Network Security Books - Page 6

Official (ISC)2 Guide to the CISSP CBK, Second Edition ((Isc)2 Press Series)

Amazon Price: $48.47 List Price: $69.95 Usually ships in 24 hours By: Auerbach Publications Amazon Marketplace: 43 new & used starting at $47.42

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Certification Central -> Exams -> CISSP
Subjects -> Computers & Internet -> Certification Central -> General
Subjects -> Computers & Internet -> Certification Central -> General AAS

Customer Reviews:
Total reviews: 10 Average rating: 3.5 of 5

Great CISSP Study Guide - Much Better then the first !!! 5 out of 5 stars.
5 of 7 people found this review helpful.

If you are thinking about taking the CISSP exam, I would highly recomend this book (and others as well). Think about it, why not read the book that is published by the ones who created & manage the test itself ? No brainer right ? This book is roughly 715 pages of reading and it is well put together. However, I stongly recomend that you also read the All-In-One CISSP by Shon Harris. You must keep in mind that the ISC CBK is written by multiple authors (each chapter is a different auther), so the melody of the book changes throughout. However, it is a great reference and should be included as your CISSP study guide.

Highly recomended !!

Also Read:

All-In-One CISSP
CISSP Passport
CISSP for Dummies
Take PLENTY of practice tests !!!!!!

Editorial Review:

This officially sanctioned resource is the best and most up-to-date study guide available for those seeking CISSP certification. Offering a compendium of information security topics, the book is detailed enough to also serve as an authoritative resource for those executives or organizational managers seeking to maintain or improve security measures. The book is packaged with a CD-ROM, which includes sample exams that simulate the actual exam, providing the same number and types of questions with the same allotment of time. It even grades the exam, provides correct answers, and identifies areas where more study is needed.

Apache Cookbook: Solutions and Examples for Apache Administrators

Rich Bowen, Ken Coar

Amazon Price: $23.09 List Price: $34.99 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 45 new & used starting at $20.16

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Networking -> Data in the Enterprise -> Client-Server Systems
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> General

Customer Reviews:
Total reviews: 13 Average rating: 4.0 of 5

Editorial Review:

There's plenty of documentation on installing and configuring the Apache web server, but where do you find help for the day-to-day stuff, like adding common modules or fine-tuning your activity logging? That's easy. The new edition of the Apache Cookbook offers you updated solutions to the problems you're likely to encounter with the new versions of Apache. Written by members of the Apache Software Foundation, and thoroughly revised for Apache versions 2.0 and 2.2, recipes in this book range from simple tasks, such installing the server on Red Hat Linux or Windows, to more complex tasks, such as setting up name-based virtual hosts or securing and managing your proxy server. Altogether, you get more than 200 timesaving recipes for solving a crisis or other deadline conundrums, with topics including: Security Aliases, Redirecting, and Rewriting CGI Scripts, the suexec Wrapper, and other dynamic content techniques Error Handling SSL Performance This book tackles everything from beginner problems to those faced by experienced users. For every problem addressed in the book, you will find a worked-out solution that includes short, focused pieces of code you can use immediately. You also get explanations of how and why the code works, so you can adapt the problem-solving techniques to similar situations. Instead of poking around mailing lists, online documentation, and other sources, rely on the Apache Cookbook for quick solutions when you need them. Then you can spend your time and energy where it matters most.

Gray Hat Hacking, Second Edition

Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness

Amazon Price: $31.49 List Price: $49.99 Usually ships in 24 hours By: McGraw-Hill Osborne Media Amazon Marketplace: 48 new & used starting at $26.51

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 1 Average rating: 5.0 of 5

A perfect reference for IT-security consultants 5 out of 5 stars.
4 of 4 people found this review helpful.

Contents
Second edition of books I like are always welcome - and this book is no exception. So I was very happy when I was provided a review copy from the publisher.

I really liked the first edition of this book and consider this follow up an essential book for IT-security consultants and other professionals.

The book is comprised of five parts which each give an overview of important subjects for professional IT-security consultants. Within these five parts are 21 chapters which are mostly around 20 pages, making it possible for busy professionals to digest a chapter while performing the usual projects and everyday work.

