Authors: Michael Gregg.
Paperback, 696 pages
Publisher: Que
Publication Date: 2006-04-17


Reviews :

   

The CEH certification shows knowledge of network penetration testing skills. The CEH exam takes three hours and 125 questions, requiring a broad and deep knowledge of network security issues. The CEH Exam Prep is the perfect solution for this challenge, giving you the solid, in-depth coverage you'll need to score higher on the exam.

 

Along with the most current CEH content, the book also contains the elements that make Exam Preps such strong study aides: comprehensive coverage of exam topics, end-of-chapter review, practice questions, Exam Alerts, Fast Facts, plus an entire practice exam to test your understanding of the material. The book also features MeasureUp's innovative testing software, to help you drill and practice your way to higher scores.

...

Authors: Joel Scambray. Mike Shema. Caleb Sima.
Paperback, 520 pages
Publisher: McGraw-Hill Osborne Media
Publication Date: 2006-06-05
Edition: 2

Reviews :

   

Implement bulletproof e-business security the proven Hacking Exposed way

Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals.

...

Authors: Keith J. Jones. Richard Bejtlich. Curtis W. Rose.
Paperback, 688 pages
Publisher: Addison-Wesley Professional
Publication Date: 2005-10-03


Reviews :

    You can't succeed in the field of computer forensics without hands-on practice--and you can't get hands-on practice without real forensic data. The solution: Real Digital Forensics. In this book, a team of world-class computer forensics experts walks you through six detailed, highly realistic investigations and provides a DVD with all the data you need to follow along and practice. From binary memory dumps to log files, this DVD's intrusion data was generated by attacking live systems using the same tools and methods real-world attackers use. The evidence was then captured and analyzed using the same tools the authors employ in their own investigations. This book relies heavily on open source tools, so you can perform virtually every task without investing in any commercial software. You'll investigate environments ranging from financial institutions to software companies and crimes ranging from intellectual property theft to SEC violations. As you move step by step through each investigation, you'll discover practical techniques for overcoming the challenges forensics professionals face most often.Inside, you will find in-depth information on the following areas: * Responding to live incidents in both Windows and Unix environments * Determining whether an attack has actually occurred * Assembling a toolkit you can take to the scene of a computer-related crime * Analyzing volatile data, nonvolatile data, and files of unknown origin * Safely performing and documenting forensic duplications * Collecting and analyzing network-based evidence in Windows and Unix environments * Reconstructing Web browsing, e-mail activity, and Windows Registry changes * Tracing domain name ownership and the source of e-mails * Duplicating and analyzing the contents of PDAs and flash memory devices The accompanying DVD contains several gigabytes of compressed data generated from actual intrusions. This data mirrors what analysts might find in real investigations and allows the reader to learn about forensic investigations in a realisticsetting. A(c) Copyright Pearson Education. All rights reserved....

Authors: Robert Love.
Paperback, 388 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2007-09-18


Reviews :

    This book is about writing software that makes the most effective use of the system you're running on -- code that interfaces directly with the kernel and core system libraries, including the shell, text editor, compiler, debugger, core utilities, and system daemons. The majority of both Unix and Linux code is still written at the system level, and Linux System Programming focuses on everything above the kernel, where applications such as Apache, bash, cp, vim, Emacs, gcc, gdb, glibc, ls, mv, and X exist. Written primarily for engineers looking to program (better) at the low level, this book is an ideal teaching tool for any programmer. Even with the trend toward high-level development, either through web software (such as PHP) or managed code (C#), someone still has to write the PHP interpreter and the C# virtual machine. Linux System Programming gives you an understanding of core internals that makes for better code, no matter where it appears in the stack. Debugging high-level code often requires you to understand the system calls and kernel behavior of your operating system, too. Key topics include: An overview of Linux, the kernel, the C library, and the C compiler Reading from and writing to files, along with other basic file I/O operations, including how the Linux kernel implements and manages file I/O Buffer size management, including the Standard I/O library Advanced I/O interfaces, memory mappings, and optimization techniques The family of system calls for basic process management Advanced process management, including real-time processes File and directories-creating, moving, copying, deleting, and managing them Memory management -- interfaces for allocating memory, managingthe memory you have, and optimizing your memory access Signals and their role on a Unix system, plus basic and advanced signal interfaces Time, sleeping, and clock management, starting with the basics and continuing through POSIX clocks and high resolution timers With Linux System Programming, you will be able to take an in-depth look at Linux from both a theoretical and an applied perspective as you cover a wide range of programming topics....

