Hacking Exposed Linux, 3rd Edition |
The Latest Linux Security Solutions
This authoritative guide will help you secure your Linux network--whether you use Linux as a desktop OS, for Internet services, for telecommunications, or for wireless services. Completely rewritten the ISECOM way, Hacking Exposed Linux, Third Edition provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest ISECOM security research and shows you, in full detail, how to lock out intruders and defend your Linux systems against catastrophic attacks.
* Secure Linux by using attacks and countermeasures from the latest OSSTMM research
* Follow attack techniques of PSTN, ISDN, and PSDN over Linux
* Harden VoIP, Bluetooth, RF, RFID, and IR devices on Linux
* Block Linux signal jamming, cloning, and eavesdropping attacks
* Apply Trusted Computing and cryptography tools for your best defense
* Fix vulnerabilities in DNS, SMTP, and Web 2.0 services
* Prevent SPAM, Trojan, phishing, DoS, and DDoS exploits
* Find and repair errors in C code with static analysis and Hoare Logic
--------------------------------------------------------------------------------------------------------------
Hacking Exposed Computer Forensics, Second Edition: Computer Forensics Secrets & Solutions
The latest strategies for investigating cyber-crime
Identify and investigate computer criminals of all stripes with help from this fully updated. real-world resource. Hacking Exposed Computer Forensics, Second Edition explains how to construct a high-tech forensic lab, collect prosecutable evidence, discover e-mail and system file clues, track wireless activity, and recover obscured documents. Learn how to re-create an attacker's footsteps, communicate with counsel, prepare court-ready reports, and work through legal and organizational challenges. Case studies straight from today's headlines cover IP theft, mortgage fraud, employee misconduct, securities fraud, embezzlement, organized crime, and consumer fraud cases.
* Effectively uncover, capture, and prepare evidence for investigation
* Store and process collected data in a highly secure digital forensic lab
* Restore deleted documents, partitions, user activities, and file systems
* Analyze evidence gathered from Windows, Linux, and Macintosh systems
* Use the latest Web and client-based e-mail tools to extract relevant artifacts
* Overcome the hacker's anti-forensic, encryption, and obscurity techniques
* Unlock clues stored in cell phones, PDAs, and Windows Mobile devices
* Prepare legal documents that will hold up to judicial and defense scrutiny
-----------------------------------------------------------------------------------------------------------------------------------
Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions
# Establish business relevance and context for security by highlighting real-world risks
# Take a tour of the Windows security architecture from the hacker's perspective, exposing old and new vulnerabilities that can easily be avoided
# Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries,
and Google searches to locate vulnerable Windows systems
# Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques
# Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing,
rogue server/man-in-the-middle attacks, and cracking vulnerable services
# See up close how professional hackers reverse engineer and develop new Windows exploits
# Identify and eliminate rootkits, malware, and stealth software
# Fortify SQL Server against external and insider attacks
# Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats
# Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control,
the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization
-----------------------------------------------------------------------------------------------------------------------------------
Hacking Exposed: Web Applications, 3rd Edition By Joel Scambray, Vincent Liu, Caleb Sima MG-H, 3rd Edition 2011 | 482 Pages | ISBN: 0071740643 | PDF | 7 MB
The latest Web app attacks and countermeasures from world-renowned practitioners Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web Applications, Third Edition is fully updated to cover new infiltration methods and countermeasures. Find out how to reinforce authentication and authorization, plug holes in Firefox and IE, reinforce against injection attacks, and secure Web 2.0 features. Integrating security into the Web development lifecycle (SDL) and into the broader enterprise information security program is also covered in this comprehensive resource.
