Evifa-Portal

1

Online Resource

Managing security with Snort and IDS tools (2004)

Cox, Kerry [VerfasserIn] ; Gerg, Christopher [MitwirkendeR]

Beijing ; : O'Reilly | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xvi, 269 p. , ill. ; , 23 cm

Edition: 1st ed.

Keywords: Snort (Computer file) ; Computer networks ; Security measures ; Computer security ; Computers ; Access control ; Electronic books ; local

Abstract: Intrusion detection is not for the faint at heart. But, if you are a network administrator chances are you're under increasing pressure to ensure that mission-critical systems are safe--in fact impenetrable--from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders.Designing a reliable way to detect intruders before they get in is a vital but daunting challenge. Because of this, a plethora of complex, sophisticated, and pricy software solutions are now available. In terms of raw power and features, SNORT, the most commonly used Open Source Intrusion Detection System, (IDS) has begun to eclipse many expensive proprietary IDSes. In terms of documentation or ease of use, however, SNORT can seem overwhelming. Which output plugin to use? How do you to email alerts to yourself? Most importantly, how do you sort through the immense amount of information Snort makes available to you?Many intrusion detection books are long on theory but short on specifics and practical examples. Not Managing Security with Snort and IDS Tools . This new book is a thorough, exceptionally practical guide to managing network security using Snort 2.1 (the latest release) and dozens of other high-quality open source other open source intrusion detection programs. Managing Security with Snort and IDS Tools covers reliable methods for detecting network intruders, from using simple packet sniffers to more sophisticated IDS (Intrusion Detection Systems) applications and the GUI interfaces for managing them. A comprehensive but concise guide for monitoring illegal entry attempts, this invaluable new book explains how to shut down and secure workstations, servers, firewalls, routers, sensors and other network devices.Step-by-step instructions are provided to quickly get up and running with Snort. Each chapter includes links for the programs discussed, and additional links at the end of the book give administrators access to numerous web sites for additional information and instructional material that will satisfy even the most serious security enthusiasts. Managing Security with Snort and IDS Tools maps out a proactive--and effective--approach to keeping your systems safe from attack.

Note: "Intrusion detection with open source tools"--Cover. - Includes index

URL: https://learning.oreilly.com/library/view/-/0596006616/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

2

Online Resource

Defend I.T : security by example (2004)

Gupta, Ajay [VerfasserIn] ; Laliberte, Scott [MitwirkendeR]

Boston : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxviii, 349 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Electronic books ; local

Abstract: "Ajay and Scott take an interesting approach in filling Defend I.T. with case studies and using them to demonstrate important security principles. This approach works well and is particularly valuable in the security space, where companies and consultants are often hesitant to discuss true security incidents for potential embarrassment and confidentiality reasons. Defend I.T. is full of engaging stories and is a good read." --Fyodor, author of the Nmap Security Scanner and Insecure.Org " Defend I.T. answers reader demand for scenario-driven examples. Security professionals will be able to look at these case studies and relate them to their own experiences. That sets this book apart." --Lance Hayden, Cisco Systems "This is an exciting book! It's like reading several mysteries at once from different viewpoints, with the added benefit of learning forensic procedures along the way. Readers will benefit from the procedures, and the entertaining presentation is a real plus." --Elizabeth Zinkann, Equilink Consulting The battle between IT professionals and those who use the Internet for destructive purposes is raging--and there is no end in sight. Reports of computer crime and incidents from the CERT Coordination Center at Carnegie Mellon University more than double each year and are expected to rise. Meanwhile, viruses and worms continue to take down organizations for days. Defend I.T.: Security by Example draws on detailed war stories to identify what was done right and what was done wrong in actual computer-security attacks, giving you the opportunity to benefit from real experiences. Approaches to securing systems and networks vary widely from industry to industry and organization to organization. By examining a variety of real-life incidents companies are too embarrassed to publicly share, the authors explain what could have been done differently to avoid the losses incurred--whether creating a different process for incident response or having better security countermeasures in place to begin with. Inside, you'll find in-depth case studies in a variety of categories: Basic Hacking: Blackhat bootcamp, including mapping a network, exploiting vulnerable architecture, and launching denial-of-service attacks Current Methods: The latest in malicious deeds, including attacks on wireless networks, viruses and worms, and compromised Web servers Additional Items on the Plate: Often overlooked security measures such as developing a security policy, intrusio...

Note: Includes bibliographical references (p. 321-326) and index

URL: https://learning.oreilly.com/library/view/-/0321197674/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

3

Online Resource

The .NET developer's guide to Windows security (2004)

Brown, Keith [VerfasserIn] 1967 Mar. 16-

Boston : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xv, 392 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Microsoft Windows (Computer file) ; Computer security ; Microsoft .NET ; Electronic books ; local

Abstract: "As usual, Keith masterfully explains complex security issues in down-to-earth and easy-to-understand language. I bet you'll reach for this book often when building your next software application." --Michael Howard, coauthor, Writing Secure Code "When it comes to teaching Windows security, Keith Brown is 'The Man.' In The .NET Developer's Guide to Windows Security, Keith has written a book that explains the key security concepts of Windows NT, Windows 2000, Windows XP, and Windows Server 2003, and teaches you both how to apply them and how to implement them in C# code. By organizing his material into short, clear snippets, Brown has made a complicated subject highly accessible." --Martin Heller, senior contributing editor at Byte.com and owner of Martin Heller & Co. "Keith Brown has a unique ability to describe complex technical topics, such as security, in a way that can be understood by mere mortals (such as myself). Keith's book is a must read for anyone attempting to keep up with Microsoft's enhancements to its security features and the next major version of .NET." --Peter Partch, principal software engineer, PM Consulting "Keith's book is a collection of practical, concise, and carefully thought out nuggets of security insight. Every .NET developer would be wise to keep a copy of this book close at hand and to consult it first when questions of security arise during application development." --Fritz Onion, author of Essential ASP.NET with Examples in C# The .NET Developer's Guide to Windows Security is required reading for .NET programmers who want to develop secure Windows applications. Readers gain a deep understanding of Windows security and the know-how to program secure systems that run on Windows Server 2003, Windows XP, and Windows 2000. Author Keith Brown crystallizes his application security expertise into 75 short, specific guidelines. Each item is clearly explained, cross-referenced, and illustrated with detailed examples. The items build on one another until they produce a comprehensive picture of what tools are available and how developers should use them. The book highlights new features in Windows Server 2003 and previews features of the upcoming version 2.0 of the .NET Framework. A companion Web site includes the source code and examples used throughout the book. Topics covered include: Kerberos authentication Access control Impersonation Network security Constrained delegation Protocol transition Securing enterprise servi...

