Skip to main content
View Cart

Syngress

  • Practical Anonymity

    Hiding in Plain Sight Online
    • 1st Edition
    • Peter Loshin
    • English
    For those with legitimate reason to use the Internet anonymously--diploma... military and other government agencies, journalists, political activists, IT professionals, law enforcement personnel, political refugees and others--anonymous networking provides an invaluable tool, and many good reasons that anonymity can serve a very important purpose. Anonymous use of the Internet is made difficult by the many websites that know everything about us, by the cookies and ad networks, IP-logging ISPs, even nosy officials may get involved. It is no longer possible to turn off browser cookies to be left alone in your online life. Practical Anonymity: Hiding in Plain Sight Online shows you how to use the most effective and widely-used anonymity tools--the ones that protect diplomats, military and other government agencies to become invisible online. This practical guide skips the theoretical and technical details and focuses on getting from zero to anonymous as fast as possible. For many, using any of the open-source, peer-reviewed tools for connecting to the Internet via an anonymous network may be (or seem to be) too difficult because most of the information about these tools is burdened with discussions of how they work and how to maximize security. Even tech-savvy users may find the burden too great--but actually using the tools can be pretty simple. The primary market for this book consists of IT professionals who need/want tools for anonymity to test/work around corporate firewalls and router filtering as well as provide anonymity tools to their customers. Simple, step-by-step instructions for configuring and using anonymous networking software Simple, step-by-step instructions for configuring and using anonymous networking software Use of open source, time-proven and peer-reviewed tools for anonymity Plain-language discussion of actual threats and concrete suggestions for appropriate responses Easy-to-follow tips for safer computing

  • Risk Management Framework

    A Lab-Based Approach to Securing Information Systems
    • 1st Edition
    • James Broad
    • English
    The RMF allows an organization to develop an organization-wide risk framework that reduces the resources required to authorize a systems operation. Use of the RMF will help organizations maintain compliance with not only FISMA and OMB requirements but can also be tailored to meet other compliance requirements such as Payment Card Industry (PCI) or Sarbanes Oxley (SOX). With the publishing of NIST SP 800-37 in 2010 and the move of the Intelligence Community and Department of Defense to modified versions of this process, clear implementation guidance is needed to help individuals correctly implement this process. No other publication covers this topic in the detail provided in this book or provides hands-on exercises that will enforce the topics. Examples in the book follow a fictitious organization through the RMF, allowing the reader to follow the development of proper compliance measures. Templates provided in the book allow readers to quickly implement the RMF in their organization. The need for this book continues to expand as government and non-governmental organizations build their security programs around the RMF. The companion website provides access to all of the documents, templates and examples needed to not only understand the RMF but also implement this process in the reader’s own organization.

  • Professional Penetration Testing

    Creating and Learning in a Hacking Lab
    • 2nd Edition
    • Thomas Wilhelm
    • English
    Professional Penetration Testing walks you through the entire process of setting up and running a pen test lab. Penetration testing—the act of testing a computer network to find security vulnerabilities before they are maliciously exploited—is a crucial component of information security in any organization. With this book, you will find out how to turn hacking skills into a professional career. Chapters cover planning, metrics, and methodologies; the details of running a pen test, including identifying and verifying vulnerabilities; and archiving, reporting and management practices. Author Thomas Wilhelm has delivered penetration testing training to countless security professionals, and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book, you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios. All disc-based content for this title is now available on the Web.

  • The Basics of Hacking and Penetration Testing

    Ethical Hacking and Penetration Testing Made Easy
    • 2nd Edition
    • Patrick Engebretson
    • English
    The Basics of Hacking and Penetration Testing, Second Edition, serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. The book teaches students how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. It provides a simple and clean explanation of how to effectively utilize these tools, along with a four-step methodology for conducting a penetration test or hack, thus equipping students with the know-how required to jump start their careers and gain a better understanding of offensive security.Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. Tool coverage includes: Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. This is complemented by PowerPoint slides for use in class.This book is an ideal resource for security consultants, beginning InfoSec professionals, and students.

  • The Basics of Web Hacking

    Tools and Techniques to Attack the Web
    • 1st Edition
    • Josh Pauli
    • English
    The Basics of Web Hacking introduces you to a tool-driven process to identify the most widespread vulnerabilities in Web applications. No prior experience is needed. Web apps are a "path of least resistance" that can be exploited to cause the most damage to a system, with the lowest hurdles to overcome. This is a perfect storm for beginning hackers. The process set forth in this book introduces not only the theory and practical information related to these vulnerabilities, but also the detailed configuration and usage of widely available tools necessary to exploit these vulnerabilities. The Basics of Web Hacking provides a simple and clean explanation of how to utilize tools such as Burp Suite, sqlmap, and Zed Attack Proxy (ZAP), as well as basic network scanning tools such as nmap, Nikto, Nessus, Metasploit, John the Ripper, web shells, netcat, and more. Dr. Josh Pauli teaches software security at Dakota State University and has presented on this topic to the U.S. Department of Homeland Security, the NSA, BlackHat Briefings, and Defcon. He will lead you through a focused, three-part approach to Web security, including hacking the server, hacking the Web app, and hacking the Web user. With Dr. Pauli’s approach, you will fully understand the what/where/why/how of the most widespread Web vulnerabilities and how easily they can be exploited with the correct tools. You will learn how to set up a safe environment to conduct these attacks, including an attacker Virtual Machine (VM) with all necessary tools and several known-vulnerable Web application VMs that are widely available and maintained for this very purpose. Once you complete the entire process, not only will you be prepared to test for the most damaging Web exploits, you will also be prepared to conduct more advanced Web hacks that mandate a strong base of knowledge.

