Evifa-Portal

1

Online Resource

XSS Attacks (2011)

Fogie, Seth [VerfasserIn] ; Grossman, Jeremiah [VerfasserIn] ; Hansen, Robert [VerfasserIn] ; [et al.]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9780080553405

Language: English

Pages: 1 online resource (480 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data. XSS Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers. XSS Vulnerabilities exist in 8 out of 10 Web sites The authors of this book are the undisputed industry leading authorities Contains independent, bleeding edge research, code listings and exploits that can not be found anywhere else

Note: Online resource; Title from title page (viewed April 18, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

2

Online Resource

Zen and the Art of Information Security (2011)

Winkler, Ira [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9780080554747

Language: English

Pages: 1 online resource (192 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: While security is generally perceived to be a complicated and expensive process, Zen and the Art of Information Security makes security understandable to the average person in a completely non-technical, concise, and entertaining format. Through the use of analogies and just plain common sense, readers see through the hype and become comfortable taking very simple actions to secure themselves. Even highly technical people have misperceptions about security concerns and will also benefit from Ira Winkler’s experiences making security understandable to the business world. Mr. Winkler is one of the most popular and highly rated speakers in the field of security, and lectures to tens of thousands of people a year. Zen and the Art of Information Security is based on one of his most well received international presentations. Written by an internationally renowned author of Spies Among Us who travels the world making security presentations to tens of thousands of people a year This short and concise book is specifically for the business, consumer, and technical user short on time but looking for the latest information along with reader friendly analogies Describes the REAL security threats that you have to worry about, and more importantly, what to do about them

Note: Online resource; Title from title page (viewed April 18, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

3

Online Resource

The Real MCTS/MCITP Exam 70-646 Prep Kit (2011)

Piltzecker, Anthony [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597492485

Language: English

Pages: 1 online resource (800 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: This exam is designed to validate skills as a Windows Server 2008 Server Administrator. This exam will fulfill the Windows Server 2008 IT Professional requirements of Exam 70-646. The Microsoft Certified IT Professional(MCITP) on Windows Server 2008 credential is intended for information technology (IT) professionals who work in the complex computing environment of medium to large companies. The MCITP candidate should have at least one year of experience implementing and administering a network operating system in an environment that has the following characteristics: 250 to 5,000 or more users; three or more physical locations; and three or more domain controllers. A MCITP Server Administrator is responsible for the operations and day-to-day management of an infrastructure of servers for an enterprise organization. Server administrators manage the infrastructure, web, and IT application servers, and use scripts to accomplish tasks on a regular basis. They conduct most server management tasks remotely by using Terminal Server or administration tools installed on their local workstation. MCITP Server Administrators also support engineering projects, and are responsible for server builds and configuration. * Targeted at MCSE/MCSA upgraders, AND new MCITP certification seekers. * Interactive FastTrack e-learning modules help simplify difficult exam topics * Two full-function ExamDay practice exams guarantee double coverage of all exam objectives * Free download of audio FastTracks for use with iPods or other MP3 players * Comprehensive study guide guarantees 100% coverage of all Microsoft's exam objectives

Note: Online resource; Title from title page (viewed August 31, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

4

Online Resource

TechnoSecurity's Guide to E-Discovery and Digital Forensics (2011)

Wiles, Jack [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597492232

Language: English

Pages: 1 online resource (400 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: TechnoSecurity's Guide to E-Discovery and Digital Forensics provides IT security professionals with the information (hardware, software, and procedural requirements) needed to create, manage and sustain a digital forensics lab and investigative team that can accurately and effectively analyze forensic data and recover digital evidence, while preserving the integrity of the electronic evidence for discovery and trial. Internationally known experts in computer forensics share their years of experience at the forefront of digital forensics Bonus chapters on how to build your own Forensics Lab 50% discount to the upcoming Techno Forensics conference for everyone who purchases a book

Note: Online resource; Title from title page (viewed October 13, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

5

Online Resource

AVIEN Malware Defense Guide for the Enterprise (2011)

Harley, David [VerfasserIn] ; Vibert, Robert [VerfasserIn] ; Bechtel, Ken [VerfasserIn] ; [et al.]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597491648

Language: English

Pages: 1 online resource (656 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Members of AVIEN (the Anti-Virus Information Exchange Network) have been setting agendas in malware management for several years: they led the way on generic filtering at the gateway, and in the sharing of information about new threats at a speed that even anti-virus companies were hard-pressed to match. AVIEN members represent the best-protected large organizations in the world, and millions of users. When they talk, security vendors listen: so should you. AVIEN’s sister organization AVIEWS is an invaluable meeting ground between the security vendors and researchers who know most about malicious code and anti-malware technology, and the top security administrators of AVIEN who use those technologies in real life. This new book uniquely combines the knowledge of these two groups of experts. Anyone who is responsible for the security of business information systems should be aware of this major addition to security literature. * “Customer Power takes up the theme of the sometimes stormy relationship between the antivirus industry and its customers, and tries to dispel some common myths. It then considers the roles of the independent researcher, the vendor-employed specialist, and the corporate security specialist. * “Stalkers on Your Desktop considers the thorny issue of malware nomenclature and then takes a brief historical look at how we got here, before expanding on some of the malware-related problems we face today. * “A Tangled Web discusses threats and countermeasures in the context of the World Wide Web. * “Big Bad Bots tackles bots and botnets, arguably Public Cyber-Enemy Number One. * “Crème de la CyberCrime takes readers into the underworld of old-school virus writing, criminal business models, and predicting future malware hotspots. * “Defense in Depth takes a broad look at DiD in the enterprise, and looks at some specific tools and technologies. * “Perilous Outsorcery offers sound advice on how to avoid the perils and pitfalls of outsourcing, incorporating a few horrible examples of how not to do it. * “Education in Education offers some insights into user education from an educationalist’s perspective, and looks at various aspects of security in schools and other educational establishments. * “DIY Malware Analysis is a hands-on, hands-dirty approach to security management, considering malware analysis and forensics techniques and tools. * “Antivirus Evaluation & Testing continues the D-I-Y theme, discussing at length some...