Note: Includes bibliographical references (p. 379-380) and index

URL: https://learning.oreilly.com/library/view/-/0321228359/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

4

Online Resource

The effective incident response team (2004)

Lucas, Julie [VerfasserIn] 1964- ; Moeller, Brian [MitwirkendeR]

Boston : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: p. cm

DDC: 005.8

Keywords: Computer security ; Electronic books ; local

Abstract: When an intruder, worm, virus, or automated attack succeeds in targeting a computer system, having specific controls and a response plan in place can greatly lessen losses. Accordingly, businesses are realizing that it is unwise to invest resources in preventing computer-related security incidents without equal consideration of how to detect and respond to such attacks and breaches. The Effective Incident Response Team is the first complete guide to forming and managing a Computer Incident Response Team (CIRT). In this book, system and network administrators and managers will find comprehensive information on establishing a CIRT's focus and scope, complete with organizational and workflow strategies for maximizing available technical resources. The text is also a valuable resource for working teams, thanks to its many examples of day-to-day team operations, communications, forms, and legal references. IT administrators and managers must be prepared for attacks on any platform, exploiting any vulnerability, at any time. The Effective Incident Response Team will guide readers through the critical decisions involved in forming a CIRT and serve as a valuable resource as the team evolves to meet the demands of ever-changing vulnerabilities. Inside, readers will find information on: Formulating reactive or preventative operational strategy Forming, training, and marketing the CIRT Selecting penetration-testing, intrusion-detection, network-monitoring, and forensics tools Recognizing and responding to computer incidents and attacks, including unauthorized access, denial-of-service attacks, port scans, and viruses Tracking, storing, and counting incident reports and assessing the cost of an incident Working with law enforcement and the legal community Benefiting from shared resources Scrutinizing closed incidents to further prevention Offering services such as user-awareness training, vulnerability and risk assessments, penetration testing, and architectural reviews Communicating the CIRT's return on investment through management reporting 0201761750B10062003

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/0201761750/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

5

Online Resource

Biometrics for network security (2004)

Reid, Paul [VerfasserIn]

Upper Saddle River, NJ : Prentice Hall PTR | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xx, 252 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Biometric identification ; Computer networks ; Security measures ; Computer security ; Electronic books ; local

Abstract: The complete guide to implementing biometric security solutions for your network Network security has become the latter-day equivalent of oxymoronic terms like "jumbo shrimp" and "exact estimate." Newspaper headlines are routinely peppered with incidents of hackers thwarting the security put forth by the government and the private sector. As with any new technology, the next evolution of network security has long languished in the realm of science fiction and spy novels. It is now ready to step into the reality of practical application. In Biometrics for Network Security , biometrics security expert Paul Reid covers a variety of biometric options, ranging from fingerprint identification to voice verification to hand, face, and eye scanning. Approaching the subject from a practitioner's point of view, Reid describes guidelines, applications, and procedures for implementing biometric solutions for your network security systems. Coverage includes: An introduction to authentication technologies and biometrics Dealing with privacy issues Biometric technologies, including finger, hand geometry, handwriting, iris, retina, voice, and face Security concerns related to biometrics, including attempts to spoof or fake results Deployment of biometric security systems, including vendor selection and roll out procedures Real-life case studies For security, system, and network administrators and managers, as well as anyone who is interested in the application of cutting-edge biometric technology, Biometrics for Network Security will prove an indispensable addition to your library!

Note: Includes bibliographical references (p. 239-241) and index

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

6

Online Resource

Designing network security (2004)

Kaeo, Merike [VerfasserIn]

Indianapolis, IN : Cisco Press | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxiii, 745 p. , ill. ; , 24 cm

Edition: 2nd ed.

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Internet ; Security measures ; Electronic books ; local

Abstract: A practical guide to creating a secure network infrastructure Understand basic cryptography and security technologies Identify the threats and common attacks to a network infrastructure Learn how to create a security policy Find out how to recover from a security breach Study specific implementation scenarios for securing your network environment Learn about advances in security technologies Designing Network Security, Second Edition , is a practical guide designed to help you understand the fundamentals of securing your corporate network infrastructure. This book takes a comprehensive look at underlying security technologies, the process of creating a security policy, and the practical requirements necessary to implement a corporate security policy. You will gain a thorough understanding of basic cryptography, the most widely deployed security technologies, and key emerging security technologies. You will be able to guide the architecture and implementation of a security policy for a corporate environment by knowing possible threats and vulnerabilities and understanding the steps required to perform a risk management assessment. Through the use of specific configuration examples, you will learn about the features required in network infrastructure equipment to implement the given security policy, including securing the internal corporate infrastructure, Internet access, and the remote access environment. This new edition includes coverage of new security features including SSH on routers, switches, and the PIX(r) Firewall; enhancements to L2TP and IPSec; Cisco(r) LEAP for wireless networks; digital certificates; advanced AAA functionality; and Cisco Intrusion Detection System features and products. Additional practical examples include current security trends using VPN, wireless, and VoIP networking examples. This book is part of the Networking Technology Series from Cisco Press(r), which offers networking professionals valuable information for constructing efficient networks, understanding new technologies, and building successful careers.

Note: Includes index

URL: https://learning.oreilly.com/library/view/-/1587051176/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

7

Online Resource

Network security hacks (2004)

Lockhart, Andrew [VerfasserIn]

Beijing ; : O'Reilly | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xv, 298 , ill. ; , 23 cm

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Internet ; Security measures ; Electronic books ; local

Abstract: To the uninitiated, the title may seem like an oxymoron: after all, aren't hacks what network security is supposed to prevent? But if you're network administrator, this book's title not only makes sense; it makes a lot of sense. You know that a busy administrator needs a hatful of devilishly effective security hacks to keep your 12-hour days from becoming all-nighters. Network Security Hacks is not a long-winded treatise on security theory. Instead, this information packed little book provides 100 quick, practical, and clever things to do to help make your Linux, UNIX, or Windows networks more secure today. This compendium of security hacks doesn't just cover securing TCP/IP-based services, but also provides intelligent host-based security techniques. Loaded with concise but powerful examples of applied encryption, intrusion detection, logging, trending, and incident response, Network Security Hacks will demonstrate effective methods for defending your servers and networks from a variety of devious and subtle attacks. Network Security Hacks show how to detect the presence (and track every keystroke) of network intruders, methods for protecting your network and data using strong encryption, and even techniques for laying traps for would-be system crackers. Important security tools are presented, as well as clever methods for using them to reveal real, timely, useful information about what is happening on your network. O'Reilly's Hacks Series reclaims the term "hacking" for the good guys--innovators who use their ingenuity to solve interesting problems, explore and experiment, unearth shortcuts, and create useful tools. Network Security Hacks lives up to reputation the Hacks series has earned by providing the "roll-up-your sleeves and get-it-done" hacks that most network security tomes don't offer. Every hack can be read in just a few minutes but will save hours of searching for the right answer. Using just one of these amazing hacks will make this slim book's price seem like a remarkable deal. The other 99 make Network Security Hacks absolutely invaluable.

Note: Includes index

URL: https://learning.oreilly.com/library/view/-/0596006438/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

8

Online Resource

J2EE security for servlets, EJBs and Web services : applying theory and standards to practice (2004)

Kumar, Pankaj [VerfasserIn]

Upper Saddle River, N.J. : Prentice Hall PTR | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxvi, 426 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: JavaBeans ; Computer security ; Java (Computer program language) ; Servlets ; Web services ; Electronic books ; local

Abstract: J2EE developers have an extraordinary array of powerful options for securing their Web services, Web applications, EJB components and RMI objects. Now, expert Java architect Pankaj Kumar helps developers make sense of Java's increasingly rich security APIs, tools, patterns, and best practices-showing how to use each of them in the right place, at the right time, and in the right way. Kumar covers every significant J2SE and J2EE security mechanism, presenting practical implementation techniques for the entire J2EE project lifecycle: analysis, design, development, deployment and operations. The book's example-rich coverage includes: Implementing cryptography with the JCA (Java Cryptography Architecture) and JCE (Java Cryptography Extension) security APIs Building PKI systems with Java: implementing X.509 certificates, Certification Authorities, Certificate Revocation Lists, and repositories Java security managers, policy files, and JAAS: implementing access control based on code origin, code signer and user credentials Securing the wire: Using SSL and the JSSE API to secure data exchange over unprotected networks Ensuring XML message integrity, authentication, and confidentiality with the standards: XML Signature & XML Encryption using the VeriSign TSIK, and Infomosaic SecureXML libraries Addressing security issues in RMI-based distributed applications Developing and deploying servlets and EJBs for authenticated and secure access Securing Web services with transport- and message-based security: SSL for transport-based and WS Security for message-based security Covering security aspects of best-of-breed products: Apache Tomcat, Apache Axis, and BEA WebLogic Server.

