPv6 into your current IPv4 infrastructure.

Beginning with a short history of IPv6, author Silvia Hagen provides an overview of new functionality and discusses why we need IPv6. Hagen also shares exhaustive discussions of the new IPv6 header format and Extension Headers, IPv6 address and ICMPv6 message format, Security, QoS, Mobility and, last but not least, offers a Quick Start Guide for different operating systems. "IPv6 Essentials," Second Edition also covers: In-depth technical guide to IPv6 Mechanisms and Case Studies that show how to integrate IPv6 into your network without interruption of IPv4 services Routing protocols and upper layer protocols Security in IPv6: concepts and requirements. Includes the IPSEC framework and security elements available for authentication and encryption Quality of Service: covers the elements available for QoS in IPv6 and how they can be implemented Detailed discussion of DHCPv6 and Mobile IPv6 Discussion of migration cost and business case Getting started on different operating systems: Sun Solaris, Linux, BSD, Windows XP, and Cisco routers

Whether you're ready to start implementing IPv6 today or are planning your strategy for the future, "IPv6 Essentials," Second Edition will provide the solid foundation you need to get started.

"Silvia's look at IPv6 is always refreshing as she translates complex technology features into business drivers and genuine end-user benefits to enable building new business concepts based on end to end models." Latif Ladid, President IPv6 Forum, Chair EU IPv6 Task Force...

Authors: Rob Orsini.
Paperback, 534 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2007-01-16


Reviews :

    Rails Cookbook is packed with the solutions you need to be a proficient developer with Rails, the leading framework for building the new generation of Web 2.0 applications. Recipes range from the basics, like installing Rails and setting up your development environment, to the latest techniques, such as developing RESTful web services.

With applications that are code light, feature-full and built to scale quickly, Rails has revolutionized web development. The Rails Cookbook addresses scores of real-world challenges; each one includes a tested solution, plus a discussion of how and why it works, so that you can adapt the techniques to similar situations. Topics include:

• Modeling data with the ActiveRecord library
• Setting up views with ActionView and RHTML templates
• Building your application's logic into ActionController
• Testing and debugging your Rails application
• Building responsive web applications using JavaScript and Ajax
• Ensuring that your application is security and performs well
• Deploying your application with Mongrel and Apache
• Using Capistrano to automate deployment
• Using the many Rails plugins
• Working with graphics

Whether you're new to Rails or an experienced developer, you'll discover ways to test, debug and secure your applications, incorporate Ajax, use caching to improve performance, and put your application into production. Want to get ahead of the Web 2.0 curve? This valuable cookbook will save you hundreds of hours when developing applications with Rails....

Authors: Michael A. Pastore. Emmett Dulaney. Michael Gregg. David Miller. James Michael Stewart.
Paperback, 1173 pages
Publisher: Sybex
Publication Date: 2008-02-05


Reviews :

    This boxed set provides everything you need to prepare for your CompTIA Security certification, including full coverage of all exam objectives, exercises to hone your real-world skills, and a concise review for that last minute test prep. The set includes CompTIA Security Study Guide, Third Edition, covering all exam objectives in a systematic approach; Security Administrator Street Smarts: A Real World Guide to CompTIA Security Skills, with key information and practice organized around the actual scenarios you'll face in the field; and Security Fast Pass, a concise review tool....