Authors: Jay Allen. Brad Choate. Ben Hammersley. Matthew Haughey. Ben Trott. Mena Trott. David Raynes.
Paperback, 336 pages
Publisher: Wiley
Publication Date: 2005-07-22
Edition: 1

Reviews :

    Ready to push Movable Type to the max?

Movable Type, that amazingly powerful personal publishing application, is the superhero of the Internet age. But when you push, poke, stretch, and otherwise coax it into producing even more, the possibilities for your Web content are simply superlative. Roll up your sleeves and get moving-here's the first book to tell you how.

Discover how to do all this and more
* Hack the perfect installation
* Hack the database
* Play with Atom, Perl, and XML-RPC APIs
* Write advanced plug-ins
* Master dynamic publishing
* Hack a super-powered blog app
* Ban comment spam
* Build customized templates...

Authors: Robert Schifreen.
Hardcover, 398 pages
Publisher: Wiley
Publication Date: 2006-05-05


Reviews :

    The current struggle between IT security and computer hackers is reaching crisis point. Corporate dependency on computers and the Internet as well as the rapid spread of broadband into more households has resulted in a feeding ground for hackers around the world. Estimated damage costs are now making their way into the billions. The need for some good advice is long overdue.

Robert Schifreen, a self-confessed ex-hacker, made history in 1985 when he became the first person in the world to face a jury trial in connection with computer hacking. His subsequent acquittal in the High Court led to a change in UK Law and the introduction of the Computer Misuse Act 1990. His 20 years experience in IT security now lends itself to global radio and TV broadcasts, as well as appearances at conferences and lectures around the world.

Keeping your company’s computers free from hackers, viruses, spammers, phishing attacks, social engineers and all the other things that can result in loss of data is a difficult job. Defeating the Hacker is a book about how to protect your computer systems becoming another victim of the hacker. It’s an instant primer into all the things that can go wrong, with advice on how to stop it happening or, if it’s too late, how to fix the damage.

• Presents unique, UK based, insider information on hacking and security from someone who has operated on both sides of the divide
• Develops a populist seam within a hot IT area: security
• Shows readers how and why hacking is made possible, whilst suggesting ways to avoid being a victim of it
• Written in a dynamic, conversational, yet knowledgeable, style
• Filled with information and anecdotal evidence aimed at IT professionals and those with a more general interest

Defeating the Hacker allows the reader to learn how to protect their computer systems with advice from someone who knows how to break into them....

Authors: Dan Verton.
Hardcover, 304 pages
Publisher: McGraw-Hill Osborne Media
Publication Date: 2003-08-19
Edition: 1

Reviews :

    The first book to define the clear and present danger posed by a cyber-terrorist attack on the U.S. computer- and network-dependent infrastructure. The pages are packed with interviews from members of terrorist groups, including al-Qaida, as well as key insiders involved in planning and executing the U.S. plan for the defense of cyberspace, including Tom Ridge, James Gilmore, CIA and NSA officials--and even al-Qaeda supporters. Internet security expert Dan Verton investigates how cyber-terrorism could occur, what the global and financial implications are, the impact this is having and will continue to have on privacy and civil liberties, and how to prepare and prevent against cyber-terrorism....

Authors: Christopher Wells.
Paperback, 250 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2007-07-11


Reviews :

    Ajax applications should be open yet secure. Far too often security is added as an afterthought. Potential flaws need to be identified and addressed right away. This book explores Ajax and web application security with an eye for dangerous gaps and offers ways that you can plug them before they become a problem. By making security part of the process from the start, you will learn how to build secure Ajax applications and discover how to respond quickly when attacks occur.

Securing Ajax Applications succinctly explains that the same back-and-forth communications that make Ajax so responsive also gives invaders new opportunities to gather data, make creative new requests of your server, and interfere with the communications between you and your customers. This book presents basic security techniques and examines vulnerabilities with JavaScript, XML, JSON, Flash, and other technologies -- vital information that will ultimately save you time and money.