Authors: Andrew Vladimirov. Konstantin V. Gavrilenko. Andrei A. Mikhailovsky.
Paperback, 592 pages
Publisher: Addison-Wesley Professional
Publication Date: 2004-07-08


Reviews :

    "This is an excellent book. It contains the 'in the trenches' coverage that the enterprise administrator needs to know to deploy wireless networks securely." --Robert Haskins, Chief Technology Officer, ZipLink Wi-Foo: The Secrets of Wireless Hacking is the first practical and realistic book about 802.11 network penetration testing and hardening. Unlike other books, it is based on a daily experience of breaking into and securing wireless LANs. Rather than collecting random wireless security news, tools, and methodologies, Wi-Foo presents a systematic approach to wireless security threats and countermeasures starting from the rational wireless hardware selection for security auditing and finishing with how to choose the optimal encryption ciphers for the particular network you are trying to protect....

Authors: Thomas Akin.
Paperback, 190 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2002-02
Edition: 1

Reviews :

    As a network administrator, auditor or architect, you know the importance of securing your network and finding security solutions you can implement quickly. This succinct book departs from other security literature by focusing exclusively on ways to secure Cisco routers, rather than the entire network. The rational is simple: If the router protecting a network is exposed to hackers, then so is the network behind it. "Hardening Cisco Routers" is a reference for protecting the protectors. Included are the following topics:

The importance of router security and where routers fit into an overall security plan

Different router configurations for various versions of Cisco's IOS

Standard ways to access a Cisco router and the security implications of each

Password and privilege levels in Cisco routers

Authentication, Authorization, and Accounting (AAA) control

Router warning banner use (as recommended by the FBI)

Unnecessary protocols and services commonly run on Cisco routers

SNMP security

Anti-spoofing

Protocol security for RIP, OSPF, EIGRP, NTP, and BGP

Logging violations

Incident response

Physical security

Written by Thomas Akin, an experienced Certified Information Systems Security Professional (CISSP) and Certified Cisco Academic Instructor (CCAI), the book is well organized, emphasizing practicality and a hands-on approach. At the end of each chapter, Akin includes a Checklist that summarizes the hardening techniques discussed in the chapter. The Checklists help you double-check the configurations you have been instructed to make, and serve as quick references for future security procedures.

Concise and to the point, "HardeningCisco Routers" supplies you with all the tools necessary to turn a potential vulnerability into a strength. In an area that is otherwise poorly documented, this is the one book that will help you make your Cisco routers rock solid.

...

    To harden a router is to render it more heavily defended and more difficult to attack. Because routers (by definition) serve as points of entry into your network, it makes sense to devote extra effort to their security. Hardening Cisco Routers shows how to make adjustments to the configurations of routers from Cisco Systems to improve their resistance to attack, particularly external attack. This is essentially a book of specialized Internetwork Operating System (IOS) commands, as well as explanations of their behavior. It'll appeal to the router administrator--employed either by an organization's internal network staff, an outside consultancy, or a service provider--who wants to know which IOS commands he or she should add to routers' configuration files to tighten their security without a lot of hassle.

The great thing about this book is that you can approach it in either of two ways. If you just want to clamp down on your routers' security weaknesses as soon as possible, you can begin with the checklists at the end of each chapter (each of which focuses on a particular area, like SMTP) or the big one in an appendix, which is comprehensive. These checklists include both "how" and "why" information, as exemplified by "Disable ICMP broadcasts with the no ip directed-broadcast command." If you want more information on the big picture, or want to prepare for a specific kind of attack, read the individual chapters for detailed advice on how to set IOS to behave as you want. --David Wall

Topics covered: Internetwork Operating System (IOS) commands you can use to protect Cisco Systems routers from a variety of attacks. Specialized sections deal with security assessment, auditing, access control, privileges, optional services, and the legal importance of your login banners' contents....

