The Myths of Security: What the Computer Security Industry Doesn’t Want You to Know

The Myths of Security: What the Computer Security Industry Doesn't Want You to KnowIf you think computer security has improved in recent years, The Myths of Security will shake you out of your complacency. Longtime security professional John Viega, formerly Chief Security Architect at McAfee, reports on the sorry state of the industry, and offers concrete suggestions for professionals and individuals confronting the issue.

Why is security so bad? With many more people online than just a few years ago, there are more attackers — and they're truly motivated. Attacks are sophisticated, subtle, and harder to detect than ever. But, as Viega notes, few people take the time to understand the situation and protect themselves accordingly.

This book tells you:

  • Why it's easier for bad guys to “own” your computer than you think
  • Why anti-virus software doesn't work well — and one simple way to fix it
  • Whether Apple OS X is more secure than Windows
  • What Windows needs to do better
  • How to make strong authentication pervasive
  • Why patch management is so bad
  • Whether there's anything you can do about identity theft
  • Five easy steps for fixing application security, and more

Provocative, insightful, and always controversial, The Myths of Security not only addresses IT professionals who deal with security issues, but also speaks to Mac and PC users who spend time online.

Price: $29.99

Click here to buy from Amazon

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)“I finally get it! I used to hear words like rootkit, buffer overflow, and idle scanning, and they just didn’t make any sense. I asked other people and they didn’t seem to know how these things work, or at least they couldn’t explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!”

—Stephen Northcutt, CEO, SANS Institute

“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery

“Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It’s technically intriguing and very clear. . . . A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field.”
—From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World

“What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks.”
—Lenny Zeltser, coauthor of Malware: Fighting Malicious Code

“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery

“In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis’s real strength is in his ability to show complex topics in an understandable form. By the time he’s done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar. This book is your best source for understanding attack strategies, attack tools, and the defenses against both.”
—William Stearns, network security expert, www.stearns.org

“This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written.”
—Warwick Ford, coauthor of Secure Electronic Commerce

For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today’s newest, most sophisticated, and most destructive attacks.

For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic. You’ll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments.

Important features of this new edition include

  • All-new “anatomy-of-an-attack” scenarios and tools
  • An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more
  • Fully updated coverage of reconnaissance tools, including Nmap port scanning and “Google hacking”
  • New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit
  • New information on dangerous, hard-to-detect, kernel-mode rootkits

Price: $69.99

Click here to buy from Amazon

Seven Deadliest Social Network Attacks

Seven Deadliest Social Network Attacks (Syngress Seven Deadliest Attacks)Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.



Attacks detailed in this book include:

  1. Social Networking Infrastructure Attacks
  2. Malware Attacks
  3. Phishing Attacks
  4. Evil Twin Attacks
  5. Identity Theft
  6. Cyber Bullying
  7. Physical Threats
  • Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally
  • Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how
  • Institute countermeasures, don't be caught defenseless again, learn techniques to make your computer and network impenetrable

Price: $24.95

Click here to buy from Amazon

Cyber Terrorism: Political And Economic Implications

Cyber Terrorism: Political And Economic ImplicationsCyber Terrorism: Political and Economic Implications is a cyber terrorism brief that outlines many of the recent terrorist activities, political objectives, and their use of cyberspace. Much of this book is dedicated to illustrating the use of the global information infrastructure by terrorists for the communication and coordination of distributed terrorist cells, the gathering of target intelligence, and the use of cyber criminal activities as a force multiplier for both physical attacks and infrastructure destabilization. This book identifies the underlying technologies of the global information infrastructure as a means for presenting how critical this emerging domain has become. It then discusses the current attack methods and lays out a series of scenarios for key industry sectors. Lastly, Cyber Terrorism: Political and Economic Implications puts forward prevention and response policies for reducing cyber terrorism activities in the context of traditional information security objectives.

Price: $84.95

Click here to buy from Amazon

Open Source Fuzzing Tools

Open Source Fuzzing ToolsFuzzing is often described as a “black box” software testing technique. It works by automatically feeding a program multiple input iterations in an attempt to trigger an internal error indicative of a bug, and potentially crash it. Such program errors and crashes are indicative of the existence of a security vulnerability, which can later be researched and fixed.

Fuzz testing is now making a transition from a hacker-grown tool to a commercial-grade product. There are many different types of applications that can be fuzzed, many different ways they can be fuzzed, and a variety of different problems that can be uncovered. There are also problems that arise during fuzzing; when is enough enough? These issues and many others are fully explored.

. Learn How Fuzzing Finds Vulnerabilities
Eliminate buffer overflows, format strings and other potential flaws
. Find Coverage of Available Fuzzing Tools
Complete coverage of open source and commercial tools and their uses
. Build Your Own Fuzzer
Automate the process of vulnerability research by building your own tools
. Understand How Fuzzing Works within the Development Process
Learn how fuzzing serves as a quality assurance tool for your own and third-party software

Price: $62.95

Click here to buy from Amazon