| Featured List | Simple List |
|
|
|
Go to bottom to see all images
Click image to enlarge
|
Network Intrusion Detection (3rd Edition) by Stephen Northcutt, Judy Novak Average Customer Review:  Paperback (27 August, 2002) list price: $45.00 -- our price: $31.50 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Editorial Review Network Intrusion Detection: An Analyst's Handbook explains some of what you need to know to prevent unauthorized accesses of your networked computers and minimize the damage intruders can do. It emphasizes, though, proven techniques for recognizing attacks while they're underway. Without placing too much emphasis (or blame, for that matter) on any operating system or other software product, author Stephen Northcutt explains ways to spot suspicious behavior and deal with it, both automatically and manually. The case studies, large and small, are the best part of this book. Northcutt opens with a technical brief on the methods used by Kevin Mitnick in his attack upon Tsutomu Shimomura's server. In documenting that famous attack, Northcutt explains SYN flooding and TCP hijacking with clarity and detail: readers get a precise picture of what Mitnick did and how Shimomura's machine reacted. A former security expert for the U.S. Department of Defense, Northcutt explains how a system administrator would detect and defeat an attack like Mitnick's. Another case study appears later in the book, this one in the form of a line-by-line analysis of a .history file that shows how a bad guy with root privileges attacked a Domain Name System (DNS) server. Reading Northcutt's analysis is like reading a play-by-play account of a football match. Network Intrusion Detection is one of the most readable technical books around. --David Wall Topics covered: Catching intruders in the act by recognizing the characteristics of various kinds of attacks in real time, both manually and with the use of filters and other automated systems; techniques for identifying security weaknesses and minimizing false security alarms. ... Read more Reviews (40)
Isbn: 0735712654 |
$31.50 |
|
Anti-Hacker Tool Kit by KeithJones, MikeShema, BradleyJohnson Average Customer Review:  Paperback (25 June, 2002) list price: $59.99 US | Canada | United Kingdom | Germany | France Reviews (11)
The major additions to AHT:2E include a new chapter on firewalls, which doesn't really add anything new to the common body of security knowledge.A new chapter on host hardening covers Titan and MSec.Tools like THC-Amap, THC-Hydra, HFNetChk, Ettercap, Wellenreiter, and Kismet make appearances as well.Whereas Trinux was only mentioned in the first edition, it gets welcome coverage in the chapter on building live response bootable CDs.Updated material on Nmap, NetScan Tools, SuperScan, Scanline, and commercial forensic suites is included. The remainder of the book is largely the same.Particularly, chapters on Netcat, X, VMWare, Cygwin, backdoors, source code auditing, port redirection, war dialers, and open source forensics appear very similar to AHT:1E.Deleted from AHT:2E are Whisker, Twwwscan/Arirang, SMBGrind, and Nbaudit.Comparisons with the first edition are somewhat complicated by the rearrangement of tools and chapters in AHT:2E, but I thought the new organization made sense. Aside from the information on using Trinux, AHT:2E seemed to lack new contributions from an author with real forensic experience.Keith Jones' original material is still present, but advancements in the forensic arena are not covered.For example, AHT:2E should have addressed Keith's tools in the Odessa project, such as Galleta (cookie parsing), Pasco (IE history recovery), and Rifiuti (Recycle Bin examination). Overall, AHT:2E is an excellent book, but I don't believe a second edition was needed 18 months after the first was published.The AHT look and feel has spawned the "Anti-Spam Tool Kit," which I plan to read and review shortly.Perhaps future AHT books will split out various sections (assessment, forensics, etc.) into separate volumes, making it easier to manage the series. ... Read more Isbn: 0072222824 |
|
|
Inside Network Perimeter Security: The Definitive Guide to Firewalls, Virtual Private Networks (VPNs), Routers, and Intrusion Detection Systems by Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Fredrick, Ronald W. Ritchey Average Customer Review:  Paperback (28 June, 2002) list price: $49.99 -- our price: $34.99 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Editorial Review Submarines handle awkwardly on the surface of the sea; airplanes are cumbersome when taxiing. Both modes of operation, however, are design requirements. Organizational computer networks have a similar requirement: they have to interface with other networks (thereby forming the Internet) in order to be useful. How network engineers manage their networks' perimeters has a lot to do with their usefulness, cost