Authors: Steve Sinchak.
Paperback, 316 pages
Publisher: Wiley
Publication Date: 2007-05-29


Reviews :

    Vista is the most radical revamping of Windows since 1995. However, along with all the fantastic improvements, there are a couple of things that likely drive you up the wall. Don’t worry, though—just join forces with author Steve Sinchak and you’ll end up feeling as though Microsoft designed Vista just for you! He shows you how to tweak logon screen settings, build custom Sidebar gadgets, personalize Aero Glass with themes and visual styles, turn your PC into an HDTV media center, fine-tune your firewall, and more....

Authors: Neal Krawetz.
Paperback, 408 pages
Publisher: Wiley
Publication Date: 2007-04-16


Reviews :

    Ubuntu, an African word meaning “humanity to others,” is the hottest thing in Linux today. This down-and-dirty book shows you how they can blow away the default system settings and get Ubuntu to behave however you want. You’ll learn how to optimize its appearance, speed, usability, and security and get the low-down on hundreds of hacks such as running Ubuntu from a USB drive, installing it on a Mac, enabling multiple CPUs, and putting scripts in menus and panels....

Authors: Ira Winkler.
Hardcover, 346 pages
Publisher: Wiley
Publication Date: 2005-04-08
Edition: 1

Reviews :

    Ira Winkler has been dubbed "A Modern Day James Bond" by CNN and other media outlets for his ability to simulate espionage attacks against many of the top companies in the world, showing how billions of dollars can disappear. This unique book is packed with the riveting, true stories and case studies of how he did it-and how people and companies can avoid falling victim to the spies among us.

American corporations now lose as much as $300 billion a year to hacking, cracking, physical security breaches, and other criminal activity. Millions of people a year have their identities stolen or fall victim to other scams. In Spies Among Us, Ira Winkler reveals his security secrets, disclosing how companies and individuals can protect themselves from even the most diabolical criminals. He goes into the mindset of everyone from small-time hackers to foreign intelligence agencies to disclose cost-effective countermeasures for all types of attacks.

In Spies Among Us, readers learn:
* Why James Bond and Sydney Bristow are terrible spies
* How a team was able to infiltrate an airport in a post-9/11 world and plant a bomb
* How Ira and his team were able to steal nuclear reactor designs in three hours
* The real risks that individuals face from the spies that they unknowingly meet on a daily basis
* Recommendations for how companies and individuals can secure themselves against the spies, criminals, and terrorists who regularly cross their path...

Authors: Preston Gralla.
Paperback, 652 pages
Publisher: O'Reilly Media, Inc.
Publication Date: 2007-10-23
Edition: 1

Reviews :

    Bigger, better, and broader in scope, the Big Book of Windows Hacks gives you everything you need to get the most out of your Windows Vista or XP system, including its related applications and the hardware it runs on or connects to. Whether you want to tweak Vista's Aero interface, build customized sidebar gadgets and run them from a USB key, or hack the "unhackable" screensavers, you'll find quick and ingenious ways to bend these recalcitrant operating systems to your will.

The Big Book of Windows Hacks focuses on Vista, the new bad boy on Microsoft's block, with hacks and workarounds that also work for Windows XP. You can read each hack in just a few minutes, saving countless hours of searching for the right answer. The step-by-step instructions let you apply the solutions in no time. This book takes you beyond the operating system with hacks for applications like Internet Explorer 7 and Office 2007, and hardware such as the Zune, your wireless router, and the PC itself.

The Big Book of Windows Hacks includes:

• Expanded tutorials, new background material, a series of "quick hacks", and informative sidebars
• Security hacks, including protection at wireless hotspots, hacking Vista file permissions and user account protection, and more
• Efficiency hacks, such as tweaking your PC hardware, troubleshooting hardware problems, and speeding up system performance
• Fun hacks, like building a custom Media Center PC or turning a PC into a digital video recorder
• "Beyond Windows" hacks for running Linux inside Vista, dual-booting Linux/Windows or XP/Vista, or emulate classic video games on your PC

In all, this remarkable book contains more than 100 hacks so that the power user in you never again needs to be at the mercy of systems and hardware run by Microsoft's omnipotent Vista and XP operating systems....