And writing device drivers is one of the few areas of programming for the Linux operating system that calls for unique, Linux-specific knowledge. For years now, programmers have relied on the classic "Linux Device Drivers" from O'Reilly to master this critical subject. Now in its third edition, this bestselling guide provides all the information you'll need to write drivers for a wide range of devices.Over the years the book has helped countless programmers learn: how to support computer peripherals under the Linux operating system how to develop and write software for new hardware under Linux the basics of Linux operation even if they are not expecting to write a driver The new edition of "Linux Device Drivers" is better than ever. The book covers all the significant changes to Version 2.6 of the Linux kernel, which simplifies many activities, and contains subtle new features that can make a driver both more efficient and more flexible. Readers will find new chapters on important types of drivers not covered previously, such as consoles, USB drivers, and more.Best of all, you don't have to be a kernel hacker to understand and enjoy this book. All you need is an understanding of the C programming language and some background in Unix system calls. And for maximum ease-of-use, the book uses full-featured examples that you can compile and run without special hardware.Today Linux holds fast as the most rapidly growing segment of the computer market and continues to win over enthusiastic adherents in many application areas. With this increasing support, Linux is now absolutely mainstream, and viewed as a solid platform for embedded systems. If you're writing device drivers, you'll want this book. In fact, you'll wonder how drivers are ever written without it.

    By the time you're halfway through this fast-paced, hands-on guide, you'll have built a series of useful projects, including a complete ZigBee wireless network that delivers remotely sensed data.Radio networking is creating revolutions in volcano monitoring, performance art, clean energy, and consumer electronics. As you follow the examples in each chapter, you'll learn how to tackle inspiring projects of your own. This practical guide is ideal for inventors, hackers, crafters, students, hobbyists, and scientists.Investigate an assortment of practical and intriguing project ideasPrep your ZigBee toolbox with an extensive shopping list of parts and programsCreate a simple, working ZigBee network with XBee radios in less than two hours -- for under $100Use the Arduino open source electronics prototyping platform to build a series of increasingly complex projectsGet familiar with XBee's API mode for creating sensor networksBuild fully scalable sensing and actuation systems with inexpensive componentsLearn about power management, source routing, and other XBee technical nuancesMake gateways that connect with neighboring networks, including the Internet

    The gold standard for attaining security is cryptography because it provides the most reliable tools for storing or transmitting digital information. Written by Niels Ferguson, lead cryptographer for Counterpane, Bruce Schneier's security company, and Bruce Schneier himself, this is the much anticipated follow-up book to Schneier's seminal encyclopedic reference, Applied Cryptography, Second Edition (0-471-11709-9), which has sold more than 150,000 copies. Niels Ferguson (Amsterdam, Netherlands) is a cryptographic engineer and consultant at Counterpane Internet Security. He has extensive experience in the creation and design of security algorithms, protocols, and multinational security infrastructures. Previously, Ferguson was a cryptographer for DigiCash and CWI. At CWI he developed the first generation of off-line payment protocols. He has published numerous scientific papers. Bruce Schneier (Minneapolis, MN) is Founder and Chief Technical Officer at Counterpane Internet Security, a managed-security monitoring company. He is also the author of Secrets and Lies: Digital Security in a Networked World (0-471-25311-1).

    

    But what if you could have your computer do them for you?In "Automate the Boring Stuff with Python," you'll learn how to use Python to write programs that do in minutes what would take you hours to do by hand no prior programming experience required. Once you've mastered the basics of programming, you'll create Python programs that effortlessly perform useful and impressive feats of automation to: Search for text in a file or across multiple filesCreate, update, move, and rename files and foldersSearch the Web and download online contentUpdate and format data in Excel spreadsheets of any sizeSplit, merge, watermark, and encrypt PDFsSend reminder emails and text notificationsFill out online formsStep-by-step instructions walk you through each program, and practice projects at the end of each chapter challenge you to improve those programs and use your newfound skills to automate similar tasks.Don't spend your time doing work a well-trained monkey could do. Even if you've never written a line of code, you can make your computer do the grunt work. Learn how in "Automate the Boring Stuff with Python.""

    I asked other people and they didn't seem to know how these things work, or at least they couldn't explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!" --Stephen Northcutt, CEO, SANS Institute "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery "Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It's technically intriguing and very clear. . . . A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field." --From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World "What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks." --Lenny Zeltser, coauthor of Malware: Fighting Malicious Code "Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a 'must-have' and a 'must-read' for anyone remotely associated with computers and computer security." --Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery "In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis's real strength is in his ability to show complex topics in an understandable form. By the time he's done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar. This book is your best source for understanding attack strategies, attack tools, and the defenses against both." --William Stearns, network security expert, www.stearns.org "This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written." --Warwick Ford, coauthor of Secure Electronic Commerce For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today's newest, most sophisticated, and most destructive attacks.For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic. You'll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments.Important features of this new edition includeAll-new "anatomy-of-an-attack" scenarios and tools An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more Fully updated coverage of reconnaissance tools, including Nmap port scanning and "Google hacking" New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit New information on dangerous, hard-to-detect, kernel-mode rootkits

