Network security Books

Book SynopsisCharles P. Pfleeger is an internationally known expert on computer and communications security. He spent 14 years as professor of computer science at the University of Tennessee, before moving on to computer research and consulting company, Trusted Information Systems, where he was director of European operations and senior consultant. He was also director of research, member of the staff, and chief security officer at Cable and Wireless. He has chaired the IEEE Computer Society Technical Committee on Security and Privacy and was on the editorial board of IEEE Security & Privacy magazine. Shari Lawrence Pfleeger is a widely known software engineering and computer security researcher. She served as president of Systems/Software and then as senior researcher with the Rand Corporation. As research director of the Institute for Information Infrastructure Protection, she oversaw large, high-impact computer security research projects for iTable of ContentsForeword xixPreface xxvAcknowledgments xxxiAbout the Authors xxxiii Chapter 1: Introduction 11.1 What Is Computer Security? 31.2 Threats 61.3 Harm 241.4 Vulnerabilities 301.5 Controls 301.6 Conclusion 331.7 What's Next? 341.8 Exercises 36 Chapter 2: Toolbox: Authentication, Access Control, and Cryptography 382.1 Authentication 402.2 Access Control 782.3 Cryptography 932.4 Conclusion 1372.5 Exercises 138 Chapter 3: Programs and Programming 1413.1 Unintentional (Nonmalicious) Programming Oversights 1433.2 Malicious Code--Malware 1783.3 Countermeasures 2113.4 Conclusion 2453.5 Exercises 245 Chapter 4: The Internet--User Side 2484.1 Browser Attacks 2514.2 Attacks Targeting Users 2654.3 Obtaining User or Website Data 2804.4 Mobile Apps 2894.5 Email and Message Attacks 3104.6 Conclusion 3204.7 Exercises 321 Chapter 5: Operating Systems 3235.1 Security in Operating Systems 3235.2 Security in the Design of Operating Systems 3515.3 Rootkits 3715.4 Conclusion 3825.5 Exercises 382 Chapter 6: Networks 3856.1 Network Concepts 386Part I--War on Networks: Network Security Attacks 3996.2 Threats to Network Communications 4006.3 Wireless Network Security 4216.4 Denial of Service 4436.5 Distributed Denial of Service 468Part II--Strategic Defenses: Security Countermeasures 4796.6 Cryptography in Network Security 4796.7 Firewalls 4976.8 Intrusion Detection and Prevention Systems 5226.9 Network Management 5366.10 Conclusion 5456.11 Exercises 545 Chapter 7: Data and Databases 5497.1 Introduction to Databases 5507.2 Security Requirements of Databases 5557.3 Reliability and Integrity 5617.4 Database Disclosure 5667.5 Data Mining and Big Data 5857.6 Conclusion 5997.7 Exercises 599 Chapter 8: New Territory 6018.1 Introduction 6018.2 Cloud Architectures and Their Security 6058.3 IoT and Embedded Devices 6278.4 Cloud, IoT, and Embedded Devices--The Smart Home 6388.5 Smart Cities, IoT, Embedded Devices, and Cloud 6438.6 Cloud, IoT, and Critical Services 6488.7 Conclusion 6578.8 Exercises 658 Chapter 9: Privacy 6599.1 Privacy Concepts 6609.2 Privacy Principles and Policies 6719.3 Authentication and Privacy 6889.4 Data Mining 6949.5 Privacy on the Internet 6989.6 Email and Message Security 7139.7 Privacy Impacts of Newer Technologies 7179.8 Conclusion 7249.9 Exercises 725 Chapter 10: Management and Incidents 72710.1 Security Planning 72710.2 Business Continuity Planning 73810.3 Handling Incidents 74210.4 Risk Analysis 74910.5 Physical Threats to Systems 76710.6 New Frontiers in Security Management 77610.7 Conclusion 77810.8 Exercises 779 Chapter 11: Legal Issues and Ethics 78111.1 Protecting Programs and Data 78311.2 Information and the Law 80011.3 Rights of Employees and Employers 80511.4 Redress for Software Failures 80811.5 Computer Crime 81411.6 Ethical Issues in Computer Security 82211.7 An Ethical Dive into Artificial Intelligence 82811.8 Incident Analyses with Ethics 83011.9 Conclusion 84611.10 Exercises 847 Chapter 12: Details of Cryptography 85012.1 Cryptology 85112.2 Symmetric Encryption Algorithms 86312.3 Asymmetric Encryption 87712.4 Message Digests 88312.5 Digital Signatures 88812.6 Quantum Key Distribution 88912.7 Conclusion 894 Chapter 13: Emerging Topics 89513.1 AI and Cybersecurity 89613.2 Blockchains and Cryptocurrencies 90813.3 Offensive Cyber and Cyberwarfare 92413.4 Quantum Computing and Computer Security 93613.5 Conclusion 937 Bibliography 939Index 963

