Skip to main content

Syngress

Insider Threat: Protecting the Enterprise from Sabotage, Spying, and Theft
1st Edition
Eric Cole + 1 more
English
The Secret Service, FBI, NSA, CERT (Computer Emergency Response Team) and George Washington University have all identified “Insider Threats” as one of the most significant challenges facing IT, security, law enforcement, and intelligence professionals today. This book will teach IT professional and law enforcement officials about the dangers posed by insiders to their IT infrastructure and how to mitigate these risks by designing and implementing secure IT systems as well as security and human resource policies. The book will begin by identifying the types of insiders who are most likely to pose a threat. Next, the reader will learn about the variety of tools and attacks used by insiders to commit their crimes including: encryption, steganography, and social engineering. The book will then specifically address the dangers faced by corporations and government agencies. Finally, the reader will learn how to design effective security systems to prevent insider attacks and how to investigate insider security breeches that do occur. Throughout the book, the authors will use their backgrounds in the CIA to analyze several, high-profile cases involving insider threats.
How to Cheat at Managing Windows Server Update Services
1st Edition
Volume 1
B. Barber
English
Over 95% of computers around the world are running at least one Microsoft product. Microsoft Windows Software Update Service is designed to provide patches and updates to every one of these computers. The book will begin by describing the feature set of WSUS, and the benefits it provides to system administrators. Next, the reader will learn the steps that must be taken to configure their servers and workstations to make the compatible with WSUS. A special section then follows to help readers migrate from Microsoft’s earlier update service, Software Update Service (SUS) to WSUS. The next chapters will then address the particular needs and complexities of managing WSUS on an enterprise network. Although WSUS is designed to streamline the update process, this service can still be a challenge for administrators to use effectively. To address these issues, the next chapters deal specifically with common problems that occur and the reader is provides with invaluable troubleshooting information. One of the other primary objectives of WSUS is to improve the overall security of Windows networks by ensuring that all systems have the most recent security updates and patches. To help achieve this goal, the next sections cover securing WSUS itself, so that critical security patches are always applied and cannot be compromised by malicious hackers.
Perfect Passwords
Selection, Protection, Authentication
1st Edition
Mark Burnett
English
User passwords are the keys to the network kingdom, yet most users choose overly simplistic passwords (like password) that anyone could guess, while system administrators demand impossible to remember passwords littered with obscure characters and random numerals.Every computer user must face the problems of password security. According to a recent British study, passwords are usually obvious: around 50 percent of computer users select passwords based on names of a family member, spouse, partner, or a pet. Many users face the problem of selecting strong passwords that meet corporate security requirements. Too often, systems reject user-selected passwords because they are not long enough or otherwise do not meet complexity requirements. This book teaches users how to select passwords that always meet complexity requirements. A typical computer user must remember dozens of passwords and they are told to make them all unique and never write them down. For most users, the solution is easy passwords that follow simple patterns. This book teaches users how to select strong passwords they can easily remember.
Phishing Exposed
1st Edition
Dave Jevans + 1 more
English
Phishing Exposed unveils the techniques phishers employ that enable them to successfully commit fraudulent acts against the global financial industry. Also highlights the motivation, psychology and legal aspects encircling this deceptive art of exploitation. The External Threat Assessment Team will outline innovative forensic techniques employed in order to unveil the identities of these organized individuals, and does not hesitate to remain candid about the legal complications that make prevention and apprehension so difficult today. This title provides an in-depth, high-tech view from both sides of the playing field, and is a real eye-opener for the average internet user, the advanced security engineer, on up through the senior executive management of a financial institution. This is the book to provide the intelligence necessary to stay one step ahead of the enemy, and to successfully employ a pro-active and confident strategy against the evolving attacks against e-commerce and its customers.
