This book reducesthe investigative workload of computer security incident response teams(CSIRT) by posturing organizations for incident response success.Firewalls can fail. Intrusion-detection systems can be bypassed. Networkmonitors can be overloaded. These are the alarming but true facts aboutnetwork security. In fact, too often, security administrators' tools can serve asgateways into the very networks they are defending.Now, a novel approach to network monitoring seeks to overcome theselimitations by providing dynamic information about the vulnerability of allparts of a network. Called network security monitoring (NSM), it draws on acombination of auditing, vulnerability assessment, intrusion detection andprevention, and incident response for the most comprehensive approach tonetwork security yet. By focusing on case studies and the application of opensourcetools, the author helps readers gain hands-on knowledge of how tobetter defend networks and how to mitigate damage from security incidents.

    It's the expertise you need when your start-up gets an unexpected spike in web traffic, or when a new feature causes your mature application to fail. In this collection of essays and interviews, web veterans such as Theo Schlossnagle, Baron Schwartz, and Alistair Croll offer insights into this evolving field. You'll learn stories from the trenches--from builders of some of the biggest sites on the Web--on what's necessary to help a site thrive.Learn the skills needed in web operations, and why they're gained through experience rather than schoolingUnderstand why it's important to gather metrics from both your application and infrastructureConsider common approaches to database architectures and the pitfalls that come with increasing scaleLearn how to handle the human side of outages and degradationsFind out how one company avoided disaster after a huge traffic delugeDiscover what went wrong after a problem occurs, and how to prevent it from happening againContributors include:John AllspawHeather ChampMichael ChristianRichard CookAlistair CrollPatrick DeboisEric FlorenzanoPaul HammondJustin HuffAdam JacobJacob LoomisMatt MassieBrian MoonAnoop NagwaniSean PowerEric RiesTheo SchlossnagleBaron SchwartzAndrew Shafer

    They provided a secure and reliable foundation, allowing us to concentrate on securing our digital world.An amazing community has built up around Kali Linux. Every month, more than 300,000 of us download a version of Kali. We come together in online and real-world training rooms and grind through the sprawling Offensive Security Penetration Testing Labs, pursuing the near-legendary Offensive Security certifications. We come together on the Kali forums, some 40,000 strong, and hundreds of us at a time can be found on the Kali IRC channel. We gather at conferences and attend Kali Dojos to learn from the developers themselves how to best leverage Kali.However, the Kali team has never released an official Kali Linux manual, until now.In this book, we'll focus on the Kali Linux platform itself, and help you understand and maximize Kali from the ground up. The developers will walk you through Kali Linux features and fundamentals, provide a crash course in basic Linux commands and concepts, and then walk you through the most common Kali Linux installation scenarios. You'll learn how to configure, troubleshoot and secure Kali Linux and then dive into the powerful Debian package manager. Throughout this expansive section, you'll learn how to install and configure packages, how to update and upgrade your Kali installation, and how to create your own custom packages. Then you'll learn how to deploy your custom installation across massive enterprise networks. Finally, you'll be guided through advanced topics such as kernel compilation, custom ISO creation, industrial-strength encryption, and even how to install crypto kill switches to safeguard your sensitive information.Whether you're a veteran or an absolute n00b, this is the best place to start with Kali Linux, the security professional's platform of choice.

    But understanding how Linux containers fit into your workflow--and getting the integration details right--are not trivial tasks. With this practical guide, you'll learn how to use Docker to package your applications with all of their dependencies, and then test, ship, scale, and support your containers in production.Two Lead Site Reliability Engineers at New Relic share much of what they have learned from using Docker in production since shortly after its initial release. Their goal is to help you reap the benefits of this technology while avoiding the many setbacks they experienced.Learn how Docker simplifies dependency management and deployment workflow for your applicationsStart working with Docker images, containers, and command line toolsUse practical techniques to deploy and test Docker-based Linux containers in productionDebug containers by understanding their composition and internal processesDeploy production containers at scale inside your data center or cloud environmentExplore advanced Docker topics, including deployment tools, networking, orchestration, security, and configuration

    And in a perfect world, those who produce the best code are the most successful. But in our perfectly messy world, success also depends on how you work with people to get your job done.In this highly entertaining book, Brian Fitzpatrick and Ben Collins-Sussman cover basic patterns and anti-patterns for working with other people, teams, and users while trying to develop software. It's valuable information from two respected software engineers whose popular video series, "Working with Poisonous People," has attracted hundreds of thousands of viewers.You'll learn how to deal with imperfect people--those irrational and unpredictable beings--in the course of your work. And you'll discover why playing well with others is at least as important as having great technical skills. By internalizing the techniques in this book, you'll get more software written, be more influential, be happier in your career.