Read more less

Book SynopsisSSH is a popular protocol for securing your network connections. It's reliable, robust, and reasonably easy to use, and both free and commercial implementations are widely available for most operating systems. Everything you want to know about SSH is in our updated second edition of 'SSH, the Secure Shell: The Definitive Guide'.Trade Review"Still the best SSH book out there by a long shot, but too much on Tectia and not enough on OpenSSH 4." - Paul Hudson, Linux Format, October 2005 "The authors manage to convey what SSH is all about as a concept and how to use it in the real world with equal aplomb, and highly technical configuration details are explained with clarity. They are happy to related how to integrate SSH into non-Unix clients, which makes a pleasant change from the typical Unix gurus who write books such as this. Whenever with see the words "definitive guide' included in the title of a book, we usually prepare ourselves for something far from it. The exception being when O'Reilly are the publishers, and this SSH guide is certainly as definitive as any you are likely to read. And read it you should if you are seriously involved with network security." Davey Winder, PC Plus, November 2005Table of ContentsPreface 1. Introduction to SSH 1.1 What Is SSH? 1.2 What SSH Is Not 1.3 The SSH Protocol 1.4 Overview of SSH Features; 1.5 History of SSH 1.6 Related Technologies 1.7 Summary; 2. Basic Client Use 2.1 A Running Example 2.2 Remote Terminal Sessions with ssh 2.3 Adding Complexity to the Example; 2.4 Authentication by Cryptographic Key 2.5 The SSH Agent; 2.6 Connecting Without a Password or Passphrase 2.7 Miscellaneous Clients 2.8 Summary 3. Inside SSH 3.1 Overview of Features 3.2 A Cryptography Primer 3.3 The Architecture of an SSH System 3.4 Inside SSH-2 3.5 Inside SSH-1; 3.6 Implementation Issues 3.7 SSH and File Transfers (scp and sftp) 3.8 Algorithms Used by SSH 3.9 Threats SSH Can Counter; 3.10 Threats SSH Doesn't Prevent 3.11 Threats Caused by SSH; 3.12 Summary 4. Installation and Compile-Time Configuration; 4.1. Overview 4.2 Installing OpenSSH 4.3 Installing Tectia; 4.4 Software Inventory 4.5 Replacing r-Commands with SSH; 4.6 Summary 5. Serverwide Configuration 5.1 Running the Server 5.2 Server Configuration: An Overview 5.3 Getting Ready: Initial Setup 5.4 Authentication: Verifying Identities; 5.5 Access Control: Letting People In 5.6 User Logins and Accounts 5.7 Forwarding 5.8 Subsystems 5.9 Logging and Debugging 5.10 Compatibility Between SSH-1 and SSH-2 Servers; 5.11 Summary 6. Key Management and Agents 6.1 What Is an Identity? 