The definitive work for IT professionals responsible for the management of the design, configuration, deployment, and maintenance of enterprise wide security projects. Provides specialized coverage of key project areas including Penetration Testing, Intrusion Detection and Prevention Systems, and Access Control Systems. The first and last word on managing IT security projects, this book provides the level of detail and content expertise required to competently handle highly complex security deployments. In most enterprises, be they corporate or governmental, these are generally the highest priority projects and the security of the entire business may depend on their success.* The first book devoted exclusively to managing IT security projects * Expert authors combine superb project management skills with in-depth coverage of highly complex security projects* By mastering the content in this book, managers will realise shorter schedules, fewer cost over runs, and successful deployments
Published by: Syngress | Publication date: 07/04/2006Kindle book details: Kindle Edition, 608 pages
Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester's toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.•Perform Network ReconnaissanceMaster the objectives, methodology, and tools of the least understood aspect of a penetration test.•Demystify Enumeration and ScanningIdentify the purpose and type of the target systems, obtain specific information about the versions of the services that are running on the systems, and list the targets and services.•Hack Database ServicesUnderstand and identify common database service vulnerabilities, discover database services, attack database authentication mechanisms, analyze the contents of the database, and use the database to obtain access to the host operating system.•Test Web Servers and ApplicationsCompromise the Web server due to vulnerabilities on the server daemon itself, its unhardened state, or vulnerabilities within the Web applications.•Test Wireless Networks and DevicesUnderstand WLAN vulnerabilities, attack WLAN encryption, master information gathering tools, and deploy exploitation tools.•Examine Vulnerabilities on Network Routers and SwitchesUse Traceroute, Nmap, ike-scan, Cisco Torch, Finger, Nessus, onesixtyone, Hydra, Ettercap, and more to attack your network devices.•Customize BackTrack 2Torque BackTrack 2 for your specialized needs through module management, unique hard drive installations, and USB installations.•Perform Forensic Discovery and Analysis with BackTrack 2Use BackTrack in the field for forensic analysis, image acquisition, and file carving.•Build Your Own PenTesting LabEverything you need to build your own fully functional attack lab.
Published by: Syngress | Publication date: 11/16/2007Kindle book details: Kindle Edition, 592 pages
The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress Basics Series)
The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack from beginning to end. This book makes ethical hacking and penetration testing easy – no prior hacking experience is required. It shows how to properly utilize and interpret the results of the modern-day hacking tools required to complete a penetration test. With a simple and clean explanation of how to effectively utilize these tools – as well as the introduction to a four-step methodology for conducting a penetration test or hack – the book provides students with the know-how required to jump start their careers and gain a better understanding of offensive security. The book is organized into 7 chapters that cover hacking tools such as Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. Each chapter contains hands-on examples and exercises that are designed to teach learners how to interpret results and utilize those results in later phases. PowerPoint slides are available for use in class. This book is an ideal reference for security consultants, beginning InfoSec professionals, and students.
- Named a 2011 Best Hacking and Pen Testing Book by InfoSec Reviews
- Each chapter contains hands-on examples and exercises that are designed to teach you how to interpret the results and utilize those results in later phases.
- Writen by an author who works in the field as a Penetration Tester and who teaches Offensive Security, Penetration Testing, and Ethical Hacking, and Exploitation classes at Dakota State University.
- Utilizes the Backtrack Linus distribution and focuses on the seminal tools required to complete a penetration test.
Published by: Syngress | Publication date: 07/21/2011Kindle book details: Kindle Edition, 178 pages
Written by a certified Arabic linguist from the Defense Language Institute with extensive background in decoding encrypted communications, this cyber-thriller uses a fictional narrative to provide a fascinating and realistic "insider's look" into technically sophisticated covert terrorist communications over the Internet. The accompanying CD-ROM allows readers to "hack along" with the story line, by viewing the same Web sites described in the book containing encrypted, covert communications.Hacking a Terror NETWORK addresses the technical possibilities of Covert Channels in combination with a very real concern: Terrorism. The fictional story follows the planning of a terrorist plot against the United States where the terrorists use various means of Covert Channels to communicate and hide their trail. Loyal US agents must locate and decode these terrorist plots before innocent American citizens are harmed. The technology covered in the book is both real and thought provoking. Readers can realize the threat posed by these technologies by using the information included in the CD-ROM. The fictional websites, transfer logs, and other technical information are given exactly as they would be found in the real world, leaving the reader to test their own ability to decode the terrorist plot.Cyber-Thriller focusing on increasing threat of terrorism throughout the world. Provides a fascinating look at covert forms of communications used by terrorists over the Internet. Accompanying CD-ROM allows users to "hack along" with the fictional narrative within the book to decrypyt.
