Skip to main content

Syngress

The Best Damn IT Security Management Book Period
1st Edition
Susan Snedaker + 1 more
English
The security field evolves rapidly becoming broader and more complex each year. The common thread tying the field together is the discipline of management. The Best Damn Security Manager's Handbook Period has comprehensive coverage of all management issues facing IT and security professionals and is an ideal resource for those dealing with a changing daily workload.Coverage includes Business Continuity, Disaster Recovery, Risk Assessment, Protection Assets, Project Management, Security Operations, and Security Management, and Security Design & Integration.Compiled from the best of the Syngress and Butterworth Heinemann libraries and authored by business continuity expert Susan Snedaker, this volume is an indispensable addition to a serious security professional's toolkit.
Sarbanes-Oxley IT Compliance Using Open Source Tools
2nd Edition
Christian B Lahti + 1 more
English
The Sarbanes-Oxley Act (officially titled the Public Company Accounting Reform and Investor Protection Act of 2002), signed into law on 30 July 2002 by President Bush, is considered the most significant change to federal securities laws in the United States since the New Deal. It came in the wake of a series of corporate financial scandals, including those affecting Enron, Arthur Andersen, and WorldCom. The law is named after Senator Paul Sarbanes and Representative Michael G. Oxley. It was approved by the House by a vote of 423-3 and by the Senate 99-0. This book illustrates the many Open Source cost-saving opportunities that public companies can explore in their IT enterprise to meet mandatory compliance requirements of the Sarbanes-Oxley act. This book will also demonstrate by example and technical reference both the infrastructure components for Open Source that can be made compliant, and the Open Source tools that can aid in the journey of compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion.The format of the book will begin each chapter with the IT business and executive considerations of Open Source and SOX compliance. The remaining chapter verbiage will include specific examinations of Open Source applications and tools which relate to the given subject matter.
How to Cheat at Deploying and Securing RFID
1st Edition
Frank Thornton + 1 more
English
RFID is a method of remotely storing and receiving data using devices called RFID tags. RFID tags can be small adhesive stickers containing antennas that receive and respond to transmissions from RFID transmitters. RFID tags are used to identify and track everything from Exxon EZ pass to dogs to beer kegs to library books. Major companies and countries around the world are adopting or considering whether to adopt RFID technologies. Visa and Wells Fargo are currently running tests with RFID, airports around the world are using RFID to track cargo and run customs departments, universities such as Slippery Rock are providing RFID-enabled cell phones for students to use for campus charges. According to the July 9 CNET article, RFID Tags: Big Brother in Small Packages?, "You should become familiar with RFID technology because you'll be hearing much more about it soon. Retailers adore the concept, and CNET News.com's own Alorie Gilbert wrote last week about how Wal-Mart and the U.K.-based grocery chain Tesco are starting to install "smart shelves" with networked RFID readers. In what will become the largest test of the technology, consumer goods giant Gillette recently said it would purchase 500 million RFID tags from Alien Technology of Morgan Hill, CA." For security professionals needing to get up and running fast with the topic of RFID, this How to Cheat approach to the topic is the perfect "just what you need to know" book!
Open Source Fuzzing Tools
1st Edition
Noam Rathaus + 1 more
English
Fuzzing is often described as a “black box” software testing technique. It works by automatically feeding a program multiple input iterations in an attempt to trigger an internal error indicative of a bug, and potentially crash it. Such program errors and crashes are indicative of the existence of a security vulnerability, which can later be researched and fixed.Fuzz testing is now making a transition from a hacker-grown tool to a commercial-grade product. There are many different types of applications that can be fuzzed, many different ways they can be fuzzed, and a variety of different problems that can be uncovered. There are also problems that arise during fuzzing; when is enough enough? These issues and many others are fully explored.
Web Application Vulnerabilities
Detect, Exploit, Prevent
1st Edition
Steven Palmer
English
In this book, we aim to describe how to make a computer bend to your will by finding and exploiting vulnerabilities specifically in Web applications. We will describe common security issues in Web applications, tell you how to find them, describe how to exploit them, and then tell you how to fix them. We will also cover how and why some hackers (the bad guys) will try to exploit these vulnerabilities to achieve their own end. We will also try to explain how to detect if hackers are actively trying to exploit vulnerabilities in your own Web applications.