Note: Includes bibliographical references (p. 413-414) and index

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

9

Online Resource

Enterprise Java security : building secure J2EE applications (2004)

Pistoia, Marco [MitwirkendeR]

Boston : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxiii, 581 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Computer security ; Java (Computer program language) ; Electronic books ; local

Abstract: Enterprise Java™ Security: Building Secure J2EE™ Applications provides application developers and programmers with the know-how they need to utilize the latest Java security technologies in building secure enterprise infrastructures. Written by the leading Java security experts at IBM, this comprehensive guide covers the current status of the Java™ 2 Platform, Enterprise Edition (J2EE), and Java™ 2 Platform, Standard Edition (J2SE™), security architectures and offers practical solutions and usage patterns to address the challenges of Java security. To aid developers who need to build secure J2EE applications, Enterprise Java™ Security covers at length the J2EE security technologies, including the security aspects of servlets, JavaServer Pages(TM) (JSP™), and Enterprise JavaBeans™ (EJB™)-technologies that are at the core of the J2EE architecture. In addition, the book covers Web Services security. Examples and sample code are provided throughout the book to give readers a solid understanding of the underlying technology. The relationship between Java and cryptographic technologies is covered in great detail, including: Java Cryptography Architecture (JCA) Java Cryptography Extension (JCE) Public-Key Cryptography Standards (PKCS) Secure/Multipurpose Internet Mail Extensions (S/MIME) Java Secure Socket Extension (JSSE)

Note: Includes bibliographical references (p. 563) and index

URL: https://learning.oreilly.com/library/view/-/0321118898/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

10

Online Resource

Inside Java 2 platform security : architecture, API design, and implementation (2004)

Gong, Li [VerfasserIn] 1963- ; Dageforde, Mary [MitwirkendeR] ; Ellison, Gary [MitwirkendeR]

Boston, MA : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: p. cm

Edition: 2nd ed.

DDC: 005.8

Keywords: Computer security ; Java (Computer program language) ; Electronic books ; local

Abstract: Inside Java™ 2 Platform Security , the definitive and comprehensive guide to the Java security platform, has been thoroughly updated to reflect key additions and revisions to Java security technologies currently in use by leading technology companies. This second edition, penned by the Java experts at Sun Microsystems, provides a detailed look into the central workings of the Java security architecture and describes tools and techniques for successful implementation on even the most demanding network computing environment. While Java has always provided a stronger security model than other platforms, this book reviews all the methods and practices required to improve security without sacrificing functionality. With tips on how to customize, extend, and refine the Java security architecture, users will have everything they need to protect their information assets from both external and internal threats. This book's in-depth coverage encompasses security architecture, deployment, customization, new developments, and much more. Security fundamentals Secure class loading Specifying fine-grained security policy Enforcing security policy with AccessController, SecurityManager, and more Digital certificates, certification paths, signed code, JAAS, and other authentication measures Java-based cryptography with code examples JSSE, Java GSS-API, and RMI for network security Previews of other platforms for security, including Java Card, J2ME and Jini Designed for both the system administrator and software practitioner, this book delivers vital knowledge for building and maintaining a secure system using the Java 2 platform. With detailed code and usage examples throughout, Inside Java™ 2 Platform Security, Second Edition , is an indispensable resource for all platform security needs. The Java™ Series is supported, endorsed, and authored by the creators of the Java technology at Sun Microsystems, Inc. It is the official place to go for complete, expert, and definitive information on Java technology. The books in this Series provide the inside information you need to build effective, robust, and portable applications and applets. The Series is an indispensable resource for anyone targeting the Java™ 2 platform.

URL: https://learning.oreilly.com/library/view/-/0201787911/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

11

Online Resource

Malware : fighting malicious code (2004)

Skoudis, Ed [VerfasserIn] ; Zeltser, Lenny [MitwirkendeR]

Upper Saddle River, NJ : Prentice Hall PTR | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxii, 647 p. , ill. ; , 23 cm

Series Statement: Prentice Hall series in computer networking and distributed systems

DDC: 005.8

Keywords: Computer crimes ; Computer networks ; Security measures ; Computer security ; Electronic books ; local

Abstract: Reveals how attackers install malicious code and how they evade detection Shows how you can defeat their schemes and keep your computers and network safe! Details viruses, worms, backdoors, Trojan horses, RootKits, and other threats Explains how to handle today's threats, with an eye on handling the threats to come "This is a truly outstanding book-enormous technical wealth and beautifully written." -Warwick Ford "Ed does it again, piercing the veil of mystery surrounding many of the more technical aspects of computer security!" -Harlan Carvey, CISSP "This book is entertaining and informative, while justifiably scaring you. Luckily it also tells you how to protect yourself, but makes you realize it's going to be a permanent spy-vs-spy struggle." -Radia Perlman, Distinguished Engineer, Sun Microsystems Keep control of your systems out of the hands of unknown attackers Ignoring the threat of malware is one of the most reckless things you can do in today's increasingly hostile computing environment. Malware is malicious code planted on your computer, and it can give the attacker a truly alarming degree of control over your system, network, and data-all without your knowledge! Written for computer pros and savvy home users by computer security expert Edward Skoudis, Malware: Fighting Malicious Code covers everything you need to know about malware, and how to defeat it! This book devotes a full chapter to each type of malware-viruses, worms, malicious code delivered through Web browsers and e-mail clients, backdoors, Trojan horses, user-level RootKits, and kernel-level manipulation. You'll learn about the characteristics and methods of attack, evolutionary trends, and how to defend against each type of attack. Real-world examples of malware attacks help you translate thought into action, and a special defender's toolbox chapter shows how to build your own inexpensive code analysis lab to investigate new malware specimens on your own. Throughout, Skoudis' clear, engaging style makes the material approachable and enjoyable to learn. This book includes: Solutions and examples that cover both UNIX® and Windows® Practical, time-tested, real-world actions you can take to secure your systems Instructions for building your own inexpensive malware code analysis lab so you can get familiar with attack and defensive tools harmlessly! Malware: Fighting Malicious Code is intended for system administrators, network personnel, security personnel, savvy home compu...

Note: Includes bibliographical references and index

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

12

Online Resource

Security for Microsoft Visual Basic .NET (2003)

Robinson, Ed [VerfasserIn] 1967- ; Bond, Michael [VerfasserIn]

Redmond, Wash. : Microsoft Press | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Keywords: Microsoft Visual BASIC ; BASIC (Computer program language) ; Computer security ; Microsoft .NET ; Electronic books ; local

Abstract: This resource provides best practices, step-by-step code walk-throughs, and concise explanations of key security terms, issues, and jargon to help developers create and run secure code with Visual Basic.

Note: Includes index. - Includes link to companion web site. - Title from title screen

URL: https://learning.oreilly.com/library/view/-/0735619190/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

13

Online Resource

Practical UNIX and Internet security (2003)

Garfinkel, Simson [VerfasserIn] ; Schwartz, Alan [MitwirkendeR] ; Spafford, Gene [MitwirkendeR]

Beijing ; : O'Reilly | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxix, 954 p. , ill. ; , 24 cm

Edition: 3rd ed.