Topics include:

• An overview of the evolving web platform, including APIs, feeds, web services and asynchronous messaging
• Web security basics, including common vulnerabilities, common cures, state management and session management
• How to secure web technologies, such as Ajax, JavaScript, Java applets, Active X controls, plug-ins, Flash and Flex
• How to protect your server, including front-line defense, dealing with application servers, PHP and scripting
• Vulnerabilities among web standards such as HTTP, XML, JSON, RSS, ATOM, REST, and XDOS
• How to secure web services, build secure APIs, and make open mashups secure

Securing Ajax Applications takes on the challenges created by this new generation of web development, and demonstrates why web security isn't just for administrators and back-end programmers any more. It's also for web developers who accept the responsibility that comes with using the new wonders of the Web.

...

Authors: Scott MacHaffie.
Paperback, 234 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2005-10-21


Reviews :

    Palm OS is one of the most popular handheld operating systems on the planet. From the newest Tungstens and Treos all the way down the family tree, Palms are everywhere. Although the Palm OS is simple to learn and use, there is more to it than meets the eye--from new features in the Palm to capabilities you can get with add-on software, the Palm can be made to do quite a lot.

Palm and Treo Hacks gives you tips and tools that show you how to make the most of your Palm. A few minutes spent reading some of the hacks in this book will save you hours of research. Inside this book, you'll learn how to:

• Find great applications for your Palm and make the most of the ones you're using now
• Get super-organized, getting more from the built-in Personal Information Manager and learning how to manage complex projects with your Palm
• Extend the Palm with must-have software and hardware add-ons
• Take your Palm online, reading email, surfing the web, and sending instant messages
• Get some rest and relaxation with your Palm, whether it's listening to music, playing classic games, or watching video

Written for beginning to experienced Palm users, Palm and Treo Hacks is full of practical, ingenious tips and tricks you can apply immediately. Whether you're looking to master the built-in applications or you want to trick out your Palm to its fullest extent, this book will show you how.

...

Authors: Dan Kaminsky. Rain Forest Puppy. Joe Grand. K2. David Ahmad. Hal Flynn. Ido Dubrawsky. Steve W. Manzuik. Ryan Permeh.
Paperback, 824 pages
Publisher: Syngress
Publication Date: 2002-03
Edition: 2

Reviews :

    A new edition the most popular Hack Proofing book around!
IT professionals who want to run secure networks, or build secure software, need to know about the methods of hackers. The second edition of the best seller Hack Proofing Your Network, teaches about those topics, including:
· The Politics, Laws of Security, Classes of Attack, Methodology, Diffing, Decrypting, Brute Force, Unexpected Input, Buffer Overrun, Sniffing, Session Hijacking, Spoofing, Server Holes, Client Holes, Trojans and Viruses, Reporting Security Problems, Choosing Secure Systems

The central idea of this book is that it's better for you to find the holes in your network than it is for someone else to find them, someone that would use them against you. The complete, authoritative guide to protecting your Windows 2000 Network.

Updated coverage of an international bestseller and series flagship
Covers more methods of attack and hacker secrets
Interest in topic continues to grow - network architects, engineers and administrators continue to scramble for security books
Written by the former security manager for Sybase and an expert witness in the Kevin Mitnick trials
· A great addition to the bestselling "Hack Proofing..." series
· Windows 2000 sales have surpassed those of Windows NT
· Critical topic. The security of an organization's data and communications is crucial to its survival and these topics are notoriously difficult to grasp
· Unrivalled web support at www.solutions@syngress.com...

Authors: Kenneth Brancik.
Hardcover, 504 pages
Publisher: Auerbach Publications
Publication Date: 2007-12-06
Edition: 1

Reviews :

    An organization’s employees are often more intimate with its computer system than anyone else. Many also have access to sensitive information regarding the company and its customers. This makes employees prime candidates for sabotaging a system if they become disgruntled or for selling privileged information if they become greedy. Insider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks presents the methods, safeguards, and techniques that help protect an organization from insider computer fraud.

