The book is broken into two parts, the first deals with security-related reverse engineering and the second explores the more practical aspects of reverse engineering. In addition, the author explains how to reverse engineer a third-party software library to improve interfacing and how to reverse engineer a competitor's software to build a better product. * The first popular book to show how software reverse engineering can help defend against security threats, speed up development, and unlock the secrets of competitive products * Helps developers plug security holes by demonstrating how hackers exploit reverse engineering techniques to crack copy-protection schemes and identify software targets for viruses and other malware * Offers a primer on advanced reverse-engineering, delving into disassembly-code-level reverse engineering-and explaining how to decipher assembly language

    Rather than being a sideline participant, leverage the valuable insights Hacking Exposed 6 provides to help yourself, your company, and your country fight cyber-crime." —From the Foreword by Dave DeWalt, President and CEO, McAfee, Inc."For security to be successful in any company, you must ‘think evil' and be attuned to your ‘real risk'...Hacking Expose 6 defines both." —Patrick Heim, CISO, Kaiser Permanente"The definitive resource to understanding the hacking mindset and the defenses against it." —Vince Rossi, CEO & President, St. Bernard Software"Identity theft costs billions every year and unless you understand the threat, you will be destined to be a victim of it. Hacking Exposed 6 gives you the tools you need to prevent being a victim." —Bill Loesch, CTO, Guard ID Systems"This book is current, comprehensive, thoughtful, backed by experience, and appropriately free of vendor-bias-prized features for any security practitioner in need of information." —Kip Boyle, CISO, PEMCO Mutual Insurance Company"The Hacking Exposed series has become the definitive reference for security professionals from the moment it was first released, and the 6th edition maintains its place on my bookshelf," —Jeff Moss, Founder of the popular Black Hat Security ConferenceMeet the formidable demands of security in today's hyperconnected world with expert guidance from the world-renowned Hacking Exposed team. Following the time-tested "attack-countermeasure" philosophy, this 10th anniversary edition has been fully overhauled to cover the latest insidious weapons in the hacker's extensive arsenal.New and updated material: New chapter on hacking hardware, including lock bumping, access card cloning, RFID hacks, USB U3 exploits, and Bluetooth device hijacking Updated Windows attacks and countermeasures, including new Vista and Server 2008 vulnerabilities and Metasploit exploits The latest UNIX Trojan and rootkit techniques and dangling pointer and input validation exploits New wireless and RFID security tools, including multilayered encryption and gateways All-new tracerouting and eavesdropping techniques used to target network hardware and Cisco devices Updated DoS, man-in-the-middle, DNS poisoning, and buffer overflow coverage VPN and VoIP exploits, including Google and TFTP tricks, SIP flooding, and IPsec hacking Fully updated chapters on hacking the Internet user, web hacking, and securing code

    From Mary, Queen of Scots, trapped by her own code, to the Navajo Code Talkers who helped the Allies win World War II, to the incredible (and incredibly simple) logisitical breakthrough that made Internet commerce secure, The Code Book tells the story of the most powerful intellectual weapon ever known: secrecy.Throughout the text are clear technical and mathematical explanations, and portraits of the remarkable personalities who wrote and broke the world’s most difficult codes. Accessible, compelling, and remarkably far-reaching, this book will forever alter your view of history and what drives it. It will also make you wonder how private that e-mail you just sent really is.

    It gives you hundreds of solutions to real-world problems, with clear explanations and thousands of lines of code you can use in your own projects.From data structures and algorithms, to integration with cutting-edge technologies, the Ruby Cookbook has something for every programmer. Beginners and advanced Rubyists alike will learn how to program with:Strings and numbersArrays and hashesClasses, modules, and namespacesReflection and metaprogrammingXML and HTML processingRuby on Rails (including Ajax integration)DatabasesGraphicsInternet services like email, SSH, and BitTorrentWeb servicesMultitaskingGraphical and terminal interfacesIf you need to write a web application, this book shows you how to get started with Rails. If you're a system administrator who needs to rename thousands of files, you'll see how to use Ruby for this and other everyday tasks. You'll learn how to read and write Excel spreadsheets, classify text with Bayesian filters, and create PDF files. We've even included a few silly tricks that were too cool to leave out, like how to blink the lights on your keyboard.The Ruby Cookbook is the most useful book yet written about Ruby. When you need to solve a problem, don't reinvent the wheel: look it up in the Cookbook.