Note: Online resource; Title from title page (viewed April 18, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

6

Online Resource

The Real MCTS/MCITP Exam 70-642 Prep Kit (2011)

Posey, Brien [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597492461

Language: English

Pages: 1 online resource (800 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: This exam is designed to validate Windows Server 2008 network infrastructure configuration skills. This exam will fulfill the Windows Server 2008 Technology Specialist requirements of Exam 70-642. This is a test for new certification seekers, not for those who are upgrading from Windows 2000/2003 MCSE/MCSA certification. The Microsoft Certified Technology Specialist (MCTS) on Windows Server 2008 credential is intended for information technology (IT) professionals who work in the complex computing environment of medium to large companies. The MCTS candidate should have at least one year of experience implementing and administering a network operating system in an environment that has the following characteristics: 250 to 5,000 or more users; three or more physical locations; and three or more domain controllers. MCTS candidates will manage network services and resources such as messaging, a database, file and print, a proxy server, a firewall, the Internet, an intranet, remote access, and client computer management. In addition MCTS candidates must understand connectivity requirements such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet. * Study resource for those taking MCTS/MCITP exam 70-642, which is for NEW certification seekers, not for upgraders. * Two full-function ExamDay practice exams guarantee double coverage of all exam objectives * Free download of audio FastTracks for use with iPods or other MP3 players * THE independent source of exam-day tips, techniques, and warnings not available from Microsoft * Comprehensive study guide guarantees 100% coverage of all Microsoft's exam objectives * Interactive FastTrack e-learning modules help simplify difficult exam topics

Note: Online resource; Title from title page (viewed April 18, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

7

Online Resource

Techno Security's Guide to Managing Risks for IT Managers, Auditors, and Investigators (2011)

Long, Johnny [VerfasserIn] ; Wiles, Jack [VerfasserIn] ; Rogers, Russ [VerfasserIn] ; [et al.]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9780080553979

Language: English

Pages: 1 online resource (432 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: “This book contains some of the most up-to-date information available anywhere on a wide variety of topics related to Techno Security. As you read the book, you will notice that the authors took the approach of identifying some of the risks, threats, and vulnerabilities and then discussing the countermeasures to address them. Some of the topics and thoughts discussed here are as new as tomorrow’s headlines, whereas others have been around for decades without being properly addressed. I hope you enjoy this book as much as we have enjoyed working with the various authors and friends during its development. —Donald Withers, CEO and Cofounder of TheTrainingCo. • Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30-plus years of experience in the worlds of both physical and technical security. • Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise. • Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving. • Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency. • Kevin O’Shea on Seizure of Digital Information discusses collecting hardware and information from the scene. • Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics. • Dennis O’Brien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations. • Ron Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards. • Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologist’s responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works. • Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, w...

Note: Online resource; Title from title page (viewed April 18, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

8

Online Resource

Developer's Guide to Web Application Security (2011)

Cross, Michael [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597490610

Language: English

Pages: 1 online resource (500 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications. This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application. Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential. The Yankee Group estimates the market for Web application-security products and services will grow to $1.74 billion by 2007 from $140 million in 2002 Author Michael Cross is a highly sought after speaker who regularly delivers Web Application presentations at leading conferences including: Black Hat, TechnoSecurity, CanSec West, Shmoo Con, Information Security, RSA Conferences, and more

Note: Online resource; Title from title page (viewed April 18, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

9

Online Resource

The Real MCTS/MCITP Exam 70-643 Prep Kit (2011)

Posey, Brien [VerfasserIn] ; Bowern, Colin [VerfasserIn] ; Martin, Jeffery [VerfasserIn] ; [et al.]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597492478

Language: English

Pages: 1 online resource (800 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: This exam is designed to validate Windows Server 2008 applications platform configuration skills. This exam will fulfill the Windows Server 2008 Technology Specialist requirements of Exam 70-643. The Microsoft Certified Technology Specialist (MCTS) on Windows Server 2008 credential is intended for information technology (IT) professionals who work in the complex computing environment of medium to large companies. The MCTS candidate should have at least one year of experience implementing and administering a network operating system in an environment that has the following characteristics: 250 to 5,000 or more users; three or more physical locations; and three or more domain controllers. MCTS candidates will manage network services and resources such as messaging, a database, file and print, a proxy server, a firewall, the Internet, an intranet, remote access, and client computer management. In addition MCTS candidates must understant connectivity requirements such as connecting branch offices and individual users in remote locations to the corporate network and connecting corporate networks to the Internet. Addresses both newcomers to MS certification, and those who are upgrading from Windows 2003 Two full-function ExamDay practice exams guarantee double coverage of all exam objectives Free download of audio FastTracks for use with iPods or other MP3 players THE independent source of exam-day tips, techniques, and warnings not available from Microsoft Comprehensive study guide guarantees 100% coverage of all Microsoft's exam objectives Interactive FastTrack e-learning modules help simplify difficult exam topics

Note: Online resource; Title from title page (viewed April 18, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

10

Online Resource

How to Cheat at Securing Your Network (2011)