  • Introduction to Cyber-Warfare

    A Multidisciplinary Approach
    • 1st Edition
    • Paulo Shakarian + 2 more
    • English
    Introduction to Cyber-Warfare: A Multidisciplinary Approach, written by experts on the front lines, gives you an insider's look into the world of cyber-warfare through the use of recent case studies. The book examines the issues related to cyber warfare not only from a computer science perspective but from military, sociological, and scientific perspectives as well. You'll learn how cyber-warfare has been performed in the past as well as why various actors rely on this new means of warfare and what steps can be taken to prevent it.

  • The Wireshark Field Guide

    Analyzing and Troubleshooting Network Traffic
    • 1st Edition
    • Robert Shimonski
    • English
    The Wireshark Field Guide provides hackers, pen testers, and network administrators with practical guidance on capturing and interactively browsing computer network traffic. Wireshark is the world's foremost network protocol analyzer, with a rich feature set that includes deep inspection of hundreds of protocols, live capture, offline analysis and many other features. The Wireshark Field Guide covers the installation, configuration and use of this powerful multi-platform tool. The book give readers the hands-on skills to be more productive with Wireshark as they drill down into the information contained in real-time network traffic. Readers will learn the fundamentals of packet capture and inspection, the use of color codes and filters, deep analysis, including probes and taps, and much more. The Wireshark Field Guide is an indispensable companion for network technicians, operators, and engineers.

  • Simple Steps to Data Encryption

    A Practical Guide to Secure Computing
    • 1st Edition
    • Peter Loshin
    • English
    Everyone wants privacy and security online, something that most computer users have more or less given up on as far as their personal data is concerned. There is no shortage of good encryption software, and no shortage of books, articles and essays that purport to be about how to use it. Yet there is precious little for ordinary users who want just enough information about encryption to use it safely and securely and appropriately--WITHO... having to become experts in cryptography. Data encryption is a powerful tool, if used properly. Encryption turns ordinary, readable data into what looks like gibberish, but gibberish that only the end user can turn back into readable data again. The difficulty of encryption has much to do with deciding what kinds of threats one needs to protect against and then using the proper tool in the correct way. It's kind of like a manual transmission in a car: learning to drive with one is easy; learning to build one is hard. The goal of this title is to present just enough for an average reader to begin protecting his or her data, immediately. Books and articles currently available about encryption start out with statistics and reports on the costs of data loss, and quickly get bogged down in cryptographic theory and jargon followed by attempts to comprehensively list all the latest and greatest tools and techniques. After step-by-step walkthroughs of the download and install process, there's precious little room left for what most readers really want: how to encrypt a thumb drive or email message, or digitally sign a data file. There are terabytes of content that explain how cryptography works, why it's important, and all the different pieces of software that can be used to do it; there is precious little content available that couples concrete threats to data with explicit responses to those threats. This title fills that niche. By reading this title readers will be provided with a step by step hands-on guide that includes: Simple descriptions of actual threat scenarios Simple, step-by-step instructions for securing data How to use open source, time-proven and peer-reviewed cryptographic software Easy to follow tips for safer computing Unbiased and platform-independent coverage of encryption tools and techniques

  • Windows Server 2012 Security from End to Edge and Beyond

    Architecting, Designing, Planning, and Deploying Windows Server 2012 Security Solutions
    • 1st Edition
    • Yuri Diogenes + 2 more
    • English
    Windows Server 2012 Security from End to Edge and Beyond shows you how to architect, design, plan, and deploy Microsoft security technologies for Windows 8/Server 2012 in the enterprise. The book covers security technologies that apply to both client and server and enables you to identify and deploy Windows 8 security features in your systems based on different business and deployment scenarios. The book is a single source for learning how to secure Windows 8 in many systems, including core, endpoint, and anywhere access. Authors Tom Shinder and Yuri Diogenes, both Microsoft employees, bring you insider knowledge of the Windows 8 platform, discussing how to deploy Windows security technologies effectively in both the traditional datacenter and in new cloud-based solutions. With this book, you will understand the conceptual underpinnings of Windows 8 security and how to deploy these features in a test lab and in pilot and production environments. The book's revolutionary "Test Lab Guide" approach lets you test every subject in a predefined test lab environment. This, combined with conceptual and deployment guidance, enables you to understand the technologies and move from lab to production faster than ever before. Critical material is also presented in key concepts and scenario-based approaches to evaluation, planning, deployment, and management. Videos illustrating the functionality in the Test Lab can be downloaded from the authors’ blog http://blogs.technet... Each chapter wraps up with a bullet list summary of key concepts discussed in the chapter.

  • Assessing Vendors

    A Hands-On Guide to Assessing Infosec and IT Vendors
    • 1st Edition
    • Josh More
    • English
    Assessing vendors is a tricky process. Large and regulated organizations are forced to demonstrate due diligence in vendor assessment, but often do not know how to do this. This results in a great deal of busywork being required by both the vendors and the organizations. Smaller organizations don't know what to look for and, as a result, often wind up selecting based on price instead of value. This results in service failures and vendors that just milk their customers for as long as they can. Assessing Vendors shows you how to walk the line between under- and over-assessing, so decisions can be made on sufficient data without wasting time, digging too deeply, or making decisions too quickly. This hands-on guide will show you how to use an iterative approach to vendor analysis, so you can rapidly filter out the vendors that are clear failures and then select likely winners. It will then show you how to do progressively deeper dives into the likely winners so you can select a preferred vendor. Finally, you will learn how to negotiate with your preferred vendor to get reasonable prices and services. Provides an iterative approach to vendor assessment, showing you how to make decisions on sufficient data without wasting time Includes checklists to help you navigate the decision-making process, while considering all the important factors needed to make a sound decision Helps you understand and evaluate vendors based on key concepts such as performance criteria, functional testing, production, and price

Browse by Publisher