The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy


Patrick Engebretson - 2011
    No prior hacking experience is needed. You learn how to properly utilize and interpret the results of modern day hacking tools, which are required to complete a penetration test. Tool coverage includes Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, Hacker Defender rootkit, and more. A simple and clean explanation of how to effectively utilize these tools as well as the introduction to a four-step methodology for conducting a penetration test or hack, will provide you with know-how required to jump start your career or gain a better understanding of offensive security. The book serves as an introduction to penetration testing and hacking and will provide you with a solid foundation of knowledge. After completing the book readers will be prepared to take on in-depth and advanced topics in hacking and penetration testing. The book walks through each of the steps and tools in a structured, orderly manner allowing readers to understand how the output from each tool can be fully utilized in the subsequent phases of the penetration test. This process allows readers to clearly see how the tools and phases relate.Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phasesWritten by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State UniversityUtilizes the Backtrack Linux distribution and focuses on the seminal tools required to complete a penetration test

Spam Nation: The Inside Story of Organized Cybercrime — from Global Epidemic to Your Front Door


Brian Krebs - 2014
    Tracing the rise, fall, and alarming resurrection of the digital mafia behind the two largest spam pharmacies and countless viruses, phishing, and spyware attacks he delivers the first definitive narrative of the global spam problem and its threat to consumers everywhere.Blending cutting-edge research, investigative reporting, and firsthand interviews, this terrifying true story reveals how we unwittingly invite these digital thieves into our lives every day. From unassuming computer programmers right next door to digital mobsters like "Cosma" who unleashed a massive malware attack that has stolen thousands of Americans' logins and passwords, Krebs uncovers the shocking lengths to which these people will go to profit from our data and our wallets.Not only are hundreds of thousands of Americans exposing themselves to fraud and dangerously toxic products from rogue online pharmacies, but even those who never open junk messages are at risk. As Krebs notes, spammers can—and do—hack into accounts through these emails, harvest personal information like usernames and passwords, and sell them on the digital black market. The fallout from this global epidemic doesn't just cost consumers and companies billions, it costs lives too.Fast-paced and utterly gripping, Spam Nation ultimately proposes concrete solutions for protecting ourselves online and stemming this tidal wave of cybercrime, before it's too late."Krebs's talent for exposing the weaknesses in online security has earned him respect in the IT business and loathing among cybercriminals. His track record of scoops has helped him become the rare blogger who supports himself on the strength of his reputation for hard-nosed reporting." Bloomberg Businessweek

CISSP All-in-One Exam Guide


Shon Harris - 2001
    Revised and updated using feedback from Instructors and students, learn security operations in the areas of telecommunications, cryptography, management practices, and more. Plan for continuity and disaster recovery. Update your knowledge of laws, investigations, and ethics. Plus, run the CD-ROM and practice with more than 500 all new simulated exam questions. Browse the all new electronic book for studying on the go. Let security consultant and author Shon Harris lead you to successful completion of the CISSP.

Practical UNIX & Internet Security


Simson Garfinkel - 1991
    Crammed with information about host security, it saved many a UNIX system administrator and user from disaster.This second edition is a complete rewrite of the original book. It's packed with twice the pages and offers even more practical information for UNIX users and administrators. It covers features of many types of UNIX systems, including SunOS, Solaris, BSDI, AIX, HP-UX, Digital UNIX, Linux, and others. The first edition was practical, entertaining, and full of useful scripts, tips, and warnings. This edition is all those things -- and more.If you are a UNIX system administrator or user in this security-conscious age, you need this book. It's a practical guide that spells out, in readable and entertaining language, the threats, the system vulnerabilities, and the countermeasures you can adopt to protect your UNIX system, network, and Internet connection. It's complete -- covering both host and network security -- and doesn't require that you be a programmer or a UNIX guru to use it.Practical UNIX & Internet Security describes the issues, approaches, and methods for implementing security measures. It covers UNIX basics, the details of security, the ways that intruders can get into your system, and the ways you can detect them, clean up after them, and even prosecute them if they do get in. Filled with practical scripts, tricks, and warnings, Practical UNIX & Internet Security tells you everything you need to know to make your UNIX system as secure as it possible can be.Contents include:Part I: Computer Security Basics. Introduction and security policies. Part II: User Responsibilities. Users and their passwords, groups, the superuser, the UNIX filesystem, and cryptography. Part III: System Administrator Responsibilities. Backups, defending accounts, integrity checking, log files, programmed threats, physical security, and personnel security. Part IV: Network and Internet Security: telephone security, UUCP, TCP/IP networks, TCP/IP services, WWW, RPC, NIS, NIS+, Kerberos, and NFS. Part V: Advanced Topics: firewalls, wrappers, proxies, and secure programming. Part VI: Handling Security Incidents: discovering a breakin, U.S. law, and trust. VII: Appendixes. UNIX system security checklist, important files, UNIX processes, paper and electronic sources, security organizations, and table of IP services.