Dubrawsky, Ido [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597492317

Language: English

Pages: 1 online resource (432 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Most Systems Administrators are not security specialists. Keeping the network secure is one of many responsibilities, and it is usually not a priority until disaster strikes. How to Cheat at Securing Your Network is the perfect book for this audience. The book takes the huge amount of information available on network security and distils it into concise recommendations and instructions, using real world, step-by-step instruction. The latest addition to the best selling "How to Cheat..." series of IT handbooks, this book clearly identifies the primary vulnerabilities of most computer networks, including user access, remote access, messaging, wireless hacking, media, email threats, storage devices, and web applications. Solutions are provided for each type of threat, with emphasis on intrusion detection, prevention, and disaster recovery. * A concise information source - perfect for busy System Administrators with little spare time * Details what to do when disaster strikes your network * Covers the most likely threats to small to medium sized networks

Note: Online resource; Title from title page (viewed April 18, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

11

Online Resource

The Real MCTS/MCITP Exam 70-620 Prep Kit (2011)

Piltzecker, Anthony [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9780080949093

Language: English

Pages: 1 online resource (800 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: This exam is designed to validate proficieny supporting Windows Vista client. This exam will fulfill the Windows Vista Technology Specialist requirements of Exam 70-620. The Microsoft Certified Technology Specialist (MCTS) on Windows Vista credential is intended for information technology (IT) professionals who work in the complex computing environment of medium to large companies. The MCTS candidate should have at least one year of experience in Tier 1 or Tier 2 phone support in an upper midsize organization or enterprise environment. MCTS candidates should have experience resolving issues concerning network connectivity, desktop operating systems, security, and applications. Their experience should also include addressing logon problems, performing password resets, and resolving most issues with desktop applications. * Designed to help study for and pass this important MCTS exam on the Vista operating system on the way to MCITP status * Targeted to newcomers to Microsoft certification AND people who wish to upgrade their Windows 2003 MCSE/MCSA * THE independent source of exam day tips, techniques, and warnings not available from Microsoft * Comprehensive study guide guarantees 100% coverage of all Microsoft's exam objectives * Interactive FastTrack e-learning modules help simplify difficult exam topics * Two full-function ExamDay practice exams guarantee double coverage of all exam objectives * Free download of audio FastTracks for use with iPods or other MP3 players * 1000 page "DRILL DOWN" reference for comprehensive topic review

Note: Online resource; Title from title page (viewed April 18, 2011) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

12

Online Resource

Seven Deadliest Unified Communications Attacks (2010)

York, Dan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597495479

Language: English

Pages: 1 online resource (224 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Seven Deadliest Unified Communications Attacks provides a comprehensive coverage of the seven most dangerous hacks and exploits specific to Unified Communications (UC) and lays out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. The book describes the intersection of the various communication technologies that make up UC, including Voice over IP (VoIP), instant message (IM), and other collaboration technologies. There are seven chapters that focus on the following: attacks against the UC ecosystem and UC endpoints; eavesdropping and modification attacks; control channel attacks; attacks on Session Initiation Protocol (SIP) trunks and public switched telephone network (PSTN) interconnection; attacks on identity; and attacks against distributed systems. Each chapter begins with an introduction to the threat along with some examples of the problem. This is followed by discussions of the anatomy, dangers, and future outlook of the threat as well as specific strategies on how to defend systems against the threat. The discussions of each threat are also organized around the themes of confidentiality, integrity, and availability. This book will be of interest to information security professionals of all levels as well as recreational hackers. Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how Institute countermeasures, don’t be caught defenseless again, and learn techniques to make your computer and network impenetrable

Note: Online resource; Title from title page (viewed June 4, 2010) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

13

Online Resource

Practical Lock Picking (2010)

Ollam, Deviant [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597496124

Language: English

Pages: 1 online resource (256 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Practical Lock Picking: A Physical Penetration Tester’s Training Guide introduces the reader to the basic principles of lock picking. The book combines both easy-to-follow, step-by-step lessons, and tutorials that will help security-conscious people learn how to open most of the locks they may encounter during auditing or assessment work. It covers the fundamentals of pin tumbler and wafer locks; the basics of picking; beginner and advanced training; and quick entry techniques. Whether the student will be hired at some point to penetrate security or simply trying to harden his or her own defenses, this book is essential. This instructional manual focuses on pin tumbler locks, the construction and function of which are illustrated with the aid of several diagrams. Everything from straightforward lock picking to quick-entry techniques like shimming, bumping, and bypassing are explained and shown. Guides and exercises demonstrate the use of basic lock-picking tools in order to manipulate and open these locks. The text also describes the most common "alternative" designs of pin tumbler locks and summarizes the tools and techniques that can be effective against them. It comes with a DVD filled with indispensable lock picking videos and color photos. This book is an ideal reference for penetration testers, security consultants, and IT security professionals as well as hackers. Detailed photos make learning as easy as picking a lock DVD is filled with indispensible lock picking videos and color photos Extensive appendix details tools and toolkits currently available for all your lock picking needs

Note: Online resource; Title from title page (viewed September 10, 2010) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

14

Online Resource

SQL Injection Attacks and Defense (2009)

Clarke-Salt, Justin [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9780080958576

Language: English

Pages: 1 online resource (496 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Winner of the Best Book Bejtlich Read in 2009 award! "SQL injection is probably the number one problem for any server-side application, and this book is unequaled in its coverage." Richard Bejtlich, http://taosecurity.blogspot.com/ SQL injection represents one of the most dangerous and well-known, yet misunderstood, security vulnerabilities on the Internet, largely because there is no central repository of information to turn to for help. This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts. What is SQL injection?-Understand what it is and how it works Find, confirm, and automate SQL injection discovery Discover tips and tricks for finding SQL injection within the code Create exploits using SQL injection Design to avoid the dangers of these attacks

