Skip to main content
View Cart

Syngress

  • Automating Open Source Intelligence

    Algorithms for OSINT
    • 1st Edition
    • December 3, 2015
    • Robert Layton + 1 more
    • English
    Algorithms for Automating Open Source Intelligence (OSINT) presents information on the gathering of information and extraction of actionable intelligence from openly available sources, including news broadcasts, public repositories, and more recently, social media. As OSINT has applications in crime fighting, state-based intelligence, and social research, this book provides recent advances in text mining, web crawling, and other algorithms that have led to advances in methods that can largely automate this process. The book is beneficial to both practitioners and academic researchers, with discussions of the latest advances in applications, a coherent set of methods and processes for automating OSINT, and interdisciplinary perspectives on the key problems identified within each discipline. Drawing upon years of practical experience and using numerous examples, editors Robert Layton, Paul Watters, and a distinguished list of contributors discuss Evidence Accumulation Strategies for OSINT, Named Entity Resolution in Social Media, Analyzing Social Media Campaigns for Group Size Estimation, Surveys and qualitative techniques in OSINT, and Geospatial reasoning of open data.

  • Google Hacking for Penetration Testers

    • 3rd Edition
    • November 12, 2015
    • Bill Gardner + 2 more
    • English
    Google is the most popular search engine ever created, but Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web, including social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers, Third Edition, shows you how security professionals and system administratord manipulate Google to find this sensitive information and "self-police" their own organizations. You will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with Facebook, LinkedIn, and more for passive reconnaissance. This third edition includes completely updated content throughout and all new hacks such as Google scripting and using Google hacking with other search engines and APIs. Noted author Johnny Long, founder of Hackers for Charity, gives you all the tools you need to conduct the ultimate open source reconnaissance and penetration testing.

  • Practical Deployment of Cisco Identity Services Engine (ISE)

    Real-World Examples of AAA Deployments
    • 1st Edition
    • November 12, 2015
    • Andy Richter + 1 more
    • English
    With the proliferation of mobile devices and bring-your-own-devic... (BYOD) within enterprise networks, the boundaries of where the network begins and ends have been blurred. Cisco Identity Services Engine (ISE) is the leading security policy management platform that unifies and automates access control to proactively enforce role-based access to enterprise networks. In Practical Deployment of Cisco Identity Services Engine (ISE), Andy Richter and Jeremy Wood share their expertise from dozens of real-world implementations of ISE and the methods they have used for optimizing ISE in a wide range of environments. ISE can be difficult, requiring a team of security and network professionals, with the knowledge of many different specialties. Practical Deployment of Cisco Identity Services Engine (ISE) shows you how to deploy ISE with the necessary integration across multiple different technologies required to make ISE work like a system. Andy Richter and Jeremy Wood explain end-to-end how to make the system work in the real world, giving you the benefit of their ISE expertise, as well as all the required ancillary technologies and configurations to make ISE work.

  • Operating System Forensics

    • 1st Edition
    • November 12, 2015
    • Ric Messier
    • English
    Operating System Forensics is the first book to cover all three critical operating systems for digital forensic investigations in one comprehensive reference. Users will learn how to conduct successful digital forensic examinations in Windows, Linux, and Mac OS, the methodologies used, key technical concepts, and the tools needed to perform examinations. Mobile operating systems such as Android, iOS, Windows, and Blackberry are also covered, providing everything practitioners need to conduct a forensic investigation of the most commonly used operating systems, including technical details of how each operating system works and how to find artifacts. This book walks you through the critical components of investigation and operating system functionality, including file systems, data recovery, memory forensics, system configuration, Internet access, cloud computing, tracking artifacts, executable layouts, malware, and log files. You'll find coverage of key technical topics like Windows Registry, /etc directory, Web browers caches, Mbox, PST files, GPS data, ELF, and more. Hands-on exercises in each chapter drive home the concepts covered in the book. You'll get everything you need for a successful forensics examination, including incident response tactics and legal requirements. Operating System Forensics is the only place you'll find all this covered in one book.

  • Theoretical and Experimental Methods for Defending Against DDoS Attacks

    • 1st Edition
    • November 10, 2015
    • Iraj Sadegh Amiri + 1 more
    • English
    Denial of Service (DoS) attacks are a form of attack that seeks to make a network resource unavailable due to overloading the resource or machine with an overwhelming number of packets, thereby crashing or severely slowing the performance of the resource. Distributed Denial of Service (DDoS) is a large scale DoS attack which is distributed in the Internet. Every computer which has access to the Internet can behave as an attacker. Typically bandwidth depletion can be categorized as either a flood or an amplification attack. Flood attacks can be done by generating ICMP packets or UDP packets in which it can utilize stationary or random variable ports. Smurf and Fraggle attacks are used for amplification attacks. DDoS Smurf attacks are an example of an amplification attack where the attacker sends packets to a network amplifier with the return address spoofed to the victim’s IP address. This book presents new research and methodologies along with a proposed algorithm for prevention of DoS attacks that has been written based on cryptographic concepts such as birthday attacks to estimate the rate of attacks generated and passed along the routers. Consequently, attackers would be identified and prohibited from sending spam traffic to the server which can cause DDoS attacks. Due to the prevalence of DoS attacks, there has been a lot of research conducted on how to detect them and prevent them. The authors of this short format title provide their research results on providing an effective solution to DoS attacks, including introduction of the new algorithm that can be implemented in order to deny DoS attacks.

