Skip to main content
View Cart

Syngress

  • How to Cheat at Securing Your Network

    • 1st Edition
    • October 2, 2007
    • Ido Dubrawsky
    • English
    Most Systems Administrators are not security specialists. Keeping the network secure is one of many responsibilities, and it is usually not a priority until disaster strikes. How to Cheat at Securing Your Network is the perfect book for this audience. The book takes the huge amount of information available on network security and distils it into concise recommendations and instructions, using real world, step-by-step instruction. The latest addition to the best selling "How to Cheat..." series of IT handbooks, this book clearly identifies the primary vulnerabilities of most computer networks, including user access, remote access, messaging, wireless hacking, media, email threats, storage devices, and web applications. Solutions are provided for each type of threat, with emphasis on intrusion detection, prevention, and disaster recovery.

  • Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research

    • 1st Edition
    • September 18, 2007
    • David Maynor
    • English
    Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research is the first book available for the Metasploit Framework (MSF), which is the attack platform of choice for one of the fastest growing careers in IT security: Penetration Testing. The book will provide professional penetration testers and security researchers with a fully integrated suite of tools for discovering, running, and testing exploit code.This book discusses how to use the Metasploit Framework (MSF) as an exploitation platform. The book begins with a detailed discussion of the three MSF interfaces: msfweb, msfconsole, and msfcli .This chapter demonstrates all of the features offered by the MSF as an exploitation platform. With a solid understanding of MSF’s capabilities, the book then details techniques for dramatically reducing the amount of time required for developing functional exploits.By working through a real-world vulnerabilities against popular closed source applications, the reader will learn how to use the tools and MSF to quickly build reliable attacks as standalone exploits. The section will also explain how to integrate an exploit directly into the Metasploit Framework by providing a line-by-line analysis of an integrated exploit module. Details as to how the Metasploit engine drives the behind-the-scenes exploitation process will be covered, and along the way the reader will come to understand the advantages of exploitation frameworks. The final section of the book examines the Meterpreter payload system and teaches readers to develop completely new extensions that will integrate fluidly with the Metasploit Framework.

  • Alternate Data Storage Forensics

    • 1st Edition
    • September 17, 2007
    • Amber Schroader + 1 more
    • English
    Learn to pull “digital fingerprints” from alternate data storage (ADS) devices including: iPod, Xbox, digital cameras and more from the cyber sleuths who train the Secret Service, FBI, and Department of Defense in bleeding edge digital forensics techniques. This book sets a new forensic methodology standard for investigators to use.This book begins by describing how alternate data storage devices are used to both move and hide data. From here a series of case studies using bleeding edge forensic analysis tools demonstrate to readers how to perform forensic investigations on a variety of ADS devices including: Apple iPods, Digital Video Recorders, Cameras, Gaming Consoles (Xbox, PS2, and PSP), Bluetooth devices, and more using state of the art tools. Finally, the book takes a look into the future at “not yet every day” devices which will soon be common repositories for hiding and moving data for both legitimate and illegitimate purposes.

  • How to Cheat at Securing SQL Server 2005

    • 1st Edition
    • September 5, 2007
    • Mark Horninger
    • English
    The perfect book for multi-tasked IT managers responsible for securing the latest version of SQL Server 2005. SQL Server is the perfect product for the How to Cheat series. It is an ambitious product that, for the average SysAdmin, will present a difficult migration path from earlier versions and a vexing number of new features. How to Cheat promises help in order to get SQL Server secured as quickly and safely as possible.

  • AVIEN Malware Defense Guide for the Enterprise

    • 1st Edition
    • August 3, 2007
    • David Harley + 1 more
    • English
    Members of AVIEN (the Anti-Virus Information Exchange Network) have been setting agendas in malware management for several years: they led the way on generic filtering at the gateway, and in the sharing of information about new threats at a speed that even anti-virus companies were hard-pressed to match. AVIEN members represent the best-protected large organizations in the world, and millions of users. When they talk, security vendors listen: so should you. AVIEN’s sister organization AVIEWS is an invaluable meeting ground between the security vendors and researchers who know most about malicious code and anti-malware technology, and the top security administrators of AVIEN who use those technologies in real life. This new book uniquely combines the knowledge of these two groups of experts. Anyone who is responsible for the security of business information systems should be aware of this major addition to security literature.* “Customer Power” takes up the theme of the sometimes stormy relationship between the antivirus industry and its customers, and tries to dispel some common myths. It then considers the roles of the independent researcher, the vendor-employed specialist, and the corporate security specialist.* “Stalkers on Your Desktop” considers the thorny issue of malware nomenclature and then takes a brief historical look at how we got here, before expanding on some of the malware-related problems we face today.* “A Tangled Web” discusses threats and countermeasures in the context of the World Wide Web. * “Big Bad Bots” tackles bots and botnets, arguably Public Cyber-Enemy Number One.* “Crème de la CyberCrime” takes readers into the underworld of old-school virus writing, criminal business models, and predicting future malware hotspots.* “Defense in Depth” takes a broad look at DiD in the enterprise, and looks at some specific tools and technologies.* “Perilous Outsorcery” offers sound advice on how to avoid the perils and pitfalls of outsourcing, incorporating a few horrible examples of how not to do it.* “Education in Education” offers some insights into user education from an educationalist’s perspective, and looks at various aspects of security in schools and other educational establishments.* “DIY Malware Analysis” is a hands-on, hands-dirty approach to security management, considering malware analysis and forensics techniques and tools.* “Antivirus Evaluation & Testing” continues the D-I-Y theme, discussing at length some of the thorny issues around the evaluation and testing of antimalware software.* “AVIEN & AVIEWS: the Future” looks at future developments in AVIEN and AVIEWS.