Note: Online resource; Title from title page (viewed May 5, 2009) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

15

Online Resource

OSSEC Host-Based Intrusion Detection Guide (2008)

Bray, Rory [VerfasserIn] ; Cid, Daniel [VerfasserIn] ; Hay, Andrew [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597492409

Language: English

Pages: 1 online resource (416 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: This book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented...until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems. -- Stephen Northcutt OSSEC determines if a host has been compromised in this manner by taking the equivalent of a picture of the host machine in its original, unaltered state. This "picture" captures the most relevant information about that machine's configuration. OSSEC saves this "picture" and then constantly compares it to the current state of that machine to identify anything that may have changed from the original configuration. Now, many of these changes are necessary, harmless, and authorized, such as a system administrator installing a new software upgrade, patch, or application. But, then there are the not-so-harmless changes, like the installation of a rootkit, trojan horse, or virus. Differentiating between the harmless and the not-so-harmless changes determines whether the system administrator or security professional is managing a secure, efficient network or a compromised network which might be funneling credit card numbers out to phishing gangs or storing massive amounts of pornography creating significant liability for that organization. Separating the wheat from the chaff is by no means an easy task. Hence the need for this book. The book is co-authored by Daniel Cid, who is the founder and lead developer of the freely available OSSEC host-based IDS. As such, readers can be certain they are reading the most accurate, timely, and insightful information on OSSEC. * Nominee for Best Book Bejtlich read in 2008! * http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html • Get Started with OSSEC Get an overview of the features of OSSEC including commonly used terminology, pre-install preparation, and deployment considerations. • Follow Steb-by-Step Installation Instructions Walk through the installation process for the "local, “agent, and "server" install types on some of th...

Note: Online resource; Title from title page (viewed April 9, 2008) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

16

Online Resource

Syngress IT Security Project Management Handbook (2006)

Snedaker, Susan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (608 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: The definitive work for IT professionals responsible for the management of the design, configuration, deployment, and maintenance of enterprise wide security projects. Provides specialized coverage of key project areas including Penetration Testing, Intrusion Detection and Prevention Systems, and Access Control Systems. The first and last word on managing IT security projects, this book provides the level of detail and content expertise required to competently handle highly complex security deployments. In most enterprises, be they corporate or governmental, these are generally the highest priority projects and the security of the entire business may depend on their success. * The first book devoted exclusively to managing IT security projects * Expert authors combine superb project management skills with in-depth coverage of highly complex security projects * By mastering the content in this book, managers will realise shorter schedules, fewer cost over runs, and successful deployments

Note: Online resource; Title from title page (viewed July 4, 2006) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

17

Online Resource

Perfect Password (2006)

Burnett, Mark [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597490412

Language: English

Pages: 1 online resource (182 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: User passwords are the keys to the network kingdom, yet most users choose overly simplistic passwords (like password) that anyone could guess, while system administrators demand impossible to remember passwords littered with obscure characters and random numerals. Every computer user must face the problems of password security. According to a recent British study, passwords are usually obvious: around 50 percent of computer users select passwords based on names of a family member, spouse, partner, or a pet. Many users face the problem of selecting strong passwords that meet corporate security requirements. Too often, systems reject user-selected passwords because they are not long enough or otherwise do not meet complexity requirements. This book teaches users how to select passwords that always meet complexity requirements. A typical computer user must remember dozens of passwords and they are told to make them all unique and never write them down. For most users, the solution is easy passwords that follow simple patterns. This book teaches users how to select strong passwords they can easily remember. * Examines the password problem from the perspective of the administrator trying to secure their network * Author Mark Burnett has accumulated and analyzed over 1,000,000 user passwords and through his research has discovered what works, what doesn't work, and how many people probably have dogs named Spot * Throughout the book, Burnett sprinkles interesting and humorous password ranging from the Top 20 dog names to the number of references to the King James Bible in passwords

Note: Online resource; Title from title page (viewed January 9, 2006) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

18

Online Resource

Virtualization with Microsoft Virtual Server 2005 (2006)

Jones, Andy [VerfasserIn] ; Dittner, Rogier [VerfasserIn] ; Rule, David [VerfasserIn] ; [et al.]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597491068

Language: English

Pages: 1 online resource (481 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: A virtual evolution in IT shops large and small has begun. Microsoft's Virtal Server is the enterprise tool to free an infrastructure from its physical limitations providing the transformation into a virtual environment--this book shows you how. This book will detail the default and custom installation of Microsoft's Virtual Server 2005, as well as basic and advanced virtual machine configurations. It will also discuss the requirements for a server virtualization and consolidation project and the cost savings surrounding such an effort. Furthermore, the book will provide a thorough understanding of the benefits of a virtual infrastructure and a comprehensive examination of how Virtual Server can ease administration and lower overall IT costs. Lastly, the book delivers a thorough understanding of the virtual evolution which is underway in many IT organizations and how the reader will benefit from shifting from the physical to a virtual world. * Examines in detail the default and custom installation of Microsoft's Virtual Server 2005 * Addresses th important topics of server requirements and the cost implications involved * Looks at addressing IT costs and the benefits to the organisation

Note: Online resource; Title from title page (viewed October 13, 2006) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

19

Online Resource

How to Cheat at Securing a Wireless Network (2006)

Hurley, Chris [VerfasserIn] ; Barken, Lee [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597490870