effectiveness, and--perhaps above all--security. Inside Network Perimeter Security concerns itself with this latter aspect of the connection to the outside world. It's carefully researched, cleverly written, and full of references to recent exploits and, more importantly, the trends they represent. The best details on emerging hack attacks will always be found online. This book takes a longer view, evaluating offensive and defensive technologies and offering well-reasoned advice on how to keep a network secure now and in the future. Readers familiar with the previous work of the authors--particularly the highly respected Stephen Northcutt--will recognize the style here. It doesn't aim to teach you how to do much in particular--there are a few procedures, and some Cisco Internetwork Operating System (IOS) command listings--but rather tries to show how to think about networks and the data that comes from them. In a typical section, the authors analyze a log from Tiny Personal Firewall. They highlight the facts that are present in the log and the inferences that can be made from them. A similar style helps you master software tools and make network design decisions. This book is perfect for a network engineer wanting to improve his or her security skills for both design and administration purposes. --David Wall Topics covered: How to design networks' borders for maximum security, and how to monitor them for unauthorized activity. After an introduction to firewalls, packet filtering, and access lists, the authors explain how to set up routers, special-purpose firewalls, and general-purpose hosts with security in mind. A large section has to do with security-conscious design, both for green field projects and existing networks that need expansion or improvement. ... Read more Reviews (16)
Isbn: 0735712328 |
$34.99 |
Fairly decent but can be thinned out a bit
|
Hacking Exposed: Network Security Secrets & Solutions, Third Edition (Hacking Exposed) by Stuart McClure, Joel Scambray, George Kurtz Average Customer Review: Paperback (26 September, 2001) list price: $49.99 US | Canada | United Kingdom | Germany | France Editorial Review A lot of computer-security textbooks approach the subject from adefensive point of view. "Do this, and probably you'll survive a particular kindof attack," they say. In refreshing contrast, Hacking Exposed, SecondEdition talks about security from an offensive angle. A Jane's-likecatalog of the weaponry that black-hat hackers use is laid out in full. Readerssee what programs are out there, get a rundown on what the programs can do, andbenefit from detailed explanations of concepts (such as wardialing and rootkits)that most system administrators kind of understand, but perhaps not in detail.The book also walks through how to use the more powerful and popular hackersoftware, including L0phtCrack. This new edition has been updated extensively,largely with the results of "honeypot" exercises (in which attacks onsacrificial machines are monitored) and Windows 2000 public security trials.There's a lot of new stuff on e-mail worms, distributed denial-of-service (DDoS)attacks, and attacks that involve routing protocols. The result of all of this familiarity with bad-guy tools is a leg up ondefending against them. Hacking Exposed wastes no time in explaining howto implement the countermeasures--where they exist--that will render knownattacks ineffective. Taking on the major network operating systems and networkdevices one at a time, the authors tell you exactly what Unix configurationfiles to alter, what Windows NT Registry keys to change, and what settings tomake in NetWare. They spare no criticism of products with which they aren'timpressed, and don't hesitate to point out inherent, uncorrectable securityweaknesses where they find them. This book is no mere rehashing of generallyaccepted security practices. It and its companion Web site are the best way forall of you network administrators to know thine enemies. --David Wall Topics covered:
Reviews (77)
Isbn: 0072193816 |
|
Worst Book Ever
|
DNS and BIND by Cricket Liu, Paul Albitz, Mike Loukides Average Customer Review: Paperback (03 September, 1998) list price: $39.95 US | Canada | United Kingdom | Germany | France Editorial Review This is the definitive book on the Domain Name System (DNS), the powerful scheme that facilitates the translation of English-like domain names (www.amazon.com) into computer-comprehensible Internet Protocol (IP) addresses (208.216.182.15). If you run a DNS server of any kind, particularly under Unix, you need to have this book on hand. This book's early chapters give a view of DNS from high altitude, explaining basic concepts such as domains, name servers, and name resolution. From there, the authors proceed on a more practical tack, presenting specific instructions for setting up your own domain and DNS server using BIND. The authors then tell you what to do as your domain grows and you need to add more machines, subdomains, and greater throughput capacity. They also talk a lot about nslookup and C programming with the various DNS and BIND libraries. Administrators will find the chapter on BIND debugging output particularly helpful. Here, the authors translate BIND's mysterious error messages and offer specific strategies for fixing and optimizing the program. This edition covers BIND 8.1.2, but pays lots of attention to older versions that are still in wide use (4.8.3 and 4.9). The authors are careful to note differences among the versions. --David Wall ... Read more Reviews (52)
