Network Security Books - Page 4

Online Marketing Success Stories: Insider Secrets, from the Experts Who Are Making Millions on the Internet Today

Rene V. Richards

Amazon Price: $14.93 List Price: $21.95 Usually ships in 24 hours By: Atlantic Publishing Company Amazon Marketplace: 23 new & used starting at $10.97

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Investing -> General
Subjects -> Business & Investing -> Investing -> General AAS
Subjects -> Business & Investing -> Marketing & Sales -> Marketing -> General

Customer Reviews:
Total reviews: 7 Average rating: 5.0 of 5

Editorial Review:

This new book by Atlantic Publishing Company entitled Online Marketing Success Stories Insider Secrets, from the Experts who are Making Millions on the Internet Today, will give you real life examples of how successful businesses market their products online. The information is so useful you can read a page and put the idea into action today! Standing out in the turmoil of today s internet marketplace is a major challenge. There are many books and courses on internet marketing; this is the only book that will provide you with insider secrets. The reason we asked the marketing experts who make their living on the internet every day and they talked! With e-commerce expected to reach $40 billion and online businesses anticipated to increase by 500 percent through 2010, your business needs guidance from today s successful internet marketing veterans. Learn the most efficient ways to bring consumers to your site, get visitors to purchase, how to up sell, oversights to stay away from, and how to steer clear of years of disappointment. We spent thousands of hours interviewing, e-mailing, and communicating with hundreds of today s most successful e-commerce marketers. This book is a compilation of their secrets, and proven successful ideas. If you are interested in learning hundreds of hints, tricks and secrets on how to make money or more money with your Web site than this book is for you. Instruction is great, but advice from experts is something else, and the experts chronicled in this book are earning millions. This new exhaustively researched book will provide you with a jam-packed assortment of innovative ideas you can put to use today. This book gives you the proven strategies, innovative ideas, and actual case studies to help you sell more with less time and effort.

Applied Security Visualization

Raffael Marty

Amazon Price: $42.44 List Price: $49.99 Usually ships in 24 hours By: Addison-Wesley Professional Amazon Marketplace: 36 new & used starting at $37.41

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Customer Reviews:
Total reviews: 7 Average rating: 5.0 of 5

Editorial Review:

APPLIED SECURITY VISUALIZATION

 

“Collecting log data is one thing, having relevant information is something else. The art to transform all kinds of log data into meaningful security information is the core of this book. Raffy illustrates in a straight forward way, and with hands-on examples, how such a challenge can be mastered. Let's get inspired.”

–Andreas Wuchner, Head of Global IT Security, Novartis

 

Use Visualization to Secure Your Network Against the Toughest, Best-Hidden Threats

 

As networks become ever more complex, securing them becomes more and more difficult. The solution is visualization. Using today’s state-of-the-art data visualization techniques, you can gain a far deeper understanding of what’s happening on your network right now. You can uncover hidden patterns of data, identify emerging vulnerabilities and attacks, and respond decisively with countermeasures that are far more likely to succeed than conventional methods.

 

In Applied Security Visualization, leading network security visualization expert Raffael Marty introduces all the concepts, techniques, and tools you need to use visualization on your network. You’ll learn how to identify and utilize the right data sources, then transform your data into visuals that reveal what you really need to know. Next, Marty shows how to use visualization to perform broad network security analyses, assess specific threats, and even improve business compliance.

 

He concludes with an introduction to a broad set of visualization tools. The book’s CD also includes DAVIX, a compilation of freely available tools for security visualization.

 

You'll learn how to:

• Intimately understand the data sources that are essential for effective visualization

• Choose the most appropriate graphs and techniques for your IT data

• Transform complex data into crystal-clear visual representations

• Iterate your graphs to deliver even better insight for taking action

• Assess threats to your network perimeter, as well as threats imposed by insiders

• Use visualization to manage risks and compliance mandates more successfully

• Visually audit both the technical and organizational aspects of information and network security

• Compare and master today’s most useful tools for security visualization

 

Contains the live CD Data Analysis and Visualization Linux (DAVIX). DAVIX is a compilation of powerful tools for visualizing networks and assessing their security. DAVIX runs directly from the CD-ROM, without installation.