DDC: 005.8

Keywords: UNIX (Computer file) ; Computer security ; Internet ; Congresses ; Operating systems (Computers) ; Electronic books ; local

Abstract: When Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world.Focusing on the four most popular Unix variants today--Solaris, Mac OS X, Linux, and FreeBSD--this book contains new information on PAM (Pluggable Authentication Modules), LDAP, SMB/Samba, anti-theft technologies, embedded systems, wireless and laptop issues, forensics, intrusion detection, chroot jails, telephone scanners and firewalls, virtual and cryptographic filesystems, WebNFS, kernel security levels, outsourcing, legal issues, new Internet protocols and cryptographic algorithms, and much more. Practical Unix & Internet Security consists of six parts: Computer security basics: introduction to security problems and solutions, Unix history and lineage, and the importance of security policies as a basic element of system security. Security building blocks: fundamentals of Unix passwords, users, groups, the Unix filesystem, cryptography, physical security, and personnel security. Network security: a detailed look at modem and dialup security, TCP/IP, securing individual network services, Sun's RPC, various host and network authentication systems (e.g., NIS, NIS+, and Kerberos), NFS and other filesystems, and the importance of secure programming. Secure operations: keeping up to date in today's changing security world, backups, defending against attacks, performing integrity management, and auditing. Handling security incidents: discovering a break-in, dealing with programmed threats and denial of service attacks, and legal aspects of computer security. Appendixes: a comprehensive security checklist and a detailed bibliography of paper and electronic references for further reading and research. Packed with 1000 pages of helpful text, scripts, checklists, tips, and warnings, this third edition remains the definitive reference for Unix administrators and anyone who cares about protecting their systems and data from today's threats.

Note: Includes bibliographical references (p. 873-895) and index

URL: https://learning.oreilly.com/library/view/-/0596003234/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

14

Online Resource

Secure coding : principles and practices (2003)

Graff, Mark [VerfasserIn] ; Van Wyk, Kenneth R [MitwirkendeR]

Beijing ; : O'Reilly | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xx, 202 p. , ill. ; , 23 cm

DDC: 005.8

Keywords: Computer security ; Electronic books ; local

Abstract: Practically every day, we read about a new type of attack on computer systems and networks. Viruses, worms, denials of service, and password sniffers are attacking all types of systems -- from banks to major e-commerce sites to seemingly impregnable government and military computers --at an alarming rate. Despite their myriad manifestations and different targets, nearly all attacks have one fundamental cause: the code used to run far too many systems today is not secure. Flaws in its design, implementation, testing, and operations allow attackers all-too-easy access. Secure Coding , by Mark G. Graff and Ken vanWyk, looks at the problem of bad code in a new way. Packed with advice based on the authors' decades of experience in the computer security field, this concise and highly readable book explains why so much code today is filled with vulnerabilities, and tells readers what they must do to avoid writing code that can be exploited by attackers. Writing secure code isn't easy, and there are no quick fixes to bad code. To build code that repels attack, readers need to be vigilant through each stage of the entire code lifecycle: Architecture: during this stage, applying security principles such as "least privilege" will help limit even the impact of successful attempts to subvert software. Design: during this stage, designers must determine how programs will behave when confronted with fatally flawed input data. The book also offers advice about performing security retrofitting when you don't have the source code -- ways of protecting software from being exploited even if bugs can't be fixed. Implementation: during this stage, programmers must sanitize all program input (the character streams representing a programs' entire interface with its environment -- not just the command lines and environment variables that are the focus of most security analysis). Testing: during this stage, programs must be checked using both static code checkers and runtime testing methods -- for example, the fault injection systems now available to check for the presence of such flaws as buffer overflow. Operations: during this stage, patch updates must be installed in a timely fashion. In early 2003, sites that had diligently applied Microsoft SQL Server updates were spared the impact of the Slammer worm that did serious damage to thousands of systems. Beyond the technical, Secure Coding sheds new light on the economic, psychological, and sheer practical reasons why...

Note: Includes bibliographical references (p. 185-194) and index

URL: https://learning.oreilly.com/library/view/-/0596002424/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

15

Online Resource

Mac OS X security (2003)

Potter, Bruce [VerfasserIn] ; Norvell, Preston [MitwirkendeR] ; Wotring, Brian [MitwirkendeR]

Indianapolis, Ind. : New Riders | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xx, 385 p. , ill. ; , 24 cm

Edition: 1st ed.

DDC: 005.8

Keywords: Mac OS ; Computer networks ; Security measures ; Computer security ; Macintosh (Computer) ; Security measures ; Operating systems (Computers) ; Electronic books ; local

Abstract: Mac OS X now operates on a UNIX engine. As such it is much more powerful than previous operating systems. It is now a multitasking, multithreaded, multi-user, and multiprocessor system with enhanced interoperability with other systems. Along with that increased power comes increased security vulnerability. Part I introduces readers to the basics of OS X security. Part II addresses system security beginning at the client workstation level. This section addresses UNIX-specific information such as permissions, executables, and network protocols and the related security concerns. Part III covers network security. The chapters in this section will cover security for internet services, file sharing, and network protection systems. Part IV addresses enterprise security using a variety of tools (Kerberos, NetInfo, and Rendezvous) as well as workstation configurations to illustrate how OS X Server and OS X inter-operate. The final section addresses auditing and forensics and what to do when an OS X network is compromised. This section teaches readers to audit systems painlessly and effectively and how to investigate and handle incidents.

Note: Includes bibliographical references (p. 361-369) and index

URL: https://learning.oreilly.com/library/view/-/0735713480/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

16

Online Resource

.NET security and cryptography (2003)

Thorsteinson, Peter [VerfasserIn] ; Ganesh, G. Gnana Arun [MitwirkendeR]

Boston, MA : ProQuest Information and Learning Company | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Parallel Title: Erscheint auch als

Keywords: Computer security ; Cryptography ; Microsoft .NET ; Electronic books ; local

Abstract: Learn how to make your .NET applications secure! Security and cryptography, while always an essential part of the computing industry, have seen their importance increase greatly in the last several years. Microsoft's .NET Framework provides developers with a powerful new set of tools to make their applications secure. NET Security and Cryptography is a practical and comprehensive guide to implementing both the security and the cryptography features found in the .NET platform. The authors provide numerous clear and focused examples in both C# and Visual Basic .NET, as well as detailed commentary on how the code works. They cover topics in a logical sequence and context, where they are most relevant and most easily understood. All of the sample code is available online at . This book will allow developers to: Develop a solid basis in the theory of cryptography, so they can understand how the security tools in the .NET Framework function Learn to use symmetric algorithms, asymmetric algorithms, and digital signatures Master both traditional encryption programming as well as the new techniques of XML encryption and XML signatures Learn how these tools apply to ASP.NET and Web Services security

Note: ELECTRONIC BOOK. - From: ProQuest--Title screen. - Title from title screen. - Includes bibliographical references and index

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

17

Online Resource

Inside the security mind : making the tough decisions (2003)

Day, Kevin [VerfasserIn] 1975-

Upper Saddle River, N.J. : Prentice Hall | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxi, 309 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Computer security ; Electronic books ; local

