Amazon Price: N/A (as of April 21, 2018 09:12 –
This book is written to be a comprehensive guide to cybersecurity and cyberwar policy and strategy, developed for a one- or two-semester class for students of public policy (including political science, law, business, etc.). Although written from a U.S. perspective, most of its contents are globally relevant.
It is written essentially in four sections. The first (chapters 1 – 5) describes how compromises of computers and networks permit unauthorized parties to extract information from such systems (cyber-espionage), and/or to force these systems to misbehave in ways that disrupt their operations or corrupt their workings. The section examines notable hacks of systems, fundamental challenges to cybersecurity (e.g., the lack of forced entry, the measure-countermeasure relationship) including the role of malware, and various broad approaches to cybersecurity.
Continue reading “Cyberspace in Peace and War (Transforming War)”
Amazon Price: N/A (as of April 21, 2018 14:48 –
The Cyber-Security Glossary of Building Hacks and Cyber-Attacks was developed specifically to help facility and infrastructure engineers and building managers understand vulnerability of SCADA systems and building and industrial control systems to cyber-attack. The book includes definitions of technical terms related to automated equipment controls common to industry, utilities and buildings. Although written for facility engineers, much of the terminology applies to cyber-attacks in general. I define many types of cyber-attacks including:
Time Bomb attack
Fork Bomb attack
Logic Bomb attack
Pass the Hash attack
Tiny Fragment attack
Protocol Fuzzing attack
Man in the Middle attack
and many more.
I also include steps to take to prevent a cyber-attack.
Amazon Price: N/A (as of April 22, 2018 04:03 –
The practical guide to simulating, detecting, and responding to network attacks Create step-by-step testing plans Learn to perform social engineering and host reconnaissance Evaluate session hijacking methods Exploit web server vulnerabilities Detect attempts to breach database security Use password crackers to obtain access information Circumvent Intrusion Prevention Systems (IPS) and firewall protections and disrupt the service of routers and switches Scan and penetrate wireless networks Understand the inner workings of Trojan Horses, viruses, and other backdoor applications Test UNIX, Microsoft, and Novell servers for vulnerabilities Learn the root cause of buffer overflows and how to prevent them Perform and prevent Denial of Service attacks
Penetration testing is a growing field but there has yet to be a definitive resource that instructs ethical hackers on how to perform a penetration test with the ethics and responsibilities of testing in mind. Penetration Testing and Network Defense offers detailed steps on how to emulate an outside attacker in order to assess the security of a network.
Continue reading “Penetration Testing and Network Defense (Networking Technology)”
Amazon Price: N/A (as of April 21, 2018 13:00 –
If you've ever been responsible for a network, you know that sinking feeling: your pager has gone off at 2 a.m., the network is broken, and you can't figure out why by using a dial-in connection from home. You drive into the office, dig out your protocol analyzer, and spend the next fourhours trying to put things back together before the staff shows up for work.
When this happens, you often find yourself looking at the low-level guts of the Internet protocols: you're deciphering individual packets, trying to figure out what is (or isn't) happening. Until now, the only real guide to the protocols has been the Internet RFCs–and they're hardlywhat you want to be reading late at night when your network is down. There hasn't been a good book on the fundamentals of IP networking aimed at network administrators–until now.
Continue reading “Internet Core Protocols: The Definitive Guide: Help for Network Administrators”