    You want to take your web skills to the next level. And you're finally ready to add "programmer" to the resume. It sounds like you're ready to learn the Web's hottest programming language: JavaScript. Head First JavaScript is your ticket to going beyond copying and pasting the code from someone else's web site, and writing your own interactive web pages. With Head First JavaScript, you learn:The basics of programming, from variables to types to looping How the web browser runs your code, and how you can talk to the browser with your code Why you'll never have to worry about casting, overloading, or polymorphism when you're writing JavaScript code How to use the Document Object Model to change your web pages without making your users click buttons If you've ever read a Head First book, you know what to expect -- a visually rich format designed for the way your brain works. Head First JavaScript is no exception. It starts where HTML and CSS leave off, and takes you through your first program into more complex programming concepts -- like working directly with the web browser's object model and writing code that works on all modern browsers. Don't be intimidated if you've never written a line of code before! In typical Head First style, Head First JavaScript doesn't skip steps, and we're not interested in having you cut and paste code. You'll learn JavaScript, understand it, and have a blast along the way. So get ready... dynamic and exciting web pages are just pages away.

    The most effective computer security strategies integrate network security monitoring (NSM): the collection and analysis of data to help you detect and respond to intrusions.In The Practice of Network Security Monitoring, Mandiant CSO Richard Bejtlich shows you how to use NSM to add a robust layer of protection around your networks — no prior experience required. To help you avoid costly and inflexible solutions, he teaches you how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools.You'll learn how to:Determine where to deploy NSM platforms, and size them for the monitored networks Deploy stand-alone or distributed NSM installations Use command line and graphical packet analysis tools, and NSM consoles Interpret network evidence from server-side and client-side intrusions Integrate threat intelligence into NSM software to identify sophisticated adversaries There's no foolproof way to keep attackers out of your network. But when they get in, you'll be prepared. The Practice of Network Security Monitoring will show you how to build a security net to detect, contain, and control them. Attacks are inevitable, but losing sensitive data shouldn't be.

    It details the core protocols that make TCP/IP internetworks function, and the most important classical TCP/IP applications. Its personal, easy-going writing style lets anyone understand the dozens of protocols and technologies that run the Internet, with full coverage of PPP, ARP, IP, IPv6, IP NAT, IPSec, Mobile IP, ICMP, RIP, BGP, TCP, UDP, DNS, DHCP, SNMP, FTP, SMTP, NNTP, HTTP, Telnet and much more. The author offers not only a detailed view of the TCP/IP protocol suite, but also describes networking fundamentals and the important OSI Reference Model.

    The book details the major subsystems and features of the Linux kernel, including its design, implementation, and interfaces. It covers the Linux kernel with both a practical and theoretical eye, which should appeal to readers with a variety of interests and needs. The author, a core kernel developer, shares valuable knowledge and experience on the 2.6 Linux kernel. Specific topics covered include process management, scheduling, time management and timers, the system call interface, memory addressing, memory management, the page cache, the VFS, kernel synchronization, portability concerns, and debugging techniques. This book covers the most interesting features of the Linux 2.6 kernel, including the CFS scheduler, preemptive kernel, block I/O layer, and I/O schedulers. The third edition of Linux Kernel Development includes new and updated material throughout the book:An all-new chapter on kernel data structuresDetails on interrupt handlers and bottom halvesExtended coverage of virtual memory and memory allocationTips on debugging the Linux kernelIn-depth coverage of kernel synchronization and lockingUseful insight into submitting kernel patches and working with the Linux kernel community

    If you use Python, even as a beginner, this book will teach you practical ways to build your own machine learning solutions. With all the data available today, machine learning applications are limited only by your imagination.You'll learn the steps necessary to create a successful machine-learning application with Python and the scikit-learn library. Authors Andreas Muller and Sarah Guido focus on the practical aspects of using machine learning algorithms, rather than the math behind them. Familiarity with the NumPy and matplotlib libraries will help you get even more from this book.With this book, you'll learn:Fundamental concepts and applications of machine learningAdvantages and shortcomings of widely used machine learning algorithmsHow to represent data processed by machine learning, including which data aspects to focus onAdvanced methods for model evaluation and parameter tuningThe concept of pipelines for chaining models and encapsulating your workflowMethods for working with text data, including text-specific processing techniquesSuggestions for improving your machine learning and data science skills

    And they did it without fanfare or recognition from their employer. Hiltzik's Dealers of Lightning provides a fascinating look at technohistory that sets the record straight. In Dealers of Lightning, Hiltzik describes the forces and faces behind the revolution that the Xerox PARC team single-handedly spawned. The Xerox PARC group was composed solely of top technical minds. The decision was made at Xerox headquarters to give the team complete freedom from deadlines and directives, in hopes of fostering a true creative environment. It worked — perhaps too well. The team responded with a steady output of amazing technology, including the first version of the Internet, the first personal computer, user-friendly word-processing programs, and pop-up menus. Xerox, far from ready for the explosion of innovation, failed to utilize the technology dreamed up by the group. Out of all the dazzling inventions born at Xerox PARC, only a handful were developed and marketed by Xerox. However, one of these inventions, the laser printer, proved successful enough to earn billions for the company, therefore justifying its investment in the research center. Most oftheteam's creations would go on to be developed and perfected by other companies, such as IBM, Apple, and Microsoft. Drawing from interviews with the engineers, executives, and scientists involved in the Xerox PARC, Dealers of Lightning chronicles an amazing era of egos, ideas, and inventions at the dawn of the computer age.

