Skip to main content

Syngress

Buffer Overflow Attacks
Detect, Exploit, Prevent
1st Edition
Jason Deckard
English
The SANS Institute maintains a list of the "Top 10 Software Vulnerabilities." At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim’s machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.
Hacking a Terror Network: The Silent Threat of Covert Channels
1st Edition
Russ Rogers + 1 more
English
Written by a certified Arabic linguist from the Defense Language Institute with extensive background in decoding encrypted communications, this cyber-thriller uses a fictional narrative to provide a fascinating and realistic "insider's look" into technically sophisticated covert terrorist communications over the Internet. The accompanying CD-ROM allows readers to "hack along" with the story line, by viewing the same Web sites described in the book containing encrypted, covert communications.Hacki... a Terror NETWORK addresses the technical possibilities of Covert Channels in combination with a very real concern: Terrorism. The fictional story follows the planning of a terrorist plot against the United States where the terrorists use various means of Covert Channels to communicate and hide their trail. Loyal US agents must locate and decode these terrorist plots before innocent American citizens are harmed. The technology covered in the book is both real and thought provoking. Readers can realize the threat posed by these technologies by using the information included in the CD-ROM. The fictional websites, transfer logs, and other technical information are given exactly as they would be found in the real world, leaving the reader to test their own ability to decode the terrorist plot.
Configuring NetScreen Firewalls
1st Edition
Rob Cameron
English
The first book on the market covering the #2 best-selling firewall appliances in the world from NetScreen. This book continues Syngress' history from ISA Server to Check Point to Cisco Pix of being first to market with best-selling firewall books for security professionals.Config... NetScreen Firewalls is the first book to deliver an in-depth look at the NetScreen firewall product line. It covers all of the aspects of the NetScreen product line from the SOHO devices to the Enterprise NetScreen firewalls. Also covered are advanced troubleshooting techniques and the NetScreen Security Manager. This book offers novice users a complete opportunity to learn the NetScreen firewall appliance. Advanced users will find it a rich technical resource.
Google Hacking for Penetration Testers
1st Edition
Johnny Long
English
Google, the most popular search engine worldwide, provides web surfers with an easy-to-use guide to the Internet, with web and image searches, language translation, and a range of features that make web navigation simple enough for even the novice user. What many users don’t realize is that the deceptively simple components that make Google so easy to use are the same features that generously unlock security flaws for the malicious hacker. Vulnerabilities in website security can be discovered through Google hacking, techniques applied to the search engine by computer criminals, identity thieves, and even terrorists to uncover secure information. This book beats Google hackers to the punch, equipping web administrators with penetration testing applications to ensure their site is invulnerable to a hacker’s search. Penetration Testing with Google Hacks explores the explosive growth of a technique known as "Google Hacking." When the modern security landscape includes such heady topics as "blind SQL injection" and "integer overflows," it's refreshing to see such a deceptively simple tool bent to achieve such amazing results; this is hacking in the purest sense of the word. Readers will learn how to torque Google to detect SQL injection points and login portals, execute port scans and CGI scans, fingerprint web servers, locate incredible information caches such as firewall and IDS logs, password databases, SQL dumps and much more - all without sending a single packet to the target! Borrowing the techniques pioneered by malicious "Google hackers," this talk aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of information leakage.
Programmer's Ultimate Security DeskRef
Your Programming Security Encyclopedia
1st Edition
James C Foster
English
The Programmer's Ultimate Security DeskRef is the only complete desk reference covering multiple languages and their inherent security issues. It will serve as the programming encyclopedia for almost every major language in use.While there are many books starting to address the broad subject of security best practices within the software development lifecycle, none has yet to address the overarching technical problems of incorrect function usage. Most books fail to draw the line from covering best practices security principles to actual code implementation. This book bridges that gap and covers the most popular programming languages such as Java, Perl, C++, C#, and Visual Basic.
Inside the SPAM Cartel
By Spammer-X
1st Edition
Spammer-X Spammer-X
English