In the first few chapter your taught how DNS servers work, sparing no detail. Concepts like negative-caching, recursive resolution, and inverse queries are explained and demonstrated with great examples and graphs. The chapters on configuring and managing BIND almost make things look too simple and easy. This is also a great book to learn how to use tools like 'nslookup' and 'dig'. When it comes to the world of DNS records it's hard to find authoritativeanswers to questions, besides a few sites like Mr.DNS, the authors of this book recognized that need and sought to help fill the gap of knowledge. ... Read more Isbn: 1565925122 |
|
|
Securing Windows NT/2000 Servers for the Internet by Stefan Norberg Average Customer Review: Paperback (November, 2000) list price: $29.95 -- our price: $19.77 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Reviews (12)
To be honest I'm primarily a Unix person (FreeBSD when possible) so I feel really constricted in the windows environment and thus don't know as much as I should about securing the boxes.This book allows me to jump into the windows world (since I obviously need at least one windows box around for work) and make intelligent choices regarding configuration. The small number of pages is actually a good thing since the author skips all of the general security tips and knowledge that you can get in 1,000 other books nowadays, getting right to the meat of it: what to click and type to secure the box.This also has the pleasant side-affect of reducing the cost from the normal range of 50-60 to around 20, which pretty much means that buying this book is a no-brainer. In summary, a Unix geek can get away with this book since it's so direct and easy to follow.It requires some previous security knowledge but not a boatload.
Isbn: 1565927680 |
$19.77 |
|
SSH, The Secure Shell: The Definitive Guide by Daniel J. Barrett, Richard Silverman Average Customer Review: Paperback (15 February, 2001) list price: $39.95 -- our price: $26.37 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Editorial Review The suite of utility applications that Unix users and administrators find indispensable--Telnet, rlogin, FTP, and the rest--can in fact prove to be the undoing of interconnected systems. The Secure Shell, a.k.a. SSH (which isn't a true shell at all) provides your otherwise attack-prone utilities with the protection they need. SSH: The Secure Shell: The Definitive Guide explains how to use SSH at all levels. In a blended sequence, the book explains what SSH is all about, how it fits into a larger security scheme, and how to employ it as an everyday user with an SSH client. More technically detailed chapters show how to configure a SSH server--several variants are covered--and how to integrate SSH with non-Unix client platforms. As befits its detail- and variation-rich subject, this book comprises many specialized sections, each dealing with some specific aspect of use or configuration (setting up access control at the account level, for example, or generating keys for a particular SSH server). The writing is both informative and fun to read; the authors switch back and forth between text and entry-and-response listings from SSH machines. They often run through a half-dozen or more variants on the same command in a few pages, providing the reader with lots of practical information. The discussion of how SSH fits into a Kerberos Public Key Infrastructure (PKI) is great, as is the advice on defeating particular kinds of attacks. --David Wall Topics covered:
Reviews (25)
This book covers both the server and client aspect of SSH and I
The first chapters of the book begin with a lookat what SSH is, a summary of its general uses, and the differences between the various SSH implmentations.It then quickly moves onto a number of practical examples, with explanations of both the 'how' and 'why' behind the examples. Some of the more interesting examples are those that demonstrate X11 tunnelling, key management, and how SSH can be integrated with other applications (such as PGP, for example). One of the major faults of the book is in the writing style. The regular switching back and forth between a conversational tone and a serious, technical one was something that I found rather annoying.But other than that, this is more or less a well-rounded and nicely written book on SSH, and I would certainly recommend it to anyone who is interested in this topic. ... Read more Isbn: 0596000111 |
