Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Toolkit

Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit, Second EditionThe much-anticipated second edition of the bestselling book that details network security through the hacker's eye
Since the first edition of Hack Attacks Revealed was published, many new attacks have been made on all operating systems, including UNIX, Windows XP, Mac OS, and Linux, and on firewalls, proxies, and gateways. Security expert John Chirillo is ready to tackle these attacks with you again. He has packed the Second Edition of his all-in-one reference with forty percent new material.
In this fascinating new edition, you'll discover:
* The hacker's perspective on security holes in UNIX, Linux, and Windows networks
* Over 170 new vulnerabilities and exploits
* Advanced discovery techniques
* A crash course in C for compiling hacker tools and vulnerability scanners
* The top seventy-five hack attacks for UNIX and Windows
* Malicious code coverage of Myparty, Goner, Sircam, BadTrans, Nimda, Code Red I/II, and many more
* TigerSuite Professional 3.5 (full suite single license)

Price: $60.00

Click here to buy from Amazon

Chained Exploits: Advanced Hacking Attacks from Start to Finish

Chained Exploits: Advanced Hacking Attacks from Start to FinishThe complete guide to today’s hard-to-defend chained attacks: performing them and preventing them

Nowadays, it’s rare for malicious hackers to rely on just one exploit or tool; instead, they use “chained” exploits that integrate multiple forms of attack to achieve their goals. Chained exploits are far more complex and far more difficult to defend. Few security or hacking books cover them well and most don’t cover them at all. Now there’s a book that brings together start-to-finish information about today’s most widespread chained exploits–both how to perform them and how to prevent them.

Chained Exploits demonstrates this advanced hacking attack technique through detailed examples that reflect real-world attack strategies, use today’s most common attack tools, and focus on actual high-value targets, including credit card and healthcare data. Relentlessly thorough and realistic, this book covers the full spectrum of attack avenues, from wireless networks to physical access and social engineering.

Writing for security, network, and other IT professionals, the authors take you through each attack, one step at a time, and then introduce today’s most effective countermeasures— both technical and human. Coverage includes:

  • Constructing convincing new phishing attacks
  • Discovering which sites other Web users are visiting
  • Wreaking havoc on IT security via wireless networks
  • Disrupting competitors’ Web sites
  • Performing–and preventing–corporate espionage
  • Destroying secure files
  • Gaining access to private healthcare records
  • Attacking the viewers of social networking pages
  • Creating entirely new exploits
  • and more

Andrew Whitaker, Director of Enterprise InfoSec and Networking for Training Camp, has been featured in The Wall Street Journal and BusinessWeek. He coauthored Penetration Testing and Network Defense. Andrew was a winner of EC Council’s Instructor of Excellence Award.

Keatron Evans is President and Chief Security Consultant of Blink Digital Security, LLC, a trainer for Training Camp, and winner of EC Council’s Instructor of Excellence Award.

Jack B. Voth specializes in penetration testing, vulnerability assessment, and perimeter security. He co-owns The Client Server, Inc., and teaches for Training Camp throughout the United States and abroad.

informit.com/aw

Cover photograph © Corbis /

Jupiter Images

$49.99 US

$59.99 CANADA

Price: $49.99

Click here to buy from Amazon

Quantum Attacks on Public-Key Cryptosystems

Quantum Attacks on Public-Key CryptosystemsThe cryptosystems based on the Integer Factorization Problem (IFP), the Discrete Logarithm Problem (DLP) and the Elliptic Curve Discrete Logarithm Problem (ECDLP) are essentially the only three types of practical public-key cryptosystems in use. The security of these cryptosystems relies on the three infeasible number-theoretic problems; no polynomial-time algorithms exist for these three problems. However, quantum polynomial-time algorithms for IFP, DLP and ECDLP do exist, provided that a practical quantum computer exists.

Quantum Attacks on Public-Key Cryptosystems introduces the basic concepts and ideas of quantum computing and quantum computational complexity. The book discusses quantum algorithms for IFP, DLP and ECDLP, based on Shor's seminal work. It also presents some possible alternative post-quantum cryptosystems to replace the IFP, DLP and ECDLP based cryptosystems.