OS X for Hackers at Heart
1st Edition
Chris Hurley + 4 more
English
The sexy, elegant design of the Apple PowerBook combined with the Unix-like OS X operating system based on FreeBSD, have once again made OS X the Apple of every hacker’s eye. In this unique and engaging book covering the brand new OS X 10.4 Tiger, the world’s foremost “true hackers” unleash the power of OS X for everything form cutting edge research and development to just plain old fun.OS X 10.4 Tiger is a major upgrade for Mac OS X for running Apple’s Macintosh computers and laptops. This book is not a reference to every feature and menu item for OS X. Rather, it teaches hackers of all types from software developers to security professionals to hobbyists, how to use the most powerful (and often obscure) features of OS X for wireless networking, WarDriving, software development, penetration testing, scripting administrative tasks, and much more.
How to Cheat at IT Project Management
1st Edition
Susan Snedaker
English
This book is written with the IT professional in mind. It provides a clear, concise system for managing IT projects, regardless of the size or complexity of the project. It avoids the jargon and complexity of traditional project management (PM) books. Instead, it provides a unique approach to IT project management, combining strategic business concepts (project ROI, strategic alignment, etc.) with the very practical, step-by-step instructions for developing and managing a successful IT project. It’s short enough to be easily read and used but long enough to be comprehensive in the right places.
Configuring Check Point NGX VPN-1/Firewall-1
1st Edition
Barry J Stiefel + 1 more
English
Check Point NGX VPN-1/Firewall-1 is the next major release of Check Point's flagship firewall software product, which has over 750,000 registered users. The most significant changes to this release are in the areas of Route Based VPN, Directional VPN, Link Selection & Tunnel Management, Multiple Entry Points, Route Injection Mechanism, Wire Mode, and SecurePlatform Pro. Many of the new features focus on how to configure and manage Dynamic Routing rules, which are essential to keeping an enterprise network both available *and* secure. Demand for this book will be strong because Check Point is requiring all of its 3rd party developers to certify their products for this release.
Sarbanes-Oxley Compliance Using COBIT and Open Source Tools
1st Edition
Christian B Lahti + 1 more
English
This book illustrates the many Open Source cost savings opportunities available to companies seeking Sarbanes-Oxley compliance. It also provides examples of the Open Source infrastructure components that can and should be made compliant. In addition, the book clearly documents which Open Source tools you should consider using in the journey towards compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion.Each chapter begins with an analysis of the business and technical ramifications of Sarbanes-Oxley as regards to topics covered before moving into the detailed instructions on the use of the various Open Source applications and tools relating to the compliance objectives.
Skype Me! From Single User to Small Enterprise and Beyond
1st Edition
Markus Daehne
English
This book is divided into four parts. Part I begins with several chapters on the basics of Skype. Here the reader learns how to install and configure Skype on several platforms including Windows, Max OSX, Linux, and PocketPC. The reader will also learn how to begin making voice over IP calls immediately. Part II deals with the more advanced features of Skype. Here the reader learns how to use Skype on new “Skype Ready” cell phones, use Skype for more advanced, business-oriented tasks such as scheduling and file transfers, as well as using SkypeOut. Part III discusses how to integrate Skype with third party networking, communication, and security devices such as routers, firewalls, and mail servers, as well as using the brand new Skype for Business. Part IV covers the Skype Application Programming Interface, Plug-ins, Add-ons, and third party tools. Here the reader learns to develop and customize their own applications using the new, powerful, Skype API.
Penetration Tester's Open Source Toolkit
1st Edition
Jeremy Faircloth + 5 more
English
Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This book provides both the art and the science. The authors of the book are expert penetration testers who have developed many of the leading pen testing tools; such as the Metasploit framework. The authors allow the reader “inside their heads” to unravel the mysteries of thins like identifying targets, enumerating hosts, application fingerprinting, cracking passwords, and attacking exposed vulnerabilities. Along the way, the authors provide an invaluable reference to the hundreds of tools included on the bootable-Linux CD for penetration testing.

Browse by Publisher