$26.37 |
|
CISSP All-in-One Exam Guide by Shon Harris Average Customer Review: Hardcover (26 December, 2001) list price: $79.99 US | Canada | United Kingdom | Germany | France Reviews (91)
Isbn: 0072193530 |
|
|
Cisco Secure Internet Security Solutions by Andrew Mason, Mark J. Newcomb Average Customer Review:  Hardcover (30 May, 2001) list price: $55.00 -- our price: $47.28 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Editorial Review If this book were a person, it would be a career bureaucrat. It provides the data you need efficiently enough, but it doesn't go into any details you won't find on spec sheets, is fairly dry reading, and doesn't really seem to know what it wants to be. Cisco Secure Internet Security Solutions is straight from Cisco's course sheets, and it starts off fairly strong. It goes over the basic Internet attacks and explains DoS, SYN floods, SNMP problems, and other typical hacker attacks in clear language that's aimed at the mid-level Cisco professional. It doesn't go into reams of novice-level detail, but rather gives concise summaries. It then covers some of the solutions Cisco has created for the standard array of l33t probes and system invasions. And, in a very nice feature, it actually provides a set of simple global commands that it suggests should be configured on all Cisco products (like denying access from reserved IP addresses), and then explains what each step does and why you should do it, line by line. The next few chapters go into some detail about the Cisco secure product family, discussing PIX Firewalls and Cisco Secure Policy Manager and what you'd use them for. So far, so good. Later, a couple of long tutorials on configuring the Cisco Secure Scanner and the Secure Policy Manager are filled with helpful screen shots and a fair amount of explanation. But the software is complex, and the book offers no demo or sample software to experiment with. If you aren't able to get your hands on a copy, you might as well resign yourself to reading this section numerous times until you get it. And even then, it still concentrates mostly on how to use the software as opposed to how it works or where it can be used properly, which may or may not be what you're looking for. Fortunately, the book ends well, giving examples of common Internet security threats and suggested solutions. The writing is dry and filled with numerous charts, but that's pretty typical for Cisco Press books, which aren't known for their dazzling style. If you've read other Cisco books and enjoyed them, or if you don't require a lot of handholding or silly in-jokes, the book will serve you adequately. The book has two major flaws, however: The first is that in the end it's still mostly regurgitated Cisco documentation, and it doesn't seem to offer a whole lot of real-world experience for the reader to use. In the case of subject matter that's as constantly changing and critical as security, it would have been nice to have a couple of real-world examples of substandard systems to troubleshoot and perhaps show the reader what a hacker would look for when breaking into a network. Admittedly, the book is on Cisco Internet security solutions, not how to keep kids out of your system, but a certain level of teaching would have been nice--and would have shown how Cisco is poised help you in a much better light. The second is that in the end, this book is little more than an overview of what Cisco can do for you, sans an overview of the competition or the areas that may have no competition. It doesn't really compare products that may do some of the same things, doesn't contrast Cisco's firewalls with other firewall products to give the reader an idea of the features, and in short provides only Cisco solutions to security without showing how other solutions may fail. For a book that really tries to help you understand security issues, discussing only the Cisco view leads to a strange mix of tutorial and blatant shilling, which goes into real depth in some parts and then stalls in others. It gets the job done if you want to know about Cisco security products and approaches, and it does it well. It even is a not-bad introduction to security issues. But ultimately, it's neither fish nor fowl. --William Steinmetz ... Read more Reviews (7)
What a bitter disappointment.This book is as wide as the horizon and as deep as a backyard puddle. I wish I could give this title a negative number, but I'm forced to be polite and post a "1". I can't believe any self-respecting CCIE would attach his/her name to such a fluffy, insubstantial work of garbage. Save your money and buy one of the specific security titles:...