 

Raffael Marty is chief security strategist and senior product manager for Splunk, the leading provider of large-scale, high-speed indexing and search technology for IT infrastructures. As customer advocate and guardian, he focuses on using his skills in data visualization, log management, intrusion detection, and compliance. An active participant on industry standards committees such as CEE (Common Event Expression) and OVAL (Open Vulnerability and Assessment Language), Marty created the Thor and AfterGlow automation tools, and founded the security visualization portal secviz.org. Before joining Splunk, he managed the solutions team at ArcSight, served as IT security consultant for PriceWaterhouseCoopers, and was a member of the IBM Research Global Security Analysis Lab.

 

CISSP For Dummies (For Dummies (Computer/Tech))

Lawrence H. Miller, Peter H. Gregory

Amazon Price: $26.39 List Price: $39.99 Usually ships in 24 hours By: For Dummies Amazon Marketplace: 55 new & used starting at $15.89

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Certification Central -> Exams -> CISSP
Subjects -> Computers & Internet -> Certification Central -> General
Subjects -> Computers & Internet -> Certification Central -> General AAS

Customer Reviews:
Total reviews: 27 Average rating: 4.0 of 5

Quick overview 3 out of 5 stars.
0 of 0 people found this review helpful.

Nutshell review - If you want a very fast, high level, quick, shallow, big picture overview of the CISSP exam then this will do. However, you will not pass the exam on this alone.

I had this strange feeling... 3 out of 5 stars.
0 of 0 people found this review helpful.

I used the 'look inside' option at Amazon and tried 'cryptography'... Well... to my surprise, the first couple of pages felt like reading Shon Harris' "CISSP All-in-one Exam Guide". It was only a slightly condensed version of her book but the attempts at humor and light-heartedness were expanded. "Hmmmm...", I thought. Shon must have condensed her "All-in-one" and repackaged it as a "... for Dummies" product. But, then, I looked at the front page and I couldn't find her name there. She wasn't one of the 2 authors.

This is very interesting.

Editorial Review:

The fun and easy way(r) to pass the CISSP exam and get certified

Cramming for the CISSP exam? This friendly test-prep guide makes studying a snap! Prepared by two CISSP-certified experts, it gets you up to speed on the latest changes to the exam and gives you proven test-taking tips. You&'ll find complete coverage of all ten domains of the (ISC)² Common Body of knowledge to help you pass with flying colors.

Nagios: System and Network Monitoring

Wolfgang Barth

Amazon Price: $29.67 List Price: $44.95 Usually ships in 24 hours By: No Starch Press Amazon Marketplace: 31 new & used starting at $11.59

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Certification Central -> General
Subjects -> Computers & Internet -> Certification Central -> General AAS
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> LAN

Customer Reviews:
Total reviews: 3 Average rating: 4.5 of 5

Best for Nagios admins who want specific details on plug-ins 4 out of 5 stars.
22 of 22 people found this review helpful.

I recently received review copies of Pro Nagios 2.0 (PN2) by James Turnbull and Nagios: System and Network Monitoring (NSANM) by Wolfgang Barth. I read PN2 first, then NSANM. Both are excellent books, but I expect potential readers want to know which is best for them. The following is a radical simplification, and I could honestly recommend readers buy either (or both) books. If you are completely new to Nagios and want a very well-organized introduction, I recommend PN2. If you are somewhat familiar with Nagios and want detailed descriptions of a wide variety of Nagios plug-ins, I recommend NSANM.

NSANM strengths lie in the depth of coverage of certain elements when compared to PN2. PN2 devotes 7 pages to host checks, while NSANM's Ch 7 offers 21 pages. PN2 supplies 8 pages on service checks, but NSANM's Ch 6 gives 46 pages. This level of detail can be very useful. For example, NSANM's explanation of check_squid also shows to to configure Sguid to allow access to its cache manager.