Drawing from the author’s vast experience assessing the adequacy of IT security for the banking and securities industries, the book presents a practical framework for identifying, measuring, monitoring, and controlling the risks associated with insider threats. It not only provides an analysis of application or system-related risks, it demonstrates the interrelationships that exist between an application and the IT infrastructure components it uses to transmit, process, and store sensitive data. The author also examines the symbiotic relationship between the risks, controls, threats, and action plans that should be deployed to enhance the overall information security governance processes.

Increasing the awareness and understanding necessary to effectively manage the risks and controls associated with an insider threat, this book is an invaluable resource for those interested in attaining sound and best practices over the risk management process....

Authors: Ronald L. Mendell.
Hardcover, 265 pages
Publisher: Charles C. Thomas Publisher
Publication Date: 2005-01
Edition: 2nd

Authors: Douglas Chick.
Paperback, 300 pages
Publisher: TheNetworkAdministrator.com
Publication Date: 2006-01-03
Edition: 1

Reviews :

    Hacking the Cube is a straightforward and sometimes comical look into the everyday world of information technology. It answers questions that many IT professionals and newcomers ask about the tools and skills needed to survive one of the most complex career fields in the world. Most computer books deal with configuring software and do little to help you learn what you need to know to work in a network office environment. Most people are rarely prepared for the social, political, or psychological aptitude needed to survive the office workplace. Most computer books are software proprietary and never tell you what types of programs you will really need to know.

Many of the topics in this book are situations based on my experience and the experiences of other computer professionals that you would not typically have access to without actually having a job in an IT department.It also contains notes sent to me from well-established IT professionals about their experiences. This book is a mix of fact and story, humor and frustration. So, if you are new to the field of computers, Hacking the IT Cube is going to give you a unique insight that only experience can teach. On the other hand, if you are a seasoned veteran, you will laugh and cry at familiar situations that have sent you to a place of liquid intoxication....

Authors: Hedieh Nasheri.
Paperback, 286 pages
Publisher: Cambridge University Press
Publication Date: 2004-12-06
Edition: Reprint of the

Reviews :

    Hedieh Nasheri investigates the current state of industrial espionage, revealing the far-reaching effects of advances in computing and wireless communications, in view of the recent revolution in information technology. Synthesizing perspectives from leading national and international authorities, Nasheri analyzes the historical and conceptual foundations of economic espionage, trade secret thefts, and industrial spying. She demonstrates how these activities impact society, and tracks the legislative and statutory efforts to control them. The international ramifications of economic espionage are emphasized and more than 40 accounts of noteworthy cases and episodes are included. Hedieh Nasheri is a professor of Justice Studies at Kent State University and a Visiting Professor at the University of Turku Law school in Finland. She has written and lectured extensively in the areas of law and social sciences and has given a number of invited lectures nationally and internationally on a wide range of policy and law related topics. She is the recipient of several international awards and grants. More recently, she received a grant from the State Department of the United States for studying issues related to "Organized Crime, Terrorism, and Proliferation of Weapons of Mass Destruction" in Central Europe. She was awarded a Visiting Fellowship at the University of London's Institute of Advanced Legal Studies to conduct an investigation on issues related to intellectual property law and its relation to transnational crimes for the International Center at National Institute of Justice. She was a principal consultant on a grant project at Columbia University's National Center on Addiction and Substance Abuse, investigating Internet and international regulatory aspects of diversion and abuse of prescription drugs. Professor Nasheri has authored four books, including Betrayal of Due Process (1998) and Crime and Justice in the age of Court TV (2002). Her work has been cited in the United States Code Annotated with respect to the Economic Espionage Act, by the Blue Ribbon Commission on Jury System Improvement, the Australian Parliament, the United Nations' International Criminal Tribunal, the United Nations Commission on Crime Prevention, and the South African Law Commission. Professor Nasheri's research interests pertain to four related topics: law and Technology, Protection of Trade Secrets and Economic Espionage, Cyber-Crimes, and Comparative Jurisprudence....