Abstract: "This is a really good book ... it spells out the motherhood and apple pie of information security in a highly readable way." -Warwick Ford, CTO, VeriSign, Inc. "An excellent security read! Breaks down a complex concept into a simple and easy-to-understand concept." -Vivek Shivananda, President Redefine your organization's information security Learn to think and act like a top security guru! Understand the founding principles of security itself and make better decisions Make your security solutions more effective, easily manageable, and less costly! Make smarter, more informed security decisions for your company Organizations today commit ever-increasing resources to information security, but are scarcely more secure than they were four or five years ago! By treating information security like an ordinary technological practice-that is, by throwing money, a handful of the latest technologies, and a lineup of gurus at the problem-they invariably wind up with expensive, but deeply flawed, solutions. The only way out of this trap is to change one's way of thinking about security: to grasp the reasoning, philosophy, and logic that underlie all successful security efforts. In Inside the Security Mind: Making the Tough Decisions , security expert Kevin Day teaches you how to approach information security the way the top gurus do-as an art, rather than a collection of technologies. By applying this discipline, your solutions will be more secure and less burdensome in time, expense, and effort. The first part of the book explains the practice of breaking security decisions down into a set of simple rules. These rules may then be applied to make solid security decisions in almost any environment. In the second part, Day uses a series of practical examples to illustrate exactly how the discipline works in practice. Additional material covers: Designing an enterprise security plan, including perimeter/firewall and Internal defenses, application, system, and hardware security Ongoing security measures-recurring audits, vulnerability maintenance, logging and monitoring, and incident response, plus risk assessment Choosing between open source and proprietary solutions; and wired, wireless, and virtual private networks This book is essential reading for anyone working to keep information secure. Technical and non-technical IT professionals alike can apply Day's concepts and strategies to become security gurus, while seasoned practitioners will benefit from th...

Note: Includes index

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

18

Online Resource

Security in computing (2003)

Pfleeger, Charles P [VerfasserIn] 1948- ; Pfleeger, Shari Lawrence [MitwirkendeR]

Upper Saddle River, N.J. : Prentice Hall PTR | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxix, 746 p. , ill. ; , 24 cm

Edition: 3rd ed.

DDC: 005.8

Keywords: Computer security ; Data protection ; Privacy, Right of ; Electronic books ; local

Abstract: The classic guide to information security-fully updated for the latest attacks and countermeasures Security in Computing, Third Edition systematically demonstrates how to control failures of confidentiality, integrity, and availability in applications, databases, operating systems, and networks alike. This sweeping revision of the field's classic guide to computer security reflects today's entirely new generation of network- and Internet-based threats and vulnerabilities, and offers practical guidance for responding to them. Updated to cover wireless security, intrusion detection, AES, DRM, biometrics, honeypots, online privacy, and more Security in Internet-based, distributed, desktop and traditional centralized applications New attacks, including scripted vulnerability probing, denial of service, and buffer overflows-with symptoms and cures Clear, accessible introduction to cryptography-without sophisticated math Up-to-the-minute explanations of digital signatures, certificates, and leading-edge quantum cryptography Thoroughly revamped coverage of software engineering practices designed to enhance program security Expanded coverage of risk management, contingency planning, and security policies Detailed presentation of protection in general-purpose and trusted operating systems Extensive pedagogical resources: end-of-chapter reviews and exercises, lists of key terms, and authoritative references Exceptionally clear and easy to understand, the book covers not only technical issues, but also law, privacy, ethics, and the physical and administrative aspects of security. The companion website (http://www.phptr.com/pfleeger/) contains additional information, book updates, and instructor's resources.

Note: Includes bibliographical references (p. 691-725) and index

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

19

Online Resource

Intrusion detection with Snort (2003)

Koziol, Jack [VerfasserIn]

Indianapolis, Ind. : Sams | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xx, 340 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Computers ; Access control ; Electronic books ; local

Abstract: With over 100,000 installations, the Snort open-source network instrusion detection system is combined with other free tools to deliver IDS defense to medium - to small-sized companies, changing the tradition of intrusion detection being affordable only for large companies with large budgets. Until now, Snort users had to rely on the official guide available on snort.org. That guide is aimed at relatively experience snort administrators and covers thousands of rules and known exploits. The lack of usable information made using Snort a frustrating experience. The average Snort user needs to learn how to actually get their systems up-and-running. Snort Intrusion Detection provides readers with practical guidance on how to put Snort to work. Opening with a primer to intrusion detection and Snort, the book takes the reader through planning an installation to building the server and sensor, tuning the system, implementing the system and analyzing traffic, writing rules, upgrading the system, and extending Snort.

Note: Includes index

URL: https://learning.oreilly.com/library/view/-/157870281X/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

20

Online Resource

Writing secure code (2003)

Howard, Michael [VerfasserIn] 1965- ; LeBlanc, David [MitwirkendeR]

Redmond, Wash. : Microsoft Press | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxviii, 768 p. , ill. ; , 23 cm

Edition: 2nd ed.

DDC: 005.8

Keywords: Computer security ; Data encryption (Computer science) ; Electronic books ; local

Abstract: Keep black-hat hackers at bay with the tips and techniques in this entertaining, eye-opening book! Developers will learn how to padlock their applications throughout the entire development process-from designing secure applications to writing robust code that can withstand repeated attacks to testing applications for security flaws. Easily digested chapters reveal proven principles, strategies, and coding techniques. The authors-two battle-scarred veterans who have solved some of the industry's toughest security problems-provide sample code in several languages. This edition includes updated information about threat modeling, designing a security process, international issues, file-system issues, adding privacy to applications, and performing security code reviews. It also includes enhanced coverage of buffer overruns, Microsoft .NET security, and Microsoft ActiveX development, plus practical checklists for developers, testers, and program managers.

Note: Includes bibliographical references (p. 741-745) and index

URL: https://learning.oreilly.com/library/view/-/0735617228/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

21

Online Resource

Maximum security (2003)

Safari Tech Books Online

Indianapolis, Ind. : Sams | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxiii, 945 p. , ill. ; , 23 cm. +

Edition: 4th ed.

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Electronic books ; local

Abstract: Maximum Security, Fourth Edition provides updated, comprehensive, platform-by-platform coverage of security issues, and includes clear, to the point descriptions of the most common techniques hackers use to penetrate systems. This book provides information for security administrators and others interested in computer and network security and provides them with techniques to take steps to protect their systems.

Note: Includes bibliographical references (p. [731]-759) and index

URL: https://learning.oreilly.com/library/view/-/0672324598/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

22

Online Resource

Computer security : art and science (2003)

Bishop, Matt [VerfasserIn]

Boston : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xli, 1084 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Computer security ; Electronic books ; local

Abstract: "This is an excellent text that should be read by every computer security professional and student." -Dick Kemmerer, University of California, Santa Barbara. "This is the most complete book on information security theory, technology, and practice that I have encountered anywhere!" -Marvin Schaefer, Former Chief Scientist, National Computer Security Center, NSA This highly anticipated book fully introduces the theory and practice of computer security. It is both a comprehensive text, explaining the most fundamental and pervasive aspects of the field, and a detailed reference filled with valuable information for even the most seasoned practitioner. In this one extraordinary volume the author incorporates concepts from computer systems, networks, human factors, and cryptography. In doing so, he effectively demonstrates that computer security is an art as well as a science. Computer Security: Art and Science includes detailed discussions on: The nature and challenges of computer security The relationship between policy and security The role and application of cryptography The mechanisms used to implement policies Methodologies and technologies for assurance Vulnerability analysis and intrusion detection Computer Security discusses different policy models, and presents mechanisms that can be used to enforce these policies. It concludes with examples that show how to apply the principles discussed in earlier sections, beginning with networks and moving on to systems, users, and programs. This important work is essential for anyone who needs to understand, implement, or maintain a secure network or computer system. 0201440997B10252002

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/0201440997/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

23

Online Resource

Secure programming cookbook for C and C (2003)

Viega, John [VerfasserIn] ; Messier, Matt [MitwirkendeR]

Beijing ; : O'Reilly | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxv, 762 p. , ill. ; , 24 cm

Edition: 1st ed.