Published by: Syngress | Publication date: 01/27/2005Kindle book details: Kindle Edition, 448 pages
Eleventh Hour CISSP Study Guide serves as a guide for those who want to be information security professionals. The main job of an information security professional is to evaluate the risks involved in securing assets and to find ways to mitigate those risks. Information security jobs include firewall engineers, penetration testers, auditors, and the like. The book is composed of 10 domains of the Common Body of Knowledge. In each section, it defines each domain. The first domain provides information about risk analysis and mitigation, and it discusses security governance. The second domain discusses techniques of access control, which is the basis for all security disciplines. The third domain explains the concepts behind cryptography, which is a secure way of communicating that is understood only by certain recipients. Domain 5 discusses security system design, which is fundamental in operating the system and software security components. Domain 6 is one of the critical domains in the Common Body of Knowledge, the Business Continuity Planning and Disaster Recovery Planning. It is the final control against extreme events such as injury, loss of life, or failure of an organization. Domain 7, Domain 8 and Domain 9 discuss telecommunications and network security, application development security, and the operations domain, respectively. Domain 10 focuses on the major legal systems that provide a framework for determining laws about information system.
- The only guide you need for last-minute studying
- Answers the toughest questions and highlights core topics
- Can be paired with any other study guide so you are completely prepared
Published by: Syngress | Publication date: 12/13/2010Kindle book details: Kindle Edition, 205 pages
CISSP Study Guide, Third Edition provides readers with information on the CISSP certification, the most prestigious, globally-recognized, vendor-neutral exam for information security professionals. With over 100,000 professionals certified worldwide, and many more joining their ranks, this new third edition presents everything a reader needs to know on the newest version of the exam's Common Body of Knowledge. The eight domains are covered completely and as concisely as possible, allowing users to ace the exam. Each domain has its own chapter that includes a specially-designed pedagogy to help users pass the exam, including clearly-stated exam objectives, unique terms and definitions, exam warnings, "learning by example" modules, hands-on exercises, and chapter ending questions.
- Provides the most complete and effective study guide to prepare users for passing the CISSP exam, giving them exactly what they need to pass the test
- Authored by Eric Conrad who has prepared hundreds of professionals for passing the CISSP exam through SANS, a popular and well-known organization for information security professionals
- Covers all of the new information in the Common Body of Knowledge updated in January 2015, and also provides two exams, tiered end-of-chapter questions for a gradual learning curve, and a complete self-test appendix
Published by: Syngress | Publication date: 12/08/2015Kindle book details: Kindle Edition, 598 pages
Create Virtual 3D LEGO Models Using LEGO Software Power ToolsLEGO Master Builders have created a powerful set of tools that are distributed as freeware to the LEGO community to assist LEGO fans in their building adventures. Until now, these tools have been difficult to find, and even more difficult to configure to work with one another. Here, in one book, readers will find steps for installing and using all of the most popular LEGO freeware applications. Also, all of the applications are consolidated into one simple-to-install program that allows readers to be up and running in minutesØWide market appeal. This book will appeal to the huge established consumer base of the LEGO community, as well as to children, parents, and teachers who may have been intimidated by the difficulties of bringing all of these applications under one roof.ØThe only book of its kind to cover the wide variety of applications available. Some books in the past have touched on one or two of these LEGO applications, but none has covered them all in such detail. ØCD provides all of these freeware applications in one easy to install program. Included CD packs more than 8 applications into one easy-to-use format, making it easy for readers to have access to all of these applications in minutes and avoid the headaches of trying to download, install, configure, set up folder structures, and troubleshoot such a wide variety of loosely related freeware applications.ØWill coincide with the release of Lpub. This will be the first in-depth look at LPub, the new creation of Kevin Clague, which ties LDraw, MLCad, L3P, and POV-Ray together to allow users to easily create professional quality LEGO instructions for both the printed page and the web.