    Mitnick claims that this socialengineering tactic was the single-most effective method in hisarsenal. This indispensable book examines a variety of maneuversthat are aimed at deceiving unsuspecting victims, while it alsoaddresses ways to prevent social engineering threats.Examines social engineering, the science of influencing atarget to perform a desired task or divulge informationArms you with invaluable information about the many methods oftrickery that hackers use in order to gather information with theintent of executing identity theft, fraud, or gaining computersystem accessReveals vital steps for preventing social engineeringthreatsSocial Engineering: The Art of Human Hacking does itspart to prepare you against nefarious hackers--now you can doyour part by putting to good use the critical information withinits pages.

    The algorithms you'll use most often as a programmer have already been discovered, tested, and proven. If you want to take a hard pass on Knuth's brilliant but impenetrable theories and the dense multi-page proofs you'll find in most textbooks, this is the book for you. This fully-illustrated and engaging guide makes it easy for you to learn how to use algorithms effectively in your own programs.Grokking Algorithms is a disarming take on a core computer science topic. In it, you'll learn how to apply common algorithms to the practical problems you face in day-to-day life as a programmer. You'll start with problems like sorting and searching. As you build up your skills in thinking algorithmically, you'll tackle more complex concerns such as data compression or artificial intelligence. Whether you're writing business software, video games, mobile apps, or system utilities, you'll learn algorithmic techniques for solving problems that you thought were out of your grasp. For example, you'll be able to:Write a spell checker using graph algorithmsUnderstand how data compression works using Huffman codingIdentify problems that take too long to solve with naive algorithms, and attack them with algorithms that give you an approximate answer insteadEach carefully-presented example includes helpful diagrams and fully-annotated code samples in Python. By the end of this book, you will know some of the most widely applicable algorithms as well as how and when to use them.

    The most common operation done with sed is substitution, replacing one block of text with another. awk is a complete programming language. Unlike many conventional languages, awk is "data driven" -- you specify what kind of data you are interested in and the operations to be performed when that data is found. awk does many things for you, including automatically opening and closing data files, reading records, breaking the records up into fields, and counting the records. While awk provides the features of most conventional programming languages, it also includes some unconventional features, such as extended regular expression matching and associative arrays. sed & awk describes both programs in detail and includes a chapter of example sed and awk scripts. This edition covers features of sed and awk that are mandated by the POSIX standard. This most notably affects awk, where POSIX standardized a new variable, CONVFMT, and new functions, toupper() and tolower(). The CONVFMT variable specifies the conversion format to use when converting numbers to strings (awk used to use OFMT for this purpose). The toupper() and tolower() functions each take a (presumably mixed case) string argument and return a new version of the string with all letters translated to the corresponding case. In addition, this edition covers GNU sed, newly available since the first edition. It also updates the first edition coverage of Bell Labs nawk and GNU awk (gawk), covers mawk, an additional freely available implementation of awk, and briefly discusses three commercial versions of awk, MKS awk, Thompson Automation awk (tawk), and Videosoft (VSAwk).

    The authors also include examples covering a variety of different integration technologies, such as JMS, MSMQ, TIBCO ActiveEnterprise, Microsoft BizTalk, SOAP, and XSL. A case study describing a bond trading system illustrates the patterns in practice, and the book offers a look at emerging standards, as well as insights into what the future of enterprise integration might hold. This book provides a consistent vocabulary and visual notation framework to describe large-scale integration solutions across many technologies. It also explores in detail the advantages and limitations of asynchronous messaging architectures. The authors present practical advice on designing code that connects an application to a messaging system, and provide extensive information to help you determine when to send a message, how to route it to the proper destination, and how to monitor the health of a messaging system. If you want to know how to manage, monitor, and maintain a messaging system once it is in use, get this book.

    because the language seems like a good way to accomplish programming tasks that don't require the low-level bit handling power of C.-- Richard Bejtlich, TaoSecurityPython is a new and innovative scripting language. It is set to replace Perl as the programming language of choice for shell scripters, and for serious application developers who want a feature-rich, yet simple language to deploy their products.Dive Into Python is a hands-on guide to the Python language. Each chapter starts with a real, complete code sample, proceeds to pick it apart and explain the pieces, and then puts it all back together in a summary at the end.This is the perfect resource for you if you like to jump into languages fast and get going right away. If you're just starting to learn Python, first pick up a copy of Magnus Lie Hetland's Practical Python.