NSANM shares more information on certain background protocols like SNMP. PN2's SNMP section is about 7 pages, whereas NSANM's Ch 11 is 36 pages. NSANM demonstrates more aspects of Nagios' Web interface and the CGI programs generating pages. I thought author Wolfgang Barth made very effective use of diagrams, like the network topology explanation in Ch 4, the service checks in Ch 5, and notification in Ch 12.

NSANM includes some material not mentioned in PN2, like using Nagios with Cygwin. Sometimes the books are very complementary, as shown by PN2's discussion of NSClient++ and NSANM's overview of NSClient and NC_Net.

NSANM is lacking coverage of security, redundancy, and failover, however. PN2 does address these critical issues. Beware the some of the "chapters" in NSANM are very short -- like Ch 8 (2 pages!) and Ch 19 (barely 6 pages). I think short sections like those should have been integrated into longer chapters or moved into the appendices.

Overall, NSANM is a very good book. I believe new Nagios readers should read PN2, and strongly consider NSANM as a complementary reference volume.

Editorial Review:

Nagios: System and Network Monitoring shows how to configure and use Nagios, an open source system and network monitoring tool. Nagios makes it possible to continuously monitor network services (SMTP, POP3, HTTP, NNTP, PING, etc.), host resources (processor load, disk and memory usage, running processes, log files, etc.), and environmental factors (such as temperature). When Nagios detects a problem, it communicates the information to the sys admin via email, pager, SMS, or other user-defined method; current status information, historical logs, and reports can also be accessed via a web browser. Nagios System and Network Monitoring covers the Nagios core, all standard Nagios plug-ins and selected third-party plug-ins, and shows readers how to write their own plug-ins. The book covers Nagios 2.0 and is backwards compatible with earlier versions.

Lifehacker: 88 Tech Tricks to Turbocharge Your Day

Gina Trapani

Amazon Price: $24.99 List Price: $24.99 In stock soon. Order now to get in line. First come, first served. By: Wiley Amazon Marketplace: 56 new & used starting at $0.35

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Culture
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Networking -> Network Security

Customer Reviews:
Total reviews: 27 Average rating: 4.0 of 5

I could not find a trick to use 3 out of 5 stars.
2 of 2 people found this review helpful.

I bought this book, because Amazon recommended it automatically with this great book: The 4-Hour Workweek: Escape 9-5, Live Anywhere, and Join the New Rich

and I made a mistake. And this is NOT because the book is bad or poorly written or has no information inside. And this is why giving the stars here is hard thing. How to rate book if YOU can not use a single trick, because you just do not like them or do not need them?
Book is about (TECH!) tips, but I was buying the book, since3 I thought it will be more thinking and time management related.

Gina teaches you how to block entertainment website before 3 o'clock, before you had not done the job - no this or that website, Firefox will not allow you open it and so on so on. Every tip I read I answered - cool yes. Interesting - yes. Will I use it? No.

And so all the way in the book. What I want to say - if it is possible - TRY look inside the book before you buy - some people may find it useful, but if you are regular reader and search for time management books - i am afraid you will expect different book. This is most hard review I ever wrote here. I strongly suggest - get a sneak preview of some tips - you will LIKELY have a reactions like - interesting & cool.... by seems I will not use it.

Editorial Review:

Redefine your personal productivity by tweaking, modding, mashing up, and repurposing Web apps, desktop software, and common everyday objects. The 88 "life hacks" -- clever shortcuts and lesser-known, faster ways to complete a task -- in this book are some of the best in Lifehacker.com's online archive. Every chapter describes an overarching lifehacker principle, then segues into several concrete applications. Each hack includes a step-by-step how-to for setting up and using the solution with cross-platform software, detailed screen shots, and sidebars with additional tips. Order your copy today and increase your productivity!

Cisco ASA, PIX, and FWSM Firewall Handbook (2nd Edition) (Networking Technology: Security)

Dave Hucaby

Amazon Price: $55.71 List Price: $65.00 Usually ships in 24 hours By: Cisco Press Amazon Marketplace: 46 new & used starting at $48.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Certification Central -> Exams -> Security+

Customer Reviews:
Total reviews: 3 Average rating: 4.5 of 5

Editorial Review:

Cisco ASA, PIX, and FWSM Firewall Handbook, Second Edition, is a guide for the most commonly implemented features of the popular Cisco® firewall security solutions. Fully updated to cover the latest firewall releases, this book helps you to quickly and easily configure, integrate, and manage the entire suite of Cisco firewall products, including ASA, PIX®, and the Catalyst® Firewall Services Module (FWSM).

