Instituto Sagres does lecture on Cyber Intelligence

Instituto Sagres gave the lecture “The Intelligence and Cyber Power”. The event occurred on 19 September 2012 and was part of the Cyber Intelligence Symposium, organized by the Brazilian Army Intelligence School (EsIMEx).

The approach is an analogy with the rise of Air Power and its Theories, as well as Air Forces, from the invention of the balloon, by priest Bartolomeu de Gusmão, to the present day, under the focus of Intelligence for military use. Examines aspects of the emergence of Air Power Theories and as in its early days the air vector was seen only as a tool for Intelligence, without any military value as stated by Marshal Foch in 1910, notably with use only for the (Aerial) Reconnaissance, replacing the cavalry and later seen as a replacement to the high spots on the ground, as the Military Doctrine of the time. In this analogy, we have uncovered a probable metric for chronology of emergent Cyber Power in function of the use of the Fifth Dimension: Cyberspace; until then only seen as a source of Intelligence, without any military value. The author leads the audience to question at what timeline point, in the use of Cyberspace, we would be: at the time of the Duque de Caxias balloons (or American Civil War) or UAV? The speaker brings to reflect the questioning of how far away we are from what could be Cyber Power Theories and Cyber Forces (the next Force among Armed Forces) and how Intelligence has and will have a key role in this evolution.

View the original article here

Cyber Commander’s Handbook

Cyber Commander's HandbookThe global reliance on computers, networks and systems continues to grow. As our dependency grows so do the threats that target our military s Command, Control, Communications, Computers, Intelligence, Surveillance, Reconnaissance (C4ISR) systems as well as the operational components and electronic controls for our critical infrastructure. Over the past decade we have experienced a substantial rise in the complexity and sophistication of cyber attacks as well as a frightening increase in the impact of some of the attacks. Every computer is a potential cyber weapon waiting to be loaded and used by extremists, criminals, terrorists and rogue nation states. As the world becomes more and more dependent on computers and information technology, the greater the risk of cyber attacks. Government and military leaders now face this fact and our critical systems and infrastructure remain at great risk! This risk has made the ability to defend these critical systems and direct cyber attacks core capabilities required for the modern military. In the age of cyber conflict, leaders need to understand the weapons and strategies used to wage this rapidly evolving type of warfare. This handbook will provide the background needed to understand the new world of cyber warfare, define the tools and techniques for offensive and defensive action, and provide insight into the strategies behind building a dynamic and relevant cyber warfare capability.

Price: $29.95

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)“I finally get it! I used to hear words like rootkit, buffer overflow, and idle scanning, and they just didn’t make any sense. I asked other people and they didn’t seem to know how these things work, or at least they couldn’t explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!”

—Stephen Northcutt, CEO, SANS Institute

“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery

“Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It’s technically intriguing and very clear. . . . A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field.”
—From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World

“What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks.”
—Lenny Zeltser, coauthor of Malware: Fighting Malicious Code

“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery

“In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis’s real strength is in his ability to show complex topics in an understandable form. By the time he’s done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar. This book is your best source for understanding attack strategies, attack tools, and the defenses against both.”
—William Stearns, network security expert, www.stearns.org

“This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written.”
—Warwick Ford, coauthor of Secure Electronic Commerce

For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today’s newest, most sophisticated, and most destructive attacks.

For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic. You’ll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments.

Important features of this new edition include

  • All-new “anatomy-of-an-attack” scenarios and tools
  • An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more
  • Fully updated coverage of reconnaissance tools, including Nmap port scanning and “Google hacking”
  • New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit
  • New information on dangerous, hard-to-detect, kernel-mode rootkits

Price: $69.99

Click here to buy from Amazon

USAF Cyberspace Operations Doctrine Document – AFDD 3-12

USAF Cyberspace Operations Doctrine Document - AFDD 3-12AFDD 3-12 is the US Air Force’s foundational doctrine publication for Air Force operations in, through, and from the cyberspace domain. It defines Cyberspace Superiority and speaks to US Air Force support of maintaining Cyberspace Superiority, a common military function.