This book is well written and keeps your interest.(Something that is hard to come by in the networking field of books.) Kudo's to Andrew Mason, and Mark Newcomb for an excellent book.
Isbn: 1587050161 |
$47.28 |
|
Cisco Secure Virtual Private Networks by Andrew G. Mason, Andrew Mason Average Customer Review:  Hardcover (18 December, 2001) list price: $50.00 US | Canada | United Kingdom | Germany | France Editorial Review An increasing number of businesses are cutting costs by eliminating their private data networks in favor of virtual private networks (VPNs), which are much more flexible as well as less costly. Cisco Secure Virtual Private Networks shows how to configure Cisco Systems equipment to provide the required security while remaining invisible to users. Though it's designed for use as the textbook for a Cisco-sanctioned class of the same name, this book is equally suited for use by an engineer studying alone. The author--a CCIE with ISP experience--explains the Cisco product line, examines the products' open and proprietary features, and shows how to plan and implement a VPN configuration on them. Thanks to the inclusion of troubleshooting advice (even though its applicability in a multiple-vendor environment is somewhat limited), this book should hold its value as your VPN evolves. If you've read a Cisco Press class manual before, you'll find Andrew Mason's format familiar. He describes customer requirements first (using pre-shared keys for security between sites, for example), and then presents a list of tasks to be accomplished in order to satisfy the specifications (configuring Internet Key Exchange--IKE--among others). He subsequently breaks each task into individual steps, each of which is presented with detailed information on the commands to be issued and configuration files to be established. These steps include tables that document commands fully, so readers have reference material that's relevant when their situations differ from the problems Mason solves explicitly. --David Wall Topics covered: Cisco Systems virtual private network (VPN) solutions, especially the VPN 3000 Concentrator and the PIX firewall family. IPSec gets plenty of coverage, as do public-key infrastructure solutions. This book covers the same ground as the Cisco Secure Virtual Private Networks exam (9EO-570). ... Read more Reviews (10)
Note: My review was based of of the PIX sections of the book only.
Chapter 4, explaining IOS Router for CA Site-to-Site, starts out with an example of two routers (RouterA, RouterB ) and a CA server but on Step 6 mystery router R1 makes an appearance. At this point the subject matter becomes confusing, examples of output from R1 are shown, is this router really RouterA? I'm not sure if we're using general keys or specialkeys? You flip back and forth through the chapters pages trying to overcome the confusion. Eventually you glean enough, ignoring the inconsistancies and move on. The screen snap shots in the later chapters are of poor quality ( blurry ). So, buyer beware. There are other errors but these annoyed me the most. Presumably you would consider buying this book to help you pass the CSVPN test as I did. A good part of this material is available on CCO but it is fragmented among many separate documents. The one redeaming quality of this book is that it condenses that material into a portable, organized book form and , like or dislike, leaves out material that is not likely to be on the test. ... Read more Isbn: 1587050331 |
|
Another rush job.