Language: English

Pages: 1 online resource (500 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Wireless connectivity is now a reality in most businesses. Yet by its nature, wireless networks are the most difficult to secure and are often the favorite target of intruders. This book provides the busy network administrator with best-practice solutions to securing the wireless network With the increased demand for mobile connectivity and the decrease in cost and in the time required for installation, wireless network connections will make up 20% of all corporate network connections by the end of 2006. With this increase in usage comes a commensurate increase in the network’s vulnerability to intrusion. This book provides the typical network administrator with the basic tools and instruction they need to maintain a secure network while allowing acceptable access to users. · A practical product and technology specific guideline to securing a wireless networks for the busy System Administrator · Takes a simplified multi-layered approach into easily deployed plans for a straight forward understanding · Does not bog you down with history, but offers practical useful information for today

Note: Online resource; Title from title page (viewed August 22, 2006) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

20

Online Resource

How to Cheat at Managing Microsoft Operations Manager 2005 (2006)

Piltzecker, Anthony [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597492515

Language: English

Pages: 1 online resource (400 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Microsoft Operations Manager (MOM) is a network monitoring tool that provides enterprise-class event and performance management for Windows Server System technologies. MOM's event and performance management tools discover problems before system administrators would ever find them, thereby enabling administrators to lower their costs of operations and simplify management of their Windows Server System infrastructure. MOM can notify system administrators of overloaded processors, depleted memory, or failed network connections affecting their Windows servers long before these problems bother users. Microsoft Operations Manager (MOM) 2005 delivers open and scalable enterprise-class operational management by providing comprehensive event management, proactive monitoring and alerting, reporting and trend analysis, and system and application specific knowledge and tasks to improve the manageability of Windows Server System environments, including Windows, Exchange, SQL, IIS, Active Directory etc. * A users guide to Microsoft Operations Manager (MOM) enabling a cost reduction and simplification in managing your Windows Server System Infrastructure * Companion Web site for book offers dozens of customized scripts and tools for automating MOM 2005 and many other Windows Server products * There is no other compact resource like this for this core, Microsoft Server product

Note: Online resource; Title from title page (viewed March 1, 2006) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

21

Online Resource

Video Conferencing over IP : Configure, Secure, and Troubleshoot (2006)

Gough, Michael [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597490634

Language: English

Pages: 1 online resource (336 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: This book de-mystifies the technology behind video conferencing and provides single users and small enterprises with the information they need to deploy video conferencing efficiently and cost effectively. For many years, the promise of high quality, low cost video conferencing has been an attractive solution for businesses interested in cutting travel costs while maintaining the benefits of face-to-face contact. Unfortunately, most solutions never lived up to the promise, due primarily to lack of internet bandwidth and poorly developed protocols. That's no all changed. The capacity has been created, the hardware works, and businesses are more eager than ever to cut down on travel costs. * Budget conscious methods for deploying Video over IP in small to medium enterprises * Coverage of Cisco, Microsoft, Skype, AOL, Google, VidiTel and many other products * How to identify and resolve nagging quality of service issues such as transmission delays and out of synch video-to-voice feeds

Note: Online resource; Title from title page (viewed June 7, 2006) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

22

Online Resource

RFID Security (2006)

Thornton, Frank [VerfasserIn] ; Lanthem, Chris [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (448 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: RFID is a method of remotely storing and receiving data using devices called RFID tags. RFID tags can be small adhesive stickers containing antennas that receive and respond to transmissions from RFID transmitters. RFID tags are used to identify and track everything from food, dogs, beer kegs to library books. RFID tags use a standard that has already been hacked by several researchers. RFID Security discusses the motives for someone wanting to hack an RFID system and shows how to protect systems. Coverage includes: security breaches for monetary gain (hacking a shops RFID system would allow a hacker to lower the pricing on any product products). How to protect the supply chain (malicous/mischievous hackers can delete/alter/modify all identifying information for an entire shipment of products). How to protect personal privacy (privacy advocates fear that RFID tags embedded in products, which continue to transmit information after leaving a store, will be used to track consumer habits). The purpose of an RFID system is to enable data to be transmitted by a portable device, called a tag, which is read by an RFID reader and processed according to the needs of a particular application. The data transmitted by the tag may provide identification or location information, or specifics about the product tagged, such as price, colour, date of purchase, etc. . * Deloitte & Touche expects over 10 billion RFID tags to be in circulation by the end of 2005 * Parties debating the security issue of RFID need information on the pros and cons of the technology and this is that information * Little competition in a market desperate for information

Note: Online resource; Title from title page (viewed May 25, 2006) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

23

Online Resource

Security Log Management (2006)

Babbin, Jacob [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (350 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the “Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the “Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of “log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks

Note: Online resource; Title from title page (viewed January 27, 2006) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

24

Online Resource

Configuring SonicWALL Firewalls (2006)

Bendell, Dan [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (600 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: SonicWALL firewalls are the number 3 in sales worldwide in the security appliance market space as of 2004. This accounts for 15% total market share in the security appliance sector. The SonicWALL firewall appliance has had the largest annual growth in the security appliance sector for the last two years. This is the first book on the market covering the #3 best-selling firewall appliances in the world from SonicWALL. This book continues Syngress' history from ISA Server to Check Point to Cisco Pix of being first to market with best-selling firewall books for security professionals. Configuring SonicWALL Firewalls is the first book to deliver an in-depth look at the SonicWALL firewall product line. It covers all of the aspects of the SonicWALL product line from the SOHO devices to the Enterprise SonicWALL firewalls. Also covered are advanced troubleshooting techniques and the SonicWALL Security Manager. This book offers novice users a complete opportunity to learn the SonicWALL firewall appliance. Advanced users will find it a rich technical resource. * First book to deliver an in-depth look at the SonicWALL firewall product line * Covers all of the aspects of the SonicWALL product line from the SOHO devices to the Enterprise SonicWALL firewalls * Includes advanced troubleshooting techniques and the SonicWALL Security Manager