DDC: 005.13/3

Keywords: C (Computer program language) ; C++ (Computer program language) ; Computer security ; Computer software ; Development ; Electronic books ; local

Abstract: Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult. Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn: How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems How to properly SSL-enable applications How to create secure channels for client-server communication without SSL How to integrate Public Key Infrastructure (PKI) into applications Best practices for using cryptography properly Techniques and strategies for properly validating input to programs How to launch programs securely How to use file access mechanisms properly Techniques for protecting applications from reverse engineering The book's web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers. Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.

Note: "Covers Unix and Windows"--Cover. - "Recipes for cryptography, authentication, networking, input validation & more"--Cover. - Includes index

URL: https://learning.oreilly.com/library/view/-/0596003943/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

24

Online Resource

Web hacking : attacks and defense (2003)

McClure, Stuart [VerfasserIn] ; Shah, Saumil [MitwirkendeR] ; Shah, Shreeraj [MitwirkendeR]

Boston : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxxi, 492 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Web sites ; Security measures ; Electronic books ; local

Abstract: "Both novice and seasoned readers will come away with an increased understanding of how Web hacking occurs and enhanced skill at developing defenses against such Web attacks. Technologies covered include Web languages and protocols, Web and database servers, payment systems and shopping carts, and critical vulnerabilities associated with URLs. This book is a virtual battle plan that will help you identify and eliminate threats that could take your Web site off line..." --From the Foreword by William C. Boni, Chief Information Security Officer, Motorola "Just because you have a firewall and IDS sensor does not mean you aresecure; this book shows you why." --Lance Spitzner, Founder, The Honeynet Project Whether it's petty defacing or full-scale cyber robbery, hackers are moving to the Web along with everyone else. Organizations using Web-based business applications are increasingly at risk. Web Hacking: Attacks and Defense is a powerful guide to the latest information on Web attacks and defense. Security experts Stuart McClure (lead author of Hacking Exposed ), Saumil Shah, and Shreeraj Shah present a broad range of Web attacks and defense. Features include: Overview of the Web and what hackers go after Complete Web application security methodologies Detailed analysis of hack techniques Countermeasures What to do at development time to eliminate vulnerabilities New case studies and eye-opening attack scenarios Advanced Web hacking concepts, methodologies, and tools "How Do They Do It?" sections show how and why different attacks succeed, including: Cyber graffiti and Web site defacements e-Shoplifting Database access and Web applications Java™ application servers; how to harden your Java™ Web Server Impersonation and session hijacking Buffer overflows, the most wicked of attacks Automated attack tools and worms Appendices include a listing of Web and database ports, cheat sheets for remote command execution, and source code disclosure techniques. Web Hacking informs from the trenches. Experts show you how to connect the dots--how to put the stages of a Web hack together so you can best defend against them. Written for maximum brain absorption with unparalleled technical content and battle-tested analysis, Web Hacking will help you combat potentially costly security threats and attacks. 0201761769B07192002

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/0201761769/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

25

Online Resource

Network intrusion detection (2002)

Northcutt, Stephen [VerfasserIn] ; Novak, Judy [MitwirkendeR]

Indianapolis, Ind. : New Riders Pub. | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xvii, 490 p. , ill. ; , 23 cm

Edition: 3rd ed.

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Internet ; Security measures ; Electronic books ; local

Abstract: The Chief Information Warfare Officer for the entire United States teaches you how to protect your corporate network. This book is a training aid and reference for intrusion detection analysts. While the authors refer to research and theory, they focus their attention on providing practical information. The authors are literally the most recognized names in this specialized field, with unparalleled experience in defending our country's government and military computer networks. New to this edition is coverage of packet dissection, IP datagram fields, forensics, and snort filters.

Note: Includes index

URL: https://learning.oreilly.com/library/view/-/0735712654/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

26

Online Resource

.NET framework security (2002)

LaMacchia, Brian A [MitwirkendeR]

Boston : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xvii, 793 p. , ill. ; , 23 cm

DDC: 005.8

Keywords: Computer security ; Microsoft .NET Framework ; Electronic books ; local

Abstract: In 1997, Microsoft embarked on a "bet the company" strategy that was to reinvent the way the company did business. Even before its release, .NET made major strides in reinventing the way that software developers viewed the software they wrote. Now that it is released, .NET and the .NET Framework will change the software development process for good. .NET Framework Security provides the ultimate high-end comprehensive reference to all of the new security features available in .NET. Through extensive code samples and step-by-step walkthroughs of configuration techniques, the reader is taken deep into the world of secure applications. Demonstrations of creating custom procedures and a full explanation of each aspect separate this book from many other "lecture books." Many of the concepts expressed in this book are not only viable in .NET, but on the Internet in general. These factors combined make this the one reference that every developer and system administrator should have. .NET Framework Security provides An extensive introduction to explanation of Code Access Security, the powerful new security system shipping in the .NET Framework Information on how to write and test safe applications using the .NET Framework Extensive coverage on how to effectively administer .NET Framework security In-depth introduction to the cryptography library shipping in the .NET Framework, including an introduction to XML digital signatures An overview of all of the new security features available in .NET Code samples that can be used to implement security on your own Web site or application Step-by-step guidelines for modifying the various configuration files associated with .NET, and an explanation of the elements involved Instructions for all of the aspects of security in the CLR and what it means How to use ASP.NET to create a secure application Explanations for using the CryptoAPI libraries to create your own custom functionality Guidelines on how to create secure network applications as well as applications that exist on the Internet Detailed examples of how to establish security parameters in IIS that relate to ASP.NET Instructions for administering .NET applications hosted in IE 067232184XB04232002

Note: Includes index

URL: https://learning.oreilly.com/library/view/-/067232184X/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

27

Online Resource

Solaris 8 security (2002)

Danielyan, Edgar [VerfasserIn]

Boston : New Riders | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xv, 274 p. , ill. ; , 23 cm

Edition: 1st ed.

DDC: 005.8

Keywords: Solaris (Computer file) ; Computer security ; Electronic books ; local

Abstract: Solaris 8 Security covers all the concepts and issues Solaris 8 administrators need to know in order to make and keep their Solaris 8 systems secure. This includes not only Solaris 8 security tools and features, but such subjects as cryptography and defenses against known attacks and vulnerabilities. Readers learn practical, command-level defenses, such as: How to configure a secure DNS server What to do with /etc/inet/inetd.conf How to make IPsec work Why DES fails How to identify and prevent system compromises How not to configure sendmail How to automate security checkups The book provides a proactive approach to security. Coverage includes intrusion detection systems, network-level filtering, firewalls and other network-level systems.

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/1578702704/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

28

Online Resource

IBM WebSphere V5.0 security (2002)

Kovari, Peter [MitwirkendeR]

[United States] : IBM International Technical Support Organization | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xvi, 540 p. " , ill. ; , 23 cm

Edition: 1st ed.

DDC: 005.8

Keywords: WebSphere ; Computer security ; Electronic books ; local

Abstract: This IBM Redbook provides IT Architects, IT Specialists, application designers, application developers, application assemblers, application deployers and consultants with information necessary to design, develop and deploy secure e-business applications using WebSphere Application Server V5. Part 1, WebSphere security provides a detailed overview of WebSphere Application Server V5 Security. It starts with J2EE security, then goes into details about the modules and components of a J2EE enterprise application; it also covers programmatic security techniques. The last chapter in this part shows all the security-related administrative items in WebSphere Application Server V5. Part 2, End-to-end security offers details about end-to-end security solutions where WebSphere Application Server V5 is part of an enterprise solution. You will find an introduction to Patterns for e-business, in which security is in focus. A very important chapter in this part will discuss the integration between WebSphere Application Server V5 and Tivoli Access Manager. Finally, the Appendixes provide additional information related to chapters in the previous two parts and also describe the sample application available with the book.

