Security & Encryption Books - Page 6

Cryptography Decrypted

H. X. Mel, Doris M. Baker

Amazon Price: $36.51 List Price: $44.99 Usually ships in 24 hours By: Addison-Wesley Professional Amazon Marketplace: 41 new & used starting at $19.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Computer Science -> General
Subjects -> Computers & Internet -> Computer Science -> General AAS

Customer Reviews:
Total reviews: 35 Average rating: 4.5 of 5

Editorial Review:

Cryptography is at the heart of computer security: without it, secure e-commerce and Internet communications would be impossible. Decision-makers and sophisticated computer users need to understand cryptography -- but most explanations are highly mathematical and technical. Cryptography Decrypted explains cryptography in "plain English" -- and is authoritative and thorough enough to address the needs of professionals. It explains the processes step-by-step, with extensive visuals. The authors present the elements of cryptography systems; public key infrastructure (PKI); and the IPSec standard for virtual private network security; then review real-world systems and their applications. They show how real-world systems are attacked, and how to protect them; introduce essential cryptographic terms; and present the fascinating history of cryptography through sidebars highlighting its important events, people, and breakthroughs. For every decision-maker and computer user who needs to understand cryptography, this book is also ideal for security pros who need to educate management about cryptography.

Hacking the Xbox: An Introduction to Reverse Engineering

Andrew Huang

Amazon Price: $16.49 List Price: $24.99 Usually ships in 24 hours By: No Starch Press Amazon Marketplace: 51 new & used starting at $2.80

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Security

Customer Reviews:
Total reviews: 23 Average rating: 4.5 of 5

Editorial Review:

This--this being the attitude encapsulated in Andrew "bunnie" Huang's Hacking the Xbox--is why a lot of people got into the computer industry in the first place. These people liked taking things apart and figuring out how they worked, then making them serve purposes they weren't originally designed for and sharing the new discoveries with others of like mind. Sure, Huang's book is about how to how to turn Microsoft's game console into a high-performance, general-purpose personal computer with a small price tag, and it contains lots of details about the how the heavily advertised gizmo is put together. But you can get the technical material on the Web. What's valuable about Huang's work is that he communicates the pure joy of taking the Xbox apart, figuring out how it works--despite its many designed-in anti-hacking features--and making it do new things. This book reads like the journal of a seventeenth-century voyage of discovery.

There's a wealth of information in these pages about how to disassemble and reverse-engineer electronics, and Huang is careful to show you what tools you need, and how to use them (don't worry if you don't know how to use a soldering iron--that's covered here). There also are step-by-step guides (complete with photos) to a couple of projects, and interviews with key figures in the Xbox-hacking community. --David Wall

Topics covered: How to enjoy a Microsoft Xbox game console without the mindless tedium of playing video games. This book shows you how to open an Xbox, make modifications to it (from a cosmetic LED color change, to putting in a new power supply, to adding a USB connector), and make the changes needed to get Linux running on it. In the process, readers get an education in reverse engineering electronic circuits, as well as in basic electronic techniques (soldering, crimping, etc) and in the intellectual property law that governs hacker activity.

The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall

Peter Hansteen

Amazon Price: $19.77 List Price: $29.95 Usually ships in 24 hours By: No Starch Press Amazon Marketplace: 45 new & used starting at $16.92

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS

Customer Reviews:
Total reviews: 7 Average rating: 4.5 of 5

Editorial Review:

OpenBSD's stateful packet filter, PF, offers an amazing feature set and support across the major BSD platforms. Like most firewall software though, unlocking PF's full potential takes a good teacher. Peter N.M. Hansteen's PF website and conference tutorials have helped thousands of users build the networks they need using PF. The Book of PF is the product of Hansteen's knowledge and experience, teaching good practices as well as bare facts and software options. Throughout the book, Hansteen emphasizes the importance of staying in control by having a written network specification, using macros to make rule sets more readable, and performing rigid testing when loading in new rules.

Today's system administrators face increasing challenges in the quest for network quality, and The Book of PF can help by demystifying the tools of modern *BSD network defense. But, perhaps more importantly, because we know you like to tinker, The Book of PF tackles a broad range of topics that will stimulate your mind and pad your resume, including how to:

• Create rule sets for all kinds of network traffic, whether it is crossing a simple home LAN, hiding behind NAT, traversing DMZs, or spanning bridges
• Use PF to create a wireless access point, and lock it down tight with authpf and special access restrictions
• Maximize availability by using redirection rules for load balancing and CARP for failover
• Use tables for proactive defense against would-be attackers and spammers
• Set up queues and traffic shaping with ALTQ, so your network stays responsive
• Master your logs with monitoring and visualization, because you can never be too paranoid

The Book of PF is written for BSD enthusiasts and network admins at any level of expertise. With more and more services placing high demands on bandwidth and increasing hostility coming from the Internet at-large, you can never be too skilled with PF.

Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort

Michael Rash

Amazon Price: $42.20 List Price: $49.95 Usually ships in 24 hours By: No Starch Press Amazon Marketplace: 45 new & used starting at $29.69

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 9 Average rating: 5.0 of 5

One of the best technical books published in 2007 5 out of 5 stars.
7 of 7 people found this review helpful.

Disclaimer: I wrote the foreword for this book, so obviously I am biased. However, I am not financially compensated for this book's success.

In the foreword I note that Linux Firewalls is a "great book." As a FreeBSD user, Linux Firewalls is good enough to make me consider using Linux in certain circumstances! Mike's book is exceptionally clear, organized, concise, and actionable. You should be able to read it and implement everything you find by following his examples. You will not only learn tools and techniques, but you will be able to appreciate Mike's keen defensive insights.

The majority of the world's digital security professionals focus on defense, because offense is left to the bad guys, police, and military. I welcome books like Linux Firewalls that bring real defensive tools and techniques to the masses in a form that can be digested and deployed for minimum cost and effort.

One of the main reasons Linux Firewalls is a great book is that Mike Rash is an excellent writer. I've read (or tried to read) plenty of books that seemed to offer helpful content, but the author had no clue how to deliver that content in a readable manner. Linux Firewalls makes learning network security an enjoyable experience. Mike is exceptionally detail-oriented (see the RST vs RST ACK issue on p 63 and elsewhere) and he often cites sources and additional references. Linux Firewalls very nicely integrates sample network traffic to make numerous points; Ch 11 has several great examples. The sections on Fwsnort even improved my understanding of Snort itself.

The bottom line is that if you are a user of non-Microsoft operating systems (Linux, BSD, etc.) and you want to know how Linux can help defend your network, you will enjoy reading Linux Firewalls.

Security Monitoring with Cisco Security MARS (Networking Technology: Security)

Gary Halleen, Greg Kellogg

Amazon Price: $48.00 List Price: $60.00 Usually ships in 24 hours By: Cisco Press Amazon Marketplace: 41 new & used starting at $43.72

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS

Customer Reviews:
Total reviews: 4 Average rating: 4.0 of 5

Editorial Review:

Security Monitoring with Cisco Security MARS

Threat mitigation system deployment

Gary Halleen

Greg Kellogg

Networks and hosts are probed hundreds or thousands of times a day in an attempt to discover vulnerabilities. An even greater number of automated attacks from worms and viruses stress the same devices. The sheer volume of log messages or events generated by these attacks and probes, combined with the complexity of an analyst needing to use multiple monitoring tools, often makes it impossible to adequately investigate what is happening.

Cisco® Security Monitoring, Analysis, and Response System (MARS) is a next-generation Security Threat Mitigation system (STM). Cisco Security MARS receives raw network and security data and performs correlation and investigation of host and network information to provide you with actionable intelligence. This easy-to-use family of threat mitigation appliances enables you to centralize, detect, mitigate, and report on priority threats by leveraging the network and security devices already deployed in a network, even if the devices are from multiple vendors.

Security Monitoring with Cisco Security MARS helps you plan a MARS deployment and learn the installation and administration tasks you can expect to face. Additionally, this book teaches you how to use the advanced features of the product, such as the custom parser, Network Admission Control (NAC), and global controller operations. Through the use of real-world deployment examples, this book leads you through all the steps necessary for proper design and sizing, installation and troubleshooting, forensic analysis of security events, report creation and archiving, and integration of the appliance with Cisco and third-party vulnerability assessment tools.

“In many modern enterprise networks, Security Information Management tools are crucial in helping to manage, analyze, and correlate a mountain of event data. Greg Kellogg and Gary Halleen have distilled an immense amount of extremely valuable knowledge in these pages. By relying on the wisdom of Kellogg and Halleen embedded in this book, you will vastly improve your MARS deployment.”

—Ed Skoudis, Vice President of Security Strategy, Predictive Systems

Gary Halleen is a security consulting systems engineer with Cisco. He has in-depth knowledge of security systems as well as remote-access and routing/switching technology. Gary is a CISSP and ISSAP. His diligence was responsible for the first successful computer crimes conviction in the state of Oregon. Gary is a regular speaker at security events and presents at Cisco Networkers conferences.

Greg Kellogg is the vice president of security solutions for Calence, LLC. He is responsible for managing the company’s overall security strategy. Greg has more than 15 years of networking industry experience, including serving as a senior security business consultant for the Cisco Enterprise Channel organization. Additionally, Greg worked for Protego Networks, Inc. (where MARS was originally developed). There he was responsible for developing channel partner programs and helped solution providers increase their security revenue.

