Cyber Commander’s Handbook

Cyber Commander's HandbookThe global reliance on computers, networks and systems continues to grow. As our dependency grows so do the threats that target our military s Command, Control, Communications, Computers, Intelligence, Surveillance, Reconnaissance (C4ISR) systems as well as the operational components and electronic controls for our critical infrastructure. Over the past decade we have experienced a substantial rise in the complexity and sophistication of cyber attacks as well as a frightening increase in the impact of some of the attacks. Every computer is a potential cyber weapon waiting to be loaded and used by extremists, criminals, terrorists and rogue nation states. As the world becomes more and more dependent on computers and information technology, the greater the risk of cyber attacks. Government and military leaders now face this fact and our critical systems and infrastructure remain at great risk! This risk has made the ability to defend these critical systems and direct cyber attacks core capabilities required for the modern military. In the age of cyber conflict, leaders need to understand the weapons and strategies used to wage this rapidly evolving type of warfare. This handbook will provide the background needed to understand the new world of cyber warfare, define the tools and techniques for offensive and defensive action, and provide insight into the strategies behind building a dynamic and relevant cyber warfare capability.

Price: $29.95

Cyber Infrastructure Protection

Cyber Infrastructure ProtectionThe Internet, as well as other telecommunication networks and information systems, have become an integrated part of our daily lives, and our dependency upon their underlying infrastructure is ever-increasing. Unfortunately, as our dependency has grown, so have hostile attacks on the cyber infrastructure by network predators. The lack of security as a core element in the initial design of these information systems has made common desktop software, infrastructure services, and information networks increasingly vulnerable to continuous and innovative breakers of security. Worms, viruses, and spam are examples of attacks that cost the global economy billions of dollars in lost productivity. Sophisticated distributed denial of service (DDoS) attacks that use thousands of web robots (bots) on the Internet and telecommunications networks are on the rise. The ramifications of these attacks are clear: the potential for a devastating largescale network failure, service interruption, or the total unavailability of service. Yet many security programs are based solely on reactive measures, such as the patching of software or the detection of attacks that have already occurred, instead of proactive measures that prevent attacks in the first place. Most of the network security configurations are performed manually and require experts to monitor, tune security devices, and recover from attacks. On the other hand, attacks are getting more sophisticated and highly automated, which gives the attackers an advantage in this technology race. A key contribution of this book is that it provides an integrated view and a comprehensive framework of the various issues relating to cyber infrastructure protection. It covers not only strategy and policy issues, but it also covers social, legal, and technical aspects of cyber security as well. We strongly recommend this book for policymakers and researchers so that they may stay abreast of the latest research and develop a greater understanding of cyber security issues.

Price: $21.95

Click here to buy from Amazon

Attacks on Wireless LANs About the security of IEEE 802.11 based wireless networks

Attacks on Wireless LANs  About the security of IEEE 802.11 based wireless networksWireless LANs can be found nearly everywhere today. Most mobile computers ship with built-in wireless LAN hardware by default and most other computers can be equipped with additional hardware. Because all data is transmitted wirelessly, extra security is needed in these networks. This was a concern to the creators of the IEEE 802.11 standard, who designed a simple protocol called WEP which stands for Wired Equivalent Privacy to protect such networks. Unfortunately, the WEP protocol has some serious design flaws and various attacks are possible against WEP protected networks. This book presents nearly all currently known attacks on the WEP protocol, including their theoretical background and their implementation. This book is intended for network operators, who want to learn more about wireless security, and also for cryptographers, who want to understand the theoretical background of these attacks.

 

Price: $76.00

Click here to buy from Amazon

Counting from Zero

Counting from ZeroCan a security expert save the Internet from a catastrophic zero day cyber attack by a network of zombie computers, known as a botnet? At what cost?

“Credible and believable, this story is told by a subject matter expert. I could not wait to find out what happened next.”
Vint Cerf, Internet pioneer
“The threat to the Internet from worms, viruses, botnets, and zombie computers is real, and growing. Counting from Zero is a great way to come up to speed on the alarming state of affairs, and Johnston draws you in with his story and believable cast of characters.”
Phil Zimmermann, creator of Pretty Good Privacy (PGP) the most widely used email encryption program
Today, every computer connected to the Internet is under constant attack from viruses, worms, port scans, and spam. Security professionals continually fight to contain newly unleashed cyber attacks, known as ‘zero day' attacks, only to have new attacks launched. Millions of computers have already succumbed, and, without their owner's knowledge, have become slave computers – remotely controlled ‘zombies'. Under the control of organized crime and backed by foreign governments, these computers are morphing into collections known in the industry as botnets, short for robot networks.
Internet security expert Mick O'Malley is the only one who recognizes the growing threat of the ultimate zero day attack on the Internet from a massive botnet, and his unique hacker skills and network of colleagues enable him to fight back. More cyber prep than cyber punk, Mick uses real-life tools and techniques to encrypt all his communications, and uses these skills to break the encryption used by the botnet. Mick uses encryption on a personal level, too, having multiple passports and multiple names and identities. While crisscrossing the globe in the air, on land, and at sea investigating the threat, Mick becomes the target of attacks on his reputation, his identity, and ultimately his life.
Along the way, Mick meets Kateryna Petrescu, a beautiful Romanian firewall expert. Mick's attraction to Kateryna develops as they work closely together and share the excitement and danger. Why is the government following Mick and trying to intercept his communications? Can he stop the zero day attack before it is unleashed? What will be the cost to Mick for his single mindedness?
Unfolding across three continents, the new cybercrime mystery “Counting from Zero” gives a realistic insider's view of the thrust and parry world of computer security and cryptography, and the very real threat of botnets.

Price: $11.99

Click here to buy from Amazon

Penetration Tester’s Open Source Toolkit, Vol. 2

Penetration Tester's Open Source Toolkit, Vol. 2Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester's toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.

. Perform Network Reconnaissance
Master the objectives, methodology, and tools of the least understood aspect of a penetration test.
. Demystify Enumeration and Scanning
Identify the purpose and type of the target systems, obtain specific information about the versions of the services that are running on the systems, and list the targets and services.
. Hack Database Services
Understand and identify common database service vulnerabilities, discover database services, attack database authentication mechanisms, analyze the contents of the database, and use the database to obtain access to the host operating system.
. Test Web Servers and Applications
Compromise the Web server due to vulnerabilities on the server daemon itself, its unhardened state, or vulnerabilities within the Web applications.
. Test Wireless Networks and Devices
Understand WLAN vulnerabilities, attack WLAN encryption, master information gathering tools, and deploy exploitation tools.
. Examine Vulnerabilities on Network Routers and Switches
Use Traceroute, Nmap, ike-scan, Cisco Torch, Finger, Nessus, onesixtyone, Hydra, Ettercap, and more to attack your network devices.
. Customize BackTrack 2
Torque BackTrack 2 for your specialized needs through module management, unique hard drive installations, and USB installations.
. Perform Forensic Discovery and Analysis with BackTrack 2
Use BackTrack in the field for forensic analysis, image acquisition, and file carving.
. Build Your Own PenTesting Lab
Everything you need to build your own fully functional attack lab.

Price: $59.95

Click here to buy from Amazon