Security Books - Page 12

The Masters of Deception: Gang That Ruled Cyberspace, The

Michele Slatalla

Amazon Price: $10.95 List Price: $15.00 Usually ships in 24 hours By: Harper Perennial Amazon Marketplace: 81 new & used starting at $0.01

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Culture
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Security

Customer Reviews:
Total reviews: 76 Average rating: 4.0 of 5

The Masters of Deception 5 out of 5 stars.
2 of 4 people found this review helpful.

Great book going behind the scenes of computer hackers in teh late 80's early 90's. It really takes you back to the time. Not overly complex. A fantastic read for anyone with an interest in computer crime or within the "IT" community. Easy enough to read for someone not technicle savy to understand the basics. For $10 USD you cant go wrong.

Journalistic view of one event 3 out of 5 stars.
2 of 2 people found this review helpful.

This is not a book about hackers; it's a book about some specific hackers who happen to come after much of the action was concluded. Even more than that, it's a book biased toward New York which contains every implied slander of Texas that one can meld into a narrative about hackers. I like the description of MOD, and thought the authors did an excellent job of building up the character of these kids, but find that for the size of this book, it missed an absolute raft of important knowledge. Why do people hack? What, besides damaged egos, makes it thrilling to have forbidden knowledge? How could our society be so incompetent as to leave these giant security holes everywhere? And finally: what was the global hacking culture like, outside of the spacy little land of New York City? The boys from LOD are treated as props and their contributions ignored, which is infuriating to someone who is familiar with the goings-on in the computer underground at that time. Also, technical writing is not difficult, and while this book tries to stay non-technical, I have to ask "why?" There are interesting details which are overlooked and could have been conveyed in English. These authors do a credible job of buildup, but then hype a few incidents into some metaphor for cyberspace, and consequently halve the strength of their book. I would recommend this to people who cannot simply pick up a copy of "2600" magazine or "Phrack" and figure it out for themselves, but not to anyone who cares about the heart, soul or brains of hacker culture.

Editorial Review:

The bestselling account of a band of kids from New York who fought an electronic turf war that ranged across some of the nation's most powerful computer systems. "An immensely fun and -- one cannot emphasize this enough -- accessible history of the first outlaws in cyberspace."--Glamour

Scene of the Cybercrime, Second Edition

Debra Littlejohn Shinder, Michael Cross

Amazon Price: $59.95 List Price: $59.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 29 new & used starting at $43.97

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Security
Subjects -> Computers & Internet -> Computer Science -> General

Editorial Review:

When it comes to computer crimes, the criminals got a big head start. But the law enforcement and IT security communities are now working diligently to develop the knowledge, skills, and tools to successfully investigate and prosecute Cybercrime cases. When the first edition of "Scene of the Cybercrime" published in 2002, it was one of the first books that educated IT security professionals and law enforcement how to fight Cybercrime. Over the past 5 years a great deal has changed in how computer crimes are perpetrated and subsequently investigated. Also, the IT security and law enforcement communities have dramatically improved their ability to deal with Cybercrime, largely as a result of increased spending and training. According to the 2006 Computer Security Institute's and FBI's joint Cybercrime report: 52% of companies reported unauthorized use of computer systems in the prior 12 months. Each of these incidents is a Cybecrime requiring a certain level of investigation and remediation. And in many cases, an investigation is mandates by federal compliance regulations such as Sarbanes-Oxley, HIPAA, or the Payment Card Industry (PCI) Data Security Standard.

Scene of the Cybercrime, Second Edition is a completely revised and updated book which covers all of the technological, legal, and regulatory changes, which have occurred since the first edition. The book is written for dual audience; IT security professionals and members of law enforcement. It gives the technical experts a little peek into the law enforcement world, a highly structured environment where the "letter of the law" is paramount and procedures must be followed closely lest an investigation be contaminated and all the evidence collected rendered useless. It also provides law enforcement officers with an idea of some of the technical aspects of how cyber crimes are committed, and how technology can be used to track down and build a case against the criminals who commit them. Scene of the Cybercrime, Second Editions provides a roadmap that those on both sides of the table can use to navigate the legal and technical landscape to understand, prevent, detect, and successfully prosecute the criminal behavior that is as much a threat to the online community as "traditional" crime is to the neighborhoods in which we live. Also included is an all new chapter on Worldwide Forensics Acts and Laws.