6.2 Creating an Identity 6.3 SSH Agents; 6.4 Multiple Identities 6.5 PGP Authentication in Tectia; 6.6 Tectia External Keys 6.7 Summary 7. Advanced Client Use; 7.1 How to Configure Clients 7.2 Precedence 7.3 Introduction to Verbose Mode 7.4 Client Configuration in Depth 7.5 Secure Copy with scp 7.6 Secure, Interactive Copy with sftp 7.7 Summary 8. Per-Account Server Configuration 8.1 Limits of This Technique 8.2 Public-Key-Based Configuration 8.3 Hostbased Access Control 8.4 The User rc File 8.5 Summary; 9. Port Forwarding and X Forwarding 9.1 What Is Forwarding?; 9.2 Port Forwarding 9.3 Dynamic Port Forwarding 9.4 X Forwarding 9.5 Forwarding Security: TCP-wrappers and libwrap; 9.6 Summary 10. A Recommended Setup 10.1 The Basics; 10.2 Compile-Time Configuration 10.3 Serverwide Configuration; 10.4 Per-Account Configuration 10.5 Key Management 10.6 Client Configuration 10.7 Remote Home Directories (NFS, AFS); 10.8 Summary 11. Case Studies 11.1 Unattended SSH: Batch or cron Jobs 11.2 FTP and SSH 11.3 Pine, IMAP, and SSH; 11.4 Connecting Through a Gateway Host 11.5 Scalable Authentication for SSH 11.6 Tectia Extensions to Server Configuration Files 11.7 Tectia Plugins 12. Troubleshooting and FAQ 12.1 Debug Messages: Your First Line of Defense; 12.2 Problems and Solutions 12.3 Other SSH Resources; 13. Overview of Other Implementations 13.1 Common Features; 13.2 Covered Products 13.3 Other SSH Products 14. OpenSSH for Windows 14.1 Installation 14.2 Using the SSH Clients 14.3 Setting Up the SSH Server 14.4 Public-Key Authentication; 14.5 Troubleshooting 14.6 Summary 15. OpenSSH for Macintosh; 15.1 Using the SSH Clients 15.2 Using the OpenSSH Server; 16. Tectia for Windows 16.1 Obtaining and Installing 16.2 Basic Client Use 16.3 Key Management 16.4 Accession Lite; 16.5 Advanced Client Use 16.6 Port Forwarding 16.7 Connector; 16.8 File Transfers 16.9 Command-Line Programs 16.10 Troubleshooting 16.11 Server17. SecureCRT and SecureFX for Windows 17.1 Obtaining and Installing 17.2 Basic Client Use 17.3 Key Management 17.4 Advanced Client Use 17.5 Forwarding; 17.6 Command-Line Client Programs 17.7 File Transfer 17.8 Troubleshooting 17.9 VShell 17.10 Summary 18. PuTTY for Windows 18.1 Obtaining and Installing 18.2 Basic Client Use; 18.3 File Transfer 18.4 Key Management 18.5 Advanced Client Use 18.6 Forwarding 18.7 Summary; A. OpenSSH 4.0 New Features; B. Tectia Manpage for sshregex; C. Tectia Module Names for Debugging; D. SSH-1 Features of OpenSSH and Tectia; E. SSH Quick Reference Index

