Hacking Exposed Windows Microsoft Windows Security Secrets and Solutions Third Edition
The latest Windows security attack and defense strategies "Securing Windows begins with reading this book." --James Costello (CISSP) IT Security Specialist, Honeywell Meet the challenges of Windows security with the exclusive Hacking Exposed "attack-countermeasure" approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in Windows XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors' and contributors' many years as security professionals hired to break into the world's largest IT infrastructures. Dramatically improve the security of Microsoft technology deployments of all sizes when you learn to: Establish business relevance and context for security by highlighting real-world risks Take a tour of the Windows security architecture from the hacker's perspective, exposing old and new vulnerabilities that can easily be avoided Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries, and Google searches to locate vulnerable Windows systems Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing, rogue server/man-in-the-middle attacks, and cracking vulnerable services See up close how professional hackers reverse engineer and develop new Windows exploits Identify and eliminate rootkits, malware, and stealth software Fortify SQL Server against external and insider attacks Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control, the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization
Hacking Exposed Windows 2000
*In the tradition of the wildly successful Hacking Exposed - the 2nd edition of which sold over 75,000 units in just four months.*Unique approach to topic--no other book contains both hacking techniques as well as concrete solutions on how to plug the security holes in a Windows 2000 network.*Authors have winning track record--written by the best-selling authors of Hacking Exposed who are key Windows 2000 security consultants at Microsoft*Includes case studies based on the authors' real experiences and also features the trademark Hacking series elements such as attacks, countermeasures, and risk ratings.
Analyzes attacks on computer networks, discusses security, auditing, and intrusion detection procedures, and covers hacking on the Internet, attacks against Windows, e-commerce hacking methodologies, and new discovery tools.
Hacking Exposed 5th Edition
“The seminal book on white-hat hacking and countermeasures... Should be required reading for anyone with a server or a network to secure.” --Bill Machrone, PC Magazine "The definitive compendium of intruder practices and tools." --Steve Steinke, Network Magazine "For almost any computer book, you can find a clone. But not this one... A one-of-a-kind study of the art of breaking in." --UNIX Review Here is the latest edition of international best-seller, Hacking Exposed. Using real-world case studies, renowned security experts Stuart McClure, Joel Scambray, and George Kurtz show IT professionals how to protect computers and networks against the most recent security vulnerabilities. You'll find detailed examples of the latest devious break-ins and will learn how to think like a hacker in order to thwart attacks. Coverage includes: Code hacking methods and countermeasures New exploits for Windows 2003 Server, UNIX/Linux, Cisco, Apache, and Web and wireless applications Latest DDoS techniques--zombies, Blaster, MyDoom All new class of vulnerabilities--HTTP Response Splitting and much more
Defense and Detection Strategies Against Internet Worms
This is the first book focused exclusively on Internet worms, offering you solid worm detection and mitigation strategies for your work in the field. This ground-breaking volume enables you to put rising worm trends into perspective with practical information in detection and defense techniques utilizing data from live networks, real IP addresses, and commercial tools. The book helps you understand the classifications and groupings of worms, and offers a deeper understanding of how they threaten network and system security.
Provides coverage of the security features in Windows Server 2003. This book is useful for network professionals working with a Windows Server 2003 and/or Windows XP system.
The Cuckoo s Egg
The first true account of computer espionage tells of a year-long single-handed hunt for a computer thief who sold information from American computer files to Soviet intelligence agents
Every computer crime leaves tracks–you just have to know where to find them. This book shows you how to collect and analyze the digital evidence left behind in a digital crime scene. Computers have always been susceptible to unwanted intrusions, but as the sophistication of computer technology increases so does the need to anticipate, and safeguard against, a corresponding rise in computer-related criminal activity. Computer forensics, the newest branch of computer security, focuses on the aftermath of a computer security incident. The goal of computer forensics is to conduct a structured investigation to determine exactly what happened, who was responsible, and to perform the investigation in such a way that the results are useful in a criminal proceeding. Written by two experts in digital investigation, Computer Forensics provides extensive information on how to handle the computer as evidence. Kruse and Heiser walk the reader through the complete forensics process–from the initial collection of evidence through the final report. Topics include an overview of the forensic relevance of encryption, the examination of digital evidence for clues, and the most effective way to present your evidence and conclusions in court. Unique forensic issues associated with both the Unix and the Windows NT/2000 operating systems are thoroughly covered. This book provides a detailed methodology for collecting, preserving, and effectively using evidence by addressing the three A's of computer forensics: Acquire the evidence without altering or damaging the original data. Authenticate that your recorded evidence is the same as the original seized data. Analyze the data without modifying the recovered data. Computer Forensics is written for everyone who is responsible for investigating digital criminal incidents or who may be interested in the techniques that such investigators use. It is equally helpful to those investigating hacked web servers, and those who are investigating the source of illegal pornography.
How to Measure Anything in Cybersecurity Risk
A ground shaking exposé on the failure of popular cyber risk management methods How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current "risk management" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security. In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security. Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely. Discover the shortcomings of cybersecurity's "best practices" Learn which risk management approaches actually create risk Improve your current practices with practical alterations Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing—as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.
Cyberdeterrence and Cyberwar
Cyberspace, where information—and hence serious value—is stored and manipulated, is a tempting target. An attacker could be a person, group, or state and may disrupt or corrupt the systems from which cyberspace is built. When states are involved, it is tempting to compare fights to warfare, but there are important differences. The author addresses these differences and ways the United States protect itself in the face of attack.