Book Description

What if you could sit down with some of the most talented security engineers in the world and ask any network security question you wanted? Security Power Tools lets you do exactly that! Members of Juniper Networks’ Security Engineering team and a few guest experts reveal how to use, tweak, and push the most popular network security applications, utilities, and tools available using Windows, Linux, Mac OS X, and Unix platforms.

Designed to be browsed, Security Power Tools offers you multiple approaches to network security via 23 cross-referenced chapters that review the best security tools on the planet for both black hat techniques and white hat defense tactics. It’s a must-have reference for network administrators, engineers and consultants with tips, tricks, and how-to advice for an assortment of freeware and commercial tools, ranging from intermediate level command-line operations to advanced programming of self-hiding exploits.

Security Power Tools details best practices for:

• Reconnaissance — including tools for network scanning such as nmap; vulnerability scanning tools for Windows and Linux; LAN reconnaissance; tools to help with wireless reconnaissance; and custom packet generation
• Penetration — such as the Metasploit framework for automated penetration of remote computers; tools to find wireless networks; exploitation framework applications; and tricks and tools to manipulate shellcodes Download Now »

Book Description

Jason Andress and Steve Winterfeld cover how and why cyber war is waged, addressing the key issues in corporate and global cyber warfare, discussing real-world attempts by individuals and states to adversely affect the networks and computers of corporate players and other nations. Cyber Warfare explores the battlefields, participants and the tools and techniques used during digital conflict, with an in-depth look at the ethics, laws and consequences of cyber war and how the global body of computer criminal law may change as a result. The concepts discussed in this book will give those involved in information security a better idea of how cyber conflicts are carried out now, how they will change in the future and how to detect and defend against cyber terrorists, organized criminals and non-state actors.

• Provides concrete examples and real-world guidance on how to identify and defend your network against malicious attacks
• Dives deeply into relevant technical and factual information from an insider’s point of view
• Details the ethics, laws and consequences of cyber war and how computer criminal law may change as a result

“Regardless of where the definition of cyber warfare finally settles, be it simply a war waged over the Internet, a technological cold war, network-based hostilities or simply another theater of war, there are without doubt activities that transpire over the wire that require much closer scrutiny not only by the security community but also by governments, businesses and the general public. The authors accurately and adeptly take the reader from the headlines Download Now »

Book Description

“Security engineering is different from any other kind of programming. . . . if you’re even thinking of doing any security engineering, you need to read this book.”
— Bruce Schneier

“This is the best book on computer security. Buy it, but more importantly, read it and apply it in your work.”
— Gary McGraw

This book created the discipline of security engineering

The world has changed radically since the first edition was published in 2001. Spammers, virus writers, phishermen, money launderers, and spies now trade busily with each other in a lively online criminal economy — and as they specialize, they get better. New applications, from search to social networks to electronic voting machines, provide new targets. And terrorism has changed the world. In this indispensable, fully updated guide, Ross Anderson reveals how to build systems that stay dependable whether faced with error or malice.

Here’s straight talk about

• Technical engineering basics — cryptography, protocols, access controls, and distributed systems
• Types of attack — phishing, Web exploits, card fraud, hardware hacks, and electronic warfare
• Specialized protection mechanisms — what biometrics, seals, smartcards, alarms, and DRM do, and how they fail Download Now »

Book Description

Cisco Firewalls thoroughly explains each of the leading Cisco firewall products, features, and solutions, and shows how they can add value to any network security design or operation. The author tightly links theory with practice, demonstrating how to integrate Cisco firewalls into highly secure, self-defending networks. Cisco Firewalls shows you how to deploy Cisco firewalls as an essential component of every network infrastructure. The book takes the unique approach of illustrating complex configuration concepts through step-by-step examples that demonstrate the theory in action. This is the first book with detailed coverage of firewalling Unified Communications systems, network virtualization architectures, and environments that include virtual machines. The author also presents indispensable information about integrating firewalls with other security elements such as IPS, VPNs, and load balancers; as well as a complete introduction to firewalling IPv6 networks. Cisco Firewalls will be an indispensable resource for engineers and architects designing and implementing firewalls; security administrators, operators, and support professionals; and anyone preparing for the CCNA Security, CCNP Security, or CCIE Security certification exams.

Alexandre Matos da Silva Pires de Moraes, CCIE No. 6063, has worked as a Systems Engineer for Cisco Brazil since 1998 in projects that involve not only Security and VPN technologies but also Routing Protocol and Campus Design, IP Multicast Routing, and MPLS Networks Design. He coordinated a team of Security engineers in Brazil and holds the CISSP, CCSP, and three CCIE certifications (Routing/Switching, Security, and Service Provider). Download Now »

Book Description

Learn to secure Web sites built on open source CMSs

Web sites built on Joomla!, WordPress, Drupal, or Plone face some unique security threats. If you’re responsible for one of them, this comprehensive security guide, the first of its kind, offers detailed guidance to help you prevent attacks, develop secure CMS-site operations, and restore your site if an attack does occur. You’ll learn a strong, foundational approach to CMS operations and security from an expert in the field.

• More and more Web sites are being built on open source CMSs, making them a popular target, thus making you vulnerable to new forms of attack
• This is the first comprehensive guide focused on securing the most common CMS platforms: Joomla!, WordPress, Drupal, and Plone
• Provides the tools for integrating the Web site into business operations, building a security protocol, and developing a disaster recovery plan
• Covers hosting, installation security issues, hardening servers against attack, establishing a contingency plan, patching processes, log review, hack recovery, wireless considerations, and infosec policy

CMS Security Handbook is an essential reference for anyone responsible for a Web site built on an open source CMS. Download Now »

Book Description

It’s no longer just a buzz word: “Security” is an important part of your job as a Systems Administrator. Most security books are aimed at security professionals, but Security for System Administrators is written for System Administrators. This book covers the basics of securing your system environment as well as security concepts and how these concepts can be implemented practically using common tools and applications. Whether you are new to this profession or have been in the field a while, you’ll find valuable information in each chapter. The book’s examples will focus on Windows Server 2008 R2 and Windows 7, but many concepts are platform agnostic.

• Take all the confusion out of security including: network attacks, system failures, social networking, and even audits
• Learn how to apply and implement general security concepts
• Identify and solve situations within your network and organization

“This handy guide features security information for Windows novices and more experienced admins alike, including security basics and tools that provide advanced protection against network attacks and system failures.”
–TechTarget’s round-up of the “Five Windows Servers books to watch for in 2011″

Download Now »