Note: Online resource; Title from title page (viewed May 25, 2006) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

25

Online Resource

Phishing Exposed (2005)

James, Lance [VerfasserIn] ; Jevans, Dave [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597490306

Language: English

Pages: 1 online resource (450 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Phishing Exposed unveils the techniques phishers employ that enable them to successfully commit fraudulent acts against the global financial industry. Also highlights the motivation, psychology and legal aspects encircling this deceptive art of exploitation. The External Threat Assessment Team will outline innovative forensic techniques employed in order to unveil the identities of these organized individuals, and does not hesitate to remain candid about the legal complications that make prevention and apprehension so difficult today. This title provides an in-depth, high-tech view from both sides of the playing field, and is a real eye-opener for the average internet user, the advanced security engineer, on up through the senior executive management of a financial institution. This is the book to provide the intelligence necessary to stay one step ahead of the enemy, and to successfully employ a pro-active and confident strategy against the evolving attacks against e-commerce and its customers. * Unveils the techniques phishers employ that enable them to successfully commit fraudulent acts * Offers an in-depth, high-tech view from both sides of the playing field to this current epidemic * Stay one step ahead of the enemy with all the latest information

Note: Online resource; Title from title page (viewed November 21, 2005) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

26

Online Resource

How to Cheat at Designing Security for a Windows Server 2003 Network (2005)

Ruston, Chris [VerfasserIn] ; Peiris, Chris [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597492430

Language: English

Pages: 1 online resource (500 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Windows 2003 Server is unquestionably the dominant enterprise level operating system in the industry, with 95% of all companies running it. And for the last tow years, over 50% of all product upgrades have been security related. Securing Windows Server, according to bill gates, is the company's #1 priority. While considering the security needs of your organiztion, you need to balance the human and the technical in order to create the best security design for your organization. Securing a Windows Server 2003 enterprise network is hardly a small undertaking, but it becomes quite manageable if you approach it in an organized and systematic way. This includes configuring software, services, and protocols to meet an organization’s security needs. * The Perfect Guide if "System Administrator is NOT your primary job function * Avoid "time drains" configuring the many different security standards built into Windows 2003 * Secure VPN and Extranet Communications

Note: Online resource; Title from title page (viewed December 15, 2005) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

27

Online Resource

Software Piracy Exposed (2005)

Honick, Ron [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781932266986

Language: English

Pages: 1 online resource (400 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: This book is about software piracy--what it is and how it's done. Stealing software is not to be condoned, and theft of intellectual property and copyright infringement are serious matters, but it's totally unrealistic to pretend that it doesn't happen. Software piracy has reached epidemic proportions. Many computer users know this, the software companies know this, and once you've read the Introduction to this book, you'll understand why. Seeing how widespread software piracy is, learning how it's accomplished, and particularly how incredibly easy it is to do might surprise you. This book describes how software piracy is actually being carried out. This book is about software piracy--what it is and how it's done This is the first book ever to describe how software is actually stolen and traded over the internet Discusses security implications resulting from over 1/2 of the internet's computers running illegal, unpatched, pirated software

Note: Online resource; Title from title page (viewed October 7, 2005) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

28

Online Resource

Aggressive Network Self-Defense (2005)

Wyler, Neil [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781931836203

Language: English

Pages: 1 online resource (560 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Over the past year there has been a shift within the computer security world away from passive, reactive defense towards more aggressive, proactive countermeasures. Although such tactics are extremely controversial, many security professionals are reaching into the dark side of their tool box to identify, target, and suppress their adversaries. This book will provide a detailed analysis of the most timely and dangerous attack vectors targeted at operating systems, applications, and critical infrastructure and the cutting-edge counter-measures used to nullify the actions of an attacking, criminal hacker. *First book to demonstrate and explore controversial network strike back and countermeasure techniques. *Provides tightly guarded secrets to find out WHO is really attacking you over the internet. *Provides security professionals and forensic specialists with invaluable information for finding and prosecuting criminal hackers.

Note: Online resource; Title from title page (viewed April 12, 2005) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

29

Online Resource

Insider Threat : Protecting the Enterprise from Sabotage, Spying, and Theft (2005)

Cole, Eric [VerfasserIn] ; Ring, Sandra [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781597490481

Language: English

Pages: 1 online resource (350 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: The Secret Service, FBI, NSA, CERT (Computer Emergency Response Team) and George Washington University have all identified “Insider Threats as one of the most significant challenges facing IT, security, law enforcement, and intelligence professionals today. This book will teach IT professional and law enforcement officials about the dangers posed by insiders to their IT infrastructure and how to mitigate these risks by designing and implementing secure IT systems as well as security and human resource policies. The book will begin by identifying the types of insiders who are most likely to pose a threat. Next, the reader will learn about the variety of tools and attacks used by insiders to commit their crimes including: encryption, steganography, and social engineering. The book will then specifically address the dangers faced by corporations and government agencies. Finally, the reader will learn how to design effective security systems to prevent insider attacks and how to investigate insider security breeches that do occur. Throughout the book, the authors will use their backgrounds in the CIA to analyze several, high-profile cases involving insider threats. * Tackles one of the most significant challenges facing IT, security, law enforcement, and intelligence professionals today * Both co-authors worked for several years at the CIA, and they use this experience to analyze several high-profile cases involving insider threat attacks * Despite the frequency and harm caused by insider attacks, there are no competing books on this topic.books on this topic