Note: "December 2002.". - Includes bibliographical references (p. 525-527) and index

URL: https://learning.oreilly.com/library/view/-/0738425494/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

29

Online Resource

Hack I.T : security through penetration testing (2002)

Klevinsky, T. J [VerfasserIn] ; Gupta, Ajay [MitwirkendeR] ; Laliberte, Scott [MitwirkendeR]

Boston : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxiv, 512 p. , ill. ; , 24 cm. + 1 CD-ROM (4 3/4 in.)

DDC: 005.8

Keywords: Computer security ; Computers ; Access control ; Testing ; Electronic books ; local

Abstract: "This book covers not just the glamorous aspects such as the intrusion act itself, but all of the pitfalls, contracts, clauses, and other gotchas that can occur. The authors have taken their years of trial and error, as well as experience, and documented a previously unknown black art." --From the Foreword by Simple Nomad, Senior Security Analyst, BindView RAZOR Team Penetration testing--in which professional, "white hat" hackers attempt to break through an organization's security defenses--has become a key defense weapon in today's information systems security arsenal. Through penetration testing, I.T. and security professionals can take action to prevent true "black hat" hackers from compromising systems and exploiting proprietary information. Hack I.T. introduces penetration testing and its vital role in an overall network security plan. You will learn about the roles and responsibilities of a penetration testing professional, the motivation and strategies of the underground hacking community, and potential system vulnerabilities, along with corresponding avenues of attack. Most importantly, the book provides a framework for performing penetration testing and offers step-by-step descriptions of each stage in the process. The latest information on the necessary hardware for performing penetration testing, as well as an extensive reference on the available security tools, is included. Comprehensive in scope Hack I.T. provides in one convenient resource the background, strategies, techniques, and tools you need to test and protect your system--before the real hackers attack. Specific topics covered in this book include: Hacking myths Potential drawbacks of penetration testing Announced versus unannounced testing Application-level holes and defenses Penetration through the Internet, including zone transfer, sniffing, and port scanning War dialing Enumerating NT systems to expose security holes Social engineering methods Unix-specific vulnerabilities, such as RPC and buffer overflow attacks The Windows NT Resource kit Port scanners and discovery tools Sniffers and password crackers Web testing tools Remote control tools Firewalls and intrusion detection systems Numerous DoS attacks and tools 0201719568B01042002

Note: Includes index

URL: https://learning.oreilly.com/library/view/-/0201719568/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

30

Online Resource

Privacy defended : protecting yourself online (2002)

Bahadur, Gary [VerfasserIn] ; Chan, William [MitwirkendeR] ; Weber, Chris [MitwirkendeR]

Indianapolis, IN : Que | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xiv, 699 p. , ill. ; , 23 cm

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Internet ; Security measures ; Electronic books ; local

Abstract: Privacy Defended: Protecting Yourself Online is a comprehensive book that melds detailed, how-to information on PC hardware and operating system security within the context of protecting one's privacy in a digital world. It is designed for individuals who are serious about their privacy and who also want an accessible, one-stop source of practical information. The book offers clear discussion of privacy issues as they affect everyday users of digital devices, covering all current and near-future devices and technologies that pose privacy risks to users.

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/078972605X/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

31

Online Resource

Hackers beware (2002)

Cole, Eric [VerfasserIn]

Indianapolis, Ind. : New Riders | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xvii, 778 p. , ill. ; , 23 cm

Edition: 1st ed.

DDC: 005.8

Keywords: Computer hackers ; Computer security ; Electronic books ; local

Abstract: Hackers Beware starts with a roadmap of the various areas of hacking but quickly delves into the details of how specific attacks work and how to protect against them. Since most attacks we hear about either occur or are perceived to come from hackers, people are very interested "in how they do that" - the techniques hackers use to break into systems. Hackers Beware is unique in that it gives specific exploits, exactly how they work and how to protect against them. This book will help readers understand what security threats they are up against and what they need to do to protect against them. Some books cover this from a high level but do not get into the details of specific exploits and cover it in a case by case fashion. This book will cover the complete picture. It will not only describe how an exploit works but present the signature of the attack, what to look for on a network and how to protect against it.

URL: https://learning.oreilly.com/library/view/-/0735710090/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

32

Online Resource

Secure XML : the new syntax for signatures and encryption (2002)

Eastlake, Donald [VerfasserIn] ; Niles, Kitty [MitwirkendeR]

Boston, MA : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxiii, 532 p. ; , 24 cm

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Data encryption (Computer science) ; XML (Document markup language) ; Electronic books ; local

Abstract: Extensible Markup Language (XML) is the environment of choice for creating many of today's technologically sophisticated and security-sensitive Web applications. With Secure XML, developers now have the hands-on guide they need to combine a strong foundation in XML with proven, practical techniques for enabling the secure transmission of data across the Web. Broad-based and comprehensive, Secure XML fully documents every feature and issue involved with XML security. Opening with a complete introduction to XML, the book then provides detailed coverage of authentication, canonicalization, keying, encryption, algorithms, and more. Notes, background information, guidelines, and "soapbox," or heretical comments, expand on the book's practical focus throughout. In all, this book features the most comprehensive roadmap to digital security and XML encryption available. Topics covered in-depth include: XML basics-documents, namespaces, structures, DTDs and schemas, and stylesheets XPath, XPointer, and SOAP Digital cryptography basics--secret and public key ciphers, asymmetric keys, digital signatures, and certificates XML canonicalization, signatures, and authentication XML encryption Key management and combining encryption with signatures Cryptographic algorithms and noncryptographic algorithms Detailed and practical, this book provides reliable solutions for securing XML and for safeguarding information flow across today's sophisticated Web. 0201756056B06262002

Note: Includes bibliographical references (p.495-506) and index

URL: https://learning.oreilly.com/library/view/-/0201756056/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

33

Online Resource

Honeypots : tracking hackers (2002)

Spitzner, Lance [VerfasserIn]

Boston : Addison-Wesley | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxvi, 452 p. ill. ; , 24 cm. +

DDC: 005.8

Keywords: Computer hackers ; Computer security ; Firewalls (Computer security) ; Electronic books ; local

Abstract: "The text is comprehensive, an honest survey of every honeypot technology I had ever heard of and a number I read about for the first time." --Stephen Northcutt, The SANS Institute "One of the great byproducts of Lance's work with honeypots and honeynets is that he's helped give us a much clearer picture of the hacker in action." --From the Foreword by Marcus J. Ranum "From the basics of shrink-wrapped honeypots that catch script kiddies to the detailed architectures of next-generation honeynets for trapping more sophisticated bad guys, this book covers it all....This book really delivers new information and insight about one of the most compelling information security technologies today." --Ed Skoudis, author of Counter Hack, SANS instructor, and Vice President of Security Strategy for Predictive Systems Honeypots are unique technological systems specifically designed to be probed, attacked, or compromised by an online attacker. Implementing a honeypot provides you with an unprecedented ability to take the offensive against hackers. Whether used as simple "burglar alarms," incident response systems, or tools for gathering information about hacker motives and tactics, honeypots can add serious firepower to your security arsenal. Honeypots: Tracking Hackers is the ultimate guide to this rapidly growing, cutting-edge technology. The book starts with a basic examination of honeypots and the different roles they can play, and then moves on to in-depth explorations of six specific kinds of real-world honeypots: BackOfficer Friendly, Specter™, Honeyd, Homemade honeypots, ManTrap®, and Honeynets. Honeypots also includes a chapter dedicated to legal issues surrounding honeypot use. Written with the guidance of three legal experts, this section explores issues of privacy, entrapment, and liability. The book also provides an overview of the Fourth Amendment, the Electronic Communications Privacy Act, the Wiretap Act, and the Pen/Trap Statute, with an emphasis on how each applies to honeypots. With this book you will gain an understanding of honeypot concepts and architecture, as well as the skills to deploy the best honeypot solutions for your environment. You will arm yourself with the expertise needed to track attackers and learn about them on your own. Security professionals, researchers, law enforcement agents, and members of the intelligence and military communities will find this book indispensable. 0321108957B08282002

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/0321108957/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

34

Online Resource

Malicious mobile code : virus protection for Windows (2001)

Grimes, Roger A [VerfasserIn]

Sebastopol, CA : O'Reilly & Associates | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xviii, 522 p. , ill. ; , 24 cm

Edition: 1st ed.