“Today, we live in a globally-networked society that is increasingly dependent upon cyberspace access and security. Our ability to gain and maintain superiority in cyberspace has become essential to our ability to deliver global reach, power, and vigilance. As an integral member of the joint warfighting team, the Air Force is committed to growing, sustaining, and presenting highly skilled and well-equipped forces to joint force commanders who can deliver decisive effects in, from, and through cyberspace, while assuring our mission against an asymmetric cyber threat.

Freedom of action in the cyberspace domain enables our command, control, communication, computers, intelligence, surveillance, and reconnaissance capabilities. Our modern defenses, industrial base, and global commerce, as well as that of our nation’s enemies, depend on free use of land, sea, air, space, and cyberspace. Leverage in cyberspace affords influence and control across all other domains. This leverage increases our forces’ access, speed, reach, stealth, and precision.

Controlling the portions of cyberspace integral to our mission is a fundamental prerequisite to effective operations across the range of military operations. While we appreciate the power that cyber-enabled capabilities add, we also maintain a healthy respect for the asymmetric power that cyberspace affords our adversaries. We must maintain a constant commitment to educate, train, and equip our Airman to prevail in the contested domain of cyberspace.

In the past decade, technological advances have provided the means to generate decisive and magnified effects in domains that traditionally could only be achieved via kinetic means. We must continually adapt our operating concepts to leverage emerging cyberspace capabilities to ensure the Air Force maintains the decisive advantage over our adversaries.”

MAURICE H. FORSYTH
Major General, USAF
Commander, LeMay Center for Doctrine
Development and Education

Download AFDD 3-12

 

Penetration Testing and Network Defense

Penetration Testing and Network DefenseThe practical guide to simulating, detecting, and responding to network attacks

  • Create step-by-step testing plans
  • Learn to perform social engineering and host reconnaissance
  • Evaluate session hijacking methods
  • Exploit web server vulnerabilities
  • Detect attempts to breach database security
  • Use password crackers to obtain access information
  • Circumvent Intrusion Prevention Systems (IPS) and firewall protections and disrupt the service of routers and switches
  • Scan and penetrate wireless networks
  • Understand the inner workings of Trojan Horses, viruses, and other backdoor applications
  • Test UNIX, Microsoft, and Novell servers for vulnerabilities
  • Learn the root cause of buffer overflows and how to prevent them
  • Perform and prevent Denial of Service attacks

Penetration testing is a growing field but there has yet to be a definitive resource that instructs ethical hackers on how to perform a penetration test with the ethics and responsibilities of testing in mind. Penetration Testing and Network Defense offers detailed steps on how to emulate an outside attacker in order to assess the security of a network.

Unlike other books on hacking, this book is specifically geared towards penetration testing. It includes important information about liability issues and ethics as well as procedures and documentation. Using popular open-source and commercial applications, the book shows you how to perform a penetration test on an organization’s network, from creating a test plan to performing social engineering and host reconnaissance to performing simulated attacks on both wired and wireless networks.

Penetration Testing and Network Defense also goes a step further than other books on hacking, as it demonstrates how to detect an attack on a live network. By detailing the method of an attack and how to spot an attack on your network, this book better prepares you to guard against hackers. You will learn how to configure, record, and thwart these attacks and how to harden a system to protect it against future internal and external attacks.

Full of real-world examples and step-by-step procedures, this book is both an enjoyable read and full of practical advice that will help you assess network security and develop a plan for locking down sensitive data and company resources.

“This book goes to great lengths to explain the various testing approaches that are used today and gives excellent insight into how a responsible penetration testing specialist executes his trade.”

–Bruce Murphy, Vice President, World Wide Security Services, Cisco Systems®

Price: $67.00

Click here to buy from Amazon