The five parts are:
I) introduction to ethical disclosure, including legal system in the US
II) penetration testing tools: metasploit and backtrack
III) exploits 101 with everything from basic programming skills to writing shellcode, but only on Linux and Microsoft Windows.
IV) Vulnerability analysis which is a strong part about static analysis, reverse engineering, fuzzing, writing real life exploits and references to the essential tools used for these purposes
V) Malware analysis is saved for last and includes the finishing touch to why IT-security professionals should care about all the rest of the book

The great thing about this book are that non-programmers are presented with enough materials to get started in finding and developing exploits. This was also the reason why it took so long to do this review. Each time I read a chapter I was itching to get started running the examples and trying the techniques.

Since this book tries to cover a lot of materials they have decided to include references. There are a lot of specific references to full-length articles covering each of the specialized techniques described in the examples. This really works out great, since I can skip the articles I already have read - but get some in-depth materials to complement the book.

As you can probably understand this way of building the book makes it very efficient and much to my liking, I can decide where to go next. The reader can also decide to skip a chapter and enough references to other chapters are provided that I will never get lost. The small price to pay are a few lines repeated in two chapters.

The writing style and the edge of the book is presented with authority and the authors have done a superb job of making this book consistent. The book is written by 4 authors, but except for a few places were they hint to the author of a chapter there are no clues to who wrote what part. The book is overall high quality and I have only discovered two small wording errors.

I have not discovered any problems in the materials presented and was in general amazed by the updates done. As an example they use Vista for some of the Microsoft Windows examples and in other parts they reference articles and techniques that are up to date. When second edition of a book is published the fear is always that only the new chapters are updated, but it seems the book was updated in all chapters.

Some bad things, which are not really that bad are. I would expect more script-languages but for some reason a lot of examples are using C programs for exploits. I personally use Perl for developing scripted exploits, and the book does use that - but in odd places they use C programs.

This is not really wrong, but it feels a bit old'ish. To be fair in some cases the C programs are needed and since the programs that are to be exploited are also C programs, it works out.

The worst thing I can say about the book is that the index is kind of weak. I know specific things are included in the book, but they are nowhere to be found in the index. That does make the book less useful. Others would also think that a book like this should include a CD/DVD - but since everyone can download the tools I would recommended not adding a CD/DVD for the third edition, but use more resources expanding and adding more chapters instead :-)


Target audience
This book is for anyone interested in getting into hacking and developing exploits. While the primary target audience are security professionals I would recommend that some parts are copied and put on the desk of your manager - they really need information about risk, ethical hacking and legal aspects.


Conclusion
As I started out I welcome second editions, and I had high expectations when receiving this book.

I am happy to report that I was satisfied with the results, and even though I got to go through stuff again I was delighted to relearn a lot which I had forgot. Having an updated concise book about exploits with a great number of references written in an easy to follow language is high value for me.

I would suggest that IT-security consulting companies include this book in the welcome package for any new employee who is doing consulting in IT-security - along with a BackTrack CD, laptop, mobile phone and the usual other stuff.

One word of warning, if you own ALL the more specialized books about exploits, shellcode, secure coding, reverse engineering, fuzzing etc. you may want to skip this book. On the other hand you might own all these books, but never found the time to read them cover to cover, then you should read this book :-)



Links:
The home page for this book is:
http://www.grayhathackingbook.com

A sample chapter about metasploit is also available on the book website.

Editorial Review:

"A fantastic book for anyone looking to learn the tools and techniques needed to break in and stay in." --Bruce Potter, Founder, The Shmoo Group

"Very highly recommended whether you are a seasoned professional or just starting out in the security business." --Simple Nomad, Hacker

Big Book of Apple Hacks: Tips & Tools for unlocking the power of your Apple devices (Hacks)

Chris Seibold

Amazon Price: $23.09 List Price: $34.99 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 47 new & used starting at $10.00

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Business & Culture -> Security

Customer Reviews:
Total reviews: 9 Average rating: 4.5 of 5

Editorial Review:

Bigger in size, longer in length, broader in scope, and even more useful than our original Mac OS X Hacks, the new Big Book of Apple Hacks offers a grab bag of tips, tricks and hacks to get the most out of Mac OS X Leopard, as well as the new line of iPods, iPhone, and Apple TV.