Note: Online resource; Title from title page (viewed December 15, 2005) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

30

Online Resource

Snort 2.1 Intrusion Detection, Second Edition (2004)

Caswell, Brian [VerfasserIn] ; Beale, Jay [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781931836043

Language: English

Pages: 1 online resource (608 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Called "the leader in the Snort IDS book arms race" by Richard Bejtlich, top Amazon reviewer, this brand-new edition of the best-selling Snort book covers all the latest features of a major upgrade to the product and includes a bonus DVD with Snort 2.1 and other utilities. Written by the same lead engineers of the Snort Development team, this will be the first book available on the major upgrade from Snort 2 to Snort 2.1 (in this community, major upgrades are noted by .x and not by full number upgrades as in 2.0 to 3.0). Readers will be given invaluable insight into the code base of Snort, and in depth tutorials of complex installation, configuration, and troubleshooting scenarios. Snort has three primary uses: as a straight packet sniffer, a packet logger, or as a full-blown network intrusion detection system. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes. Snort uses a flexible rules language to describe traffic that it should collect or pass, a detection engine that utilizes a modular plug-in architecture, and a real-time alerting capability. A CD containing the latest version of Snort as well as other up-to-date Open Source security utilities will accompany the book. Snort is a powerful Network Intrusion Detection System that can provide enterprise wide sensors to protect your computer assets from both internal and external attack. * Completly updated and comprehensive coverage of snort 2.1 * Includes free CD with all the latest popular plug-ins * Provides step-by-step instruction for installing, configuring and troubleshooting

Note: Online resource; Title from title page (viewed June 6, 2004) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

31

Online Resource

Google Hacking for Penetration Testers (2004)

Long, Johnny [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

Language: English

Pages: 1 online resource (448 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Google, the most popular search engine worldwide, provides web surfers with an easy-to-use guide to the Internet, with web and image searches, language translation, and a range of features that make web navigation simple enough for even the novice user. What many users don’t realize is that the deceptively simple components that make Google so easy to use are the same features that generously unlock security flaws for the malicious hacker. Vulnerabilities in website security can be discovered through Google hacking, techniques applied to the search engine by computer criminals, identity thieves, and even terrorists to uncover secure information. This book beats Google hackers to the punch, equipping web administrators with penetration testing applications to ensure their site is invulnerable to a hacker’s search. Penetration Testing with Google Hacks explores the explosive growth of a technique known as "Google Hacking." When the modern security landscape includes such heady topics as "blind SQL injection" and "integer overflows," it's refreshing to see such a deceptively simple tool bent to achieve such amazing results; this is hacking in the purest sense of the word. Readers will learn how to torque Google to detect SQL injection points and login portals, execute port scans and CGI scans, fingerprint web servers, locate incredible information caches such as firewall and IDS logs, password databases, SQL dumps and much more - all without sending a single packet to the target! Borrowing the techniques pioneered by malicious "Google hackers," this talk aims to show security practitioners how to properly protect clients from this often overlooked and dangerous form of information leakage. *First book about Google targeting IT professionals and security leaks through web browsing. *Author Johnny Long, the authority on Google hacking, will be speaking about "Google Hacking" at the Black Hat 2004 Briefing. His presentation on penetrating security flaws with Google is expected to create a lot of buzz and exposure for the topic. *Johnny Long's Web site hosts the largest repository of Google security exposures and is the most popular destination for security professionals who want to learn about the dark side of Google.

Note: Online resource; Title from title page (viewed December 17, 2004) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

32

Online Resource

Cisco Security Specialists Guide to PIX Firewall (2002)

Safari, an O’Reilly Media Company.

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781931836630

Language: English

Pages: 1 online resource (608 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Cisco Security Specialist's Guide to PIX Firewall immerses the reader in the highly complicated subject of firewall implementation, deployment, configuration, and administration. This guide will instruct the reader on the necessary information to pass the CSPFA exam including protocols, hardware, software, troubleshooting and more. Cisco Security Specialist's Guide to PIX Firewall introduces the basic concepts of attack, explains the networking principals necessary to effectively implement and deploy a PIX firewall, covers the hardware and software components of the device, provides multiple configurations and administration examples, and fully describes the unique line syntax native to PIX firewall configuration and administration. Coverage of the Latest Versions of PIX Firewalls. This book includes coverage of the latest additions to the PIX Firewall family including the CiscoSecure PIX Firewall (PIX) Software Release 6.0 Must-have desk reference for the serious security professional. In addition to the foundation information and dedicated text focused on the exam objectives for the CSPFA, this book offers real-world administration and configuration support. This book will not only help readers pass the exam; it will continue to assist them with their duties on a daily basis Firewall administration guides? Syngress wrote the book. Syngress has demonstrated a proficiency to answer the market need for quality information pertaining to firewall administration guides. Configuring ISA Server 2000: Building Firewalls for Windows 2000 (ISBN: 1-928994-29-6) and Checkpoint Next Generation Security Administration (ISBN: 1-928994-74-1) are currently best sellers in the security market

Note: Online resource; Title from title page (viewed December 11, 2002) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

33

Online Resource

Scene of the Cybercrime : Computer Forensics Handbook (2002)

Safari, an O’Reilly Media Company.