  • A Study of Black Hole Attack Solutions

    On AODV Routing Protocol in MANET
    • 1st Edition
    • November 3, 2015
    • Iraj Sadegh Amiri + 2 more
    • English
    Mobile Ad Hoc Networks (MANETs) are a popular form of network for data transfer due to the fact that they are dynamic, require no fixed infrastructure, and are scalable. However, MANETs are particularly susceptible to several different types of widely perpetrated cyberattack. One of the most common hacks aimed at MANETs is the Black Hole attack, in which a particular node within the network displays itself as having the shortest path for the node whose packets it wants to intercept. Once the packets are drawn to the Black Hole, they are then dropped instead of relayed, and the communication of the MANET is thereby disrupted, without knowledge of the other nodes in the network. Due to the sophistication of the Black Hole attack, there has been a lot of research conducted on how to detect it and prevent it. The authors of this short format title provide their research results on providing an effective solution to Black Hole attacks, including introduction of new MANET routing protocols that can be implemented in order to improve detection accuracy and network parameters such as total dropped packets, end-to-end delay, packet delivery ratio, and routing request overhead.

  • Thor's OS Xodus

    Why And How I Left Windows For OS X
    • 1st Edition
    • October 28, 2015
    • Timothy "Thor" Mullen
    • English
    Thor's OS Xodus: Securely Migrating from Microsoft Windows to Mac OS X provides readers with everything they need to securely and successfully migrate from Microsoft to Mac. It includes information that can be found nowhere else, enabling users to execute a MSFT to OS X migration seamlessly and with minimal downtime. The text is the most complete roadmap for entities that want to move away from Microsoft and decouple their dependency on Microsoft products. It is a perfect choice for enterprise computing, providing the ease and simplicity of a UI that can also be incredibly customized via configuration files because of its BSD core. The text, authored by Thor Mullen, the founder of the "Hammer of God" security co-op group and Principal Security Architect for a worldwide, multi-billion dollar commerce platform, provides the perfect combination of Windows and Unix.

  • PCI DSS 3.1

    The Standard That Killed SSL
    • 1st Edition
    • September 14, 2015
    • Branden R. Williams
    • English
    PCI DSS has recently updated its standard to 3.1. While the changes are fairly minor in nature, there are massive implications to companies relying on SSL as a scope reducing tool inside their enterprise. This update book goes through the specific changes to PCI DSS 3.1, and includes new case studies that discuss the specific implications for making the change to 3.1. This concise supplement also includes a detailed explanation of each changed requirement and how it will impact your environment. PCI Compliance, 3.1 Addendum serves as an update to Syngress’ comprehensive reference volume PCI Compliance, Fourth Edition.

  • You: For Sale

    Protecting Your Personal Data and Privacy Online
    • 1st Edition
    • August 20, 2015
    • Stuart Sumner
    • English
    Everything we do online, and increasingly in the real world, is tracked, logged, analyzed, and often packaged and sold on to the highest bidder. Every time you visit a website, use a credit card, drive on the freeway, or go past a CCTV camera, you are logged and tracked. Every day billions of people choose to share their details on social media, which are then sold to advertisers. The Edward Snowden revelations that governments - including those of the US and UK – have been snooping on their citizens, have rocked the world. But nobody seems to realize that this has already been happening for years, with firms such as Google capturing everything you type into a browser and selling it to the highest bidder. Apps take information about where you go, and your contact book details, harvest them and sell them on – and people just click the EULA without caring. No one is revealing the dirty secret that is the tech firms harvesting customers’ personal data and selling it for vast profits – and people are totally unaware of the dangers. You: For Sale is for anyone who is concerned about what corporate and government invasion of privacy means now and down the road. The book sets the scene by spelling out exactly what most users of the Internet and smart phones are exposing themselves to via commonly used sites and apps such as facebook and Google, and then tells you what you can do to protect yourself. The book also covers legal and government issues as well as future trends. With interviews of leading security experts, black market data traders, law enforcement and privacy groups, You: For Sale will help you view your personal data in a new light, and understand both its value, and its danger.

  • Securing Social Media in the Enterprise

    • 1st Edition
    • August 11, 2015
    • Henry Dalziel
    • English
    Securing Social Media in the Enterprise is a concise overview of the security threats posed by the use of social media sites and apps in enterprise network environments. Social media sites and apps are now a ubiquitous presence within enterprise systems and networks, and are vulnerable to a wide range of digital systems attacks. This brief volume provides security professionals and network systems administrators a much-needed dive into the most current threats, detection techniques, and defenses for these attacks, and provides a roadmap for best practices to secure and manage social media within the enterprise.

Browse by Publisher