Skip to content

Maximum Security

Spend $50 to get a free DVD!

ISBN-10: 0672318717

ISBN-13: 9780672318719

Edition: 3rd 2001

Authors: Shipley, Shipley

List price: $49.99
Blue ribbon 30 day, 100% satisfaction guarantee!
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

Description:

When the first edition of this book was published in June 1997, its popularity caught everyone by surprise. The hacking community, however, never stands still - a thoroughly updated and revised edition of this book is required on a regular basis to discuss the hundreds of new computer system holes that are always being discovered, and to cover the latest techniques that hackers are developing to crack into computers and networks. This edition includes several completely new chapters on a variety of topics. With the resurgence in popularity of the Mac platform there will be a new chapter on Mac OS security. Additional new chapters include one on Cisco routers and switches, and one on mail security. Additionally, in many cases existing material - such as the chapters on Unix/Linux security and firewalls - will be updated and/or significantly expanded. The CD-ROM includes a comprehensive collection of security products, code examples, technical documents, system logs, utilities and other practical items for implementing Internet and computer system security.
Customers also bought

Book details

List price: $49.99
Edition: 3rd
Copyright year: 2001
Publisher: Sams
Publication date: 5/17/2001
Binding: Mixed Media
Pages: 896
Size: 7.32" wide x 9.06" long x 1.81" tall
Weight: 3.234
Language: English