Authored by a former spammer, Inside the SPAM Cartel is a methodical, technically explicit expose of the inner workings of the SPAM economy. Readers will be shocked by the sophistication and sheer size of this underworld. From the author: "You may hate spam and think all spammers are evil, but listen to my story and see why I do this and more importantly, HOW." For most people, the term "SPAM" conjures up the image of hundreds of annoying, and at times offensive, e-mails flooding their inbox every week. But for a few, SPAM is a way of life that delivers an adrenaline rush fueled by cash, danger, retribution, porn and the avoidance of local, federal, and international law enforcement agencies. Inside the SPAM Cartel offer readers a never-before seen view inside this dark sub-economy. You'll meet the characters that control the flow of money as well as the hackers and programmers committed to keeping the enterprise up and running. You may disagree with their objectives, but you can't help but to marvel at their ingenuity and resourcefulness in defeating spam filters, avoiding being identified, and staying one step ahead of the law.
Game Console Hacking
Xbox, PlayStation, Nintendo, Game Boy, Atari and Sega
1st Edition
Joe Grand + 1 more
English
The worldwide video game console market surpassed $10 billion in 2003. Current sales of new consoles is consolidated around 3 major companies and their proprietary platforms: Nintendo, Sony and Microsoft. In addition, there is an enormous installed "retro gaming" base of Ataria and Sega console enthusiasts. This book, written by a team led by Joe Grand, author of "Hardware Hacking: Have Fun While Voiding Your Warranty", provides hard-core gamers with they keys to the kingdom: specific instructions on how to crack into their console and make it do things it was never designed to do. By definition, video console game players like to have fun. Most of them are addicted to the adrenaline rush associated with "winning", and even more so when the "winning" involves beating the system by discovering the multitude of "cheats" built into most video games. Now, they can have the ultimate adrenaline rush---actually messing around with the soul of the machine and configuring it to behave exactly as the command. This book builds on the motto of "Have Fun While Voiding Your Warranty" and will appeal to the community of hardware geeks who associate unscrewing the back of their video console with para-jumping into the perfect storm.
Windows to Linux Migration Toolkit
Your Windows to Linux Extreme Makeover
1st Edition
David Allen
English
This book will teach people how to migrate systems from Windows to Linux. It provides migration process planning, automated migration scripts, anti-virus / anti-spam solutions, and specific migration and deployment details for all relevant technologies. IT professionals who wish to maximize the value of their Windows to Linux migration services will find this book valuable. The book will help them fine-tune their migration services to make them more efficient, thorough, feature-enhanced, and cost-effective by utilizing migration scripts and best practices gleaned from the author's many years of real-world migrations in large and small companies.
Wireless Hacking: Projects for Wi-Fi Enthusiasts
Cut the cord and discover the world of wireless hacks!
1st Edition
Lee Barken
English
Sales of wireless LANs to home users and small businesses will soar this year, with products using IEEE 802.11 (Wi-Fi) technology leading the way, according to a report by Cahners research. Worldwide, consumers will buy 7.3 million wireless LAN nodes--which include client and network hub devices--up from about 4 million last year. This third book in the "HACKING" series from Syngress is written by the SoCalFreeNet Wireless Users Group and will cover 802.11a/b/g (“Wi-Fi”) projects teaching these millions of Wi-Fi users how to "mod" and "hack" Wi-Fi access points, network cards, and antennas to run various Linux distributions and create robust Wi-Fi networks.Cahners predicts that wireless LANs next year will gain on Ethernet as the most popular home network technology. Consumers will hook up 10.9 million Ethernet nodes and 7.3 million wireless out of a total of 14.4 million home LAN nodes shipped. This book will show Wi-Fi enthusiasts and consumers of Wi-Fi LANs who want to modify their Wi-Fi hardware how to build and deploy “homebrew” Wi-Fi networks, both large and small.
Black Hat Physical Device Security: Exploiting Hardware and Software
1st Edition
Drew Miller
English
Black Hat, Inc. is the premier, worldwide provider of security training, consulting, and conferences. In Black Hat Physical Device Security: Exploiting Hardware and Software, the Black Hat experts show readers the types of attacks that can be done to physical devices such as motion detectors, video monitoring and closed circuit systems, authentication systems, thumbprint and voice print devices, retina scans, and more. The Black Hat Briefings held every year in Las Vegas, Washington DC, Amsterdam, and Singapore continually expose the greatest threats to cyber security and provide IT mind leaders with ground breaking defensive techniques. There are no books that show security and networking professionals how to protect physical security devices. This unique book provides step-by-step instructions for assessing the vulnerability of a security device such as a retina scanner, seeing how it might be compromised, and taking protective measures. The book covers the actual device as well as the software that runs it. By way of example, a thumbprint scanner that allows the thumbprint to remain on the glass from the last person could be bypassed by pressing a "gummy bear" piece of candy against the glass so that the scan works against the last thumbprint that was used on the device. This is a simple example of an attack against a physical authentication system.

Browse by Publisher