In September 2010, media reports emerged about a new form of cyber attack that appeared to target Iran, although the actual target, if any, is unknown. Through the use of thumb drives in computers that were not connected to the Internet, a malicious software program known as Stuxnet infected computer systems that were used to control the functioning of a nuclear power plant. Once inside the system, Stuxnet had the ability to degrade or destroy the software on which it operated. This book examines the discovery of the Stuxnet worm which has raised several issues for Congress, including the effect on national security, what the government’s response should be, whether an international treaty to curb the use of malicious software is necessary, and how such a treaty could be implemented.
Wireless LANs can be found nearly everywhere today. Most mobile computers ship with built-in wireless LAN hardware by default and most other computers can be equipped with additional hardware. Because all data is transmitted wirelessly, extra security is needed in these networks. This was a concern to the creators of the IEEE 802.11 standard, who designed a simple protocol called WEP which stands for Wired Equivalent Privacy to protect such networks. Unfortunately, the WEP protocol has some serious design flaws and various attacks are possible against WEP protected networks. This book presents nearly all currently known attacks on the WEP protocol, including their theoretical background and their implementation. This book is intended for network operators, who want to learn more about wireless security, and also for cryptographers, who want to understand the theoretical background of these attacks.
One of the biggest buzzwords in the IT industry for the past few years, virtualization has matured into a practical requirement for many best-practice business scenarios, becoming an invaluable tool for security professionals at companies of every size. In addition to saving time and other resources, virtualization affords unprecedented means for intrusion and malware detection, prevention, recovery, and analysis. Taking a practical approach in a growing market underserved by books, this hands-on title is the first to combine in one place the most important and sought-after uses of virtualization for enhanced security, including sandboxing, disaster recovery and high availability, forensic analysis, and honeypotting.
Already gaining buzz and traction in actual usage at an impressive rate, Gartner research indicates that virtualization will be the most significant trend in IT infrastructure and operations over the next four years. A recent report by IT research firm IDC predicts the virtualization services market will grow from $5.5 billion in 2006 to $11.7 billion in 2011. With this growth in adoption, becoming increasingly common even for small and midsize businesses, security is becoming a much more serious concern, both in terms of how to secure virtualization and how virtualization can serve critical security objectives.
Titles exist and are on the way to fill the need for securing virtualization, but security professionals do not yet have a book outlining the many security applications of virtualization that will become increasingly important in their job requirements. This book is the first to fill that need, covering tactics such as isolating a virtual environment on the desktop for application testing, creating virtualized storage solutions for immediate disaster recovery and high availability across a network, migrating physical systems to virtual systems for analysis, and creating complete virtual systems to entice hackers and expose potential threats to actual production systems.
About the Technologies
A sandbox is an isolated environment created to run and test applications that might be a security risk. Recovering a compromised system is as easy as restarting the virtual machine to revert to the point before failure. Employing virtualization on actual production systems, rather than just test environments, yields similar benefits for disaster recovery and high availability. While traditional disaster recovery methods require time-consuming reinstallation of the operating system and applications before restoring data, backing up to a virtual machine makes the recovery process much easier, faster, and efficient. The virtual machine can be restored to same physical machine or an entirely different machine if the original machine has experienced irreparable hardware failure. Decreased downtime translates into higher availability of the system and increased productivity in the enterprise.
Virtualization has been used for years in the field of forensic analysis, but new tools, techniques, and automation capabilities are making it an increasingly important tool. By means of virtualization, an investigator can create an exact working copy of a physical computer on another machine, including hidden or encrypted partitions, without altering any data, allowing complete access for analysis. The investigator can also take a live ?snapshot? to review or freeze the target computer at any point in time, before an attacker has a chance to cover his tracks or inflict further damage.
A honeypot is a system that looks and acts like a production environment but is actually a monitored trap, deployed in a network with enough interesting data to attract hackers, but created to log their activity and keep them from causing damage to the actual production environment. A honeypot exposes new threats, tools, and techniques used by hackers before they can attack the real systems, which security managers patch based on the information gathered. Before virtualization became mainstream, setting up a machine or a whole network (a honeynet) for research purposes only was prohibitive in both cost and time management. Virtualization makes this technique more viable as a realistic approach for companies large and small.
* The first book to collect a comprehensive set of all virtualization security tools and strategies in a single volume
* Covers all major virtualization platforms, including market leader VMware, Xen, and Microsoft’s Hyper-V virtualization platform, a new part of Windows Server 2008 releasing in June 2008
* Breadth of coverage appeals to a wide range of security professionals, including administrators, researchers, consultants, and forensic
Amazon Price:$13.99 $13.99 (as of June 25, 2019 10:50 – Details). Product prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on the Amazon site at the time of purchase will apply to the purchase of this product.
Do you wish you could be a hacker… or do you wonder if hacking is something for you? Are you tempted to see if you have what it takes to hack? Do you feel ignorant, unclear what Blockchain is, and ready to learn?
This book interrogates the philosophical backdrop of Clausewitzian notions of war, and asks whether modern, network-centric militaries can still be said to serve the ‘political’.
In light of the emerging theories and doctrines of Network-Centric War (NCW), this book traces the philosophical backdrop against which the more common theorizations of war and its conduct take place. Tracing the historical and philosophical roots of modern war from the 17th Century through to the present day, this book reveals that far from paralyzing the project of re-problematisating war, the emergence of NCW affords us an opportunity to rethink war in new and philosophically challenging ways.
This book will be of much interest to students of critical security studies, social theory, war studies and political theory/IR.