Introduction
Why Did We Write This Book? System Requirements
About Examples in This Book
A Final Note
Security Concepts
Building a Roadmap for Securing your Enterprise
Reactive Versus Proactive Models
Understanding Your Enterprise
Risk Assessment: Evaluating Your Enterprises Security Posture
Identifying Digital Assets
Protecting Assets
Incident Response Policy
Training Users and Administrators
40,000-Foot Review
The State of the Net: A World at War
Hacking, Cracking, and Other Malicious Behavior
Governments at War
The State of the Government
The State of the Corporate Sector
A Warning
Additional Informaiton
Hackers and Crackers
The Difference Between Hackers and Crackers
Tools of the Trade
Exploits and the SANS Top 20
Mining the Data Monster
Information Overload
How Much Security Do You Need? General Sources
Mailing Lists
Usenet Newsgroups
Vendor Security Mailing Lists, Patch Depositories, and Resources
Internal Security
Internal Security: The Red-Headed Stepchild
Internal Risks: Types of Harm and Vectors
Risk Mitigation Policies
Products
Resources
Hacking 101
A Brief TCP/IP Primer
What is TCP/IP? How Does TCP/IP Work? The Individual Protocols
IPsec, IPv6, VPNs, and Looking Ahead
Spoofing Attacks
What is Spoofing? Internet Security Fundamentals
Methods of Authentication
The Mechanics of a Spoofing Attack
Documents Related Specifically to IP Spoofing
How Do I Prevent IP Spoofing Attacks? Other Strange and Offbeat Spoofing Attacks
Personal Privacy
Degrees of Exposure
Web Browsing and Invasion of Privacy
Borwser Security
Your Email Address and Usenet
At Work
A Warning
Dispelling Some of the Myths
When Can Attacks Occur? What Kinds of Attackers Exist? Operating Systems Used by Crackers
Is There a Typical Attack? Who Gets Targeted Most Frequently? What is the Motivation Behind Attacks?
A Defenders Toolkit
Firewalls
What is a Firewall? Other Features Found in Firewall Products
Firewalls Are Not Bulletproof
A Look Under the Hood of Firewalling Products
Programmers Bypassing the Firewall
Pitfalls of Firewalls
Firewall Appliances
Building Firewalls in the Real World
Sample Failures of Firewall Technology
Commercial Firewalls
Vulnerability Assessment Tools (Scanners)
The History of Vulnerability Scanners
How Vulnerability Scanners Work
What to Look For When Choosing a Scanner
Fundamental Shortcomings
Top Vulnerability Scanners
Other Vulnerability Scanners
Intrusion Detection Systems
An Introduction to Intrusion Detection
Network-Based IDSs
Host-Based IDSs
Anomaly-Based IDSs
What to Look for When Choosing an IDS
Snort and Other Open Source IDS Solutions
Intrusion Detection Product Lising
Logging Tools
Why Log? Logs from a Cracking Perspective
Forming a Logging Strategy
Network Monitoring and Data Collection
Tools for Analyzing Log Files
Password Security
An Introduction to Password Cracking
The Password-Cracking Process
The Password-Crackers
Password Crackers for Windows
Unix Password Cracking
Cracking Cisco, Application, and Other Password Types
Improving Your Sites Passwords
Other Resources
Sniffers
Sniffers as Security Risks
What Level of Risk Do Sniffers Represent? Has Anyone Actually Seen a Sniffer Attack? What Information Do Sniffers Capture? Where Can I Get a Sniffer? Defeating Sniffer Attacks
Weapons Of Mass Destruction
Denial-of-Service Attacks
What is Denial of Service? Exploitation and Denial of Service
Denial-of-Service Attack Index
Other DoS Resources
Viruses and Worms
Understanding Viruses and Worms
Objects at Risk of Virus Infection
Who Writes Viruses, and Why? Antivirus Utilities
Future Trends in Viral Malware
Publications and Sites
Trojans
What Is a Trojan? Where Do Trojans Come From? How Often Are Trojans Really Discovered? What Level of Risk Do Trojans Represent? How Do I Detect a Trojan? Resources
Architecture, Platforms, And Security
Network Architecture Considerations
Network Architecture
Protecting the Castle
Microsoft
Windows 9x and Windows Me
Windows NT
Internal Windows NT Security
Windows
Windows XP
Modern Vulnerabilities in Microsoft Applications
Unix
A Whistle-Stop Tour of Unix History
Classifying Unix Distributions
Security Considerations in Choosing a Distribution
Unix Security Risks
Breaking set-uid Programs for Fun and Profit
Rootkits and Defenses
Host Network Security
Telnet
An Essential Tool: Secure Shell
FTP
The r Services
REXEC
SMTP
DNS
Finger
SNMP
Network File System
The Caveats of chroot
Better the Daemon You Know
Assessing Your Unix Systems for Vulnerabilities
Novell Netware
The OS Facts of Life
Watching the Big Three
Further Reading
Routers, Switches, and Hubs
The Problems with Infrastructure Equipment
Keeping Up with OS Revisions
Securing Hubs
Securing Switches
Securing and Configuring Routers
Network Management Considerations
Preventing Spoofing and Other Packet Games
Further Reading and Reference
Macintosh
Mac OS X Apples New Operating System
Establishing the Macintosh as a Server
Vulnerabilities on the Macintosh Platform
About File Sharing and Security
Server Management and Security
Firewall Protections
Internal Security
Password Crackers and Related Utilites
Anonymous Email and Mailbombing
Macintosh Viruses, Worms, and Antivirus Solutions
Spyware and Detection
Resources
Policies, Procedures, and Enforcement
The Importance of Security Policies
Site and Infrastructure Security Policy
Acceptable Use
Enforcement of Policy
Security And Integrated Services
Secure Application Development, Languages, and Extensions
Security and Software
What Is a Secure Application? A Security Architecture
Security-Aware Designs
Secure Coding Practices
Wireless Security Auditing
Wireless LAN Topology
Access Points
Antennas
Wireless Networking Cards
Handheld Devices
Constructing a Wireless Test Lab
Wireless Attacks
Surveillance
War Driving
Client-to-Client Hacking
Rogue Access Points
Jamming (Denial of Service)
Practical WEP Cracking
References
Security Bibligraphy Further Reading
General Internet Security
TCP/IP
On Netware
How to Get More Information
Establishment Resources
Underground Resources
Vendor Information and Security Standards
Vendor Security Information
FRC Documents Relevant to Security
Whats on the CD-ROM
Glossary
Index