  • How to Cheat at Microsoft Vista Administration

    • 1st Edition
    • July 3, 2007
    • Jan Kanclirz
    • English
    The Perfect Reference for the Multitasked SysAdminThe Microsoft Windows Vista operating system offers several changes and improvements over its predecessors. It not only brings a new and redesigned interface, but also improves on many administrative utilities and management consoles. It also enhances the system’s reliability, performance, and problem-solving tools. As administrators, Vista will sometimes look like its predecessor, Windows XP, and at other times, look like an all-new operating system. How to Cheat will help you get Vista up and running as quickly and safely as possible and provide you with a solid idea of all the important changes and improvements the new Microsoft Vista OS has to offer.In the book you will:* Automate Windows Vista InstallationSee how Windows installations can be automated for large-scale deployments using the Windows Automated Installation Kit (WAIK).* Install and Maintain DevicesWindows Vista contains device drivers for hundreds of PnP devices, and the Device Manager snap-in is the main utility on a local computer for managing them.* Customize Appearances, Taskbars, and ToolbarsSee how to use a personalization page, use the taskbar, and customize desktop themes.* Manage File System Formats, Partitions, and VolumesLearn how Windows Vista supports basic and dynamic volumes and two partition styles: MBR and GPT.* Increase File System PerformanceLearn how using tools such as disk defragging, cluster size adjustment, removing short filename support, and compression can help with performance.* Administer via RemoteRemote Desktop and Windows Firewall can help administrators perform administrative tasks on remote computers.* Managing ServicesThe Services utility allows you to view the status of services, as well as to disable nonessential services.* Configure TCP/IP in VistaSee how to configure TCP/IP (both IPv4 and IPv6) via the user interface or via the netsh command.* See What’s New with Wireless in VistaUnderstand wireless security and learn how to install a wireless network.* Optimize Windows Startup, the Hard Disk, and MoreOptimize memory, applications, and the network connection, and see how to monitor performance.Contents IncludeIntroducing and Installing Microsoft VistaInstalling and Maintaining Hardware Devices and DriversCustomizing Desktop PropertiesManaging File Systems and DisksGeneral Administration TasksManaging Local Networking EssentialsManaging the Wireless World and Its SecurityManaging Security EssentialsSecuring User AccessTuning for Better Performance Troubleshooting

  • Asterisk Hacking

    • 1st Edition
    • June 29, 2007
    • Joshua Brashars
    • English
    Asterisk Hacking provides detials of techniques people may not be aware of. It teaches the secrets the bad guys already know about stealing personal information through the most common, seemingly innocuous, highway into computer networks: the phone system. This book provides detials to readers what they can do to protect themselves, their families, their clients, and their network from this invisible threat. Power tips show how to make the most out of the phone system for defense or attack.

  • How to Cheat at IIS 7 Server Administration

    • 1st Edition
    • June 22, 2007
    • Chris Adams
    • English
    According to Microsoft, Internet Information Services (IIS) 7.0 is a web server that provides a secure, easy to manage platform for developing and reliably hosting Web applications and services. With the new version of IIS, there are more security options, 40 new feature models that allow administrators to customize their settings, and a new set of administration tools. Administrators migrating from version 6 will find this How to Cheat book the perfect vehicle for getting up to speed fast on the new version.IIS version 7 is the perfect product for the How to Cheat series. This new version from Microsoft is an ambitious overhaul that tries to balance the growing needs for performance, cost effectiveness, and security. For the average SysAdmin, it will present a difficult migration path from earlier versions and a vexing number of new features. How to Cheat promises help get IIS 7 up and running as quickly and safely as possible.

  • Business Continuity and Disaster Recovery Planning for IT Professionals

    • 1st Edition
    • June 21, 2007
    • Susan Snedaker
    • English
    Powerful Earthquake Triggers Tsunami in Pacific. Hurricane Katrina Makes Landfall in the Gulf Coast. Avalanche Buries Highway in Denver. Tornado Touches Down in Georgia. These headlines not only have caught the attention of people around the world, they have had a significant effect on IT professionals as well. As technology continues to become more integral to corporate operations at every level of the organization, the job of IT has expanded to become almost all-encompassing. These days, it’s difficult to find corners of a company that technology does not touch. As a result, the need to plan for potential disruptions to technology services has increased exponentially. That is what Business Continuity Planning (BCP) is: a methodology used to create a plan for how an organization will recover after a disaster of various types. It takes into account both security and corporate risk management tatics.There is a lot of movement around this initiative in the industry: the British Standards Institute is releasing a new standard for BCP this year. Trade shows are popping up covering the topic.

  • Linksys WRT54G Ultimate Hacking

    • 1st Edition
    • June 19, 2007
    • Paul Asadoorian + 1 more
    • English
    This book will teach the reader how to make the most of their WRT54G series hardware. These handy little inexpensive devices can be configured for a near endless amount of networking tasks. The reader will learn about the WRT54G’s hardware components, the different third-party firmware available and the differences between them, choosing the firmware that is right for you, and how to install different third-party firmware distributions. Never before has this hardware been documented in this amount of detail, which includes a wide-array of photographs and complete listing of all WRT54G models currently available, including the WRTSL54GS.Once this foundation is laid, the reader will learn how to implement functionality on the WRT54G for fun projects, penetration testing, various network tasks, wireless spectrum analysis, and more! This title features never before seen hacks using the WRT54G. For those who want to make the most out of their WRT54G you can learn how to port code and develop your own software for the OpenWRT operating system.

Browse by Publisher