Perl Scripting for Windows Security
Live Response, Forensic Analysis, and Monitoring
1st Edition
Harlan Carvey
English
I decided to write this book for a couple of reasons. One was that I’ve now written a couple of books that have to do with incident response and forensic analysis on Windows systems, and I used a lot of Perl in both books. Okay…I’ll come clean…I used nothing but Perl in both books! What I’ve seen as a result of this is that many readers want to use the tools, but don’t know how…they simply aren’t familiar with Perl, with interpreted (or scripting) languages in general, and may not be entirely comfortable with running tools at the command line. This book is intended for anyone who has an interest in useful Perl scripting, in particular on the Windows platform, for the purpose of incident response, and forensic analysis, and application monitoring. While a thorough grounding in scripting languages (or in Perl specifically) is not required, it helpful in fully and more completely understanding the material and code presented in this book. This book contains information that is useful to consultants who perform incident response and computer forensics, specifically as those activities pertain to MS Windows systems (Windows 2000, XP, 2003, and some Vista). My hope is that not only will consultants (such as myself) find this material valuable, but so will system administrators, law enforcement officers, and students in undergraduate and graduate programs focusing on computer forensics.
Juniper(r) Networks Secure Access SSL VPN Configuration Guide
1st Edition
Rob Cameron + 1 more
English
Juniper Networks Secure Access SSL VPN appliances provide a complete range of remote access appliances for the smallest companies up to the largest service providers. As a system administrator or security professional, this comprehensive configuration guide will allow you to configure these appliances to allow remote and mobile access for employees. If you manage and secure a larger enterprise, this book will help you to provide remote and/or extranet access, for employees, partners, and customers from a single platform.
Dr. Tom Shinder's ISA Server 2006 Migration Guide
1st Edition
Thomas W Shinder
English
Dr. Tom Shinder’s ISA Server 2006 Migration Guide provides a clear, concise, and thorough path to migrate from previous versions of ISA Server to ISA Server 2006. ISA Server 2006 is an incremental upgrade from ISA Server 2004, this book provides all of the tips and tricks to perform a successful migration, rather than rehash all of the features which were rolled out in ISA Server 2004. Also, learn to publish Exchange Server 2007 with ISA 2006 and to build a DMZ.* Highlights key issues for migrating from previous versions of ISA Server to ISA Server 2006.* Learn to Publish Exchange Server 2007 Using ISA Server 2006.* Create a DMZ using ISA Server 2006.
The Best Damn Cybercrime and Digital Forensics Book Period
1st Edition
Anthony Reyes + 1 more
English
Electronic discovery refers to a process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a legal case. Computer forensics is the application of computer investigation and analysis techniques to perform an investigation to find out exactly what happened on a computer and who was responsible. IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference has increased in size by almost 50% in its second year; another example of the rapid growth in the market. This book is the first to combine cybercrime and digital forensic topics to provides law enforcement and IT security professionals with the information needed to manage a digital investigation. Everything needed for analyzing forensic data and recovering digital evidence can be found in one place, including instructions for building a digital forensics lab.
The Best Damn Server Virtualization Book Period
Including Vmware, Xen, and Microsoft Virtual Server
1st Edition
Rogier Dittner + 1 more
English
Server Sprawl and escalating IT costs have managers and system administrators scrambling to find ways to cut costs and reduce Total Cost of Ownership of their physical infrastructure. Combining software applications onto a single server, even if those applications are from the same software vendor, can be dangerous and problems hard to troubleshoot. Virtualization allows you to consolidate many servers onto a single physical server reducing hardware, electrical, cooling, and administrative costs. These virtual servers run completely independent of each other so if one crashes the other are not affected. Planning and implementing a server consolidation is a complex process. This book details the requirements for such a project, includes sample forms and templates, and delivers several physical to virtual migration strategies which will save both time and costs. Readers of this book will easily be able to plan and deploy VMware, Microsoft Virtual Server, and Xen.

Browse by Publisher