Skip to main content
Elsevier

Syngress

  • Building a Digital Forensic Laboratory

    Establishing and Managing a Successful Facility
    • 1st Edition
    • Andrew Jones + 1 more
    • English
    The need to professionally and successfully conduct computer forensic investigations of incidents and crimes has never been greater. This has caused an increased requirement for information about the creation and management of computer forensic laboratories and the investigations themselves. This includes a great need for information on how to cost-effectively establish and manage a computer forensics laboratory. This book meets that need: a clearly written, non-technical book on the topic of computer forensics with emphasis on the establishment and management of a computer forensics laboratory and its subsequent support to successfully conducting computer-related crime investigations.

  • GFI Network Security and PCI Compliance Power Tools

    • 1st Edition
    • Brien Posey
    • English
    Today all companies, U.S. federal agencies, and non-profit organizations have valuable data on their servers that needs to be secured. One of the challenges for IT experts is learning how to use new products in a time-efficient manner, so that new implementations can go quickly and smoothly. Learning how to set up sophisticated products is time-consuming, and can be confusing. GFI's LANguard Network Security Scanner reports vulnerabilities so that they can be mitigated before unauthorized intruders can wreck havoc on your network. To take advantage of the best things that GFI's LANguard Network Security Scanner has to offer, you'll want to configure it on your network so that it captures key events and alerts you to potential vulnerabilities before they are exploited.In this book Brien Posey has pinpointed the most important concepts with examples and screenshots so that systems administrators and security engineers can understand how to get the GFI security tools working quickly and effectively. His straightforward, no nonsense writing style is devoid of difficult to understand technical jargon. His descriptive examples explain how GFI's security tools enhance the security controls that are already built into your server's operating system.* Secure Your Network Master the various components that make up the management console and prepare to use it for most tasks.* Analyze Scan Results View detected vulnerabilities, save and print results, query open ports, and filter your results.* Install and Use the ReportPack Learn how to build custom reports and schedule reports. See how filters allow you to control the information that is processed when a reports is run.* Perform a Hardware Inventory and Compile a Software Inventory Use GFI to do your inventories and perform audits. See how to blacklist and whitelist applications to make your reports more meaningful.* Manage Patches Effectively See how to deploy a specific patch, perform a scan comparison, uninstall a patch, and deploy custom software.* Use GFI EndPointSecurity to Lock Down Hardware Be prepared for users trying to install unauthorized software, copy sensitive data onto removable media, or perform other actions to try and circumvent your network's security.* Create Protection Policies Control the level of device access allowed on a system and create separate protection policies; one for servers, one for workstations, and one for laptops. Learn how to deploy agents.* Regulate Specific Devices Master some of the advanced features of GFI: locking device categories, blacklisting and whitelisting devices, and using file type restrictions.* Monitor Device Usage Keep tabs on your network by setting logging options, setting alerting options, and generating end point security reports.

  • Configuring Windows Vista Post-Installation System Settings

    Exam: 70-620
    • 1st Edition
    • English
    Syngress vLabs let you learn on live systems in a safe, secure staging environment. You will learn more effectively by experiencing real-world situations and getting immediate feedback. You will be more certain to pass your certification exams because you've studied specific scenarios that you'll see on exam day.

  • Techno Security's Guide to Securing SCADA

    A Comprehensive Handbook On Protecting The Critical Infrastructure
    • 1st Edition
    • Greg Miles + 8 more
    • English
    Around the world, SCADA (supervisory control and data acquisition) systems and other real-time process control networks run mission-critical infrastructure--ever... from the power grid to water treatment, chemical manufacturing to transportation. These networks are at increasing risk due to the move from proprietary systems to more standard platforms and protocols and the interconnection to other networks. Because there has been limited attention paid to security, these systems are seen as largely unsecured and very vulnerable to attack. This book addresses currently undocumented security issues affecting SCADA systems and overall critical infrastructure protection. The respective co-authors are among the leading experts in the world capable of addressing these related-but-independ... concerns of SCADA security. Headline-making threats and countermeasures like malware, sidejacking, biometric applications, emergency communications, security awareness llanning, personnel & workplace preparedness and bomb threat planning will be addressed in detail in this one of a kind book-of-books dealing with the threats to critical infrastructure protection. They collectivly have over a century of expertise in their respective fields of infrastructure protection. Included among the contributing authors are Paul Henry, VP of Technology Evangelism, Secure Computing, Chet Hosmer, CEO and Chief Scientist at Wetstone Technologies, Phil Drake, Telecommunications Director, The Charlotte Observer, Patrice Bourgeois, Tenable Network Security, Sean Lowther, President, Stealth Awareness and Jim Windle, Bomb Squad Commander, CMPD.

  • Malware Forensics

    Investigating and Analyzing Malicious Code
    • 1st Edition
    • Eoghan Casey + 2 more
    • English
    Malware Forensics: Investigating and Analyzing Malicious Code covers the complete process of responding to a malicious code incident. Written by authors who have investigated and prosecuted federal malware cases, this book deals with the emerging and evolving field of live forensics, where investigators examine a computer system to collect and preserve critical live data that may be lost if the system is shut down. Unlike other forensic texts that discuss live forensics on a particular operating system, or in a generic context, this book emphasizes a live forensics and evidence collection methodology on both Windows and Linux operating systems in the context of identifying and capturing malicious code and evidence of its effect on the compromised system. It is the first book detailing how to perform live forensic techniques on malicious code. The book gives deep coverage on the tools and techniques of conducting runtime behavioral malware analysis (such as file, registry, network and port monitoring) and static code analysis (such as file identification and profiling, strings discovery, armoring/packing detection, disassembling, debugging), and more. It explores over 150 different tools for malware incident response and analysis, including forensic tools for preserving and analyzing computer memory. Readers from all educational and technical backgrounds will benefit from the clear and concise explanations of the applicable legal case law and statutes covered in every chapter. In addition to the technical topics discussed, this book also offers critical legal considerations addressing the legal ramifications and requirements governing the subject matter. This book is intended for system administrators, information security professionals, network personnel, forensic examiners, attorneys, and law enforcement working with the inner-workings of computer memory and malicious code.