|
Managing Cisco Network Security by Mike Wenstrom Average Customer Review: Hardcover (15 January, 2001) list price: $60.00 US | Canada | United Kingdom | Germany | France Reviews (12)
Isbn: 1578701031 |
|
|
Cisco Router Performance Field Guide by Gil Held Average Customer Review: Hardcover (27 April, 2000) list price: $29.00 US | Canada | United Kingdom | Germany | France Editorial Review If the router's not happy, nobody's happy. The Cisco RouterPerformance Field Guide describes a series of strategies for determiningwhether a given Cisco Systems router is doing what it's supposed to do and doingit at peak efficiency. It also includes a lot of information on adjustingconfiguration files to correct problems and improve performance. Author Gil Heldis a respected expert on Cisco products, and he upholds his reputation here.Network administrators who have their routing gear in place and are inoptimization and troubleshooting mode will like what they find here. This book is heavy on prose, packing lots of facts and concepts into eachparagraph. For this reason, it isn't a book for the novice, and even someveterans might take some time in deciphering what Held has written in certainplaces. As aids to the practically minded, this book includes a fair number ofcommand-and-response listings, as well as listings of configuration files. Theillustrations are the main shortcoming of this book. Clearly, some editordecided that illustrations were necessary for their own sake, and includedpointless screen shots of console windows and file listings in an otherwiseexcellent book. There aren't too many of these, however, and Held's excellentexplanations and documentation shine through. --David Wall Topics covered: Troubleshooting, optimizing, and gauging performance onCisco routers, particularly those of the 4000 series and 7000 family. Emphasisgoes to gauging usage of LAN and WAN link capacity, as well as usage of hardwareresources, such as memory and processor capacity. Also, the author documentsvarious Cisco and Microsoft Windows NT diagnostic utilities, such as trace andtracert. ... Read more Reviews (4)
Isbn: 0072125136 |
|
|
The Art of Information Warfare: Insight into the Knowledge Warrior Philosophy by Richard Forno, Ronald Baklarz Average Customer Review: Paperback (15 February, 1999) list price: $19.95 -- our price: $19.95 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Reviews (14)
Good things come in small packages, like this book.
That being said, the book provides useful guidance in an easy-to-read (and remember!) format, and makes it easy to understand the basics of security for our companies. The book's probably best-suited for small-to-midsize firms like mine, and I learned some new things from it. The resources section in Part 2 were particularly helpful, if not a bit dated now in 2003 compared to 1999 when it was published. ... Read more Isbn: 1581128576 |
$19.95 |
|
SANS GIAC Certification: Security Essentials Toolkit (GSEC) by Eric Cole, Mathew Newfield, John M. Millican, Stephen Northcutt, Matthew Newfield Average Customer Review: Paperback (18 March, 2002) list price: $49.99 -- our price: $34.02 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Editorial Review The best way to develop a working knowledge of anything is to actually work with it--see it work, see it fail, and see what happens when variables are adjusted. Under the guise of an exam-preparation aid, SANS GIAC Certification: Security Essentials Toolkit guides its readers through a series of carefully designed experiments that collectively illustrate how attackers go about breaking into (or just plain breaking) their targets. The authors assume little background knowledge on the reader's part and take care to show you what you need to do in order to see the effects they're trying to demonstrate. This is, above all, a laboratory manual, and the authors deserve kudos for their effort to ensure that you can reproduce their results. A highly graphical design and wide, lay-flat binding make this book all the more useful as a hands-on companion. The authors' dedication to standardization is evident from the first exercise (this book consists almost entirely of exercises), in which they show how to build a dual-boot system with both Linux and Windows 2000 installed. The idea is that you can build this system once, make an image of it, and then be able to repeatedly break and rebuild your system without wasting time. Subsequent exercises deal with different types of attacks and the defenses that are effective against each. Each exercise has an explicitly illustrated procedure--usually illustrating a successful attack and a failed one (i.e., one that was defended against). You learn not only to install defensive software and trust it, but also to recognize evidence of attacks in log files and in behavioral symptoms. More security books--and technical books in general--should be like this one. --David Wall Topics covered: The kinds of attacks--against Windows 2000 and Linux systems--that are covered on the SANS Institute's Global Information Assurance Certification (GIAC) exam, as well as the software tools and configuration strategies that you can use to protect your systems against them. The authors cover many attacks--including Trojans, host spoofs, and others--and many defensive weapons (like firewalls and intrusion detection systems). ... Read more Reviews (8)
