CyberWar

Si Vis Pacem, Para Bellum

By

Penetration Tester’s Open Source Toolkit, Vol. 2

Penetration Tester's Open Source Toolkit, Vol. 2Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine the best attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan. This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester’s toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.

. Perform Network Reconnaissance
Master the objectives, methodology, and tools of the least understood aspect of a penetration test.
. Demystify Enumeration and Scanning
Identify the purpose and type of the target systems, obtain specific information about the versions of the services that are running on the systems, and list the targets and services.
. Hack Database Services
Understand and identify common database service vulnerabilities, discover database services, attack database authentication mechanisms, analyze the contents of the database, and use the database to obtain access to the host operating system.
. Test Web Servers and Applications
Compromise the Web server due to vulnerabilities on the server daemon itself, its unhardened state, or vulnerabilities within the Web applications.
. Test Wireless Networks and Devices
Understand WLAN vulnerabilities, attack WLAN encryption, master information gathering tools, and deploy exploitation tools.
. Examine Vulnerabilities on Network Routers and Switches
Use Traceroute, Nmap, ike-scan, Cisco Torch, Finger, Nessus, onesixtyone, Hydra, Ettercap, and more to attack your network devices.
. Customize BackTrack 2
Torque BackTrack 2 for your specialized needs through module management, unique hard drive installations, and USB installations.
. Perform Forensic Discovery and Analysis with BackTrack 2
Use BackTrack in the field for forensic analysis, image acquisition, and file carving.
. Build Your Own PenTesting Lab
Everything you need to build your own fully functional attack lab.

Price: $59.95

Click here to buy from Amazon

By

Cyber Commander’s Handbook

Cyber Commander's HandbookThe global reliance on computers, networks and systems continues to grow. As our dependency grows so do the threats that target our military s Command, Control, Communications, Computers, Intelligence, Surveillance, Reconnaissance (C4ISR) systems as well as the operational components and electronic controls for our critical infrastructure. Over the past decade we have experienced a substantial rise in the complexity and sophistication of cyber attacks as well as a frightening increase in the impact of some of the attacks. Every computer is a potential cyber weapon waiting to be loaded and used by extremists, criminals, terrorists and rogue nation states. As the world becomes more and more dependent on computers and information technology, the greater the risk of cyber attacks. Government and military leaders now face this fact and our critical systems and infrastructure remain at great risk! This risk has made the ability to defend these critical systems and direct cyber attacks core capabilities required for the modern military. In the age of cyber conflict, leaders need to understand the weapons and strategies used to wage this rapidly evolving type of warfare. This handbook will provide the background needed to understand the new world of cyber warfare, define the tools and techniques for offensive and defensive action, and provide insight into the strategies behind building a dynamic and relevant cyber warfare capability.

Price: $29.95

By

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)

Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)“I finally get it! I used to hear words like rootkit, buffer overflow, and idle scanning, and they just didn’t make any sense. I asked other people and they didn’t seem to know how these things work, or at least they couldn’t explain them in a way that I could understand. Counter Hack Reloaded is the clearest explanation of these tools I have ever seen. Thank you!”

—Stephen Northcutt, CEO, SANS Institute

“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery

“Ed Skoudis is a rare individual. He knows the innards of all the various systems, knows all the latest exploits and defenses, and yet is able to explain everything at just the right level. The first edition of Counter Hack was a fascinating read. It’s technically intriguing and very clear. . . . A book on vulnerabilities, though, will get out of date, and so we definitely needed this updated and significantly rewritten second edition. This book is a wonderful overview of the field.”
—From the Foreword by Radia Perlman, series editor, The Radia Perlman Series in Computer Networking and Security; author of Interconnections; and coauthor of Network Security: Private Communications in a Public World

“What a great partnership! Ed Skoudis and Tom Liston share an uncanny talent for explaining even the most challenging security concepts in a clear and enjoyable manner. Counter Hack Reloaded is an indispensable resource for those who want to improve their defenses and understand the mechanics of computer attacks.”
—Lenny Zeltser, coauthor of Malware: Fighting Malicious Code

“Ed Skoudis does it again! With this new edition, Ed takes a phenomenal work to the next level! This book is a ‘must-have’ and a ‘must-read’ for anyone remotely associated with computers and computer security.”
—Harlan Carvey, CISSP, author of Windows Forensics and Incident Recovery

“In addition to having breadth of knowledge about and probing insights into network security, Ed Skoudis’s real strength is in his ability to show complex topics in an understandable form. By the time he’s done, what started off as a hopeless conglomeration of acronyms starts to sound comfortable and familiar. This book is your best source for understanding attack strategies, attack tools, and the defenses against both.”
—William Stearns, network security expert, www.stearns.org

“This book is a must-have for anyone in the Internet security game. It covers everything from the basic principles to the fine details of online attack methods and counter-strategies and is very engagingly written.”
—Warwick Ford, coauthor of Secure Electronic Commerce

For years, Counter Hack has been the primary resource for every network/system administrator and security professional who needs a deep, hands-on understanding of hacker attacks and countermeasures. Now, leading network security expert Ed Skoudis, with Tom Liston, has thoroughly updated this best-selling guide, showing how to defeat today’s newest, most sophisticated, and most destructive attacks.