Learn the differences between various log aggregation and correlation systems

• Examine regulatory and industry requirements
• Evaluate various deployment scenarios
• Properly size your deployment
• Protect the Cisco Security MARS appliance from attack
• Generate reports, archive data, and implement disaster recovery plans
• Investigate incidents when Cisco Security MARS detects an attack
• Troubleshoot Cisco Security MARS operation
• Integrate Cisco Security MARS with Cisco Security Manager, NAC, and third-party devices
• Manage groups of MARS controllers with global controller operations

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

Category: Cisco Press—Security

Covers: Security Threat Mitigation

Citrix XenApp Platinum Edition for Windows: The Official Guide

Tim Reeser, Steve Kaplan, Brian Casselman, Alan Wood

Amazon Price: $40.94 List Price: $64.99 Usually ships in 24 hours By: McGraw-Hill Osborne Media Amazon Marketplace: 3 new & used starting at $38.89

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Microsoft -> Operating Systems -> Windows - General
Subjects -> Computers & Internet -> Microsoft -> Operating Systems -> General AAS
Subjects -> Computers & Internet -> Microsoft -> Networking

Editorial Review:

The Authorized Guide to Citrix XenApp Platinum Edition for Windows

Design, deploy, and maintain a virtualized, on-demand enterprise application delivery infrastructure. Citrix XenApp Platinum Edition for Windows: The Official Guide explains how to ensure high availability, enhance productivity, and reduce costs using the powerful features of XenApp. Configure your hardware, install XenApp, handle remote and wireless access, and manage an end-to-end, centralized application delivery system. YouAnd#39;ll also learn how to monitor, tune, and secure XenApp using the latest tools and techniques.

• Configure VPNs using Citrix Access Gateway
• Authenticate users with Citrix Password Manager and Single Sign-On
• Assign granular control policies with Citrix SmartAccess
• Secure XenApp using firewalls, certificates, encryption, IDS, and IPS
• Monitor and test your system using Citrix EdgeSight and Citrix SmartAuditor
• Develop fail-safe disaster recovery and business continuity plans
• Optimize transmission speed, disk throughput, and memory usage

Wi-Foo: The Secrets of Wireless Hacking

Andrew Vladimirov, Konstantin V. Gavrilenko, Andrei A. Mikhailovsky

Amazon Price: $31.49 List Price: $49.99 Usually ships in 24 hours By: Addison-Wesley Professional Amazon Marketplace: 50 new & used starting at $7.90

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Networking -> Network Security

Customer Reviews:
Total reviews: 20 Average rating: 4.5 of 5

The secrets of Wireless Hacking 5 out of 5 stars.
3 of 3 people found this review helpful.

An excellent resource both for the novice as well as for the advanced user of WLAN. If you work professionally with wireless LAN you should own this book.

Great overall review of wireless tech. 5 out of 5 stars.
2 of 2 people found this review helpful.

I can't say that this can be your only reference, but using it with Linux, you will be able to do just about anything with free, open source software. Great book. I read it cover to cover.

Editorial Review:

"This is an excellent book. It contains the 'in the trenches' coverage that the enterprise administrator needs to know to deploy wireless networks securely." --Robert Haskins, Chief Technology Officer, ZipLink Wi-Foo: The Secrets of Wireless Hacking is the first practical and realistic book about 802.11 network penetration testing and hardening. Unlike other books, it is based on a daily experience of breaking into and securing wireless LANs. Rather than collecting random wireless security news, tools, and methodologies, Wi-Foo presents a systematic approach to wireless security threats and countermeasures starting from the rational wireless hardware selection for security auditing and finishing with how to choose the optimal encryption ciphers for the particular network you are trying to protect.

CISSP Practice Questions Exam Cram 2

Michael Gregg

Amazon Price: $19.79 List Price: $29.99 Usually ships in 24 hours By: Que Amazon Marketplace: 28 new & used starting at $5.50

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Certification Central -> Exams -> CISSP

Customer Reviews:
Total reviews: 4 Average rating: 3.0 of 5

Good Choice For Test Questions 4 out of 5 stars.
5 of 6 people found this review helpful.

I used this book along with several other texts and practice exams to prepare for the exam. I also used the cccure website. Clement DuPuis runs the site and was the editor of this book which was a factor in my decision to buy. I passed the exam so I am happy with the end result.