Read more less

Book SynopsisIntermediate user levelTable of ContentsChapter 1. Introduction to Ethical HackingIdentify the five phase of ethical hacking. Identify the different types of hacker attacks. Chapter 2. Footprinting and Reconnaissance & Scanning Networks Identify the specific concepts associated with Footprinting. Describe information gathering tools and methodology. Explain DNS enumeration. Perform active and passive reconnaissance. Recognize the differences between port scanning, network scanning and vulnerability scanning. Identify TCP flag types. Identify types of port scans. Identify scanning countermeasures Chapter 3. Enumeration Explain enumeration techniques. Recognize how to establish sessions. Identify enumeration countermeasures. Perform active and passive enumeration. Chapter 4. System Hacking Identify different types of password attacks. Use a password cracking tool. Identify various password cracking countermeasures. Identify different ways to hide files. Recognize how to detect a rootkit. Identify tools that can be used to cover attacker tracks. Chapter 5. Trojans and Backdoor Viruses and Worms Explain how a Trojan infects a system. Identify ports used by Trojans and Trojan countermeasures. Identify the symptoms of a virus. Describe how a virus works. Identify virus types, virus detection methods, and virus countermeasures. Chapter 6. Sniffers and Social Engineering Identify types of sniffing, and protocols vulnerable to sniffing. Recognize types of sniffing attacks. Identify methods for detecting sniffing. Identify countermeasures for sniffing. Identify different types of social engineering, and social engineering countermeasures. Chapter 7. Denial of Service Identify characteristics of a DoS attack. Analyze symptoms of a DoS attack. Recognize DoS attack techniques. Identify detection techniques, and countermeasure strategies. Chapter 8. Session Hijacking Identify the proper order of steps used to conduct a session hijacking attack. Recognize different types of session hijacking. Identify TCP/IP hijacking. Describe countermeasures to protect against session hijacking. Chapter 9. Hacking Webservers Define Web Server architecture. Explain Web server vulnerabilities. Explore various Web Server attacks. Chapter 10. Hacking Web Applications Identify Web application components. Describe Web application attacks. Identify countermeasures. Chapter 11. SQL Injection Examine SQL Injection Attacks. Identify defensive strategies against SQL injection attacks. Chapter 12. Hacking Wireless Networks Identify various types of wireless networks. Identify authentication methods, and types of wireless encryption. Explain the methodology of wireless hacking. Apply wireless commands and tools. Examine plain text wireless traffic, wired equivalent privacy (WEP) Chapter 13. Evading IDs, Firewalls, and Honeypots Identify intrusion detection systems, and techniques. Identify the classes of firewalls. Define a honeypot. Analyze internal and external network traffic using an intrusion detection system. Chapter 14. Buffer Overflow Define a buffer overflow. Identify a buffer overflow. Identify buffer overflow countermeasures. Chapter 15. Cryptography Recognize public key cryptography. Identify a digital signature. Define a message digest. Define secure sockets layer (SSL). Analyze encrypted email. Chapter 16. Penetration Testing Identify types of security assessments. Identify steps of penetration testing. Examine risk management. Identify various penetration testing tools.

Read more less

Book Synopsis

Read more less

Book SynopsisDr. William Stallings has made a unique contribution to understanding the broad sweep of technical developments in computer security, computer networking, and computer architecture. He has authored 18 textbooks and, counting revised editions, a total of 70 books on various aspects of these subjects. His writings have appeared in numerous ACM and IEEE publications, including the Proceedings of the IEEE and ACM Computing Reviews. He has 13 times received the award for the best computer science textbook of the year from the Text and Academic Authors Association. With more than 30 years in the field, he has been a technical contributor, a technical manager, and an executive with several high-technology firms. He has designed and implemented both TCP/IP-based and OSI-based protocol suites on a variety of computers and operating systems, ranging from microcomputers to mainframes. Currently he is an independent consultant whose clients have included computer and Table of Contents Part I: Planning for Privacy 1. Information Privacy Concepts 2. Security Governance and Management 3. Risk Assessment Part II: Privacy Threats 4. Information Storage and Processing 5. Information Collection and Dissemination 6. Intrusion and Interference Part III: Information Privacy Technology 7. Basic Privacy Controls 8. Privacy Enhancing Technology 9. Data Loss Prevention 10. Online Privacy 11. Detection of Conflicts In Security Policies 12. Privacy Evaluation Part IV: Information Privacy Regulations 13. GDPR 14. U.S. Privacy Laws and Regulations