* Get full details on the hacker's footprinting, scanning, and profiling tools, including SHODAN, Maltego, and OWASP DirBuster * See new exploits of popular platforms like Sun Java System Web Server and Oracle WebLogic in operation * Understand how attackers defeat commonly used Web authentication technologies * See how real-world session attacks leak sensitive data and how to fortify your applications * Learn the most devastating methods used in today's hacks, including SQL injection, XSS, XSRF, phishing, and XML injection techniques * Find and fix vulnerabilities in ASP.NET, PHP, and J2EE execution environments * Safety deploy XML, social networking, cloud computing, and Web 2.0 services * Defend against RIA, Ajax, UGC, and browser-based, client-side exploits * Implement scalable threat modeling, code review, application scanning, fuzzing, and security testing procedures
------------------------------------------------------------------------------------------------------------------------------------
Hacking Exposed Network Security & Solutions 6th Edition
The world's bestselling computer security book--fully expanded and updated
"Right now you hold in your hand one of the most successful security
books ever written. Rather than being a sideline participant, leverage
the valuable insights Hacking Exposed 6 provides to help yourself, your
company, and your country fight cyber-crime." --From the Foreword by
Dave DeWalt, President and CEO, McAfee, Inc.
"For security to be successful in any company, you must ‘think evil' and
be attuned to your ‘real risk'...Hacking Expose 6 defines both."
--Patrick Heim, CISO, Kaiser Permanente
"The definitive resource to understanding the hacking mindset and the
defenses against it." --Vince Rossi, CEO & President, St. Bernard
Software
"Identity theft costs billions every year and unless you understand the
threat, you will be destined to be a victim of it. Hacking Exposed 6
gives you the tools you need to prevent being a victim." --Bill Loesch,
CTO, Guard ID Systems
"This book is current, comprehensive, thoughtful, backed by experience,
and appropriately free of vendor-bias-prized features for any security
practitioner in need of information." --Kip Boyle, CISO, PEMCO Mutual
Insurance Company
"The Hacking Exposed series has become the definitive reference for
security professionals from the moment it was first released, and the
6th edition maintains its place on my bookshelf," --Jeff Moss, Founder
of the popular Black Hat Security Conference
Meet the formidable demands of security in today's hyperconnected world
with expert guidance from the world-renowned Hacking Exposed team.
Following the time-tested "attack-countermeasure" philosophy, this 10th
anniversary edition has been fully overhauled to cover the latest
insidious weapons in the hacker's extensive arsenal.
New and updated material:
* New chapter on hacking hardware, including lock bumping, access
card cloning, RFID hacks, USB U3 exploits, and Bluetooth device
hijacking
* Updated Windows attacks and countermeasures, including new Vista and Server 2008 vulnerabilities and Metasploit exploits
* The latest UNIX Trojan and rootkit techniques and dangling pointer and input validation exploits
* New wireless and RFID security tools, including multilayered encryption and gateways
* All-new tracerouting and eavesdropping techniques used to target network hardware and Cisco devices
* Updated DoS, man-in-the-middle, DNS poisoning, and buffer overflow coverage
* VPN and VoIP exploits, including Google and TFTP tricks, SIP flooding, and IPsec hacking
* Fully updated chapters on hacking the Internet user, web hacking, and securing code
Table of contents
Part I: Casing the Establishment
Chapter 1. Footprinting
Chapter 2. Scanning
Chapter 3. Enumeration
Part II: System Hacking
Chapter 4. Hacking Windows
Chapter 5. Hacking Unix
Part III: Infrastructure Hacking
Chapter 6. Remote Connectivity and VoIP Hacking
Chapter 7. Network Devices
Chapter 8. Wireless Hacking
Chapter 9. Hacking Hardware
Part IV: Application and Data Hacking
Chapter 10. Hacking Code
Chapter 11. Web Hacking
Chapter 12. Hacking the Internet User
Part V: Appendixes
Appendix A. Ports
Appendix B. Top 14 Security Vulnerabilities
Appendix C. Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks
Index
Biographical note
Stuart McClure, CISSP, CNE, CCSE, a leading authority on information
security, is VP of Operations & Strategy for the Risk &
Compliance Business Unit at McAfee.Joel Scambray, CISSP, is cofounder
and CEO of Consciere, provider of strategic security advisory
services.George Kurtz, CISSP, CISA, CPA, is an internationally
recognized security expert, author, and entrepreneur. He is currently a
senior executive and general manager with McAfee, Inc.They are the
bestselling coauthors of the five previous editions of Hacking Exposed.