Threat Modeling: Designing for Security


Adam Shostack - 2014
    Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics


John Sammons - 2011
    This book teaches you how to conduct examinations by explaining what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Readers will also learn how to collect evidence, document the scene, and recover deleted data. This is the only resource your students need to get a jump-start into digital forensics investigations.This book is organized into 11 chapters. After an introduction to the basics of digital forensics, the book proceeds with a discussion of key technical concepts. Succeeding chapters cover labs and tools; collecting evidence; Windows system artifacts; anti-forensics; Internet and email; network forensics; and mobile device forensics. The book concludes by outlining challenges and concerns associated with digital forensics. PowerPoint lecture slides are also available.This book will be a valuable resource for entry-level digital forensics professionals as well as those in complimentary fields including law enforcement, legal, and general information security.

Windows 7 Inside Out


Ed Bott - 2009
    It's all muscle and no fluff. Discover how the experts tackle Windows 7--and challenge yourself to new levels of mastery! Compare features and capabilities in each edition of Windows 7.Configure and customize your system with advanced setup options.Manage files, folders, and media libraries.Set up a wired or wireless network and manage shared resources.Administer accounts, passwords, and logons--and help control access to resources.Configure Internet Explorer 8 settings and security zones.Master security essentials to help protect against viruses, worms, and spyware.Troubleshoot errors and fine-tune performance.Automate routine maintenance with scripts and other tools. CD includes: Fully searchable eBookDownloadable gadgets and other tools for customizing Windows 7Insights direct from the product team on the official Windows 7 blogLinks to the latest security updates and products, demos, blogs, and user communities For customers who purchase an ebook version of this title, instructions for downloading the CD files can be found in the ebook.

sed and awk Pocket Reference: Text Processing with Regular Expressions


Arnold Robbins - 2000
    sed, awk, and regular expressions allow programmers and system administrators to automate editing tasks that need to be performed on one or more files, to simplify the task of performing the same edits on multiple files, and to write conversion programs.The sed & awk Pocket Reference is a companion volume to sed & awk, Second Edition, Unix in a Nutshell, Third Edition, and Effective awk Programming, Third Edition. This new edition has expanded coverage of gawk (GNU awk), and includes sections on:An overview of sed and awk's command line syntaxAlphabetical summaries of commands, including nawk and gawkProfiling with pgawkCoprocesses and sockets with gawkInternationalization with gawkA listing of resources for sed and awk usersThis small book is a handy reference guide to the information presented in the larger volumes. It presents a concise summary of regular expressions and pattern matching, and summaries of sed and awk.Arnold Robbins, an Atlanta native now happily living in Israel, is a professional programmer and technical author and coauthor of various O'Reilly Unix titles. He has been working with Unix systems since 1980, and currently maintains gawk and its documentation.

HTML, XHTML & CSS for Dummies


Ed Tittel - 2008
    Now featuring more than 250 color illustrations throughout, this perennially popular guide is a must for novices who want to work with HTML or XHTML, which continue to be the foundation for any Web site The new edition features nearly 50 percent new and updated content, including expanded coverage of CSS and scripting, new coverage of syndication and podcasting, and new sample HTML projects, including a personal Web page, an eBay auction page, a company Web site, and an online product catalog The companion Web site features an eight-page expanded Cheat Sheet with ready-reference information on commands, syntax, colors, CSS elements, and more Covers planning a Web site, formatting Web pages, using CSS, getting creative with colors and fonts, managing layouts, and integrating scripts