DDC: 005.8/4

Keywords: Computer security ; Computer viruses ; Electronic books ; local

Abstract: Malicious mobile code is a new term to describe all sorts of destructive programs: viruses, worms, Trojans, and rogue Internet content. Until fairly recently, experts worried mostly about computer viruses that spread only through executable files, not data files, and certainly not through email exchange. The Melissa virus and the Love Bug proved the experts wrong, attacking Windows computers when recipients did nothing more than open an email. Today, writing programs is easier than ever, and so is writing malicious code. The idea that someone could write malicious code and spread it to 60 million computers in a matter of hours is no longer a fantasy. The good news is that there are effective ways to thwart Windows malicious code attacks, and author Roger Grimes maps them out in Malicious Mobile Code: Virus Protection for Windows. His opening chapter on the history of malicious code and the multi-million dollar anti-virus industry sets the stage for a comprehensive rundown on today's viruses and the nuts and bolts of protecting a system from them. He ranges through the best ways to configure Windows for maximum protection, what a DOS virus can and can't do, what today's biggest threats are, and other important and frequently surprising information. For example, how many people know that joining a chat discussion can turn one's entire computer system into an open book? Malicious Mobile Code delivers the strategies, tips, and tricks to secure a system against attack. It covers: The current state of the malicious code writing and cracker community How malicious code works, what types there are, and what it can and cannot do Common anti-virus defenses, including anti-virus software How malicious code affects the various Windows operating systems, and how to recognize, remove, and prevent it Macro viruses affecting MS Word, MS Excel, and VBScript Java applets and ActiveX controls Enterprise-wide malicious code protection Hoaxes The future of malicious mobile code and how to combat such code These days, when it comes to protecting both home computers and company networks against malicious code, the stakes are higher than ever. Malicious Mobile Code is the essential guide for securing a system from catastrophic loss.

Note: Includes index

URL: lizenzpflichtig

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

35

Online Resource

Java security (2001)

Oaks, Scott [VerfasserIn]

Sebastopol, CA : O'Reilly | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xvi, 599 p. , ill. ; , 24 cm

Edition: 2nd ed.

Series Statement: The Java series

DDC: 005.8

Keywords: Computer security ; Java (Computer program language) ; Electronic books ; local

Abstract: One of Java's most striking claims is that it provides a secure programming environment. Yet despite endless discussion, few people understand precisely what Java's claims mean and how it backs up those claims. If you're a developer, network administrator or anyone else who must understand or work with Java's security mechanisms, Java Security is the in-depth exploration you need. Java Security, 2nd Edition, focuses on the basic platform features of Java that provide security--the class loader, the bytecode verifier, and the security manager--and recent additions to Java that enhance this security model: digital signatures, security providers, and the access controller. The book covers the security model of Java 2, Version 1.3, which is significantly different from that of Java 1.1. It has extensive coverage of the two new important security APIs: JAAS (Java Authentication and Authorization Service) and JSSE (Java Secure Sockets Extension). Java Security, 2nd Edition, will give you a clear understanding of the architecture of Java's security model and how to use that model in both programming and administration.The book is intended primarily for programmers who want to write secure Java applications. However, it is also an excellent resource for system and network administrators who are interested in Java security, particularly those who are interested in assessing the risk of using Java and need to understand how the security model works in order to assess whether or not Java meets their security needs.

Note: Includes index

URL: https://learning.oreilly.com/library/view/-/0596001576/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

36

Online Resource

Maximum security (2001)

Safari Tech Books Online

Indianapolis, Ind. : Sams Pub. | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xxiii, 861 p. ; , 23 cm. +

Edition: 3rd ed.

DDC: 005.8

Keywords: Computer networks ; Security measures ; Computer security ; Electronic books ; local

Abstract: Maximum Security, Third Edition provides comprehensive, platform-by-platform coverage of security issues and includes clear, to the point descriptions of the most common techniques hackers use to penetrate systems. In one book, security managers and others interested in computer and network security can learn everything the hackers already know, and then take steps to protect their systems.

URL: https://learning.oreilly.com/library/view/-/0672318717/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

37

Online Resource

Microsoft Windows 2000 security handbook (2000)

Schmidt, Jeff [VerfasserIn]

Indianapolis, Ind. : Que | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: 722 p. , ill. ; , 24 cm

DDC: 005.8

Keywords: Microsoft Windows (Computer file) ; Computer security ; Electronic books ; local

Abstract: Windows 2000 Security Handbook covers NTFS fault tolerance, Kerberos authentication, Windows 2000 intruder detection and writing secure applications for Windows 2000.

URL: https://learning.oreilly.com/library/view/-/0789719991/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

38

Online Resource

Maximum Linux security : a hacker's guide to protecting your Linux server and workstation (2000)

Safari Tech Books Online

Indianapolis, Ind. : Sams | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xvii, 743 p. , ill. ; , 24 cm. +

DDC: 005.8

Keywords: Linux ; Computer security ; Electronic books ; local

Abstract: Maximum Linux Security: A Hacker's Guide to Protecting Your Linux Server and Workstation is designed for system administrators, managers, or Linux users who wish to protect their Linux servers and workstations from unauthorized intrusions and other external threats to their systems' integrity. Written by an experienced hacker--someone who knows which systems are vulnerable and how crackers get into them--this unique guide to Linux security identifies existing and potential security holes and faults, and then describes how to go about fixing them.

Note: Includes bibliographical references and index

URL: https://learning.oreilly.com/library/view/-/0672316706/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.

39

Online Resource

Java security handbook (2000)

Jaworski, Jamie [VerfasserIn] ; Chaganti, Venkata S. R. R [MitwirkendeR] ; Perrone, Paul J [MitwirkendeR]

Indianapolis, IN : SAMS Publishing | Boston, MA :Safari,

add to mindlist on the mindlist

Details

Language: English

Pages: xiv, 534 p. , ill. ; , 23 cm

DDC: 005.8

Keywords: Computer security ; Java (Computer program language) ; Electronic books ; local

Abstract: This book is a comprehensive guide to Java security issues. It assumes you are an experienced Java programmer, but have little experience with creating secure applications. This book covers formulating and enacting a network security policy to protect end-users, building e-commerce and database applications that can safely exchange secure information over networks and the Internet, cryptography, digital signatures, key management, and distributed computing: CORBA, RMI, and servlets.

Note: Includes index

URL: https://learning.oreilly.com/library/view/-/0672316021/?ar

Permalink

Library	Location	Call Number	Volume/Issue/Year	Availability

Others were also interested in ...

Online Resource

MPI Ethno. Forsch.