With 125 entirely new hacks presented in step-by-step fashion, this practical book is for serious Apple computer and gadget users who really want to take control of these systems. Many of the hacks take you under the hood and show you how to tweak system preferences, alter or add keyboard shortcuts, mount drives and devices, and generally do things with your operating system and gadgets that Apple doesn't expect you to do. The Big Book of Apple Hacks gives you:

• Hacks for both Mac OS X Leopard and Tiger, their related applications, and the hardware they run on or connect to
• Expanded tutorials and lots of background material, including informative sidebars
• "Quick Hacks" for tweaking system and gadget settings in minutes
• Full-blown hacks for adjusting Mac OS X applications such as Mail, Safari, iCal, Front Row, or the iLife suite
• Plenty of hacks and tips for the Mac mini, the MacBook laptops, and new Intel desktops
• Tricks for running Windows on the Mac, under emulation in Parallels or as a standalone OS with Bootcamp

The Big Book of Apple Hacks is not only perfect for Mac fans and power users, but also for recent -- and aspiring -- "switchers" new to the Apple experience. Hacks are arranged by topic for quick and easy lookup, and each one stands on its own so you can jump around and tweak whatever system or gadget strikes your fancy. Pick up this book and take control of Mac OS X and your favorite Apple gadget today!

Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance (Networking Technology)

Omar Santos, Jazib Frahim

Amazon Price: $66.22 List Price: $80.00 Usually ships in 24 hours By: Cisco Press Amazon Marketplace: 48 new & used starting at $52.99

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 10 Average rating: 4.5 of 5

Editorial Review:

Identify, mitigate, and respond to network attacks

• Understand the evolution of security technologies that make up the unified ASA device and how to install the ASA hardware
• Examine firewall solutions including network access control, IP routing, AAA, application inspection, virtual firewalls, transparent (Layer 2) firewalls, failover and redundancy, and QoS
• Evaluate Intrusion Prevention System (IPS) solutions including IPS integration and Adaptive Inspection and Prevention Security Services Module (AIP-SSM) configuration
• Deploy VPN solutions including site-to-site IPsec VPNs, remote- access VPNs, and Public Key Infrastructure (PKI)
• Learn to manage firewall, IPS, and VPN solutions with Adaptive Security Device Manager (ASDM)

Achieving maximum network security is a challenge for most organizations. Cisco® ASA, a new unified security device that combines firewall, network antivirus, intrusion prevention, and virtual private network (VPN) capabilities, provides proactive threat defense that stops attacks before they spread through the network.

 

This new family of adaptive security appliances also controls network activity and application traffic and delivers flexible VPN connectivity. The result is a powerful multifunction network security device that provides the security breadth and depth for protecting your entire network, while reducing the high deployment and operations costs and complexities associated with managing multiple point products.

 

Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance is a practitioner’s guide to planning, deploying, and troubleshooting a comprehensive security plan with Cisco ASA. The book provides valuable insight and deployment examples and demonstrates how adaptive identification and mitigation services on Cisco ASA provide a sophisticated security solution for both large and small network environments.

 

The book contains many useful sample configurations, proven design scenarios, and discussions of debugs that help you understand how to get the most out of Cisco ASA in your own network.

 

“I have found this book really highlights the practical aspects needed for building real-world security. It offers the insider’s guidance needed to plan, implement, configure, and troubleshoot the Cisco ASA in customer environments and demonstrates the potential and power of Self-Defending Networks.”

–Jayshree Ullal, Sr. Vice President, Security Technologies Group, Cisco Systems® 

 

This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

 

Computer Forensics For Dummies (For Dummies (Computer/Tech))

Linda Volonino, Reynaldo Anzaldua

Amazon Price: $19.79 List Price: $29.99 Usually ships in 24 hours By: For Dummies Amazon Marketplace: 44 new & used starting at $14.95

Buy at Amazon.com

Browse similar items by category:
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General
Subjects -> Business & Investing -> Industries & Professions -> E-commerce -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Culture

Customer Reviews:
Total reviews: 3 Average rating: 5.0 of 5

Editorial Review:

Uncover a digital trail of e-evidence by using the helpful, easy-to-understand information in Computer Forensics For Dummies! Professional and armchair investigators alike can learn the basics of computer forensics, from digging out electronic evidence to solving the case. You won’t need a computer science degree to master e-discovery. Find and filter data in mobile devices, e-mail, and other Web-based technologies.