Read more less

Book Synopsis

Read more less

Book Synopsis

Read more less

Book Synopsis

Read more less

Book SynopsisTable of Contents Introduction xxviChapter 1: Introduction to Computer Security 2 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 How Seriously Should You Take Threats to Network Security? . . . . . . . . . 4 Identifying Types of Threats . . . . . . . . . . . . . . . . . . . . . . . . 7 Assessing the Likelihood of an Attack on Your Network . . . . . . . . . . . . 16 Basic Security Terminology . . . . . . . . . . . . . . . . . . . . . . . 16 Concepts and Approaches . . . . . . . . . . . . . . . . . . . . . . . . 19 How Do Legal Issues Impact Network Security? . . . . . . . . . . . . . . . 22 Online Security Resources . . . . . . . . . . . . . . . . . . . . . . . . 23 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25Chapter 2: Networks and the Internet 32 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Network Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 How the Internet Works . . . . . . . . . . . . . . . . . . . . . . . . . 40 History of the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . 47 Basic Network Utilities . . . . . . . . . . . . . . . . . . . . . . . . . 49 Other Network Devices . . . . . . . . . . . . . . . . . . . . . . . . . 55 Advanced Network Communications Topics . . . . . . . . . . . . . . . . 56 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Chapter 3: Cyber Stalking, Fraud, and Abuse 66 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 How Internet Fraud Works . . . . . . . . . . . . . . . . . . . . . . . . 67 Identity Theft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 Cyber Stalking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89Chapter 4: Denial of Service Attacks 96 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 DoS Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Illustrating an Attack . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Common Tools Used for DoS Attacks . . . . . . . . . . . . . . . . . . . 99 DoS Weaknesses . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 Specific DoS Attacks . . . . . . . . . . . . . . . . . . . . . . . . . 102 Real-World Examples of DoS Attacks . . . . . . . . . . . . . . . . . . . 109 How to Defend Against DoS Attacks . . . . . . . . . . . . . . . . . . . 111 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113Chapter 5: Malware 120 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 Viruses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121 Trojan Horses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 The Buffer-Overflow Attack . . . . . . . . . . . . . . . . . . . . . . . 132 Spyware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 Other Forms of Malware . . . . . . . . . . . . . . . . . . . . . . . . 137 Detecting and Eliminating Viruses and Spyware . . . . . . . . . . . . . . 140 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Chapter 6: Techniques Used by Hackers 152 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 Basic Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 The Reconnaissance Phase . . . . . . . . . . . . . . . . . . . . . . . 153 Actual Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 Malware Creation . . . . . . . . . . . . . . . . . . . . . . . . . . . 168 Penetration Testing . . . . . . . . . . . . . . . . . . . . . . . . . . 171 The Dark Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176Chapter 7: Industrial Espionage in Cyberspace 182 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 What Is Industrial Espionage? . . . . . . . . . . . . . . . . . . . . . . 183 Information as an Asset . . . . . . . . . . . . . . . . . . . . . . . . 184 Real-World Examples of Industrial Espionage . . . . . . . . . . . . . . . 187 How Does Espionage Occur? . . . . . . . . . . . . . . . . . . . . . . 189 Low-Tech Industrial Espionage . . . . . . . . . . . . . . . . 189 Spyware Used in Industrial Espionage . . . . . . . . . . . . . 193 Steganography Used in Industrial Espionage . . . . . . . . . . . 193 Phone Taps and Bugs . . . . . . . . . . . . . . . . . . . . 194 Protecting Against Industrial Espionage . . . . . . . . . . . . . . . . . . 194 The Industrial Espionage Act . . . . . . . . . . . . . . . . . . . . . . 197 Spear Phishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199Chapter 8: Encryption 206 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 Cryptography Basics . . . . . . . . . . . . . . . . . . . . . . . . . . 207 History of Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . 207 Modern Cryptography Methods . . . . . . . . . . . . . . . . . . . . . 216 Public Key (Asymmetric) Encryption . . . . . . . . . . . . . . . . . . . 223 PGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228 Legitimate Versus Fraudulent Encryption Methods . . . . . . . . . . . . . 229 Digital Signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 Hashing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 MAC and HMAC . . . . . . . . . . . . . . . . . . . . . . . . . . . 231 Steganography . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233 Cryptanalysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235 Cryptography Used on the Internet . . . . . . . . . . . . . . . . . . . . 236 Quantum Computing Cryptography . . . . . . . . . . . . . . . . . . . 237 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238Chapter 9: Computer Security Technology 244 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244 Virus Scanners . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248 Antispyware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 SSL/TLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 Virtual Private Networks . . . . . . . . . . . . . . . . . . . . . . . . 268 Wi-Fi Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272Chapter 10: Security Policies 278 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 What Is a Policy? . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 Defining User Policies . . . . . . . . . . . . . . . . . . . . . . . . . 280 Defining System Administration Policies . . . . . . . . . . . . . . . . . . 287 New Employees . . . . . . . . . . . . . . . . . . . . . . . 287 Departing Employees . . . . . . . . . . . . . . . . . . . . 287 Change Requests . . . . . . . . . . . . . . . . . . . . . . 288 Security Breaches . . . . . . . . . . . . . . . . . . . . . . 290 Virus Infection . . . . . . . . . . . . . . . . . . . . . . . 290 DoS Attacks . . . . . . . . . . . . . . . . . . . . . . . . 291 Intrusion by a Hacker . . . . . . . . . . . . . . . . . . . . 291 Defining Access Control . . . . . . . . . . . . . . . . . . . . . . . . 292 Development Policies . . . . . . . . . . . . . . . . . . . . . . . . . 293 Standards, Guidelines, and Procedures . . . . . . . . . . . . . . . . . . 294 Disaster Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 Important Laws . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300Chapter 11: Network Scanning and Vulnerability Scanning 306 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306 Basics of Assessing a System . . . . . . . . . . . . . . . . . . . . . . 307 Securing Computer Systems . . . . . . . . . . . . . . . . . . . . . . 315 Scanning Your Network . . . . . . . . . . . . . . . . . . . . . . . . 321 Getting Professional Help . . . . . . . . . . . . . . . . . . . . . . . . 330 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333Chapter 12: Cyber Terrorism and Information Warfare 342 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342 Actual Cases of Cyber Terrorism . . . . . . . . . . . . . . . . . . . . . 343 Weapons of Cyber Warfare . . . . . . . . . . . . . . . . . . . . . . . 345 Economic Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . 347 Military Operations Attacks . . . . . . . . . . . . . . . . . . . . . . . 350 General Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350 Supervisory Control and Data Acquisitions (SCADA) . . . . . . . . . . . . . 351 Information Warfare . . . . . . . . . . . . . . . . . . . . . . . . . . 352 Actual Cases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 Future Trends . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359 Defense Against Cyber Terrorism . . . . . . . . . . . . . . . . . . . . . 362 Terrorist Recruiting and Communication . . . . . . . . . . . . . . . . . . 362 TOR and the Dark Web . . . . . . . . . . . . . . . . . . . . . . . . . 363 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365Chapter 13: Cyber Detective 370 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 General Searches . . . . . . . . . . . . . . . . . . . . . . . . . . . 371 Court Records and Criminal Checks . . . . . . . . . . . . . . . . . . . 375 Usenet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380Chapter 14: Introduction to Forensics 386 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386 General Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . 387 Finding Evidence on the PC . . . . . . . . . . . . . . . . . . . . . . . 397 Finding Evidence in System Logs . . . . . . . . . . . . . . . . . . . . 398 Getting Back Deleted Files . . . . . . . . . . . . . . . . . . . . . . . 399 Operating System Utilities . . . . . . . . . . . . . . . . . . . . . . . 402 The Windows Registry . . . . . . . . . . . . . . . . . . . . . . . . . 404 Mobile Forensics: Cell Phone Concepts . . . . . . . . . . . . . . . . . . 408 The Need for Forensic Certification . . . . . . . . . . . . . . . . . . . . 413 Expert Witnesses . . . . . . . . . . . . . . . . . . . . . . . . . . . 414 Additional Types of Forensics . . . . . . . . . . . . . . . . . . . . . . 415 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418Chapter 15: Cybersecurity Engineering 422 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422 Defining Cybersecurity Engineering . . . . . . . . . . . . . . . . . . . . 423 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440 Test Your Skills . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440Glossary 442Appendix A: Resources 448Appendix B: Answers to the Multiple Choice Questions 4509780135774779, TOC, 8/15/19

