Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems


Chris Sanders - 2007
    But how do you interpret those packets once you've captured them? And how can those packets help you to better understand what's going on under the hood of your network? Practical Packet Analysis shows how to use Wireshark to capture and then analyze packets as you take an indepth look at real-world packet analysis and network troubleshooting. The way the pros do it.Wireshark (derived from the Ethereal project), has become the world's most popular network sniffing application. But while Wireshark comes with documentation, there's not a whole lot of information to show you how to use it in real-world scenarios. Practical Packet Analysis shows you how to:Use packet analysis to tackle common network problems, such as loss of connectivity, slow networks, malware infections, and more Build customized capture and display filters Tap into live network communication Graph traffic patterns to visualize the data flowing across your network Use advanced Wireshark features to understand confusing packets Build statistics and reports to help you better explain technical network information to non-technical usersBecause net-centric computing requires a deep understanding of network communication at the packet level, Practical Packet Analysis is a must have for any network technician, administrator, or engineer troubleshooting network problems of any kind.

Advanced Penetration Testing: Hacking the World's Most Secure Networks


Wil Allsopp - 2017
    Featuring techniques not taught in any certification prep or covered by common defensive scanners, this book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. From discovering and creating attack vectors, and moving unseen through a target enterprise, to establishing command and exfiltrating data--even from organizations without a direct Internet connection--this guide contains the crucial techniques that provide a more accurate picture of your system's defense. Custom coding examples use VBA, Windows Scripting Host, C, Java, JavaScript, Flash, and more, with coverage of standard library applications and the use of scanning tools to bypass common defensive measures.Typical penetration testing consists of low-level hackers attacking a system with a list of known vulnerabilities, and defenders preventing those hacks using an equally well-known list of defensive scans. The professional hackers and nation states on the forefront of today's threats operate at a much more complex level--and this book shows you how to defend your high security network.Use targeted social engineering pretexts to create the initial compromise Leave a command and control structure in place for long-term access Escalate privilege and breach networks, operating systems, and trust structures Infiltrate further using harvested credentials while expanding control Today's threats are organized, professionally-run, and very much for-profit. Financial institutions, health care organizations, law enforcement, government agencies, and other high-value targets need to harden their IT infrastructure and human capital against targeted advanced attacks from motivated professionals. Advanced Penetration Testing goes beyond Kali linux and Metasploit and to provide you advanced pen testing for high security networks.

Absolute Freebsd: The Complete Guide to Freebsd


Michael W. Lucas - 2007
    But it can be even trickier to use than either Unix or Linux, and harder still to master.Absolute FreeBSD, 2nd Edition is your complete guide to FreeBSD, written by FreeBSD committer Michael W. Lucas. Lucas considers this completely revised and rewritten second edition of his landmark work to be his best work ever; a true product of his love for FreeBSD and the support of the FreeBSD community. Absolute FreeBSD, 2nd Edition covers installation, networking, security, network services, system performance, kernel tweaking, filesystems, SMP, upgrading, crash debugging, and much more, including coverage of how to:Use advanced security features like packet filtering, virtual machines, and host-based intrusion detection Build custom live FreeBSD CDs and bootable flash Manage network services and filesystems Use DNS and set up email, IMAP, web, and FTP services for both servers and clients Monitor your system with performance-testing and troubleshooting tools Run diskless systems Manage schedulers, remap shared libraries, and optimize your system for your hardware and your workload Build custom network appliances with embedded FreeBSD Implement redundant disks, even without special hardware Integrate FreeBSD-specific SNMP into your network management system. Whether you're just getting started with FreeBSD or you've been using it for years, you'll find this book to be the definitive guide to FreeBSD that you've been waiting for.

The Hacker Playbook 2: Practical Guide To Penetration Testing


Peter Kim - 2015
    The Hacker Playbook provides them their own game plans. Written by a longtime security professional and CEO of Secure Planet, LLC, this step-by-step guide to the “game” of penetration hacking features hands-on examples and helpful advice from the top of the field.Through a series of football-style “plays,” this straightforward guide gets to the root of many of the roadblocks people may face while penetration testing—including attacking different types of networks, pivoting through security controls, privilege escalation, and evading antivirus software.From “Pregame” research to “The Drive” and “The Lateral Pass,” the practical plays listed can be read in order or referenced as needed. Either way, the valuable advice within will put you in the mindset of a penetration tester of a Fortune 500 company, regardless of your career or level of experience.This second version of The Hacker Playbook takes all the best "plays" from the original book and incorporates the latest attacks, tools, and lessons learned. Double the content compared to its predecessor, this guide further outlines building a lab, walks through test cases for attacks, and provides more customized code.Whether you’re downing energy drinks while desperately looking for an exploit, or preparing for an exciting new job in IT security, this guide is an essential part of any ethical hacker’s library—so there’s no reason not to get in the game.