     At any given moment, somewhere in the world someone struggles with the same software design problems you have. You know you don't want to reinvent the wheel (or worse, a flat tire), so you look to Design Patterns--the lessons learned by those who've faced the same problems. With Design Patterns, you get to take advantage of the best practices and experience of others, so that you can spend your time on...something else. Something more challenging. Something more complex. Something more fun. You want to learn about the patterns that matter--why to use them, when to use them, how to use them (and when NOT to use them). But you don't just want to see how patterns look in a book, you want to know how they look "in the wild". In their native environment. In other words, in real world applications. You also want to learn how patterns are used in the Java API, and how to exploit Java's built-in pattern support in your own code. You want to learn the real OO design principles and why everything your boss told you about inheritance might be wrong (and what to do instead). You want to learn how those principles will help the next time you're up a creek without a design pattern. Most importantly, you want to learn the "secret language" of Design Patterns so that you can hold your own with your co-worker (and impress cocktail party guests) when he casually mentions his stunningly clever use of Command, Facade, Proxy, and Factory in between sips of a martini. You'll easily counter with your deep understanding of why Singleton isn't as simple as it sounds, how the Factory is so often misunderstood, or on the real relationship between Decorator, Facade and Adapter. With Head First Design Patterns, you'll avoid the embarrassment of thinking Decorator is something from the "Trading Spaces" show. Best of all, in a way that won't put you to sleep! We think your time is too important (and too short) to spend it struggling with academic texts. If you've read a Head First book, you know what to expect--a visually rich format designed for the way your brain works. Using the latest research in neurobiology, cognitive science, and learning theory, Head First Design Patterns will load patterns into your brain in a way that sticks. In a way that lets you put them to work immediately. In a way that makes you better at solving software design problems, and better at speaking the language of patterns with others on your team.

    For this special hardcover edition, two new appendixes on locales and standard library exception safety (also available at www.research.att.com/ bs/) have been added. The result is complete, authoritative coverage of the C++ language, its standard library, and key design techniques. Based on the ANSI/ISO C++ standard, The C++ Programming Language provides current and comprehensive coverage of all C++ language features and standard library components. For example:abstract classes as interfaces class hierarchies for object-oriented programming templates as the basis for type-safe generic software exceptions for regular error handling namespaces for modularity in large-scale software run-time type identification for loosely coupled systems the C subset of C++ for C compatibility and system-level work standard containers and algorithms standard strings, I/O streams, and numerics C compatibility, internationalization, and exception safety Bjarne Stroustrup makes C++ even more accessible to those new to the language, while adding advanced information and techniques that even expert C++ programmers will find invaluable.

    Topics include Linux command line basics, filesystems, networking, BASH basics, package management, logging, and the Linux kernel and drivers.If you're getting started along the exciting path of hacking, cybersecurity, and pentesting, Linux Basics for Hackers is an excellent first step. Using Kali Linux, an advanced penetration testing distribution of Linux, you'll learn the basics of using the Linux operating system and acquire the tools and techniques you'll need to take control of a Linux environment.First, you'll learn how to install Kali on a virtual machine and get an introduction to basic Linux concepts. Next, you'll tackle broader Linux topics like manipulating text, controlling file and directory permissions, and managing user environment variables. You'll then focus in on foundational hacking concepts like security and anonymity and learn scripting skills with bash and Python. Practical tutorials and exercises throughout will reinforce and test your skills as you learn how to: - Cover your tracks by changing your network information and manipulating the rsyslog logging utility - Write a tool to scan for network connections, and connect and listen to wireless networks - Keep your internet activity stealthy using Tor, proxy servers, VPNs, and encrypted email - Write a bash script to scan open ports for potential targets - Use and abuse services like MySQL, Apache web server, and OpenSSH - Build your own hacking tools, such as a remote video spy camera and a password crackerHacking is complex, and there is no single way in. Why not start at the beginning with Linux Basics for Hackers?

    Section I: Exploits 202; Chapter 1: Survival; Chapter 2: Basic Exploits; Chapter 3: Advance Exploits; Chapter 4: Writing Shell Code; Section II: Vulnerability Analysis; Chapter 5: Passive Analysis; Chapter 6: Active Analysis; Chapter 7: Bug to Exploit; Chapter 8: Mitigation; Section III: Advanced System Hacks; Chapter 9: Advanced.

    The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.

    From explaining port scanning basics for novices to detailing low-level packet crafting methods used by advanced hackers, this book suits all levels of security and networking professionals. A 42-page reference guide documents every Nmap feature and option, while the rest of the book demonstrates how to apply those features to quickly solve real-world tasks. Examples and diagrams show actual communication on the wire. Topics include subverting firewalls and intrusion detection systems, optimizing Nmap performance, and automating common networking tasks with the Nmap Scripting Engine. Hints and instructions are provided for common uses such as taking network inventory, penetration testing, detecting rogue wireless access points, and quashing network worm outbreaks. Nmap runs on Windows, Linux, and Mac OS X.Nmap's original author, Gordon "Fyodor" Lyon, wrote this book to share everything he has learned about network scanning during more than 11 years of Nmap development. Visit http: //nmap.org/book for more information and sample chapters.