This book is intended for graduate-level students and researchers in computing science, mathematics and digital communications as a second text or reference book. Cryptographers and professionals working in quantum computing, cryptography and network security will find this book a valuable asset.

Price: $99.00

Click here to buy from Amazon

National Strategy of Defense – Peace and Security for Brazil

National Strategy of Defense - Peace and Security for BrazilBrazil is a peaceful country, by tradition and conviction. It lives in peace with its neighbors. It runs its international affairs, among other things, adopting the constitutional principles of non-intervention, defense of peace and peaceful resolution of conflicts. This pacifist trait is part of the national identity, and a value that should be preserved by the Brazilian people.
Brazil – a developing country – shall rise to the first stage in the world neither promoting hegemony nor domination. The Brazilian people are not willing to exert their power on other nations. They want Brazil to grow without reigning upon others.
This is perhaps the reason why Brazil has never conducted a wide discussion about its own defense affairs throughout its history. Periodically, governments used to authorize the acquisition or production of new defense products, and introduced specific reforms in the Armed Forces. However, a national strategy of defense has never been proposed to systematically guide the reorganization and reorientation of the Armed Forces; the organization of the defense industry in order to ensure the operational autonomy of the three service branches: the Navy, the Army and the Air Force; and the policies for the composition of their troops, moreover reconsidering the Mandatory Military Service.
However, if Brazil is willing to reach its deserved spot in the world, it will have to be prepared to defend itself not only from aggressions, but equally from threats.
Intimidation overrides good faith in the world where we live. Nothing substitutes the engagement of the Brazilian people in the debate and construction of their own defense.

The 6th National Strategy of Defense guideline:

“To strengthen three strategically important sectors: cybernetics, space and nuclear. This process of strengthening will ensure the fulfillment of the concept of flexibility. As a result of their own nature, these sectors transcend the border line between development and defense, between the civilian and the military. Both space and cybernetics sectors will, together, enable that the capacity to see one’s own country do not depend on foreign technology, and that the Armed Forces, together, can network supported by a monitoring system also space-based. Brazil is committed – as per the Federal Constitution and the Treaty on the Non-Proliferation of Nuclear Weapons – to the strictly peaceful use of nuclear energy. However, Brazil also asserts its strategic need to develop and master nuclear technology. The country needs to ensure the balance and the versatility of its energy matrix and advance in areas such as agriculture and health, which may benefit from nuclear energy technology. And carry out, among other initiatives that require technological independence in terms of nuclear energy, the nuclear-propelled submarine project.”

Download Estratégia Nacional de Defesa – Paz e segurança para o Brasil
Download National Strategy of Defense – Peace and security for Brazil
Download Estrategia Nacional de Defensa – Paz y seguridad para Brasil
Download Stratégie Nationale de Défense – Paix et Sécurité au Brésil

Buffer Overflow Attacks: Detect, Exploit, Prevent

Buffer Overflow Attacks: Detect, Exploit, PreventThe SANS Institute maintains a list of the “Top 10 Software Vulnerabilities.” At the current time, over half of these vulnerabilities are exploitable by Buffer Overflow attacks, making this class of attack one of the most common and most dangerous weapon used by malicious attackers. This is the first book specifically aimed at detecting, exploiting, and preventing the most common and dangerous attacks.

Buffer overflows make up one of the largest collections of vulnerabilities in existence; And a large percentage of possible remote exploits are of the overflow variety. Almost all of the most devastating computer attacks to hit the Internet in recent years including SQL Slammer, Blaster, and I Love You attacks. If executed properly, an overflow vulnerability will allow an attacker to run arbitrary code on the victim's machine with the equivalent rights of whichever process was overflowed. This is often used to provide a remote shell onto the victim machine, which can be used for further exploitation.

A buffer overflow is an unexpected behavior that exists in certain programming languages. This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.

*Over half of the “SANS TOP 10 Software Vulnerabilities” are related to buffer overflows.

*None of the current-best selling software security books focus exclusively on buffer overflows.

*This book provides specific, real code examples on exploiting buffer overflow attacks from a hacker's perspective and defending against these attacks for the software developer.

Price: $36.95

Click here to buy from Amazon