* Companion Web site provides custom tools and scripts, which readers can download for conducting digital, forensic investigations.
* Special chapters outline how Cybercrime investigations must be reported and investigated by corporate IT staff to meet federal mandates from Sarbanes Oxley, and the Payment Card Industry (PCI) Data Security Standard
* Details forensic investigative techniques for the most common operating systems (Windows, Linux and UNIX) as well as cutting edge devices including iPods, Blackberries, and cell phones.

Configuring Check Point NGX VPN-1/FireWall-1

Barry J Stiefel, Simon Desmeules

Amazon Price: $49.95 List Price: $49.95 Available for download now By: Syngress

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Security
Subjects -> Computers & Internet -> Security & Encryption -> Firewalls
Subjects -> Computers & Internet -> General

Customer Reviews:
Total reviews: 4 Average rating: 4.5 of 5

Editorial Review:

Check Point NGX VPN-1/Firewall-1 is the next major release of Check Point's flagship firewall software product, which has over 750,000 registered users. The most significant changes to this release are in the areas of Route Based VPN, Directional VPN, Link Selection & Tunnel Management, Multiple Entry Points, Route Injection Mechanism, Wire Mode, and SecurePlatform Pro. Many of the new features focus on how to configure and manage Dynamic Routing rules, which are essential to keeping an enterprise network both available *and* secure. Demand for this book will be strong because Check Point is requiring all of its 3rd party developers to certify their products for this release.

* Packed full with extensive coverage of features new to the product, allowing 3rd party partners to certify NGX add-on products quickly
* Protect your network from both internal and external threats and learn to recognize future threats
* All yuou need to securly and efficiently deploy, troubleshoot, and maintain Check Point NXG

How to Cheat at Managing Microsoft Windows Small Business Server 2003

Susan Snedaker, Daniel Bendell

Amazon Price: $34.26 List Price: $49.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 30 new & used starting at $29.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Security
Subjects -> Computers & Internet -> Microsoft -> Operating Systems -> Windows NT

Customer Reviews:
Total reviews: 11 Average rating: 4.0 of 5

Editorial Review:

Is "System Administrator" Just One of Your Job Titles?

For every Microsoft Certified System Engineer (MCSE) managing a Windows Server 2003 Enterprise Edition network within the dust-free confines of a "Network Operating Center," there is a non-MCSE admin managing a Windows Small Business Server 2003 network under far less glamorous conditions. Their job is to keep the network up and running no matter what, with very few resources available. "How to Cheat" is written for these unsung heroes; the last line of defense in most small enterprises.

Create an Installation and Recovery Plan for Install, Upgrade, or Migration
Every hour of planning results in a net savings of four hours on the other end. Fixing, re-doing, and troubleshooting will ALWAYS chew up more time.

Secure Your Server
Securing the server includes physical security, configuration security, and software security. It’s always easier to keep a server clean than to clean it up after a disaster.

Demystify Disk Management
If you have trouble processing the differences between Boot, Primary, System and Extended Partitions, you are not alone.

Effectively Manage File Storage
Configure and Troubleshoot Disk Quotas, File Encryption Management, Disk and File Compression, and Shadow Copy.

Painlessly Add and Configure Users and Groups on your Network
User accounts and groups provide the framework for security and organization in the Small Business Server network.

Set Permissions so that your Server is Both Secure and Accessible
Harness the Power of Group Policy, Administrative Templates, Software Setting and Windows Settings to Apply Changes to User, Group and Computer Permissions.

Connect Client Computers to the Network
Everything You Need to Know about IP Addresses, DNS, DHCP, Domain Access and Login.

Answer THE Most Frequently Asked Question: "Why Can’t I Print!"
Printers can be connected either to client computers, servers, or directly to the network; and they can be configure by either Windows or Your Printer Vendor’s Software.

Prepare for the Worst
Bad Things Sometimes Happen to Good Network Administrators. You need to know exactly what do when things go very, very wrong.