Absolute Freebsd: The Complete Guide to Freebsd


Michael W. Lucas - 2007
    But it can be even trickier to use than either Unix or Linux, and harder still to master.Absolute FreeBSD, 2nd Edition is your complete guide to FreeBSD, written by FreeBSD committer Michael W. Lucas. Lucas considers this completely revised and rewritten second edition of his landmark work to be his best work ever; a true product of his love for FreeBSD and the support of the FreeBSD community. Absolute FreeBSD, 2nd Edition covers installation, networking, security, network services, system performance, kernel tweaking, filesystems, SMP, upgrading, crash debugging, and much more, including coverage of how to:Use advanced security features like packet filtering, virtual machines, and host-based intrusion detection Build custom live FreeBSD CDs and bootable flash Manage network services and filesystems Use DNS and set up email, IMAP, web, and FTP services for both servers and clients Monitor your system with performance-testing and troubleshooting tools Run diskless systems Manage schedulers, remap shared libraries, and optimize your system for your hardware and your workload Build custom network appliances with embedded FreeBSD Implement redundant disks, even without special hardware Integrate FreeBSD-specific SNMP into your network management system. Whether you're just getting started with FreeBSD or you've been using it for years, you'll find this book to be the definitive guide to FreeBSD that you've been waiting for.

Hacker's Delight


Henry S. Warren Jr. - 2002
    Aiming to tell the dark secrets of computer arithmetic, this title is suitable for library developers, compiler writers, and lovers of elegant hacks.

Teach Yourself C++


Herbert Schildt - 1992
    It also gives readers the opportunity to test their understanding with multiple exercises. Readers can test their knowledge of individual concepts, and then test their comprehension of the topic in a larger setting.

WPF 4 Unleashed


Adam Nathan - 2010
    Windows Presentation Foundation (WPF) is the recommended technology for creating Windows user interfaces, giving you the power to create richer and more compelling applications than you dreamed possible. Whether you want to develop traditional user interfaces or integrate 3D graphics, audio/video, animation, dynamic skinning, multi-touch, rich document support, speech recognition, or more, WPF enables you to do so in a seamless, resolution-independent manner. WPF 4 Unleashed is the authoritative book that covers it all, in a practical and approachable fashion, authored by WPF guru and Microsoft developer Adam Nathan. Covers everything you need to know about Extensible Application Markup Language (XAML) Examines the WPF feature areas in incredible depth: controls, layout, resources, data binding, styling, graphics, animation, and more Highlights the latest features, such as multi-touch, text rendering improvements, XAML language enhancements, new controls, the Visual State Manager, easing functions, and much more Delves into topics that aren't covered by most books: 3D, speech, audio/video, documents, effects Shows how to create popular UI elements, such as Galleries, ScreenTips, and more Demonstrates how to create sophisticated UI mechanisms, such as Visual Studio-like collapsible/dockable panes Explains how to create first-class custom controls for WPF Demonstrates how to create hybrid WPF software that leverages Windows Forms, DirectX, ActiveX, or other non-WPF technologies Explains how to exploit new Windows 7 features, such as Jump Lists and taskbar customizations

Serious Cryptography: A Practical Introduction to Modern Encryption


Jean-Philippe Aumasson - 2017
    You’ll learn about authenticated encryption, secure randomness, hash functions, block ciphers, and public-key techniques such as RSA and elliptic curve cryptography.You’ll also learn: - Key concepts in cryptography, such as computational security, attacker models, and forward secrecy - The strengths and limitations of the TLS protocol behind HTTPS secure websites - Quantum computation and post-quantum cryptography - About various vulnerabilities by examining numerous code examples and use cases - How to choose the best algorithm or protocol and ask vendors the right questionsEach chapter includes a discussion of common implementation mistakes using real-world examples and details what could go wrong and how to avoid these pitfalls. Whether you’re a seasoned practitioner or a beginner looking to dive into the field, Serious Cryptography will provide a complete survey of modern encryption and its applications.

Cyberwar: The Next Threat to National Security & What to Do About It


Richard A. Clarke - 2010
    Clarke sounds a timely and chilling warning about America’s vulnerability in a terrifying new international conflict—Cyber War! Every concerned American should read this startling and explosive book that offers an insider’s view of White House ‘Situation Room’ operations and carries the reader to the frontlines of our cyber defense. Cyber War exposes a virulent threat to our nation’s security. This is no X-Files fantasy or conspiracy theory madness—this is real.