It's nearly impossible to pick up a newspaper or read your favorite online news source these days without seeing yet another article about identity theft or credit card numbers being stolen from unprotected databases. Cyber crime and the threat of computer-related attacks are growing daily, and the need for security professionals who understand how attackers compromise networks is growing right along with the threat. Government agencies and private companies rely on "ethical hackers"–professional security testers–to put their networks to the test and discover vulnerabilities before attackers do. If you have an understanding of computers and networking basics and are considering becoming a security tester, HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE will show you how to get started in this fascinating, growing field. This book covers the gamut, from the legalities of ethical hacking to the details of malware, network attacks, cryptography, OS vulnerabilities, wireless network hacking, and much more. Successful security testers know their work calls for creative, critical thinking, and they enjoy the challenge of digging deep to solve complex problems. Step up to the challenge with HANDS-ON ETHICAL HACKING AND NETWORK DEFENSE.
Usenet. The term conjures up images of archaic bulletin boards from the 1980s & 1990s in which jacking in meant astronomical charges every month. No longer. Ignore those who say "Don't talk about Usenet". No longer can you afford to leave your IP address out there for the world to see. You want privacy & anonymity? Come to Usenet. This book will teach you how. – Superior to P2P & Forums in every conceivable way where intelligent discussion is concerned – Immune from lawsuits – Ignored by Law Enforcement–because their p2p tracking systems don't work with Usenet! – The BEST newsgroups for discussion, mp3s/games/HD material – Learn why anonymity will decrease with peer-to-peer systems (as it always has) but increase with Usenet – Why Usenet is a free-for-all and ratio-free (unlike peer-to-peer systems) – Everything you need to know to set up a Usenet account and leech to your heart's content – Tor, PGP, Remailers/Mixmaster, SSL, Truecrypt and the like all have their place in Usenet. Learn about them here! – Which Vpn and Usenet companies might rat you out, and which won't Questions: Why should one use Usenet and not BitTorrent? – Enhanced discussions, both moderated and unmoderated, are prevalent in hundreds of thousands of different newsgroups. Usenet is where the -intelligent- users go to engage in logical discussions, and it is still the bastion of free speech and the most bang-for-your-buck where text and binary groups are concerned. What about lawsuits? – There has never been a lawsuit regarding Usenet use. The record and movie industries target torrenters for a reason: ignorance of the way those systems work. Usenet is an entirely different beast. Coupled with Tor, remailers and/or a vpn, Usenet is a fortress against Big Brother and shady law enforcement types, as well as all of the greedy lawyers who work for the millionaires in the entertainment industry. Anonymity on Usenet? – Yes it is possible to be anonymous on Usenet. Tools like Tor, Vpns, Remailers & Mixmaster provide this, however they are not necessary in every instance. It primarily depends on what you wish to accomplish, and which groups you're participating in. I go into detail about this in the book. Excerpt: Chapter 3: Usenet Anonymity "In this chapter, we’ll discuss ways you can add security (not to be confused with privacy) to your Usenet connection, so that you can participate in discussion groups without fear of persecution. These methods often lend themselves to situations where you may lose your Usenet account if you say the wrong things to the wrong people. Usenet companies are big business now, and unlike twelve years ago, will now think nothing of terminating your account of they get enough complaints. Simply being unpopular and taking a stand against the status quo in certain newsgroups can get your Usenet account banned (i.e. alt.privacy). However, with true anonymity, you can rest assured you will not be persecuted for speaking out against a tyrannical government, or a company that you work for (which has happened many times by disgruntled employees on Facebook). It should be stated at the outset that using Tor for Usenet binary downloads will actually strain the Tor network, just as it does with torrents. And to boot, whenever you use torrents, the torrent software actually sends your IP address to the recipient. It does so anonymously, in the same way a post office worker will deliver you your mail. Needless to say this defeats the purpose of using torrents. This problem is not with the Tor code, but rather the way that applications like BitLord and BitTorrent are designed. The torrent applications themselves need to be coded to allow anonymity. It is better to use Freenet with the Frost addon for p2p-like trading if you wish to remain anonymous. Tor is much more efficient at textual discussions, but the easiest method to do this anonymously is by use of remailers…"
The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals:
1. Coding – The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL.
Continue reading “Sockets, Shellcode, Porting, and Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals”
The Basics of Information Security provides fundamental knowledge of information security in both theoretical and practical aspects. This book is packed with key concepts of information security, such as confidentiality, integrity, and availability, as well as tips and additional resources for further advanced study. It also includes practical applications in the areas of operations, physical, network, operating system, and application security. Complete with exercises at the end of each chapter, this book is well-suited for classroom or instructional use.
The book consists of 10 chapters covering such topics as identification and authentication; authorization and access control; auditing and accountability; cryptography; operations security; physical security; network security; operating system security; and application security. Useful implementations for each concept are demonstrated using real world examples. PowerPoint lecture slides are available for use in the classroom.
Continue reading “The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice”
Linux Forensics is the most comprehensive and up-to-date resource for those wishing to quickly and efficiently perform forensics on Linux systems. It is also a great asset for anyone that would like to better understand Linux internals.
Linux Forensics will guide you step by step through the process of investigating a computer running Linux. Everything you need to know from the moment you receive the call from someone who thinks they have been attacked until the final report is written is covered in this book. All of the tools discussed in this book are free and most are also open source.
Continue reading “Linux Forensics”