Read more less

Book SynopsisSherri Davidoff, CEO of LMG Security and author of Data Breaches, has been called a security badass by the New York Times. An instructor at the renowned Black Hat cybersecurity trainings, she is a GIAC-certified forensic analyst (GCFA) and penetration tester (GPEN). She holds a degree in computer science and electrical engineering from MIT. Matt Durrin, the Director of Training and Research at LMG Security, is a popular speaker at national conferences and training venues. His malware research has been featured on the NBC Nightly News. Karen Sprenger, LMG Security's COO and chief ransomware negotiator, is a noted industry expert, speaker, trainer, and course developer with 25+ years of security/IT experience. She is a GIAC-certified forensic examiner (GCFE) and Certified Information Systems Security Professional (CISSP).Trade Review"Ransomware and Cyber Extortion is a masterstroke that will lead both technical and non-technical readers alike on a journey through the complex and sometimes dark world of cyber extortion. The encore of practical advice and guidance on preventing ransomware can help organizations of all sizes."--Russ Cohen, Head of Cyber Services US, Beazley Group "Davidoff and team have built a magisterial and yet still approachable guide to ransomware. This just became the definitive and classic text. I've been writing about some of these attacks for years and still was blown away by how much more they taught me. I'll hand this to every infosec newcomer and senior consultant from now on."--Tarah Wheeler, CEO, Red Queen Dynamics "Ransomware attacks are no longer encrypt-and-export incidents; they have evolved into sophisticated, multipronged attacks that require a multidisciplinary response of forensic, technical, and compliance expertise and savvy cybercrime negotiation skills. Sherri Davidoff, Matt Durrin, and Karen Sprenger are that 'Dream Team' and concisely help the reader understand how to prepare for and respond to ransomware attacks. This book is a must-read for every member of an internal or external incident response team."--Jody R. Westby, CEO, Global Cyber Risk LLC, Chair, ABA Privacy & Computer Crime Committee (Section of Science & Technology Law) "A thoroughly delightful read, Ransomware and Cyber Extortion takes the topic everyone is talking about and deconstructs it with history and actionable guidance. A must-read before you next brief your board or peers on your own incident response plans."--Andy Ellis, CSO Hall of Fame '21Table of ContentsPreface xxiAcknowledgments xxviiAbout the Authors xxix Chapter 1: Impact 11.1 A Cyber Epidemic 31.2 What Is Cyber Extortion? 41.3 Impacts of Modern Cyber Extortion 71.4 Victim Selection 151.5 Scaling Up 181.6 Conclusion 241.7 Your Turn! 24 Chapter 2: Evolution 272.1 Origin Story 282.2 Cryptoviral Extortion 292.3 Early Extortion Malware 302.4 Key Technological Advancements 312.5 Ransomware Goes Mainstream 382.6 Ransomware-as-a-Service 392.7 Exposure Extortion 402.8 Double Extortion 432.9 An Industrial Revolution 452.10 Conclusion 602.11 Your Turn! 61 Chapter 3: Anatomy of an Attack 633.1 Anatomy Overview 633.2 Entry 653.3 Expansion 723.4 Appraisal 763.5 Priming 773.6 Leverage 803.7 Extortion 853.8 Conclusion 883.9 Your Turn! 88 Chapter 4: The Crisis Begins! 914.1 Cyber Extortion Is a Crisis 924.2 Detection 934.3 Who Should Be Involved? 