Product Description
In October 2000, the US National Institute of Standards and Technology selected the block cipher Rijndael as the Advanced Encryption Standard (AES). AES is expected to gradually replace the present Data Encryption Standard (DES) as the most widely applied data encryption technology.|This book by the designers of the block cipher presents Rijndael from scratch. The underlying mathematics and the wide trail strategy as the basic design idea are explained in detail and the basics of differential and linear cryptanalysis are reworked. Subsequent chapters review all known attacks against the Rijndael structure and deal with implementation and optimization issues. Finally, other ciphers related to Rijndael are presented.|This volume is THE authoritative guide to the Rijndael algorithm and AES. Professionals, researchers, and students active or interested in data encryption will find it a valuable source of information and reference.

Product Description
The advantage of using Rails is its agility; it makes developing your web applications easy and fast. The disadvantage is that it can leave holes in your security if you are not aware of common vulnerabilities. It’s a nerve-wracking and unfortunate fact that there are plenty of malicious people lurking on the Web. As a Rails developer, it is essential that you understand how to assess risk and protect your data and your users.

Security on Rails uses established security principles to teach you how to write more secure software, defend your applications from common threats, and encrypt your data. We’ll give you an example of a hacking exploit, and explore how to fix the weaknesses in an application.

You’ll learn the steps you need to take to control access to information and authenticate users, including cryptography concepts and authorization. In addition, you’ll see how to integrate your applications with external management systems; in short, the crucial details you must consider to protect yourself and your data.

The most important element of security is to plan for it before it becomes an issue. Security on Rails helps beginner and intermediate developers to take control of their applications and guard against attacks.
Continue Reading »

Product Description
You may have heard about “cyber warfare” in the news, but do you really know what it is? This book provides fascinating and disturbing details on how nations, groups, and individuals throughout the world are using the Internet as an attack platform to gain military, political, and economic advantages over their adversaries. You’ll learn how sophisticated hackers working on behalf of states or organized crime patiently play a high-stakes game that could target anyone, regardless of affiliation or nationality.

Inside Cyber Warfare goes beyond the headlines of attention-grabbing DDoS attacks and takes a deep look inside multiple cyber-conflicts that occurred from 2002 through summer 2009.

• Learn how cyber attacks are waged in open conflicts, including recent hostilities between Russia and Georgia, and Israel and Palestine
• Discover why Twitter, Facebook, LiveJournal, Vkontakte, and other sites on the social web are mined by the intelligence services of many nations
• Read about China’s commitment to penetrate the networks of its technologically superior adversaries as a matter of national survival
• Find out why many attacks originate from servers in the United States, and who’s responsible
• Learn how hackers are “weaponizing” malware to attack vulnerabilities at the application level Continue Reading »

Product Description
With more than 67% of web servers running Apache and web-based attacks becoming more and more prevalent, web security has become a critical area for web site managers. Most existing tools work on the TCP/IP level, failing to use the specifics of the HTTP protocol in their operation. Mod_security is a module running on Apache, which will help you overcome the security threats prevalent in the online world.

A complete guide to using ModSecurity, this book will show you how to secure your web application and server, and does so by using real-world examples of attacks currently in use. It will help you learn about SQL injection, cross-site scripting attacks, cross-site request forgeries, null byte attacks, and many more so that you know how attackers operate.
Using clear, step-by-step instructions this book starts by teaching you how to install and set up ModSecurity, before diving into the rule language with examples. It assumes no prior knowledge of ModSecurity, so as long as you are familiar with basic Linux administration, you can start to learn right away.

Real-life case studies are used to illustrate the dangers on the Web today – you will for example learn how the recent worm that hit Twitter works, and how you could have used ModSecurity to stop it in its tracks. The mechanisms behind these and other attacks are described in detail, and you will learn everything you need to know to make sure your server and web application remain unscathed on the increasingly dangerous web. Have you ever wondered how attackers figure out the exact web server version running on a system? They use a technique called HTTP fingerprinting, and you will learn about this in depth and how to defend against it by flying your web server under a “false flag”. Continue Reading »

Product Description
Microsoft Security Essentials User Manual is the unofficial user’s manual for Microsoft’s new free anti-malware program. It shows users how to use MSE to safeguard your computer from viruses and spyware, how to download and configure MSE, how to manually scan for malware, how to keep the program updated, and how to schedule regular maintenance.

• Understand the malware threat
• Download and install MSE
• Configure MSE for your system
• Set up automatic scanning
• Use real-time protection
• Configure advanced options
• Update your copy of MSE
• Scan your system
• Learn how automatic scans differ from custom scans
• View your scanning history and eliminate threat Continue Reading »