Published by: Syngress | Publication date: 01/09/2003Kindle book details: Kindle Edition, 454 pages
10 Cool Lego Mindstorm Dark Side Robots Transports and Creatures: Amazing Projects You Can Build in Under an Hour
LEGO MINDSTORMS let you design and program robots that can do just about anything!The Dark Side Developer's Kit is targeted towards the young or novice LEGO MINDSTORMS designer, age 9 and up, although experienced MINDSTORMS fans will appreciate the unique possibilities offered by this kit as well. The Dark Side Developer's Kit includes special MINDSTORMS pieces that allow the user to create a host of Star Wars themed robots, creatures, and vehicles. It also comes with the Micro Scout, a mini-computer with 7 built-in programs, a motor, and a light sensor that brings the MINDSTORMS creations to life with a minimum of effort.10 Cool LEGO MINDSTORMS Dark Side Robots, Transports, and Creatures: Amazing Projects You Can Build in Under an Hour provides step-by-step instructions and detailed illustrations for users of all skill levels and proficiencies.A blend of the hugely popular LEGO and STAR WARS lines. Appealing to fans of both, this book will allow readers to build unique creations using the special parts found in the "LEGO MINDSTORMS: Dark Side Developer's Kit" that mimic the robots, vehicles and creatures found in the STAR WARS movies. From out of the box to up and running in less than an hour. This book teaches users how to create 10 amazing projects, each in under an hour.8-page color insert. An eight-page color insert illustrates the complete projects in full-detail.
Published by: Syngress | Publication date: 08/14/2002Kindle book details: Kindle Edition, 176 pages, ISBN 9781931836593
Malware Forensics Field Guide for Windows Systems is a handy reference that shows students the essential tools needed to do computer forensics analysis at the crime scene. It is part of Syngress Digital Forensics Field Guides, a series of companions for any digital and computer forensic student, investigator or analyst. Each Guide is a toolkit, with checklists for specific tasks, case studies of difficult situations, and expert analyst tips that will aid in recovering data from digital media that will be used in criminal prosecution. This book collects data from all methods of electronic data storage and transfer devices, including computers, laptops, PDAs and the images, spreadsheets and other types of files stored on these devices. It is specific for Windows-based systems, the largest running OS in the world. The authors are world-renowned leaders in investigating and analyzing malicious code. Chapters cover malware incident response - volatile data collection and examination on a live Windows system; analysis of physical and process memory dumps for malware artifacts; post-mortem forensics - discovering and extracting malware and associated artifacts from Windows systems; legal considerations; file identification and profiling initial analysis of a suspect file on a Windows system; and analysis of a suspect program. This field guide is intended for computer forensic investigators, analysts, and specialists.
- A condensed hand-held guide complete with on-the-job tasks and checklists
- Specific for Windows-based systems, the largest running OS in the world
- Authors are world-renowned leaders in investigating and analyzing malicious code
Published by: Syngress | Publication date: 05/11/2012Kindle book details: Kindle Edition, 560 pages
Internetworking Protocol (IP) addresses are the unique numeric identifiers required of every device connected to the Internet. They allow for the precise routing of data across very complex worldwide internetworks. The rules for their format and use are governed by the Internet Engineering Task Force (IETF) of the The Internet SOCiety (ISOC). In response to the exponential increase in demand for new IP addresses, the IETF has finalized its revision on IP addressing as IP Version 6, also know as IPng (ng = Next Generation). Key hardware vendors such as Cisco and major Internet Service Providers such as America Online have already announced plans to migrate to IP Version 6.IP address allocation within an organization requires a lot of long-term planning. This timely publication addresses the administrator and engineer's need to know how IP 6 impacts their enterprise networks.
- Easy-to-read, light technical approach to cellular technology
- Ideal for companies planning a phased migration from IP 4 to IP 6
- Timely publication: The IETF standard was finalized in early 1999 and will begin to be implemented in late 1999/2000. The current IP Version 4 address set will be exhausted by 2003
- The book focuses on planning and configuring networks and devices for IP 6. Specifically, it will cover how to: Increase the IP address size from 32 bits to 128 bits; Support more levels of addressing hierarchy; Support an increased number of addressable nodes; Support simpler auto-configuration of addresses; Improve the scalability of multicast routing by adding a "scope" field to multicast addresses; Use a new "anycast address" to send a packet to any one of a group of nodes
Published by: Syngress | Publication date: 01/28/2000Kindle book details: Kindle Edition, 529 pages