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781931836654

Language: English

Pages: 1 online resource (512 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: "Cybercrime and cyber-terrorism represent a serious challenge to society as a whole." - Hans Christian Krüger, Deputy Secretary General of the Council of Europe Crime has been with us as long as laws have existed, and modern technology has given us a new type of criminal activity: cybercrime. Computer and network related crime is a problem that spans the globe, and unites those in two disparate fields: law enforcement and information technology. This book will help both IT pros and law enforcement specialists understand both their own roles and those of the other, and show why that understanding and an organized, cooperative effort is necessary to win the fight against this new type of crime. 62% of US companies reported computer-related security breaches resulting in damages of $124 million dollars. This data is an indication of the massive need for Cybercrime training within the IT and law enforcement communities. The only book that covers Cybercrime from forensic investigation through prosecution. Cybercrime is one of the battlefields in the war against terror.

Note: Online resource; Title from title page (viewed August 12, 2002) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

34

Online Resource

VB.Net Web Developer's Guide (2001)

Safari, an O’Reilly Media Company.

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781928994480

Language: English

Pages: 1 online resource (608 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Visual Basic has long been the language of choice when designing Windows-based applications and the Web. Touted as both the most popular and productive computing language, Visual Basic has amassed quite a following of devoted programmers, and is a sought after programming skill. With the introduction of .NET Enterprise, Microsoft launch VB.NET, offering a streamlined, simplified version of Visual Basic language. With increased power, scalability, functionality and reliability, VB.NET is positioned to be the most productive tool in a programmer's toolbox. VB.NET Developer's Guide is written for previous Visual Basic Programmers looking to harness the power of the new features and functionality incorporated in Visual Basic.NET. Timely coverage of newly released product which Visual Basic users will be eager to learn VB.NET Developer's Guide is one of the first comprehensive reference for programmers and developers anxious to learn about the new technology

Note: Online resource; Title from title page (viewed September 4, 2001) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

35

Online Resource

Hack Proofing Your Web Applications (2001)

Safari, an O’Reilly Media Company.

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781928994312

Language: English

Pages: 1 online resource (512 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: From the authors of the bestselling Hack Proofing Your Network! OPEC, Amazon, Yahoo! and E-bay: If these large, well-established and security-conscious web sites have problems, how can anyone be safe? How can any programmer expect to develop web applications that are secure? Hack Proofing Your Web Applications is the only book specifically written for application developers and webmasters who write programs that are used on web sites. It covers Java applications, XML, ColdFusion, and other database applications. Most hacking books focus on catching the hackers once they've entered the site; this one shows programmers how to design tight code that will deter hackers from the word go. Comes with up-to-the-minute web based support and a CD-ROM containing source codes and sample testing programs Unique approach: Unlike most hacking books this one is written for the application developer to help them build less vulnerable programs

Note: Online resource; Title from title page (viewed June 18, 2001) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

36

Online Resource

Building Robots With Lego Mindstorms (2001)

Ferrari, Mario [VerfasserIn] ; Ferrari, Guilio [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781928994671

Language: English

Pages: 1 online resource (448 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: Lego robots! Mindstorms are sweeping the world and fans need to learn how to programme them Lego Mindstorms are a new generation of Lego Robots that can be manipulated using microcomputers, light and touch sensors, an infrared transmitter and CD-ROMs. Since Lego launched Lego Mindstorms in late 1998 sales have skyrocketed - with no sign of slowing down. Mindstorms have captured the imagination of adults and children alike, creating a subculture of Mindstorm enthusiasts around the world. The kits are now a staple part of engineering and computer science classes at many high profile Universities. Building Robots with Lego Mindstorms provides readers with a fundamental understanding of the geometry, electronics, engineering, and programming required to build your own robots. Mario and Giulio Ferrari are world-renowned experts in the field of Lego Mindstorms robotics, and in this book they share their unrivaled knowledge and expertise of robotics as well as provide a series of chapters detailing how to design and build the most exotic robots. Mario and Giulio also give detailed explanations of how to integrate Lego Mindstorms kits with other Lego programmable bricks such as Scout and Cybermaster, as well as with non-robotic Lego Technics models.

Note: Online resource; Title from title page (viewed December 6, 2001) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

37

Online Resource

Building Cisco Remote Access Networks (2000)

Lawson, Wayne [VerfasserIn]

[Erscheinungsort nicht ermittelbar] : Syngress | Boston, MA : Safari

add to mindlist on the mindlist

Details

ISBN: 9781928994138

Language: English

Pages: 1 online resource (608 pages)

Edition: 1st edition

Keywords: Electronic books ; local ; Electronic books

Abstract: An increasing number of companies are designing and implementing Remote Access Networks, which allow users who are not physically connected to a Wide Area Network (WAN) or Local Area Network (LAN) to access the network's servers, applications and databases or to participate in video conferencing and conference calls. The ability for a remote user to function as if they were in the next office dramatically improves overall efficiency while reducing total cost of ownership. Cisco Systems, the world's largest internetworking vendor, is the pioneer of the enabling technologies for Remote Access Networks. This book will identify and explain all of the Cisco products necessary for designing and building a remote access network and integrating it with legacy systems. This book is a professional reference detailing all of the strategies, tactics and methods for designing, configuring and maintaining Cisco Remote Access Networks. It will include thorough discussions of all Cisco Access Servers and routers. * Demand for information on remote access networks is growing quickly at corporate and administrator level * Cisco remote access networks appeal to businesses as they provide efficient and secure connectivity at reduced cost * Book includes thorough discussions of all Cisco Access Servers and routers

Note: Online resource; Title from title page (viewed November 15, 2000) , Mode of access: World Wide Web.

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.