Компьютеры - скачать книги или читать онлайн. Страница 73

Learn how to conduct thorough security examinations via illustrations and virtual simulations A network security breach (a hack, crack, or other invasion) occurs when unauthorized access to the network is achieved and havoc results. The best possible defense is an offensive strategy that allows you to regularly test your network to reveal the vulnerabilities and close the holes before someone gets in. Written by veteran author and security expert John Chirillo, Hack Attacks Testing explains how to perform your own security audits. Step by step, the book covers how-to drilldowns for installing and configuring your Tiger Box operating systems, installations, and configurations for some of the most popular auditing software suites. In addition, it includes both common and custom usages, scanning methods, and reporting routines of each. Finally, Chirillo inspects the individual vulnerability scanner results and compares them in an evaluation matrix against a select group of intentional security holes on a target network. Chirillo tackles such topics as: Building a multisystem Tiger Box Basic Windows 2000 Server installation and configuration for auditing Basic Linux and Solaris installation and configuration Basic Mac OS X installation and configuration for auditing ISS, CyberCop, Nessus, SAINT, and STAT scanners Using security analysis tools for Mac OS X Vulnerability assessment Bonus CD! The CD contains virtual simulations of scanners, ISS Internet Scanner evaluation version, and more.

Written especially for advanced beginners and intermediate users, this book offers quick fixes for anyone bedeviled by faulty formulas, failed formatting, printer purgatory, and other perplexing Excel problems Offers three types of fixes: Escape in Under 30 Seconds, Escape in Under Two Minutes, and More Elaborate Escapes-over 400 solutions in all Topics covered include formula fixes, formatting fixes, data and layout fixes for Excel charts, PivotTable fixes, managing complexity in very large spreadsheets, fixing broken procedure functions, and more Includes preventive measures and best practices that teach users how to avoid problems in the future Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

Hackers have uncovered the dark side of cryptography—that device developed to defeat Trojan horses, viruses, password theft, and other cyber-crime. It’s called cryptovirology, the art of turning the very methods designed to protect your data into a means of subverting it. In this fascinating, disturbing volume, the experts who first identified cryptovirology show you exactly what you’re up against and how to fight back. They will take you inside the brilliant and devious mind of a hacker—as much an addict as the vacant-eyed denizen of the crackhouse—so you can feel the rush and recognize your opponent’s power. Then, they will arm you for the counterattack. This book reads like a futuristic fantasy, but be assured, the threat is ominously real. Vigilance is essential, now. Understand the mechanics of computationally secure information stealing Learn how non-zero sum Game Theory is used to develop survivable malware Discover how hackers use public key cryptography to mount extortion attacks Recognize and combat the danger of kleptographic attacks on smart-card devices Build a strong arsenal against a cryptovirology attack

Here's the book you need to prepare for CompTIA's Linux+ exam. This Study Guide was developed to meet the exacting requirements of today's certification candidates. In addition to the consistent and accessible instructional approach that has earned Sybex the «Best Study Guide» designation in the 2003 CertCities Readers Choice Awards, this book provides: Clear and concise information on setting up and administering a Linux system Practical examples and insights drawn from real-world experience Leading-edge exam preparation software, including a Linux-based testing engine and electronic flashcards for your Palm You'll also find authoritative coverage of key exam topics, including: Hardware requirements User administration Package management Security fundamentals Shell scripting Administering Apache Web server Installing, updating, and removing drivers Understanding the Linux kernel Troubleshooting Look to Sybex for the knowledge and skills needed to succeed in today's competitive IT marketplace. This book has been reviewed and approved as CompTIA Authorized Quality Curriculum (CAQC). Students derive a number of important study advantages with CAQC materials, including coverage of all exam objectives, implementation of important instructional design principles, and instructional reviews that help students assess their learning comprehension and readiness for the exam. Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

Here's the book you need to prepare for CompTIA's updated Linux+ exam, #XK0-002. This Study Guide was developed to meet the exacting requirements of today's certification candidates. In addition to the consistent and accessible instructional approach that has earned Sybex the reputation as the leading publisher for certification self-study guides, this book provides: Clear and concise information on setting up and administering a Linux system Practical examples and insights drawn from real-world experience Leading-edge exam preparation software, including a Windows- and Linux-compatible testing engine and electronic flashcards You'll also find authoritative coverage of key exam topics, including: Determining hardware requirements Configuring client network services Managing storage devices and file systems Establishing security requirements Monitoring and troubleshooting problems Creating procedures and documentation Look to Sybex for the knowledge and skills needed to succeed in today's competitive IT marketplace. This book has been reviewed and approved as CompTIA Authorized Quality Curriculum (CAQC). Students derive a number of important study advantages with CAQC materials, including coverage of all exam objectives, implementation of important instructional design principles, and instructional reviews that help students assess their learning comprehension and readiness for the exam.

Get ready to pass the CISSP exam and earn your certification with this advanced test guide Used alone or as an in-depth supplement to the bestselling The CISSP Prep Guide, this book provides you with an even more intensive preparation for the CISSP exam. With the help of more than 300 advanced questions and detailed answers, you'll gain a better understanding of the key concepts associated with the ten domains of the common body of knowledge (CBK). Each question is designed to test you on the information you'll need to know in order to pass the exam. Along with explanations of the answers to these advanced questions, you'll find discussions on some common incorrect responses as well. In addition to serving as an excellent tutorial, this book presents you with the latest developments in information security. It includes new information on: Carnivore, Echelon, and the U.S. Patriot Act The Digital Millennium Copyright Act (DMCA) and recent rulings The European Union Electronic Signature Directive The Advanced Encryption Standard, biometrics, and the Software Capability Maturity Model Genetic algorithms and wireless security models New threats and countermeasures The CD-ROM includes all the questions and answers from the book with the Boson-powered test engine.