You’ll learn all about e-mail and Web-based forensics, mobile forensics, passwords and encryption, and other e-evidence found through VoIP, voicemail, legacy mainframes, and databases. You’ll discover how to use the latest forensic software, tools, and equipment to find the answers that you’re looking for in record time. When you understand how data is stored, encrypted, and recovered, you’ll be able to protect your personal privacy as well. By the time you finish reading this book, you’ll know how to:

• Prepare for and conduct computer forensics investigations
• Find and filter data
• Protect personal privacy
• Transfer evidence without contaminating it
• Anticipate legal loopholes and opponents’ methods
• Handle passwords and encrypted data
• Work with the courts and win the case

Plus, Computer Forensics for Dummies includes lists of things that everyone interested in computer forensics should know, do, and build. Discover how to get qualified for a career in computer forensics, what to do to be a great investigator and expert witness, and how to build a forensics lab or toolkit.

Apache Security

Ivan Ristic

Amazon Price: $23.07 List Price: $34.95 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 33 new & used starting at $20.96

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Home Computing -> Internet -> General AAS
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy

Customer Reviews:
Total reviews: 12 Average rating: 5.0 of 5

Editorial Review:

With more than 67% of web servers running Apache, it is by far the most widely used web server platform in the world. Apache has evolved into a powerful system that easily rivals other HTTP servers in terms of functionality, efficiency, and speed. Despite these impressive capabilities, though, Apache is only a beneficial tool if it's a secure one. To be sure, administrators installing and configuring Apache still need a sure-fire way to secure it--whether it's running a huge e-commerce operation, corporate intranet, or just a small hobby site. Our new guide, Apache Security, gives administrators and webmasters just what they crave--a comprehensive security source for Apache. Successfully combining Apache administration and web security topics, Apache Security speaks to nearly everyone in the field. What's more, it offers a concise introduction to the theory of securing Apache, as well as a broad perspective on server security in general. But this book isn't just about theory. The real strength of Apache Security lies in its wealth of interesting and practical advice, with many real-life examples and solutions. Administrators and programmers will learn how to:

• install and configure Apache
• prevent denial of service (DoS) and other attacks
• securely share servers
• control logging and monitoring
• secure custom-written web applications
• conduct a web security assessment
• use mod_security and other security-related modules

And that's just the tip of the iceberg, as mainstream Apache users will also gain valuable information on PHP and SSL/ TLS. Clearly, Apache Security is packed and to the point, with plenty of details for locking down this extremely popular and versatile web server.

Essential SNMP, Second Edition

Douglas Mauro, Kevin Schmidt

Amazon Price: $32.97 List Price: $49.95 Usually ships in 24 hours By: O'Reilly Media, Inc. Amazon Marketplace: 43 new & used starting at $24.45

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> General
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> General AAS
Subjects -> Computers & Internet -> Networking -> Networks, Protocols & APIs -> SNMP

Customer Reviews:
Total reviews: 19 Average rating: 4.0 of 5

Editorial Review:

Simple Network Management Protocol (SNMP) provides a "simple" set of operations that allows you to more easily monitor and manage network devices like routers, switches, servers, printers, and more. The information you can monitor with SNMP is wide-ranging--from standard items, like the amount of traffic flowing into an interface, to far more esoteric items, like the air temperature inside a router. In spite of its name, though, SNMP is not especially simple to learn.

O'Reilly has answered the call for help with a practical introduction that shows how to install, configure, and manage SNMP. Written for network and system administrators, the book introduces the basics of SNMP and then offers a technical background on how to use it effectively. "Essential SNMP" explores both commercial and open source packages, and elements like OIDs, MIBs, community strings, and traps are covered in depth. The book contains five new chapters and various updates throughout. Other new topics include:

Expanded coverage of SNMPv1, SNMPv2, and SNMPv3

Expanded coverage of SNMPc

The concepts behind network management and change management

RRDTool and Cricket

The use of scripts for a variety of tasks

How Java can be used to create SNMP applications

Net-SNMP's Perl module

The bulk of the book is devoted to discussing, with real examples, how to use SNMP for system and network administration tasks. Administrators will come away with ideas for writing scripts to help them manage their networks, create managed objects, and extend the operation of SNMP agents.

