Компьютеры: прочее - скачать книги или читать онлайн. Страница 35

Hackers have uncovered the dark side of cryptography—that device developed to defeat Trojan horses, viruses, password theft, and other cyber-crime. It’s called cryptovirology, the art of turning the very methods designed to protect your data into a means of subverting it. In this fascinating, disturbing volume, the experts who first identified cryptovirology show you exactly what you’re up against and how to fight back. They will take you inside the brilliant and devious mind of a hacker—as much an addict as the vacant-eyed denizen of the crackhouse—so you can feel the rush and recognize your opponent’s power. Then, they will arm you for the counterattack. This book reads like a futuristic fantasy, but be assured, the threat is ominously real. Vigilance is essential, now. Understand the mechanics of computationally secure information stealing Learn how non-zero sum Game Theory is used to develop survivable malware Discover how hackers use public key cryptography to mount extortion attacks Recognize and combat the danger of kleptographic attacks on smart-card devices Build a strong arsenal against a cryptovirology attack

"Phishing" is the hot new identity theft scam. An unsuspecting victim receives an e-mail that seems to come from a bank or other financial institution, and it contains a link to a Web site where s/he is asked to provide account details. The site looks legitimate, and 3 to 5 percent of people who receive the e-mail go on to surrender their information-to crooks. One e-mail monitoring organization reported 2.3 billion phishing messages in February 2004 alone. If that weren't enough, the crooks have expanded their operations to include malicious code that steals identity information without the computer user's knowledge. Thousands of computers are compromised each day, and phishing code is increasingly becoming part of the standard exploits. Written by a phishing security expert at a top financial institution, this unique book helps IT professionals respond to phishing incidents. After describing in detail what goes into phishing expeditions, the author provides step-by-step directions for discouraging attacks and responding to those that have already happened. In Phishing, Rachael Lininger: Offers case studies that reveal the technical ins and outs of impressive phishing attacks. Presents a step-by-step model for phishing prevention. Explains how intrusion detection systems can help prevent phishers from attaining their goal-identity theft. Delivers in-depth incident response techniques that can quickly shutdown phishing sites.

Build Your Network Security Career on a Solid Foundation Whether you're setting out to earn a security certification or just want to know more about the security issues faced by all network administrators, Network Security JumpStart is the place to begin. Inside, a networking expert demystifies every aspect of the growing security imperative, giving you a firm footing from which you can realize your goals and develop a better understanding of computer and network security. Coverage Includes: Understanding security principles Understanding hacking Using encryption and authentication Managing security Securing Internet connections Using Virtual Private Networks Securing remote and home users Implementing virus protection Creating fault tolerance Securing Windows servers Securing UNIX servers Securing public web servers Securing public e-mail servers Detecting intrusion

Get the streamlined tool you need to bone up for the Security+ exam [SYO-101]. Fast Pass coverage includes: General security concepts. Assessing risk. Securing communications. Implementing wireless security features. Configuring a firewall. Detecting intrusions. Securing your organization's infrastructure. Understanding the basics of cryptography. Managing security keys and certificates. Ensuring operational and organizational security. Recovering from disasters. A CD-ROM so you can practice, practice, practice. Concise, objective-focused coverage and review questions. Order your copy of the perfect preparation and review resource, Security+ Fast Pass today! Note:CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

The comprehensive A-to-Z guide on network security, fully revised and updated Network security is constantly evolving, and this comprehensive guide has been thoroughly updated to cover the newest developments. If you are responsible for network security, this is the reference you need at your side. Covering new techniques, technology, and methods for approaching security, it also examines new trends and best practices being used by many organizations. The revised Network Security Bible complements the Cisco Academy course instruction in networking security. Covers all core areas of network security and how they interrelate Fully revised to address new techniques, technology, and methods for securing an enterprise worldwide Examines new trends and best practices in use by organizations to secure their enterprises Features additional chapters on areas related to data protection/correlation and forensics Includes cutting-edge topics such as integrated cybersecurity and sections on Security Landscape, with chapters on validating security, data protection, forensics, and attacks and threats If you need to get up to date or stay current on network security, Network Security Bible, 2nd Edition covers everything you need to know.

Presenting invaluable advice from the world?s most famous computer security expert, this intensely readable collection features some of the most insightful and informative coverage of the strengths and weaknesses of computer security and the price people pay – figuratively and literally – when security fails. Discussing the issues surrounding things such as airplanes, passports, voting machines, ID cards, cameras, passwords, Internet banking, sporting events, computers, and castles, this book is a must-read for anyone who values security at any level – business, technical, or personal.