Covers all versions of UNIX, as well as Linux, operating systems that are used by the majority of Fortune 1000 companies for their mission-critical data Offers more detail than other books on the file input/output aspects of UNIX programming Describes implementation of UNIX filesystems over a thirty year period Demonstrates VERITAS and other filesystem examples

Have you tried using an «automated» GUI testing tool, only to find that you spent most of your time configuring, adjusting, and directing it? This book presents a sensible and highly effective alternative: it teaches you to build and use your own truly automated tool. The procedure you'll learn is suitable for virtually any development environment, and the tool allows you to store your test data and verification standard separately, so you can build it once and use it for other GUIs. Most, if not all, of your work can be done without test scripts, because the tool itself can easily be made to conduct an automatic GUI survey, collect test data, and generate test cases. You'll spend virtually none of your time playing with the tool or application under test. Code-intensive examples support all of the book's instruction, which includes these key topics: Building a C# API text viewer Building a test monkey Developing an XML viewer using xPath and other XML-related classes Building complex, serializable classes for GUI test verification Automatically testing executable GUI applications and user-defined GUI controls Testing managed (.NET) and unmanaged GUI applications Automatically testing different GUI controls, including Label, TextBox, Button, CheckBox, RadioButton, Menu Verifying test results Effective GUI Test Automation is the perfect complement to Li and Wu's previous book, Effective Software Test Automation: Developing an Automated Software Testing Tool. Together, they provide programmers, testers, designers, and managers with a complete and cohesive way to create a smoother, swifter development process—and, as a result, software that is as bug-free as possible.

"Phishing" is the hot new identity theft scam. An unsuspecting victim receives an e-mail that seems to come from a bank or other financial institution, and it contains a link to a Web site where s/he is asked to provide account details. The site looks legitimate, and 3 to 5 percent of people who receive the e-mail go on to surrender their information-to crooks. One e-mail monitoring organization reported 2.3 billion phishing messages in February 2004 alone. If that weren't enough, the crooks have expanded their operations to include malicious code that steals identity information without the computer user's knowledge. Thousands of computers are compromised each day, and phishing code is increasingly becoming part of the standard exploits. Written by a phishing security expert at a top financial institution, this unique book helps IT professionals respond to phishing incidents. After describing in detail what goes into phishing expeditions, the author provides step-by-step directions for discouraging attacks and responding to those that have already happened. In Phishing, Rachael Lininger: Offers case studies that reveal the technical ins and outs of impressive phishing attacks. Presents a step-by-step model for phishing prevention. Explains how intrusion detection systems can help prevent phishers from attaining their goal-identity theft. Delivers in-depth incident response techniques that can quickly shutdown phishing sites.

Authoritative Answers to All Your Linux Security Questions—Specifically for Linux Administrators This is the most complete, most advanced guide to Linux security you'll find anywhere. Written by a Linux security expert with over a decade of experience, Linux Security teaches you, step-by-step, all the standard and advanced techniques you need to know to keep your Linux environment safe from threats of all kinds. Hundreds of clear, consistent examples illustrate these techniques in detail†so you stay on track and accomplish all your goals. Coverage includes: Understanding information and system security procedures Developing a corporate security policy Designing and deploying an effective system and network monitoring strategy Managing the network services offered by Linux servers Understanding Sendmail security, including authentication and privacy Providing application-level mail security using PGP Designing and deploying an Apache HTTP server, including SSL extensions Securing your Samba server Building a network layer firewall using IPtables and Linux kernel v.2.4 Using the NEC SOCKS5 transport layer firewall Deploying the TIS firewall toolkit Offering secure remote connectivity with IPsec and PPTP VPNs Adding strong user authentication to Linux servers using Kerberos Understanding the Linux Pluggable Authentication Modules (PAM)

Build Your Network Security Career on a Solid Foundation Whether you're setting out to earn a security certification or just want to know more about the security issues faced by all network administrators, Network Security JumpStart is the place to begin. Inside, a networking expert demystifies every aspect of the growing security imperative, giving you a firm footing from which you can realize your goals and develop a better understanding of computer and network security. Coverage Includes: Understanding security principles Understanding hacking Using encryption and authentication Managing security Securing Internet connections Using Virtual Private Networks Securing remote and home users Implementing virus protection Creating fault tolerance Securing Windows servers Securing UNIX servers Securing public web servers Securing public e-mail servers Detecting intrusion

The only complete technical guide to building integrated business systems using the convergent architecture approach In his groundbreaking Business Engineering with Object Technology (0-471-04521-7), David Taylor introduced the concept of convergent architecture (CA), a framework for building the business design directly into the software systems that support it. Now, in this important follow-up to that 1995 classic, expert Richard Hubert provides systems developers and architects with their first complete blueprint for building integrated CA business systems using the hottest technologies, including Enterprise JavaBeans, XML, UML, Rational Rose, and others. Following a detailed introduction to the elements of CA, he walks readers through the entire CA design and implementation process, using examples in Java and EJB to illustrate key points. Companion Website provides hands-on tutorials, links to related tool sites, and updates to the CA methodology.