Skip to main content
Elsevier

Syngress

  • Penetration Tester's Open Source Toolkit

    • 2nd Edition
    • Chris Hurley + 1 more
    • English
    Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester's toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.

  • Practical Oracle Security

    Your Unauthorized Guide to Relational Database Security
    • 1st Edition
    • Josh Shaul + 1 more
    • English
    This is the only practical, hands-on guide available to database administrators to secure their Oracle databases. This book will help the DBA to assess their current level of risk as well as their existing security posture. It will then provide practical, applicable knowledge to appropriately secure the Oracle database.

  • Google Hacking for Penetration Testers

    • 1st Edition
    • Bill Gardner + 2 more
    • English
    This book helps people find sensitive information on the Web.Google is one of the 5 most popular sites on the internet with more than 380 million unique users per month (Nielsen/NetRatings 8/05). But, Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web including: social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers Volume 2 shows the art of manipulating Google used by security professionals and system administrators to find this sensitive information and “self-police” their own organizations.Reader... will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with MySpace, LinkedIn, and more for passive reconaissance.

  • How to Cheat at Securing Linux

    • 1st Edition
    • James Stanger
    • English
    Linux servers now account for 33% of all networks servers running worldwide (Source: IDC). The top 3 market share holders in the network server space (IBM, Hewlett-Packard, and Dell) all use Linux as their standard operating system. This book teaches Linux system administrators how to protect their servers from malicious threats.As with any technologies, increased usage results in increased attention from malicious hackers. For years a myth existed that Windows was inherently less secure than Linux, because there were significantly more attacks against Windows machines than Linux. This was a fallacy. There were more attacks against Windows machines because there were simply so many more Windows machines to attack. Now, the numbers tell the exact opposite story. Linux servers account for 1/3 of all servers worldwide, but in 2005 there were 3 times as many high-severity security vulnerabilities discovered on Linux servers (Source: IDC).This book covers Open Source security, implementing an intrusion detection system, unearthing Rootkits, defending against malware, creating Virtual Private Networks, and much more.

  • InfoSecurity 2008 Threat Analysis

    • 1st Edition
    • Craig Schiller + 3 more
    • English
    An all-star cast of authors analyze the top IT security threats for 2008 as selected by the editors and readers of Infosecurity Magazine. This book, compiled from the Syngress Security Library, is an essential reference for any IT professional managing enterprise security. It serves as an early warning system, allowing readers to assess vulnerabilities, design protection schemes and plan for disaster recovery should an attack occur. Topics include Botnets, Cross Site Scripting Attacks, Social Engineering, Physical and Logical Convergence, Payment Card Industry (PCI) Data Security Standards (DSS), Voice over IP (VoIP), and Asterisk Hacking. Each threat is fully defined, likely vulnerabilities are identified, and detection and prevention strategies are considered. Wherever possible, real-world examples are used to illustrate the threats and tools for specific solutions.

  • TechnoSecurity's Guide to E-Discovery and Digital Forensics

    A Comprehensive Handbook
    • 1st Edition
    • Jack Wiles
    • English
    TechnoSecurity's Guide to E-Discovery and Digital Forensics provides IT security professionals with the information (hardware, software, and procedural requirements) needed to create, manage and sustain a digital forensics lab and investigative team that can accurately and effectively analyze forensic data and recover digital evidence, while preserving the integrity of the electronic evidence for discovery and trial.

  • How to Cheat at Securing Your Network

    • 1st Edition
    • Ido Dubrawsky
    • English
    Most Systems Administrators are not security specialists. Keeping the network secure is one of many responsibilities, and it is usually not a priority until disaster strikes. How to Cheat at Securing Your Network is the perfect book for this audience. The book takes the huge amount of information available on network security and distils it into concise recommendations and instructions, using real world, step-by-step instruction. The latest addition to the best selling "How to Cheat..." series of IT handbooks, this book clearly identifies the primary vulnerabilities of most computer networks, including user access, remote access, messaging, wireless hacking, media, email threats, storage devices, and web applications. Solutions are provided for each type of threat, with emphasis on intrusion detection, prevention, and disaster recovery.

  • Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research

    • 1st Edition
    • David Maynor
    • English
    Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research is the first book available for the Metasploit Framework (MSF), which is the attack platform of choice for one of the fastest growing careers in IT security: Penetration Testing. The book will provide professional penetration testers and security researchers with a fully integrated suite of tools for discovering, running, and testing exploit code.This book discusses how to use the Metasploit Framework (MSF) as an exploitation platform. The book begins with a detailed discussion of the three MSF interfaces: msfweb, msfconsole, and msfcli .This chapter demonstrates all of the features offered by the MSF as an exploitation platform. With a solid understanding of MSF’s capabilities, the book then details techniques for dramatically reducing the amount of time required for developing functional exploits.By working through a real-world vulnerabilities against popular closed source applications, the reader will learn how to use the tools and MSF to quickly build reliable attacks as standalone exploits. The section will also explain how to integrate an exploit directly into the Metasploit Framework by providing a line-by-line analysis of an integrated exploit module. Details as to how the Metasploit engine drives the behind-the-scenes exploitation process will be covered, and along the way the reader will come to understand the advantages of exploitation frameworks. The final section of the book examines the Meterpreter payload system and teaches readers to develop completely new extensions that will integrate fluidly with the Metasploit Framework.

  • Alternate Data Storage Forensics

    • 1st Edition
    • Amber Schroader + 1 more
    • English
    Learn to pull “digital fingerprints” from alternate data storage (ADS) devices including: iPod, Xbox, digital cameras and more from the cyber sleuths who train the Secret Service, FBI, and Department of Defense in bleeding edge digital forensics techniques. This book sets a new forensic methodology standard for investigators to use.This book begins by describing how alternate data storage devices are used to both move and hide data. From here a series of case studies using bleeding edge forensic analysis tools demonstrate to readers how to perform forensic investigations on a variety of ADS devices including: Apple iPods, Digital Video Recorders, Cameras, Gaming Consoles (Xbox, PS2, and PSP), Bluetooth devices, and more using state of the art tools. Finally, the book takes a look into the future at “not yet every day” devices which will soon be common repositories for hiding and moving data for both legitimate and illegitimate purposes.

  • How to Cheat at Securing SQL Server 2005

    • 1st Edition
    • Mark Horninger
    • English
    The perfect book for multi-tasked IT managers responsible for securing the latest version of SQL Server 2005. SQL Server is the perfect product for the How to Cheat series. It is an ambitious product that, for the average SysAdmin, will present a difficult migration path from earlier versions and a vexing number of new features. How to Cheat promises help in order to get SQL Server secured as quickly and safely as possible.

Browse by Publisher