    Max 'Vision' Butler was a white-hat hacker and a celebrity throughout the programming world, even serving as a consultant to the FBI. But there was another side to Max. As the black-hat 'Iceman', he'd seen the fraudsters around him squabble, their ranks riddled with infiltrators, their methods inefficient, and in their dysfunction was the ultimate challenge: he would stage a coup and steal their ill-gotten gains from right under their noses.Through the story of Max Butler's remarkable rise, KINGPIN lays bare the workings of a silent crime wave affecting millions worldwide. It exposes vast online-fraud supermarkets stocked with credit card numbers, counterfeit cheques, hacked bank accounts and fake passports. Thanks to Kevin Poulsen's remarkable access to both cops and criminals, we step inside the quiet,desperate battle that law enforcement fights against these scammers. And learn that the boy next door may not be all he seems.

    The book starts with the fundamentals -- what protocols do and how they work, how addresses and routing are used to move data through the network, how to set up your network connection -- and then covers, in detail, everything you need to know to exchange information via the Internet.Included are discussions on advanced routing protocols (RIPv2, OSPF, and BGP) and the gated software package that implements them, a tutorial on configuring important network services -- including DNS, Apache, sendmail, Samba, PPP, and DHCP -- as well as expanded chapters on troubleshooting and security. TCP/IP Network Administration is also a command and syntax reference for important packages such as gated, pppd, named, dhcpd, and sendmail.With coverage that includes Linux, Solaris, BSD, and System V TCP/IP implementations, the third edition contains:Overview of TCP/IP Delivering the data Network services Getting startedM Basic configuration Configuring the interface Configuring routing Configuring DNS Configuring network servers Configuring sendmail Configuring Apache Network security Troubleshooting Appendices include dip, ppd, and chat reference, a gated reference, a dhcpd reference, and a sendmail reference This new edition includes ways of configuring Samba to provide file and print sharing on networks that integrate Unix and Windows, and a new chapter is dedicated to the important task of configuring the Apache web server. Coverage of network security now includes details on OpenSSH, stunnel, gpg, iptables, and the access control mechanism in xinetd. Plus, the book offers updated information about DNS, including details on BIND 8 and BIND 9, the role of classless IP addressing and network prefixes, and the changing role of registrars.Without a doubt, TCP/IP Network Administration, 3rd Edition is a must-have for all network administrators and anyone who deals with a network that transmits data over the Internet.

    But just how does the magic happen?In Black Hat Python, the latest from Justin Seitz (author of the best-selling Gray Hat Python), you'll explore the darker side of Python's capabilities writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You'll learn how to:Create a trojan command-and-control using GitHubDetect sandboxing and automate common malware tasks, like keylogging and screenshottingEscalate Windows privileges with creative process controlUse offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machineExtend the popular Burp Suite web-hacking toolAbuse Windows COM automation to perform a man-in-the-browser attackExfiltrate data from a network most sneakilyInsider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python."

    This book brings you up-to-date with the latest changes in this crucial service.The fifth edition covers BIND 9.3.2, the most recent release of the BIND 9 series, as well as BIND 8.4.7. BIND 9.3.2 contains further improvements in security and IPv6 support, and important new features such as internationalized domain names, ENUM (electronic numbering), and SPF (the Sender Policy Framework).Whether you're an administrator involved with DNS on a daily basis or a user who wants to be more informed about the Internet and how it works, you'll find that this book is essential reading.Topics include:What DNS does, how it works, and when you need to use it How to find your own place in the Internet's namespace Setting up name servers Using MX records to route mail Configuring hosts to use DNS name servers Subdividing domains (parenting) Securing your name server: restricting who can query your server, preventing unauthorized zone transfers, avoiding bogus servers, etc. The DNS Security Extensions (DNSSEC) and Transaction Signatures (TSIG) Mapping one name to several servers for load sharing Dynamic updates, asynchronous notification of change to a zone, and incremental zone transfers Troubleshooting: using nslookup and dig, reading debugging output, common problems DNS programming using the resolver library and Perl's Net::DNS module

    Beginning with an introduction to array formulas, this manual examines topics such as how they differ from ordinary formulas, the benefits and drawbacks of their use, functions that can and cannot handle array calculations, and array constants and functions. Among the practical applications surveyed include how to extract data from tables and unique lists, how to get results that match any criteria, and how to utilize various methods for unique counts. This book contains 529 screen shots.

    This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or applicationNew material addresses the many new exploitation techniques that have been discovered since the first edition, including attacking "unbreakable" software packages such as McAfee's Entercept, Mac OS X, XP, Office 2003, and VistaAlso features the first-ever published information on exploiting Cisco's IOS, with content that has never before been exploredThe companion Web site features downloadable code files

    Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape.In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to:Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time.

    Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

    In the second edition of Network Security, this most distinguished of author teams draws on hard-won experience to explain every facet of information security, from the basics to advanced cryptography and authentication; secure Web and email services; and emerging security standards. Highlights of the book's extensive new coverage include Advanced Encryption Standard (AES), IPsec, SSL, PKI Standards, and Web security.