Skip to main content
View Cart

Books in Security

  • Web Application Vulnerabilities

    Detect, Exploit, Prevent
    • 1st Edition
    • December 14, 2007
    • Steven Palmer
    • English
    In this book, we aim to describe how to make a computer bend to your will by finding and exploiting vulnerabilities specifically in Web applications. We will describe common security issues in Web applications, tell you how to find them, describe how to exploit them, and then tell you how to fix them. We will also cover how and why some hackers (the bad guys) will try to exploit these vulnerabilities to achieve their own end. We will also try to explain how to detect if hackers are actively trying to exploit vulnerabilities in your own Web applications.

  • Perl Scripting for Windows Security

    Live Response, Forensic Analysis, and Monitoring
    • 1st Edition
    • December 12, 2007
    • Harlan Carvey
    • English
    I decided to write this book for a couple of reasons. One was that I’ve now written a couple of books that have to do with incident response and forensic analysis on Windows systems, and I used a lot of Perl in both books. Okay…I’ll come clean…I used nothing but Perl in both books! What I’ve seen as a result of this is that many readers want to use the tools, but don’t know how…they simply aren’t familiar with Perl, with interpreted (or scripting) languages in general, and may not be entirely comfortable with running tools at the command line. This book is intended for anyone who has an interest in useful Perl scripting, in particular on the Windows platform, for the purpose of incident response, and forensic analysis, and application monitoring. While a thorough grounding in scripting languages (or in Perl specifically) is not required, it helpful in fully and more completely understanding the material and code presented in this book. This book contains information that is useful to consultants who perform incident response and computer forensics, specifically as those activities pertain to MS Windows systems (Windows 2000, XP, 2003, and some Vista). My hope is that not only will consultants (such as myself) find this material valuable, but so will system administrators, law enforcement officers, and students in undergraduate and graduate programs focusing on computer forensics.

  • Juniper(r) Networks Secure Access SSL VPN Configuration Guide

    • 1st Edition
    • December 4, 2007
    • Rob Cameron + 1 more
    • English
    Juniper Networks Secure Access SSL VPN appliances provide a complete range of remote access appliances for the smallest companies up to the largest service providers. As a system administrator or security professional, this comprehensive configuration guide will allow you to configure these appliances to allow remote and mobile access for employees. If you manage and secure a larger enterprise, this book will help you to provide remote and/or extranet access, for employees, partners, and customers from a single platform.

  • Dr. Tom Shinder's ISA Server 2006 Migration Guide

    • 1st Edition
    • December 3, 2007
    • Thomas W Shinder
    • English
    Dr. Tom Shinder’s ISA Server 2006 Migration Guide provides a clear, concise, and thorough path to migrate from previous versions of ISA Server to ISA Server 2006. ISA Server 2006 is an incremental upgrade from ISA Server 2004, this book provides all of the tips and tricks to perform a successful migration, rather than rehash all of the features which were rolled out in ISA Server 2004. Also, learn to publish Exchange Server 2007 with ISA 2006 and to build a DMZ.* Highlights key issues for migrating from previous versions of ISA Server to ISA Server 2006.* Learn to Publish Exchange Server 2007 Using ISA Server 2006.* Create a DMZ using ISA Server 2006.

  • The Best Damn Cybercrime and Digital Forensics Book Period

    • 1st Edition
    • November 26, 2007
    • Anthony Reyes + 1 more
    • English
    Electronic discovery refers to a process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a legal case. Computer forensics is the application of computer investigation and analysis techniques to perform an investigation to find out exactly what happened on a computer and who was responsible. IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference has increased in size by almost 50% in its second year; another example of the rapid growth in the market. This book is the first to combine cybercrime and digital forensic topics to provides law enforcement and IT security professionals with the information needed to manage a digital investigation. Everything needed for analyzing forensic data and recovering digital evidence can be found in one place, including instructions for building a digital forensics lab.

  • The Best Damn Server Virtualization Book Period

    Including Vmware, Xen, and Microsoft Virtual Server
    • 1st Edition
    • November 20, 2007
    • Rogier Dittner + 1 more
    • English
    Server Sprawl and escalating IT costs have managers and system administrators scrambling to find ways to cut costs and reduce Total Cost of Ownership of their physical infrastructure. Combining software applications onto a single server, even if those applications are from the same software vendor, can be dangerous and problems hard to troubleshoot. Virtualization allows you to consolidate many servers onto a single physical server reducing hardware, electrical, cooling, and administrative costs. These virtual servers run completely independent of each other so if one crashes the other are not affected. Planning and implementing a server consolidation is a complex process. This book details the requirements for such a project, includes sample forms and templates, and delivers several physical to virtual migration strategies which will save both time and costs. Readers of this book will easily be able to plan and deploy VMware, Microsoft Virtual Server, and Xen.

  • Penetration Tester's Open Source Toolkit

    • 2nd Edition
    • November 16, 2007
    • Chris Hurley + 1 more
    • English
    Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester's toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.

  • Practical Oracle Security

    Your Unauthorized Guide to Relational Database Security
    • 1st Edition
    • November 12, 2007
    • Josh Shaul + 1 more
    • English
    This is the only practical, hands-on guide available to database administrators to secure their Oracle databases. This book will help the DBA to assess their current level of risk as well as their existing security posture. It will then provide practical, applicable knowledge to appropriately secure the Oracle database.

  • Google Hacking for Penetration Testers

    • 1st Edition
    • November 7, 2007
    • Bill Gardner + 2 more
    • English
    This book helps people find sensitive information on the Web.Google is one of the 5 most popular sites on the internet with more than 380 million unique users per month (Nielsen/NetRatings 8/05). But, Google’s search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web including: social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers Volume 2 shows the art of manipulating Google used by security professionals and system administrators to find this sensitive information and “self-police” their own organizations.Reader... will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with MySpace, LinkedIn, and more for passive reconaissance.

  • Security Supervision and Management

    The Theory and Practice of Asset Protection
    • 3rd Edition
    • November 6, 2007
    • IFPO
    • Sandi J. Davies
    • English
    The International Foundation for Protection Officers (IFPO) has for many years provided materials to support its certification programs. The current edition of this book is being used as the core text for the Security Supervision and Management Training/Certified in Security Supervision and Management (CSSM) Program at IFPO. The CSSM was designed in 1988 to meet the needs of the security supervisor or senior protection officer. The book has enjoyed tremendous acceptance and success in the past, and the changes in this third edition, vetted by IFPO, make it still more current and relevant. Updates include 14 new chapters, 3 completely revised chapters, "Student Performance Objectives" in each chapter, and added information on related resources (both print and online).

Related subjects