Once demystified, SNMP is much more accessible. If you're looking for a way to more easily manage your network, look no further than "Essential SNMP, 2nd Edition,"

Linksys WRT54G Ultimate Hacking

Paul Asadoorian; Larry Pesce

Amazon Price: $26.37 List Price: $39.95 Usually ships in 24 hours By: Syngress Amazon Marketplace: 35 new & used starting at $24.97

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Business & Culture -> Hacking
Subjects -> Computers & Internet -> Business & Culture -> Privacy
Subjects -> Computers & Internet -> Computer Science -> Software Engineering -> Information Systems

Customer Reviews:
Total reviews: 7 Average rating: 4.5 of 5

Editorial Review:

This book will teach the reader how to make the most of their WRT54G series hardware. These handy little inexpensive devices can be configured for a near endless amount of networking tasks. The reader will learn about the WRT54G's hardware components, the different third-party firmware available and the differences between them, choosing the firmware that is right for you, and how to install different third-party firmware distributions. Never before has this hardware been documented in this amount of detail, which includes a wide-array of photographs and complete listing of all WRT54G models currently available, including the WRTSL54GS.
Once this foundation is laid, the reader will learn how to implement functionality on the WRT54G for fun projects, penetration testing, various network tasks, wireless spectrum analysis, and more! This title features never before seen hacks using the WRT54G. For those who want to make the most out of their WRT54G you can learn how to port code and develop your own software for the OpenWRT operating system.

*Never before seen and documented hacks, including wireless spectrum analysis
*Most comprehensive source for documentation on how to take advantage of advanced features on the inexpensive wrt54g platform
*Full coverage on embedded device development using the WRT54G and OpenWRT

Understanding Terror Networks

Marc Sageman

Amazon Price: $19.77 List Price: $29.95 Usually ships in 24 hours By: University of Pennsylvania Press Amazon Marketplace: 38 new & used starting at $13.45

Buy at Amazon.com

Browse similar items by category:
Subjects -> Computers & Internet -> Networking -> Network Security
Subjects -> Health, Mind & Body -> Psychology & Counseling -> Social Psychology & Interactions
Subjects -> Health, Mind & Body -> Psychology & Counseling -> General

Customer Reviews:
Total reviews: 13 Average rating: 4.5 of 5

Editorial Review:

For decades, a new type of terrorism has been quietly gathering ranks in the world. America's ability to remain oblivious to these new movements ended on September 11, 2001. The Islamist fanatics in the global Salafi jihad (the violent, revivalist social movement of which al Qaeda is a part) target the West, but their operations mercilessly slaughter thousands of people of all races and religions throughout the world. Marc Sageman challenges conventional wisdom about terrorism, observing that the key to mounting an effective defense against future attacks is a thorough understanding of the networks that allow these new terrorists to proliferate.

Based on intensive study of biographical data on 172 participants in the jihad, Understanding Terror Networks gives us the first social explanation of the global wave of activity. Sageman traces its roots in Egypt, gestation in Afghanistan during the Soviet-Afghan war, exile in the Sudan, and growth of branches worldwide, including detailed accounts of life within the Hamburg and Montreal cells that planned attacks on the United States.

U.S. government strategies to combat the jihad are based on the traditional reasons an individual was thought to turn to terrorism: poverty, trauma, madness, and ignorance. Sageman refutes all these notions, showing that, for the vast majority of the mujahedin, social bonds predated ideological commitment, and it was these social networks that inspired alienated young Muslims to join the jihad. These men, isolated from the rest of society, were transformed into fanatics yearning for martyrdom and eager to kill. The tight bonds of family and friendship, paradoxically enhanced by the tenuous links between the cell groups (making it difficult for authorities to trace connections), contributed to the jihad movement's flexibility and longevity. And although Sageman's systematic analysis highlights the crucial role the networks played in the terrorists' success, he states unequivocally that the level of commitment and choice to embrace violence were entirely their own.

Understanding Terror Networks combines Sageman's scrutiny of sources, personal acquaintance with Islamic fundamentalists, deep appreciation of history, and effective application of network theory, modeling, and forensic psychology. Sageman's unique research allows him to go beyond available academic studies, which are light on facts, and journalistic narratives, which are devoid of theory. The result is a profound contribution to our understanding of the perpetrators of 9/11 that has practical implications for the war on terror.