 

Organized by families of features, this book helps you get up to speed quickly and efficiently on topics such as file management, building connectivity, controlling access, firewall management, increasing availability with failover, load balancing, logging, and verifying operation.

 

Sections are marked by shaded tabs for quick reference, and information on each feature is presented in a concise format, with background, configuration, and example components.

 

Whether you are looking for an introduction to the latest ASA, PIX, and FWSM devices or a complete reference for making the most out of your Cisco firewall deployments, Cisco ASA, PIX, and FWSM Firewall Handbook, Second Edition, helps you achieve maximum protection of your network resources.

 

“Many books on network security and firewalls settle for a discussion focused primarily on concepts and theory. This book, however, goes well beyond these topics. It covers in tremendous detail the information every network and security administrator needs to know when configuring and managing market-leading firewall products from Cisco.”

–Jason Nolet, Vice President of Engineering, Security Technology Group, Cisco

 

David Hucaby, CCIE® No. 4594, is a lead network engineer for the University of Kentucky, where he works with health-care networks based on the Cisco Catalyst, ASA, FWSM, and VPN product lines. He was one of the beta reviewers of the ASA 8.0 operating system software.

 

• Learn about the various firewall models, user interfaces, feature sets, and configuration methods
• Understand how a Cisco firewall inspects traffic
• Configure firewall interfaces, routing, IP addressing services, and IP multicast support
• Maintain security contexts and flash and configuration files, manage users, and monitor firewalls with SNMP
• Authenticate, authorize, and maintain accounting records for firewall users
• Control access through the firewall by implementing transparent and routed firewall modes, address translation, and traffic shunning
• Define security policies that identify and act on various types of traffic with the Modular Policy Framework
• Increase firewall availability with firewall failover operation
• Understand how firewall load balancing works
• Generate firewall activity logs and learn how to analyze the contents of the log
• Verify firewall operation and connectivity and observe data passing through a firewall
• Configure Security Services Modules, such as the Content Security Control (CSC) module and the Advanced Inspection Processor (AIP) module

 

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Category: Networking: Security

Covers: Cisco ASA 8.0, PIX 6.3, and FWSM 3.2 version firewalls

 

$60.00 USA / $69.00 CAN

Active Directory, 3rd Edition

Joe Richards, Robbie Allen, Alistair Lowe-Norris

Amazon Price: $31.49 List Price: $49.99 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 13 new & used starting at $31.47

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Microsoft -> Operating Systems -> Windows - General
Subjects -> Computers & Internet -> Microsoft -> Operating Systems -> General AAS
Subjects -> Computers & Internet -> Microsoft -> Networking

Customer Reviews:
Total reviews: 29 Average rating: 4.5 of 5

Editorial Review:

Working with Microsoft's network directory service for the first time can be a headache for system and network administrators, IT professionals, technical project managers, and programmers alike. This authoritative guide is meant to relieve that pain. Instead of going through the graphical user interface screen by screen, O'Reilly's bestselling Active Directory tells you how to design, manage, and maintain a small, medium, or enterprise Active Directory infrastructure.

Fully updated to cover Active Directory for Windows Server 2003 SP1 and R2, this third edition is full of important updates and corrections. It's perfect for all Active Directory administrators, whether you manage a single server or a global multinational with thousands of servers.

Active Directory, 3rd Edition is divided into three parts. Part I introduces much of how Active Directory works, giving you a thorough grounding in its concepts. Some of the topics include Active Directory replication, the schema, application partitions, group policies, and interaction with DNS. Part II details the issues around properly designing the directory infrastructure. Topics include designing the namespace, creating a site topology, designing group policies for locking down client settings, auditing, permissions, backup and recovery, and a look at Microsoft's future direction with Directory Services. Part III covers how to create and manipulate users, groups, printers, and other objects that you may need in your everyday management of Active Directory.