Apart from the poor quality control of this book, it lacks good solid explanations to accompany most of them.Like many such exercise-oriented book the minimal level of explanations leaves one feeling that they are merely following a recipe in a cookbook. In summary, while the book offers something that is missing in the marketplace, it seems that is was rushed into print with little quality control.Unfortunately there are no errata sheets available from the publisher. ... Read more Isbn: 0789727749 |
$34.02 |
|
Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit, Second Edition by JohnChirillo Average Customer Review: Paperback (21 August, 2002) list price: $60.00 -- our price: $39.60 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Reviews (13)
Isbn: 0471232823 |
$39.60 |
|
CCNP Switching Study Guide (Exam 640-504 with CD-ROM) by Todd Lammle, Kevin Hales, Inc Cisco Systems, Todd Lammine Average Customer Review: Hardcover (13 October, 2000) list price: $49.99 -- our price: $49.99 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Reviews (35)
I also bought the Cisco Press's book for the same subject, but could not even go through it to the end once, because, it just made me very sleepy after few minutes every time I tried although I believe this is a great study book. On the other hand, this Sybex book was very fun to read, covering the exam well.Even for those who do not have Engish as a native language like myself, can easily read this book, take the exam in English and can pass it. The only bad point is, like the other reviewer pointed out, this book does not cover HSRP, which was still questioned as of May 2003.I would recommend that you buy the Cisco's book too and take a look at only that section to get a quick knowledge of HSRP, then you are good to go!
Isbn: 0782127118 |
$49.99 |
|
Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community by The Honeynet Project, The Honeynet Project Average Customer Review: Paperback (31 August, 2001) list price: $39.99 -- our price: $26.39 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Reviews (25)
A honeynet is the primary tool used to capture attacker's activity.It is a type of honeypot, specifically a high-interaction honeypot. As a honeypot, honeynets work on the concept that they should not see any activity, no one has authorization to interact with them.As a result, any inbound or outbound connections to the honeynet is most likely unauthorized activity.This simple concept makes it highly effective in detecting and capturing both known and unknown activity.Honeynets work as a highly controlled network made up of real systems and applications for attackers to probe and compromise. The book is about honeynets, how to use them, and what you can learn. The book is broken into three parts.The first part is focused on what honeynets are, how they work, the different types, and technical details on how you can deploy them safely.The second part focuses on how to analyze all the different data a honeynet can collect (network and host based forensics, reverse engineering, centralized data correlation, etc).The third part is specific examples of several honeynets being hacked, including Win2000, Linux, and Solaris.What makes the book so interesting is it ties all these different elements together.You can learn more at http://www.honeynet.org/book/ The book was not written by a single individual, but by leading experts in their field. They attempted to combine the best experiences and skills from some of the leading individuals. The book was organized by the Honeynet Project, but the contributing authors include members of the Honeynet Research Alliance, individuals from the Department of Justice, and others who have helped us in the past and wanted to contribute.Some examples of authors include Honeynet Project members Brian Carrier who wrote several chapters and Max Kilger who wrote about profiling. Honeynet Research Alliance members include the work of the Greek Honeynet Project writing about hacked Linux systems, and the Mexican Honeynet Project writing about hacked Solaris systems.They also had outside experts help out, including Richard Salgado of the DoJ author about legal issues, and Dion Mendel from Australia write about Reverse Engineering. -- To defend against your threats, you have to first know who your enemy is -- I recommend this book! ... Read more Isbn: 0201746131 |
$26.39 |
|
Firewalls: The Complete Reference by Keith Strassberg, Gary Rollie, Richard Gondek Average Customer Review: Paperback (28 May, 2002) list price: $59.99 -- our price: $59.99 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Reviews (5)
Isbn: 0072195673 |
$59.99 |
|
Snort 2.0 Intrusion Detection by Brian Caswell, Jay Beale, James C. Foster, Jeremy Faircloth Average Customer Review: Paperback (February, 2003) list price: $49.95 -- our price: $19.98 (price subject to change: see help) US | Canada | United Kingdom | Germany | France Reviews (19)
|