How Linux Works: What Every Superuser Should Know


Brian Ward - 2004
    Some books try to give you copy-and-paste instructions for how to deal with every single system issue that may arise, but How Linux Works actually shows you how the Linux system functions so that you can come up with your own solutions. After a guided tour of filesystems, the boot sequence, system management basics, and networking, author Brian Ward delves into open-ended topics such as development tools, custom kernels, and buying hardware, all from an administrator's point of view. With a mixture of background theory and real-world examples, this book shows both "how" to administer Linux, and "why" each particular technique works, so that you will know how to make Linux work for you.

The Tcp/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference


Charles Kozierok - 2005
    It details the core protocols that make TCP/IP internetworks function, and the most important classical TCP/IP applications. Its personal, easy-going writing style lets anyone understand the dozens of protocols and technologies that run the Internet, with full coverage of PPP, ARP, IP, IPv6, IP NAT, IPSec, Mobile IP, ICMP, RIP, BGP, TCP, UDP, DNS, DHCP, SNMP, FTP, SMTP, NNTP, HTTP, Telnet and much more. The author offers not only a detailed view of the TCP/IP protocol suite, but also describes networking fundamentals and the important OSI Reference Model.

Python Essential Reference (Developer's Library)


David Beazley - 1999
    This text concisely describes the Python language and its programming environment for those readers already familiar with languages such as C and C++.

Flask Web Development: Developing Web Applications with Python


Miguel Grinberg - 2014
    With this hands-on book, you’ll learn Flask from the ground up by developing a complete social blogging application step-by-step. Author Miguel Grinberg walks you through the framework’s core functionality, and shows you how to extend applications with advanced web techniques such as database migration and web service communication.Rather than impose development guidelines as other frameworks do, Flask leaves the business of extensions up to you. If you have Python experience, this book shows you how to take advantage of that creative freedom.- Learn Flask’s basic application structure and write an example app- Work with must-have components—templates, databases, web forms, and email support- Use packages and modules to structure a large application that scales- Implement user authentication, roles, and profiles- Build a blogging feature by reusing templates, paginating item lists, and working with rich text- Use a Flask-based RESTful API to expose app functionality to smartphones, tablets, and other third-party clients- Learn how to run unit tests and enhance application performance- Explore options for deploying your web app to a production server

Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground


Kevin Poulsen - 2011
    Max 'Vision' Butler was a white-hat hacker and a celebrity throughout the programming world, even serving as a consultant to the FBI. But there was another side to Max. As the black-hat 'Iceman', he'd seen the fraudsters around him squabble, their ranks riddled with infiltrators, their methods inefficient, and in their dysfunction was the ultimate challenge: he would stage a coup and steal their ill-gotten gains from right under their noses.Through the story of Max Butler's remarkable rise, KINGPIN lays bare the workings of a silent crime wave affecting millions worldwide. It exposes vast online-fraud supermarkets stocked with credit card numbers, counterfeit cheques, hacked bank accounts and fake passports. Thanks to Kevin Poulsen's remarkable access to both cops and criminals, we step inside the quiet,desperate battle that law enforcement fights against these scammers. And learn that the boy next door may not be all he seems.

Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali


OccupyTheWeb - 2018
    Topics include Linux command line basics, filesystems, networking, BASH basics, package management, logging, and the Linux kernel and drivers.If you're getting started along the exciting path of hacking, cybersecurity, and pentesting, Linux Basics for Hackers is an excellent first step. Using Kali Linux, an advanced penetration testing distribution of Linux, you'll learn the basics of using the Linux operating system and acquire the tools and techniques you'll need to take control of a Linux environment.First, you'll learn how to install Kali on a virtual machine and get an introduction to basic Linux concepts. Next, you'll tackle broader Linux topics like manipulating text, controlling file and directory permissions, and managing user environment variables. You'll then focus in on foundational hacking concepts like security and anonymity and learn scripting skills with bash and Python. Practical tutorials and exercises throughout will reinforce and test your skills as you learn how to: - Cover your tracks by changing your network information and manipulating the rsyslog logging utility - Write a tool to scan for network connections, and connect and listen to wireless networks - Keep your internet activity stealthy using Tor, proxy servers, VPNs, and encrypted email - Write a bash script to scan open ports for potential targets - Use and abuse services like MySQL, Apache web server, and OpenSSH - Build your own hacking tools, such as a remote video spy camera and a password crackerHacking is complex, and there is no single way in. Why not start at the beginning with Linux Basics for Hackers?