If you want a book that lays bare the design and management of an enterprise or departmental Active Directory, then look no further. Active Directory, 3rd Edition will quickly earn its place among the books you don't want to be without.

Active Directory Cookbook, 2nd Edition

Robbie Allen, Laura Hunter

Amazon Price: $31.49 List Price: $49.99 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 51 new & used starting at $11.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Microsoft -> Operating Systems -> Windows - General
Subjects -> Computers & Internet -> Microsoft -> Operating Systems -> General AAS
Subjects -> Computers & Internet -> Microsoft -> Networking

Customer Reviews:
Total reviews: 76 Average rating: 5.0 of 5

Editorial Review:

If you're among those looking for practical hands-on support, help is here with "Active Directory Cookbook," Second Edition, a unique problem-solving guide that offers quick answers for Active Directory and updated for Window Server 2003 SP1 and R2 versions.

The book contains hundreds of step-by-step solutions for both common and uncommon problems that you're likely to encounter with Active Directory on a daily basis--including recipes to deal with the Lightweight Directory Access Protocol (LDAP), ADAM, multi-master replication, Domain Name System (DNS), Group Policy, the Active Directory Schema, and many other features. Author Robbie Allen, a Technical Leader at Cisco Systems, MVP for Directory Services, and co-author of "Active Directory," Third Edition and Laura E. Hunter, MVP for Windows Server-Networking and author of several books, have based this collection of troubleshooting recipes on their own experience, along with input from Windows administrators. Each recipe includes a discussion explaining how and why the solution works, so you can adapt the problem-solving techniques to similar situations.

This best selling book provides solutions to over 300 problems commonly encountered when deploying, administering, and automating Active Directory to manage users in Windows 2000 and Windows Server 2003. The recipes include: creating domains and trusts renaming a domain controller finding users whose passwords are about to expire applying a security filter to group policy objects checking for potential replication problems restricting hosts from performing LDAP queries viewing DNS server performance statistics

This Cookbook is a perfect companion to "Active Directory," ThirdEdition, the tutorial that experts hail as the best source for understanding Microsoft's directory service. While "Active Directory" provides the big picture, "Active Directory Cookbook" gives you quick solutions you need to cope with day-to-day dilemmas. Together, these books supply the knowledge and tools so you can get the most out of Active Directory to manage users, groups, computers, domains, organizational units, and security policies on your network.

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition) (Radia Perlman Series in Computer Networking and Security)

Edward Skoudis, Tom Liston

Amazon Price: $37.79 List Price: $59.99 Usually ships in 24 hours By: Prentice Hall PTR Amazon Marketplace: 67 new & used starting at $18.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS

Customer Reviews:
Total reviews: 44 Average rating: 5.0 of 5

Editorial Review:

"I finally get it! I used to hear words like rootkit, buffer overflow, and idle scanning, and they just didn't make any sense. I asked other people and they didn't seem to know how these things work, or at least they couldn't explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!" --Stephen Northcutt, CEO, SANS Institute "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery "Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It's technically intriguing and very clear...A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field."--From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World "What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks." --Lenny Zeltser, coauthor of Malware: Fighting Malicious Code "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery"In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis's real strength is in his ability to show complex topics in an understandable form. By the time he's done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar.This book is your best source for understanding attack strategies, attack tools, and the defenses against both." --William Stearns, network security expert, www.stearns.org"This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written." --Warwick Ford, coauthor of Secure Electronic Commerce For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks. For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic.You'll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments. Important features of this new edition include *All-new "anatomy-of-an-attack" scenarios and tools *An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more *Fully updated coverage of reconnaissance tools, including Nmap port scanning and "Google hacking" *New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit *New information on dangerous, hard-to-detect, kernel-mode rootkits

Rootkits: Subverting the Windows Kernel (Addison-Wesley Software Security Series)

Greg Hoglund, Jamie Butler

Amazon Price: $34.64 List Price: $54.99 Usually ships in 24 hours By: Addison-Wesley Professional Amazon Marketplace: 44 new & used starting at $16.77