Cisco PIX Firewalls: configure / manage / troubleshoot

Umer Khan

Amazon Price: $49.95 List Price: $49.95 Available for download now By: Syngress

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Security
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> Bridges & Routers
Subjects -> Computers & Internet -> Web Development -> General AAS

Customer Reviews:
Total reviews: 5 Average rating: 4.0 of 5

Editorial Review:

Umer Khan's first book, "Cisco Security Specialist's Guide to PIX Firewalls," ISBN: 1931836639, has consistently maintained its spot as the #1 best-selling PIX book on amazon.com by providing readers with a clear, comprehensive, and independent introduction to PIX Firewall configuration. With the market for PIX Firewalls maintaining double digit growth and several major enhancements to both the PIX Firewall and VPN Client product lines, this book will have enormous appeal with the audience already familiar with his first book.

* The Cisco Pix firewall is the #1 market leading firewall, owning 43% market share. Cisco is poised to release the newest, completely re-designed version 7 of the Pix operating system in the first quarter of 2004.

* "Cisco Pix Firewalls: configure | manage | troubleshoot" Covers all objectives on the new Cisco Pix certification exam, making this book the perfect study guide in addition to professional reference.

* Umer Khan's first book "Cisco Security Specialist's Guide to PIX Firewall" has been the #1 market leading Cisco Pix book since it was published in 2002.

Mobile Malware Attacks and Defense

Ken Dunham

Amazon Price: $39.53 List Price: $59.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 27 new & used starting at $35.53

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Business & Culture -> Security

Editorial Review:

Malware has gone mobile, and the security landscape is changing quickly with emerging attacks on cell phones, PDAs, and other mobile devices. This first book on the growing threat covers a wide range of malware targeting operating systems like Symbian and new devices like the iPhone. Examining code in past, current, and future risks, protect your banking, auctioning, and other activities performed on mobile devices.

* Visual Payloads
View attacks as visible to the end user, including notation of variants.

* Timeline of Mobile Hoaxes and Threats
Understand the history of major attacks and horizon for emerging threates.

* Overview of Mobile Malware Families
Identify and understand groups of mobile malicious code and their variations.

* Taxonomy of Mobile Malware
Bring order to known samples based on infection, distribution, and payload strategies.

* Phishing, SMishing, and Vishing Attacks
Detect and mitigate phone-based phishing (vishing) and SMS phishing (SMishing) techniques.

* Operating System and Device Vulnerabilities
Analyze unique OS security issues and examine offensive mobile device threats.

* Analyze Mobile Malware
Design a sandbox for dynamic software analysis and use MobileSandbox to analyze mobile malware.

* Forensic Analysis of Mobile Malware
Conduct forensic analysis of mobile devices and learn key differences in mobile forensics.

* Debugging and Disassembling Mobile Malware
Use IDA and other tools to reverse-engineer samples of malicious code for analysis.

* Mobile Malware Mitigation Measures
Qualify risk, understand threats to mobile assets, defend against attacks, and remediate incidents.

* Understand the History and Threat Landscape of Rapidly Emerging Mobile Attacks

* Analyze Mobile Device/Platform Vulnerabilities and Exploits

* Mitigate Current and Future Mobile Malware Threats

Gray Hat Python: Python Programming for Hackers and Reverse Engineers

Justin Seitz

Amazon Price: $32.97 List Price: $49.95 Not yet published By: No Starch Press

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Business & Culture -> Security

Editorial Review:

Python is the high-level language of choice for hacking, vulnerability discovery, and security research. Gray Hat Python, the first Python book written for advanced security analysts, explains the intricacies of using Python to assist in a range of security analysis tasks. Readers learn how to design and program their own debuggers, create powerful fuzzers, utilize open source libraries to automate tedious tasks, and interface with commercial and non-commercial security tools. Gray Hat Python covers everything from the nuts and bolts of how to use the language for basic code and DLL injection to using Python to analyze binaries and disassemble software. It also discusses a variety of open source Python tools (such as PyDbg, PaiMei, PyEmu, Sulley, and Immunity Debugger) and how to extend them. Fundamentally a security book, Gray Hat Python reveals just how superior the Python language is when it comes to hacking, reverse engineering, malware analysis and software testing.

