Skip to main content
View Cart

Syngress

  • Cyber Crime Investigations

    Bridging the Gaps Between Security Professionals, Law Enforcement, and Prosecutors
    • 1st Edition
    • March 21, 2007
    • James Steele + 3 more
    • English
    Written by a former NYPD cyber cop, this is the only book available that discusses the hard questions cyber crime investigators are asking.The book begins with the chapter “What is Cyber Crime?” This introductory chapter describes the most common challenges faced by cyber investigators today. The following chapters discuss the methodologies behind cyber investigations; and frequently encountered pitfalls. Issues relating to cyber crime definitions, the electronic crime scene, computer forensics, and preparing and presenting a cyber crime investigation in court will be examined. Not only will these topics be generally be discussed and explained for the novice, but the hard questions —the questions that have the power to divide this community— will also be examined in a comprehensive and thoughtful manner. This book will serve as a foundational text for the cyber crime community to begin to move past current difficulties into its next evolution.

  • Techno Security's Guide to Managing Risks for IT Managers, Auditors, and Investigators

    • 1st Edition
    • March 12, 2007
    • Johnny Long + 7 more
    • English
    “This book contains some of the most up-to-date information available anywhere on a wide variety of topics related to Techno Security. As you read the book, you will notice that the authors took the approach of identifying some of the risks, threats, and vulnerabilities and then discussing the countermeasures to address them. Some of the topics and thoughts discussed here are as new as tomorrow’s headlines, whereas others have been around for decades without being properly addressed. I hope you enjoy this book as much as we have enjoyed working with the various authors and friends during its development.” —Donald Withers, CEO and Cofounder of TheTrainingCo.• Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30-plus years of experience in the worlds of both physical and technical security.• Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise. • Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving.• Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency.• Kevin O’Shea on Seizure of Digital Information discusses collecting hardware and information from the scene.• Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics.• Dennis O’Brien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations.• Ro... Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards. • Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologist’s responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works.• Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, what it can and can’t do, and arms you with the information you need to set your career path.• Eric Cole on Insider Threat discusses why the insider threat is worse than the external threat and the effects of insider threats on a company.

  • Microsoft Vista for IT Security Professionals

    • 1st Edition
    • March 1, 2007
    • Anthony Piltzecker
    • English
    Microsoft Vista for IT Security Professionals is designed for the professional system administrators who need to securely deploy Microsoft Vista in their networks. Readers will not only learn about the new security features of Vista, but they will learn how to safely integrate Vista with their existing wired and wireless network infrastructure and safely deploy with their existing applications and databases. The book begins with a discussion of Microsoft's Trustworthy Computing Initiative and Vista's development cycle, which was like none other in Microsoft's history. Expert authors will separate the hype from the reality of Vista’s preparedness to withstand the 24 x 7 attacks it will face from malicious attackers as the world’s #1 desktop operating system.

  • How to Cheat at Configuring Exchange Server 2007

    Including Outlook Web, Mobile, and Voice Access
    • 1st Edition
    • March 1, 2007
    • Henrik Walther
    • English
    The Perfect Reference for the Multitasked System AdministratorsThe new version of Exchange is an ambitious overhaul that tries to balance the growing needs for performance, cost effectiveness, and security. For the average system administrator, it will present a difficult migration path from earlier versions and a vexing number of new features. How to Cheat will help you get Exchange Server 2007 up and running as quickly and safely as possible.• Understand Exchange 2007 PrerequisitesReview hardware and software requirements, Active Directory requirements, and more.• Manage Recipient FilteringCreate a custom MMC that contains the Exchange 2007 Recipients work center, which can be used, for example, by the helpdesk staff in your organization.• Manage Outlook AnywhereOutlook Anywhere makes it possible for your end users to remotely access their mailboxes from the Internet using their full Outlook clients.• Manage Outlook Web Access 2007See how Outlook Web Access 2007 was completely rewritten in managed code to make it scale even better.• Use the Exchange 2007 Queue ViewerYou can now view information about queues and examine the messages held within them.• Master Powerful Out-of-the-Box Spam ProtectionThe Edge Transport server supports SMTP, provides several antispam filtering agents, and supports antivirus extensibility.• Manage a Single-Copy Cluster-Based SetupSCC-based cluster provides service failover and still has a single point of failure when it comes to the databases.• Recover Mailbox DatabasesUse the improved database portability feature to port and recover a Mailbox database to any server in the Exchange 2007 organization.