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS

Customer Reviews:
Total reviews: 21 Average rating: 5.0 of 5

Editorial Review:

"It's imperative that everybody working in the field of cyber-security read this book to understand the growing threat of rootkits." --Mark Russinovich, editor, Windows IT Pro / Windows & .NET Magazine "This material is not only up-to-date, it defines up-to-date. It is truly cutting-edge. As the only book on the subject, Rootkits will be of interest to any Windows security researcher or security programmer. It's detailed, well researched and the technical information is excellent. The level of technical detail, research, and time invested in developing relevant examples is impressive. In one word: Outstanding." --Tony Bautts, Security Consultant; CEO, Xtivix, Inc. "This book is an essential read for anyone responsible for Windows security. Security professionals, Windows system administrators, and programmers in general will want to understand the techniques used by rootkit authors. At a time when many IT and security professionals are still worrying about the latest e-mail virus or how to get all of this month's security patches installed, Mr. Hoglund and Mr. Butler open your eyes to some of the most stealthy and significant threats to the Windows operating system.Only by understanding these offensive techniques can you properly defend the networks and systems for which you are responsible." --Jennifer Kolde, Security Consultant, Author, and Instructor "What's worse than being owned? Not knowing it. Find out what it means to be owned by reading Hoglund and Butler's first-of-a-kind book on rootkits. At the apex the malicious hacker toolset--which includes decompilers, disassemblers, fault-injection engines, kernel debuggers, payload collections, coverage tools, and flow analysis tools--is the rootkit. Beginning where Exploiting Software left off, this book shows how attackers hide in plain sight. "Rootkits are extremely powerful and are the next wave of attack technology. Like other types of malicious code, rootkits thrive on stealthiness. They hide away from standard system observers, employing hooks, trampolines, and patches to get their work done. Sophisticated rootkits run in such a way that other programs that usually monitor machine behavior can't easily detect them. A rootkit thus provides insider access only to people who know that it is running and available to accept commands.Kernel rootkits can hide files and running processes to provide a backdoor into the target machine. "Understanding the ultimate attacker's tool provides an important motivator for those of us trying to defend systems. No authors are better suited to give you a detailed hands-on understanding of rootkits than Hoglund and Butler. Better to own this book than to be owned." --Gary McGraw, Ph.D., CTO, Cigital, coauthor of Exploiting Software (2004) and Building Secure Software (2002), both from Addison-Wesley "Greg and Jamie are unquestionably the go-to experts when it comes to subverting the Windows API and creating rootkits. These two masters come together to pierce the veil of mystery surrounding rootkits, bringing this information out of the shadows. Anyone even remotely interested in security for Windows systems, including forensic analysis, should include this book very high on their must-read list." --Harlan Carvey, author of Windows Forensics and Incident Recovery (Addison-Wesley, 2005) Rootkits are the ultimate backdoor, giving hackers ongoing and virtually undetectable access to the systems they exploit. Now, two of the world's leading experts have written the first comprehensive guide to rootkits: what they are, how they work, how to build them, and how to detect them. Rootkit.com's Greg Hoglund and James Butler created and teach Black Hat's legendary course in rootkits. In this book, they reveal never-before-told offensive aspects of rootkit technology--learn how attackers can get in and stay in for years, without detection. Hoglund and Butler show exactly how to subvert the Windows XP and Windows 2000 kernels, teaching concepts that are easily applied to virtually any modern operating system, from Windows Server 2003 to Linux and UNIX. Using extensive downloadable examples, they teach rootkit programming techniques that can be used for a wide range of software, from white hat security tools to operating system drivers and debuggers.After reading this book, readers will be able to *Understand the role of rootkits in remote command/control and software eavesdropping *Build kernel rootkits that can make processes, files, and directories invisible *Master key rootkit programming techniques, including hooking, runtime patching, and directly manipulating kernel objects *Work with layered drivers to implement keyboard sniffers and file filters *Detect rootkits and build host-based intrusion prevention software that resists rootkit attacks Visit rootkit. com for code and programs from this book. The site also contains enhancements to the book's text, such as up-to-the-minute information on rootkits available nowhere else.