  • The IT / Digital Legal Companion

    A Comprehensive Business Guide to Software, IT, Internet, Media and IP Law
    • 1st Edition
    • Gene K. Landy + 1 more
    • English
    The IT/Digital Legal Companion is a comprehensive business and legal guidance covering intellectual property for digital business; digital contract fundamentals; open source rules and strategies; development, consulting and outsourcing; software as a service; business software licensing, partnering, and distribution; web and Internet agreements; privacy on the Internet; digital multimedia content clearance and distribution; IT standards; video game development and content deals; international distribution; and user-created content, mash-ups, MMOGs, and web widgets.Chapters deal with topics such as copyrights on the Internet, for software protection and around the world; trademarks and domain names; patents and digital technology companies; trade secrets and non-disclosure agreements; confidentiality, rights transfer, and non-competition agreements for employees; introduction to digital product and service contracts; a pragmatic guide to open source; IT services - development, outsourcing, and consulting; beta test agreements; commercial end-user agreements; terms of use for web sites and online applications; privacy and use of personal data; digital technology standards - opportunities, risks, and strategies; content for digital media; and deals in the web and mobile value chains.This book is intended for executives, entrepreneurs, finance and business development officers; technology and engineering officers; marketers, licensing professionals, and technology professionals; in-house counsel; and anyone else that deals with software or digital technology in business.

  • Securing Citrix XenApp Server in the Enterprise

    • 1st Edition
    • Tariq Azad
    • English
    Citrix Presentation Server allows remote users to work off a network server as if they weren't remote. That means: Incredibly fast access to data and applications for users, no third party VPN connection, and no latency issues. All of these features make Citrix Presentation Server a great tool for increasing access and productivity for remote users. Unfortunately, these same features make Citrix just as dangerous to the network it's running on. By definition, Citrix is granting remote users direct access to corporate servers?..achieving this type of access is also the holy grail for malicious hackers. To compromise a server running Citrix Presentation Server, a hacker need not penetrate a heavily defended corporate or government server. They can simply compromise the far more vulnerable laptop, remote office, or home office of any computer connected to that server by Citrix Presentation Server. All of this makes Citrix Presentation Server a high-value target for malicious hackers. And although it is a high-value target, Citrix Presentation Servers and remote workstations are often relatively easily hacked, because they are often times deployed by overworked system administrators who haven't even configured the most basic security features offered by Citrix. "The problem, in other words, isn't a lack of options for securing Citrix instances; the problem is that administrators aren't using them." (eWeek, October 2007). In support of this assertion Security researcher Petko D. Petkov, aka "pdp", said in an Oct. 4 posting that his recent testing of Citrix gateways led him to "tons" of "wide-open" Citrix instances, including 10 on government domains and four on military domains.

  • Kismet Hacking

    • 1st Edition
    • Frank Thornton + 2 more
    • English
    Kismet is the industry standard for examining wireless network traffic, and is used by over 250,000 security professionals, wireless networking enthusiasts, and WarDriving hobbyists.Unlike other wireless networking books that have been published in recent years that geared towards Windows users, Kismet Hacking is geared to those individuals that use the Linux operating system. People who use Linux and want to use wireless tools need to use Kismet. Now with the introduction of Kismet NewCore, they have a book that will answer all their questions about using this great tool. This book continues in the successful vein of books for wireless users such as WarDriving: Drive, Detect Defend.

  • SonicWALL Secure Wireless Networks Integrated Solutions Guide

    • 1st Edition
    • Khai Tran + 5 more
    • English
    Nearly forty percent of the world's 1 billion+ Internet users are wireless. It's a truly staggering fact to think that the majority of these wireless implementations are fundamentally insecure, leaving users and private data at risk. Many wireless proprietors think that the convenience of wireless outweighs the possible risk of insecure impelentation, or that secure wireless is far too complicated to worry about deploying. SonicWALL® Secure Wireless Networks Integrated Solutions Guide provides a systematic approach to creating secure wireless networks, using the Plan, Design, Implement, and Optimize model. This introduction to wireless network security is both comprehensive and easy to understand. Using straightforward language, this book describes deployment best practices, what SonicWALL security appliances do, and how they interoperate within an existing or new network. It begins with brief overviews of the theory of risk management, the history of wireless networks, and today’s top five wireless threats. Real-world case studies highlight wireless solution business drivers for education, healthcare, retail and hospitality, and government agencies, as well as their respective regulatory compliance requirements. SonicWALL believes that the days of being forced to accept inherent risk in wireless networking are over. By using modern security standards and sound network design methods, your wireless network should be just as secure as your wired network.Wireless networks can be made as secure as wired networks, and deploying this type of security can be far less complicated than you think. In this book, and through their massive product offerings, SonicWALL gives you (the secure wireless network hopeful) all of the planning, implementation, and optimizing tools you need to do wireless. Securely.

  • The IT Regulatory and Standards Compliance Handbook

    How to Survive Information Systems Audit and Assessments
    • 1st Edition
    • Craig S. Wright
    • English
    The IT Regulatory and Standards Compliance Handbook provides comprehensive methodology, enabling the staff charged with an IT security audit to create a sound framework, allowing them to meet the challenges of compliance in a way that aligns with both business and technical needs. This "roadmap" provides a way of interpreting complex, often confusing, compliance requirements within the larger scope of an organization's overall needs.

Browse by Publisher