    They are now standard features in a wide range of languages and popular tools, including Perl, Python, Ruby, Java, VB.NET and C# (and any language using the .NET Framework), PHP, and MySQL.If you don't use regular expressions yet, you will discover in this book a whole new world of mastery over your data. If you already use them, you'll appreciate this book's unprecedented detail and breadth of coverage. If you think you know all you need to know about regularexpressions, this book is a stunning eye-opener.As this book shows, a command of regular expressions is an invaluable skill. Regular expressions allow you to code complex and subtle text processing that you never imagined could be automated. Regular expressions can save you time and aggravation. They can be used to craft elegant solutions to a wide range of problems. Once you've mastered regular expressions, they'll become an invaluable part of your toolkit. You will wonder how you ever got by without them.Yet despite their wide availability, flexibility, and unparalleled power, regular expressions are frequently underutilized. Yet what is power in the hands of an expert can be fraught with peril for the unwary. Mastering Regular Expressions will help you navigate the minefield to becoming an expert and help you optimize your use of regular expressions.Mastering Regular Expressions, Third Edition, now includes a full chapter devoted to PHP and its powerful and expressive suite of regular expression functions, in addition to enhanced PHP coverage in the central "core" chapters. Furthermore, this edition has been updated throughout to reflect advances in other languages, including expanded in-depth coverage of Sun's java.util.regex package, which has emerged as the standard Java regex implementation.Topics include:A comparison of features among different versions of many languages and toolsHow the regular expression engine worksOptimization (major savings available here!)Matching just what you want, but not what you don't wantSections and chapters on individual languagesWritten in the lucid, entertaining tone that makes a complex, dry topic become crystal-clear to programmers, and sprinkled with solutions to complex real-world problems, Mastering Regular Expressions, Third Edition offers a wealth information that you can put to immediateuse.Reviews of this new edition and the second edition: "There isn't a better (or more useful) book available on regular expressions."--Zak Greant, Managing Director, eZ Systems"A real tour-de-force of a book which not only covers the mechanics of regexes in extraordinary detail but also talks about efficiency and the use of regexes in Perl, Java, and .NET...If you use regular expressions as part of your professional work (even if you already have a good book on whatever language you're programming in) I would strongly recommend this book to you."--Dr. Chris Brown, Linux Format"The author does an outstanding job leading the reader from regexnovice to master. The book is extremely easy to read and chock full ofuseful and relevant examples...Regular expressions are valuable toolsthat every developer should have in their toolbox. Mastering RegularExpressions is the definitive guide to the subject, and an outstandingresource that belongs on every programmer's bookshelf. Ten out of TenHorseshoes."--Jason Menard, Java Ranch

    Joining the professional web designers and programmers are new audiences who need to know a little bit of code at work (update a content management system or e-commerce store) and those who want to make their personal blogs more attractive. Many books teaching HTML and CSS are dry and only written for those who want to become programmers, which is why this book takes an entirely new approach. • Introduces HTML and CSS in a way that makes them accessible to everyone—hobbyists, students, and professionals—and it’s full-color throughout • Utilizes information graphics and lifestyle photography to explain the topics in a simple way that is engaging • Boasts a unique structure that allows you to progress through the chapters from beginning to end or just dip into topics of particular interest at your leisureThis educational book is one that you will enjoy picking up, reading, then referring back to. It will make you wish other technical topics were presented in such a simple, attractive and engaging way!

    This practical guide shows you how to be productive with this tool quickly, whether you're a developer deploying code to production or a system administrator looking for a better automation solution.Author Lorin Hochstein shows you how to write playbooks (Ansible's configuration management scripts), manage remote servers, and explore the tool's real power: built-in declarative modules. You'll discover that Ansible has the functionality you need and the simplicity you desire.Understand how Ansible differs from other configuration management systemsUse the YAML file format to write your own playbooksLearn Ansible's support for variables and factsWork with a complete example to deploy a non-trivial applicationUse roles to simplify and reuse playbooksMake playbooks run faster with ssh multiplexing, pipelining, and parallelismDeploy applications to Amazon EC2 and other cloud platformsUse Ansible to create Docker images and deploy Docker containers

    And through CODE, we see how this ingenuity and our very human compulsion to communicate have driven the technological innovations of the past two centuries. Using everyday objects and familiar language systems such as Braille and Morse code, author Charles Petzold weaves an illuminating narrative for anyone who’s ever wondered about the secret inner life of computers and other smart machines. It’s a cleverly illustrated and eminently comprehensible story—and along the way, you’ll discover you’ve gained a real context for understanding today’s world of PCs, digital media, and the Internet. No matter what your level of technical savvy, CODE will charm you—and perhaps even awaken the technophile within.