Uncover a digital trail of e-evidence by using the helpful, easy-to-understand information in Computer Forensics For Dummies! Professional and armchair investigators alike can learn the basics of computer forensics, from digging out electronic evidence to solving the case. You won’t need a computer science degree to master e-discovery. Find and filter data in mobile devices, e-mail, and other Web-based technologies. You’ll learn all about e-mail and Web-based forensics, mobile forensics, passwords and encryption, and other e-evidence found through VoIP, voicemail, legacy mainframes, and databases. You’ll discover how to use the latest forensic software, tools, and equipment to find the answers that you’re looking for in record time. When you understand how data is stored, encrypted, and recovered, you’ll be able to protect your personal privacy as well. By the time you finish reading this book, you’ll know how to: Prepare for and conduct computer forensics investigations Find and filter data Protect personal privacy Transfer evidence without contaminating it Anticipate legal loopholes and opponents’ methods Handle passwords and encrypted data Work with the courts and win the case Plus, Computer Forensics for Dummies includes lists of things that everyone interested in computer forensics should know, do, and build. Discover how to get qualified for a career in computer forensics, what to do to be a great investigator and expert witness, and how to build a forensics lab or toolkit. Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

A cutting-edge, first look at how to embed and design a Web site compliant with the new personal privacy standard, P3P Introduces the P3P standard with detailed descriptions and then examines its parameters Includes helpful guidelines, explanations, and P3P how-to examples for system architects to follow Presents detailed case studies covering companies in both finance and retail

Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception Kevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling The Art of Deception, Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use «social engineering» to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair-raising stories of real-life computer break-ins-and showing how the victims could have prevented them. Mitnick's reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him-and whose exploits Mitnick now reveals in detail for the first time, including: A group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines Two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems Two convicts who joined forces to become hackers inside a Texas prison A «Robin Hood» hacker who penetrated the computer systems of many prominent companies-andthen told them how he gained access With riveting «you are there» descriptions of real computer break-ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick's own acerbic commentary on the crimes he describes, this book is sure to reach a wide audience-and attract the attention of both law enforcement agencies and the media.

Today, it is almost impossible to do business without a cell phone and a BlackBerry or PDA. These devices are the lifeline for companies large and small—and nobody knows this better than a hacker. Traditionally, security for mobile devices has held a low priority. Now, a certified ethical hacker explains in this book why this must change and how to change it. Packed with sobering examples of actual attacks, this unique resource shows you how to mount your counterattack.

The Group Policy Management Console (GPMC) is a dramatic step forward in the way Group Policy is administered. This book provides all the instruction and insight you need to take full control of your Active Directory with GPMC and other Group Policy tools. You'll also learn techniques for implementing IntelliMirror, making it possible for users to work securely from any location; and you'll find intensive troubleshooting advice, insider tips on keeping your network secure, and hundreds of clear examples that will help you accomplish all your administration goals. You will learn to: Create and manage all Group Policy functions within Active Directory Understand Group Policy differences in Windows 2000, Windows XP, and Windows 2003 systems Troubleshoot Group Policy using Support tools, Resource Kit utilities, log files, registry hacks, and third-party tools Create and deploy custom settings for managing client systems Manage, secure, and audit client and server systems Script complex operations, including linking, back-up, restore, permissions changes, and migrating Set up Local, Roaming, and Mandatory profiles Set up and manage IntelliMirror components with Group Policy Use Group Policy Software Installation to perform hands-off installations Use Remote Installation Services to automate the installation of new Windows systems Ensure the safety of your users' data with Redirected Folders and Shadow Copies About the Series The Mark Minasi Windows Administrator Library is designed to equip system administrators with in-depth technical solutions to the many challenges associated with administering Windows in an enterprise setting. The series editor is leading Windows NT/2003 expert Mark Minasi, who selects the topics and authors and develops and reviews each book to ensure that every entry in the series meets your needs and helps you achieve your goals.

David Litchfield has devoted years to relentlessly searching out the flaws in the Oracle database system and creating defenses against them. Now he offers you his complete arsenal to assess and defend your own Oracle systems. This in-depth guide explores every technique and tool used by black hat hackers to invade and compromise Oracle and then it shows you how to find the weak spots and defend them. Without that knowledge, you have little chance of keeping your databases truly secure.