Host Integrity Monitoring Using Osiris and Samhain

Brian Wotring, Bruce Potter, Marcus Ranum

Amazon Price: $28.31 List Price: $44.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 22 new & used starting at $13.06

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 5 Average rating: 4.5 of 5

Editorial Review:

Your IDS Just Detected an Attack: Was it Successful? This book is about one of the most crucial aspects of system and security management: host integrity protection. Fundamentally, host integrity protection is all about understanding the changes that occur on your system--friendly or hostile, deliberate or accidental--and understanding the impact of those changes. In other words, it's change control in a potentially hostile environment. Best of all, this book is written by Brian Wotring, who has designed and deployed host integrity monitoring systems, used them, and relied on their results. It's hard to overstate the value of such experience. Books like the one you're holding are the survival kits for the future of computing. They're full of the important clues that you're going to need if you want to be one of the survivors instead of the statistics.

--From the Foreword by Marcus J. Ranum

• Detect Successful Attacks Determine exactly which attacks successfully compromised your host environment.
• Download and Run Invaluable Scripts Use real-world scripts and configurations, which have been successfully deployed in enterprise host integrity monitoring solutions.
• Perform Damage Assessment Understand the extent to which a host was compromised, and learn exactly how the attacker penetrated your defenses.
• Reduce False Positives Learn how to dramatically reduce false positives, which can obfuscate your valuable, legitimate results.
• Monitor Your Entire Environment Develop a solution to monitor files, users and groups, the kernel, open network ports, privileged executables, and other runtime elements.
• Learn the Importance of Proper Planning Gain insight into successful planning, deployment, and administration of a working host integrity monitoring solution.
• Master Defensive Techniques Learn how to mitigate attacks on the host integrity monitoring system itself.
• Monitor Log Files and Create Notifications Use Swatch to monitor Osiris and Samhain log files, and create custom notification messages.
• Establish Audit Trails Create trusted audit trails of activity that can prove invaluable in forensic investigations.

Your Solutions Membership Gives You Access to: A comprehensive FAQ page that consolidates all of the key points of this book into an easy-to-search Web page

"From the Author" Forum where the authors post timely updates and links to related sites

Custom, working scripts from the book.

Downloadable chapters from these best-selling books:

• Snort 2.1 Intrusion Detection, Second Edition
• Ethereal Packet Sniffing
• Nessus Network Auditing
• Microsoft Log Parser Toolkit

TOC

Chapter 1 Host Integrity

Chapter 2 Understanding the Terrain

Chapter 3 Understanding Threats

Chapter 4 Planning

Chapter 5 Host Integrity Monitoring with Open Source Tools

Chapter 6 Osiris

Chapter 7 Samhain

Chapter 8 Log Monitoring and Response

Chapter 9 Advanced Strategies

Appendix A Monitoring Linksys Devices

Appendix B Extending Osiris and Samhain with Modules

Appendix C Further Reading

Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network

Michael Gregg

Amazon Price: $31.46 List Price: $49.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 32 new & used starting at $16.78

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Business & Culture -> Security

Customer Reviews:
Total reviews: 5 Average rating: 3.0 of 5

Editorial Review:

Remember the first time someone told you about the OSI model and described the various layers? It's probably something you never forgot. This book takes that same layered approach but applies it to network security in a new and refreshing way. It guides readers step-by-step through the stack starting with physical security and working its way up through each of the seven OSI layers. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer. It's called the people layer. It's included because security is not just about technology it also requires interaction with people, policy and office politics.

This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attacker's exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur. What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack.

Software Piracy Exposed

Paul Craig

Amazon Price: $25.16 List Price: $39.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 32 new & used starting at $15.60

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Security
Subjects -> Computers & Internet -> General

Customer Reviews:
Total reviews: 6 Average rating: 3.0 of 5

Editorial Review:

For every $2 worth of software purchased legally, $1 worth of software is pirated illegally. For the first time ever, the dark underground of how software is stolen and traded over the internet is revealed. The technical detail provided will open the eyes of software users and manufacturers worldwide! This book is a tell-it-like-it-is expos of how tens of billions of dollars worth of software is stolen every year.

Did you know that most of the software on your computer, and nearly every program you've heard of, can be obtained without charge? In less time than it would take you to drive down to your "friendly neighborhood computer store" and purchase a software program, you can download the exact same program from the internet for free! Obtaining something intended to be sold without paying is "controversial" to say the least. But whether you call if "free for the asking," "software piracy," or just out-and-out "stealing;" downloading, copying, and sharing software is being done by thousands of people everyday. This book explains the epidemic problem of software piracy in great detail for both software users and manufacturers.