Editorial Review:

The CISSP certification exam is one of the most difficult exams to pass because of the expansive knowledge base it covers. You'll need to be well prepared for the exam and CISSP Practice Questions Exam Cram 2 is one of the best preparation tools available. With more than 500 practice questions, the detailed explanations of correct and incorrect answers included in CISSP Practice Questions Exam Cram 2 will ensure that you have a full understanding of the information covered in the exam. Our innovative Quick Check Answer Key™ also allows you to quickly find answers as you work your way through the questions. CISSP Practice Questions Exam Cram 2 is a highly-effective, complementary resource to your exam preparation and studying.

Cisco Firewall Video Mentor (Video Learning) (Video Mentor)

Dave Hucaby

Amazon Price: $48.99 List Price: $69.99 Usually ships in 24 hours By: Cisco Press Amazon Marketplace: 34 new & used starting at $39.64

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS

Customer Reviews:
Total reviews: 4 Average rating: 5.0 of 5

Editorial Review:

“ The Cisco Firewall Video Mentor is an outstanding aide in learning to configure and understand the Cisco Adaptive Security Appliance. Whether you are a newcomer to the ASA or operationally experienced, these videos clearly explain and demonstrate how to configure and manage the ASA from the commandline and from the ASDM GUI.”

—Mark Macumber, Systems Engineer, Cisco

Cisco Firewall Video Mentor is a unique video product that provides you with more than five hours of personal visual instruction from best-selling author and lead network engineer David Hucaby. In the 16 videos presented on the DVD, David walks you through common Cisco® firewall configuration and troubleshooting tasks. Designed to develop and enhance hands-on skills, each 10–30 minute video guides you through essential configuration tasks on the Cisco ASA and FWSM platforms and shows you how to verify that firewalls are working correctly.

Lab Layout:

Each video lab presents objectives, dynamic lab topology diagrams, command syntax overviews, and video captures of command-line input and GUI configuration. All of this is coupled with thorough audio instruction by an industry expert making learning easy and engaging.

Network Animation:

Animated network diagrams show you lab setup, device addressing, and how traffic flows through the network.

Command-Line Interface (CLI) Video:

Video screencasts of ASA and FWSM CLI and the ASDM GUI demonstrate command entry, configuration techniques, and device response.

This video product is part of the Cisco Press® Video Mentor Series. The video products in this series present expert training from industry-leading instructors and technologists. This dynamic learning environment combines animations, screencasts, and audio instruction to help users bridge the gap between conceptual knowledge and hands on application.

System Requirements:

• Microsoft Windows XP, 2000, or Vista
• Apple OS 9 or later
• Linux operating systems that have a web browser with Flash 7 or later plug-in
• Speakers or headphones
• Color display with a minimum 1024x768 resolution
• 1 GHz or faster CPU recommended
• DVD drive

How to Break Web Software: Functional and Security Testing of Web Applications and Web Services. Book & CD

Mike Andrews, James A. Whittaker

Amazon Price: $26.39 List Price: $39.99 Usually ships in 24 hours By: Addison-Wesley Professional Amazon Marketplace: 51 new & used starting at $18.20

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Customer Reviews:
Total reviews: 11 Average rating: 4.5 of 5

Short on content with too much padding 2 out of 5 stars.
7 of 7 people found this review helpful.

I was disappointed in this book. The actual content was pretty thin, and not very well written. Chapter 1 is a complete waste of time, and actually spends pages explaining what client/server means, what the Web is, and other things that are patently obvious to the supposed audience for this material. I found myself turning to the front to see if this book was written in 1997! You then get nine fairly short chapters with instructions on how to hack a website, more or less; followed by 50 pages of useless padding in the appendices including: an unrelated article co-authored by Whittaker for the IEEE, a detailed list of all the bugs present in their "sample application," and then descriptions of their recommended tools, all of which can easily be found on the Web without paying $22 for this book.

As another reviewer mentioned, there are many typos and other problems like incorrect illustrations, making the reader wonder if Addison-Wesley even employs a copy editor. Furthermore, I felt this book was inaccurately named and described. It's really more about rudimentary hacking and protecting your web application against hackers than web quality or web testing. A beginning web developer might do well to read this as a primer on how to create sites and applications with basic security, but as an experienced tester it was of limited use to me.

Editorial Review:

Since its early days as an information exchange tool limited to academe, researchers, and the military, the web has grown into a commerce engine that is now omnipresent in all facets of our lifes. More websites are created daily and more applications are developed to allow users to learn, research, and purchase online. As a result, web development is often rushed, which increases the risk of attacks from hackers. Furthermore, the need for secure applications has to be balanced with the need for usability, performance, and reliability. In this book, Whittaker and Andrews demonstrate how rigorous web testing can help prevent and prepare for such attacks. They point out that methodical testing must include identifying threats and attack vectors to establish and then implement the appropriate testing techniques, manual or automated.