Blue Team Field Manual (BTFM)


Alan J. White - 2017
    Blue Team Field Manual (BTFM) is a Cyber Security Incident Response Guide that aligns with the NIST Cybersecurity Framework consisting of the five core functions of Identify, Protect, Detect, Respond, and Recover by providing the tactical steps to follow and commands to use when preparing for, working through and recovering from a Cyber Security Incident.

Social Engineering: The Art of Human Hacking


Christopher Hadnagy - 2010
    Mitnick claims that this socialengineering tactic was the single-most effective method in hisarsenal. This indispensable book examines a variety of maneuversthat are aimed at deceiving unsuspecting victims, while it alsoaddresses ways to prevent social engineering threats.Examines social engineering, the science of influencing atarget to perform a desired task or divulge informationArms you with invaluable information about the many methods oftrickery that hackers use in order to gather information with theintent of executing identity theft, fraud, or gaining computersystem accessReveals vital steps for preventing social engineeringthreatsSocial Engineering: The Art of Human Hacking does itspart to prepare you against nefarious hackers--now you can doyour part by putting to good use the critical information withinits pages.

UNIX and Linux System Administration Handbook


Evi Nemeth - 2010
    This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against." -From the Foreword by Tim O'Reilly, founder of O'Reilly Media "This book is fun and functional as a desktop reference. If you use UNIX and Linux systems, you need this book in your short-reach library. It covers a bit of the systems' history but doesn't bloviate. It's just straightfoward information delivered in colorful and memorable fashion." -Jason A. Nunnelley"This is a comprehensive guide to the care and feeding of UNIX and Linux systems. The authors present the facts along with seasoned advice and real-world examples. Their perspective on the variations among systems is valuable for anyone who runs a heterogeneous computing facility." -Pat Parseghian The twentieth anniversary edition of the world's best-selling UNIX system administration book has been made even better by adding coverage of the leading Linux distributions: Ubuntu, openSUSE, and RHEL. This book approaches system administration in a practical way and is an invaluable reference for both new administrators and experienced professionals. It details best practices for every facet of system administration, including storage management, network design and administration, email, web hosting, scripting, software configuration management, performance analysis, Windows interoperability, virtualization, DNS, security, management of IT service organizations, and much more. UNIX(R) and Linux(R) System Administration Handbook, Fourth Edition, reflects the current versions of these operating systems: Ubuntu(R) LinuxopenSUSE(R) LinuxRed Hat(R) Enterprise Linux(R)Oracle America(R) Solaris(TM) (formerly Sun Solaris)HP HP-UX(R)IBM AIX(R)

Programming Python


Mark Lutz - 1996
    This third edition has been updated toreflect current best practices andthe abundance of changes introduced by the latest version of thelanguage, Python 2.5.Whether you're a novice or an advancedpractitioner, you'll find thisrefreshed book more than lives up to its reputation. "ProgrammingPython," 3rd Edition, teaches you the rightway to code. It explains Python language syntax and programmingtechniques in a clear and concisemanner, with numerous examples that illustrate both correct usage andcommon idioms. By reading thiscomprehensive guide, you'll learn how to apply Python in real-worldproblem domains such as: GUI programmingInternet scriptingParallel processingDatabase managementNetworked applications"Programming Python," Third Edition coverseach of thesetarget domainsgradually, beginning with in-depth discussions of core concepts andthen progressing toward completeprograms. Large examples do appear, but only after you've learnedenough to understand their techniques andcode.Along the way, you'll also learn how to use the Python language inrealistically scaled programs--concepts such as Object-Oriented Programming (OOP) and code reuseare recurring side themes throughout thistext. If you're interested in Python programming, then this O'Reillyclassic needs to be within arm's reach. Thewealth of practical advice, snippets of code, and patterns of programdesign can all be put into use on adaily basis--making your life easier and more productive.Reviews of the second edition:.".".about as comprehensive as any book can be.""--Dr. Dobb's Journal""If the language had manuals, they would undoubtedlybe the texts from O'Reilly...'Learning Python' and 'Programming Python'are definitive treatments.""--SD Times

Graph Databases


Ian Robinson - 2013
    With this practical book, you’ll learn how to design and implement a graph database that brings the power of graphs to bear on a broad range of problem domains. Whether you want to speed up your response to user queries or build a database that can adapt as your business evolves, this book shows you how to apply the schema-free graph model to real-world problems.Learn how different organizations are using graph databases to outperform their competitors. With this book’s data modeling, query, and code examples, you’ll quickly be able to implement your own solution.Model data with the Cypher query language and property graph modelLearn best practices and common pitfalls when modeling with graphsPlan and implement a graph database solution in test-driven fashionExplore real-world examples to learn how and why organizations use a graph databaseUnderstand common patterns and components of graph database architectureUse analytical techniques and algorithms to mine graph database information