For this second edition, more than half the content is new and updated, including coverage of the latest hacker techniques for scanning networks, gaining and maintaining access, and preventing detection. The authors walk you through each attack and demystify every tool and tactic. You’ll learn exactly how to establish effective defenses, recognize attacks in progress, and respond quickly and effectively in both UNIX/Linux and Windows environments.

Important features of this new edition include

  • All-new “anatomy-of-an-attack” scenarios and tools
  • An all-new section on wireless hacking: war driving, wireless sniffing attacks, and more
  • Fully updated coverage of reconnaissance tools, including Nmap port scanning and “Google hacking”
  • New coverage of tools for gaining access, including uncovering Windows and Linux vulnerabilities with Metasploit
  • New information on dangerous, hard-to-detect, kernel-mode rootkits

Price: $69.99

Click here to buy from Amazon

By

Penetration Testing and Network Defense

Penetration Testing and Network DefenseThe practical guide to simulating, detecting, and responding to network attacks

  • Create step-by-step testing plans
  • Learn to perform social engineering and host reconnaissance
  • Evaluate session hijacking methods
  • Exploit web server vulnerabilities
  • Detect attempts to breach database security
  • Use password crackers to obtain access information
  • Circumvent Intrusion Prevention Systems (IPS) and firewall protections and disrupt the service of routers and switches
  • Scan and penetrate wireless networks
  • Understand the inner workings of Trojan Horses, viruses, and other backdoor applications
  • Test UNIX, Microsoft, and Novell servers for vulnerabilities
  • Learn the root cause of buffer overflows and how to prevent them
  • Perform and prevent Denial of Service attacks

Penetration testing is a growing field but there has yet to be a definitive resource that instructs ethical hackers on how to perform a penetration test with the ethics and responsibilities of testing in mind. Penetration Testing and Network Defense offers detailed steps on how to emulate an outside attacker in order to assess the security of a network.

Unlike other books on hacking, this book is specifically geared towards penetration testing. It includes important information about liability issues and ethics as well as procedures and documentation. Using popular open-source and commercial applications, the book shows you how to perform a penetration test on an organization’s network, from creating a test plan to performing social engineering and host reconnaissance to performing simulated attacks on both wired and wireless networks.

Penetration Testing and Network Defense also goes a step further than other books on hacking, as it demonstrates how to detect an attack on a live network. By detailing the method of an attack and how to spot an attack on your network, this book better prepares you to guard against hackers. You will learn how to configure, record, and thwart these attacks and how to harden a system to protect it against future internal and external attacks.

Full of real-world examples and step-by-step procedures, this book is both an enjoyable read and full of practical advice that will help you assess network security and develop a plan for locking down sensitive data and company resources.

“This book goes to great lengths to explain the various testing approaches that are used today and gives excellent insight into how a responsible penetration testing specialist executes his trade.”

–Bruce Murphy, Vice President, World Wide Security Services, Cisco Systems®

Price: $67.00

Click here to buy from Amazon

By

Instituto Sagres does lecture on Cyber Intelligence

Instituto Sagres gave the lecture “The Intelligence and Cyber Power”. The event occurred on 19 September 2012 and was part of the Cyber Intelligence Symposium, organized by the Brazilian Army Intelligence School (EsIMEx).

The approach is an analogy with the rise of Air Power and its Theories, as well as Air Forces, from the invention of the balloon, by priest Bartolomeu de Gusmão, to the present day, under the focus of Intelligence for military use. Examines aspects of the emergence of Air Power Theories and as in its early days the air vector was seen only as a tool for Intelligence, without any military value as stated by Marshal Foch in 1910, notably with use only for the (Aerial) Reconnaissance, replacing the cavalry and later seen as a replacement to the high spots on the ground, as the Military Doctrine of the time. In this analogy, we have uncovered a probable metric for chronology of emergent Cyber Power in function of the use of the Fifth Dimension: Cyberspace; until then only seen as a source of Intelligence, without any military value. The author leads the audience to question at what timeline point, in the use of Cyberspace, we would be: at the time of the Duque de Caxias balloons (or American Civil War) or UAV? The speaker brings to reflect the questioning of how far away we are from what could be Cyber Power Theories and Cyber Forces (the next Force among Armed Forces) and how Intelligence has and will have a key role in this evolution.

View the original article here

/* */