Book Description

A tactical guide to installing, implementing, optimizing, and supporting SSH in order to secure your network

Prevent unwanted hacker attacks! This detailed guide will show you how to strengthen your company system’s defenses, keep critical data secure, and add to the functionality of your network by deploying SSH. Security expert Himanshu Dwivedi shows you ways to implement SSH on virtually all operating systems, desktops, and servers, so your system is safe, secure, and stable. Learn how SSH fulfills all the core items in security, including authentication, authorization, encryption, integrity, and auditing. Also, discover methods to optimize the protocol for security and functionality on Unix®, Windows®, and network architecture environments. Additionally, find out about the similarities and differences of the major SSH servers and clients.

With the help of numerous architectural examples and case studies, you’ll gain the necessary skills to:

• Explore many remote access solutions, including the theory, setup, and configuration of port forwarding
• Take advantage of features such as secure e-mail, proxy, and dynamic port forwarding
• Use SSH on network devices that are traditionally managed by Telnet
• Utilize SSH as a VPN solution in both a server and client aspect
• Replace insecure protocols such as Rsh, Rlogin, and FTP
• Use SSH to secure Web browsing and as a secure wireless (802.11) solution

Download Now »

Book Description

There is a lot at stake for administrators taking care of servers, since they house sensitive data like credit cards, social security numbers, medical records, and much more. In Securing SQL Server you will learn about the potential attack vectors that can be used to break into your SQL Server database, and how to protect yourself from these attacks. Written by a Microsoft SQL Server MVP and MCM, you will learn how to properly secure your database, from both internal and external threats. Best practices and specific tricks employed by the author will also be revealed. Learn expert techniques to protect your SQL database environment.

• Author Denny Cherry is a Microsoft MVP and MCM for his expertise in the SQL Server product
• Learn expert techniques to protect your SQL database environment
• Discover how to identify what an intruder accessed or damaged

Table of Contents
Chapter 1: Securing the Network
Chapter 2: Database Encryption
Chapter 3: SQL Password Security
Chapter 4: Securing the Instance
Chapter 5: Additional Security for an Internet Facing SQL Server and Application
Chapter 6: SQL Injection Attacks
Chapter 7: Database Backup Security
Chapter 8: Auditing for Security Download Now »

Book Description

Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today’s computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today’s developers need help figuring out how to write code that attackers won’t be able to exploit. But writing such code is surprisingly difficult.

Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book’s more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn:

• How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems
• How to properly SSL-enable applications
• How to create secure channels for client-server communication without SSL
• How to integrate Public Key Infrastructure (PKI) into applications
• Best practices for using cryptography properly Download Now »

Book Description

What do information security and the art of war have in common?
The answer, this book argues, is a great deal. Although the authors have an expert technical knowledge of information security, they strongly believe that technical and procedural measures cannot offer a solution on their own.

The human factor
Information security is not painting by numbers. You can tick all the right boxes and acquire the latest technology, and you may fail all the same. This is because information security is ultimately a human problem, not a technical one. In the end, the threats to your information security come from human beings, not from machines. Although one problem you will face is simple human error, the major threat to your business information is from the criminal.

Fight Cybercrime
Cybercrime is on the move. It is in a state of constant evolution, capable of adapting both to developments in technology and to whatever security measures its targets have already put in place. It will seek out your weak points in order to exploit them for its own advantage. However, although the people who want to harm your business will try to take you by surprise, they are also bound to have weaknesses of their own. Because the activity of the cybercriminal is both deliberate and hostile, they can be compared to a military adversary. So if you want to defend yourself from cybercrime you can learn from military strategy. Download Now »

Book Description

For the first time, Deviant Ollam, one of the security industry’s best-known lockpicking teachers, has assembled an instructional manual geared specifically toward penetration testers. Unlike other texts on the subject (which tend to be either massive volumes detailing every conceivable style of lock or brief “spy manuals” that only skim the surface) this book is for INFOSEC professionals that need essential, core knowledge of lockpicking and seek the ability to open most locks with relative ease. Deviant’s material is presented with rich, detailed diagrams and is offered in easy-to-follow lessons which allow even beginners to acquire the knowledge very quickly. Everything from straightforward lockpicking to quick-entry techniques like shimming, bumping, and bypassing is explained and shown.Whether you’re being hired to penetrate security or simply trying to harden your own defenses, this book is essential.

• Detailed photos make learning as easy as picking a lock
• DVD is filled with indispensible lock picking videos and color photos
• Extensive appendix details tools and toolkits currently available for all your lock picking needs

Review
“Practical Lock Picking (PLP) is an awesome book. I don’t provide physical testing services, but as a security professional familiar with Deviant’s reputation I was curious to read PLP. Not only is PLP an incredible resource, it should also serve as a model text for others who want to write a good book. Download Now »

Book Description

In October 2000, the US National Institute of Standards and Technology selected the block cipher Rijndael as the Advanced Encryption Standard (AES). AES is expected to gradually replace the present Data Encryption Standard (DES) as the most widely applied data encryption technology.|This book by the designers of the block cipher presents Rijndael from scratch. The underlying mathematics and the wide trail strategy as the basic design idea are explained in detail and the basics of differential and linear cryptanalysis are reworked. Subsequent chapters review all known attacks against the Rijndael structure and deal with implementation and optimization issues. Finally, other ciphers related to Rijndael are presented.|This volume is THE authoritative guide to the Rijndael algorithm and AES. Professionals, researchers, and students active or interested in data encryption will find it a valuable source of information and reference.

Written for: Professionals, practitioners, scientists Download Now »