  • RFID+ Study Guide and Practice Exams

    Study Guide and Practice Exams
    • 1st Edition
    • February 1, 2007
    • Paul Sanghera
    • English
    Radio Frequency Identification (RFID) is an automatic identification method, relying on storing and remotely retrieving data using devices called RFID tags (also called transponders). This book is a guide to CompTIA's new RFID+ Security exam and includes the following study elements: Exam objectives covered in a chapter are clearly explained in the beginning of the chapter, Notes and Alerts highlight the crucial points, Exam’s Eye View emphasizes the important points from the exam’s perspective, Key Terms present definitions, Review Questions contain questions modeled after the real exam questions. Answers to these questions are presented with complete explanations in an appendix. Also included is a full practice exam modeled after the real exam. The answers to the exam questions are presented with full explanations.

  • Secure Your Network for Free

    • 1st Edition
    • February 1, 2007
    • Eric Seagren
    • English
    This is the only book to clearly demonstrate how to get big dollar security for your network using freely available tools. This is a must have book for any company or person with a limited budget.Network security is in a constant struggle for budget to get things done. Upper management wants thing to be secure but doesn’t want to pay for it. With this book as a guide, everyone can get what they want. The examples and information will be of immense value to every small business. It will explain security principles and then demonstrate how to achieve them using only freely available software.

  • Botnets

    The Killer Web Applications
    • 1st Edition
    • February 1, 2007
    • Craig Schiller + 1 more
    • English
    The book begins with real world cases of botnet attacks to underscore the need for action. Next the book will explain botnet fundamentals using real world examples. These chapters will cover what they are, how they operate, and the environment and technology that makes them possible. The following chapters will analyze botnets for opportunities to detect, track, and remove them. Then the book will describe intelligence gathering efforts and results obtained to date. Public domain tools like OurMon, developed by Jim Binkley of Portland State University, will be described in detail along with discussions of other tools and resources that are useful in the fight against Botnets.

  • Developer's Guide to Web Application Security

    • 1st Edition
    • February 1, 2007
    • Michael Cross
    • English
    Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications.This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application. Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential.

  • Stealing the Network

    How to Own a Shadow
    • 1st Edition
    • February 1, 2007
    • Johnny Long + 2 more
    • English
    The best-selling Stealing the Network series reaches its climactic conclusion as law enforcement and organized crime form a high-tech web in an attempt to bring down the shadowy hacker-villain known as Knuth in the most technically sophisticated Stealing book yet.Stealing the Network: How to Own a Shadow is the final book in Syngress’ ground breaking, best-selling, Stealing the Network series. As with previous title, How to Own a Shadow is a fictional story that demonstrates accurate, highly detailed scenarios of computer intrusions and counter-strikes. In How to Own a Thief, Knuth, the master-mind, shadowy figure from previous books, is tracked across the world and the Web by cyber adversaries with skill to match his own. Readers will be amazed at how Knuth, Law Enforcement, and Organized crime twist and torque everything from game stations, printers and fax machines to service provider class switches and routers steal, deceive, and obfuscate. From physical security to open source information gathering, Stealing the Network: How to Own a Shadow will entertain and educate the reader on every page.

  • Wireshark & Ethereal Network Protocol Analyzer Toolkit

    • 1st Edition
    • December 18, 2006
    • Jay Beale + 2 more
    • English
    Ethereal is the #2 most popular open source security tool used by system administrators and security professionals. This all new book builds on the success of Syngress’ best-selling book Ethereal Packet Sniffing.Wireshark & Ethereal Network Protocol Analyzer Toolkit provides complete information and step-by-step Instructions for analyzing protocols and network traffic on Windows, Unix or Mac OS X networks. First, readers will learn about the types of sniffers available today and see the benefits of using Ethereal. Readers will then learn to install Ethereal in multiple environments including Windows, Unix and Mac OS X as well as building Ethereal from source and will also be guided through Ethereal’s graphical user interface. The following sections will teach readers to use command-line options of Ethereal as well as using Tethereal to capture live packets from the wire or to read saved capture files. This section also details how to import and export files between Ethereal and WinDump, Snort, Snoop, Microsoft Network Monitor, and EtherPeek. The book then teaches the reader to master advanced tasks such as creating sub-trees, displaying bitfields in a graphical view, tracking requests and reply packet pairs as well as exclusive coverage of MATE, Ethereal’s brand new configurable upper level analysis engine. The final section to the book teaches readers to enable Ethereal to read new Data sources, program their own protocol dissectors, and to create and customize Ethereal reports.

Browse by Publisher