944.4 Conduct Triage 984.5 Assess Your Resources 1024.6 Develop the Initial Response Strategy 1054.7 Communicate 1074.8 Conclusion 1124.9 Your Turn! 112 Chapter 5: Containment 1155.1 The Need for Speed 1165.2 Gain Access to the Environment 1175.3 Halting Encryption/Deletion 1185.4 Disable Persistence Mechanisms 1215.5 Halting Data Exfiltration 1235.6 Resolve Denial-of-Service Attacks 1245.7 Lock Out the Hackers 1255.8 Hunt for Threats 1295.9 Taking Stock 1335.10 Conclusion 1345.11 Your Turn! 134 Chapter 6: Investigation 1376.1 Research the Adversary 1386.2 Scoping 1466.3 Breach Investigation or Not? 1506.4 Evidence Preservation 1526.5 Conclusion 1606.6 Your Turn! 161 Chapter 7: Negotiation 1637.1 It's a Business 1647.2 Establish Negotiation Goals 1657.3 Outcomes 1697.4 Communication Methods 1717.5 Pressure Tactics 1737.6 Tone, Timeliness, and Trust 1767.7 First Contact 1787.8 Sharing Information 1797.9 Common Mistakes 1827.10 Proof of Life 1837.11 Haggling 1867.12 Closing the Deal 1897.13 Conclusion 1907.14 Your Turn! 191 Chapter 8: Payment 1938.1 To Pay or Not to Pay? 1948.2 Forms of Payment 1978.3 Prohibited Payments 1988.4 Payment Intermediaries 2018.5 Timing Issues 2028.6 After Payment 2048.7 Conclusion 2058.8 Your Turn! 206 Chapter 9: Recovery 2099.1 Back up Your Important Data 2109.2 Build Your Recovery Environment 2119.3 Set up Monitoring and Logging 2149.4 Establish Your Process for Restoring Individual Computers 2179.5 Restore Based on an Order of Operations 2199.6 Restoring Data 2249.7 Decryption 2279.8 It's Not Over 2349.9 Adapt 2359.10 Conclusion 2369.11 Your Turn! 236 Chapter 10: Prevention 23910.1 Running an Effective Cybersecurity Program 24010.2 Preventing Entry 25010.3 Detecting and Blocking Threats 25810.4 Operational Resilience 26110.5 Reducing Risk of Data Theft 26710.6 Solving the Cyber Extortion Problem 26910.7 Conclusion 27410.8 Your Turn! 274 Afterword 277 Checklist A: Cyber Extortion Response 279 Checklist B: Resources to Create in Advance 285 Checklist C: Planning Your Response 291 Checklist D: Running an Effective Cybersecurity Program 293 Index 299

Read more less

Book SynopsisEugene H. Spafford, PhD, is a professor in Computer Science at Purdue University. In his 35-year career, Spaf has been honored with every major award in cybersecurity. Leigh Metcalf, PhD, is a Senior Network Security Research Analyst at the Carnegie Mellon University Software Engineering Institute's cybersecurity-focused CERT division. Josiah Dykstra, PhD, is a cybersecurity practitioner, researcher, author, and speaker. He is the owner of Designer Security and has worked at the US National Security Agency for 18 years.Trade Review"Many security leaders are traditionally in charge of correcting misconceptions just as much as they are in charge of building up solid security practices. We have plenty of resources on practices--but this book is the crucial guide to that essential myth busting."--Phil Venables, CISO, Google Cloud "I'm writing this on my phone, over Wi-Fi, in an airplane on my way to Black Hat, one of the world's largest security conferences. The fact that I'm able to do this at all shows how much we've really learned about cybersecurity over the decades. Now it's all collected in one place for everyone to share. Thank the wise authors, and most importantly: GET OFF THEIR LAWN."--Wendy Nather, Head of Advisory CISOs, Cisco "This book is astounding. A true tour de force--which I have never said about any other book. Inverting the viewpoint is a stroke of genius. This is going to be on my grabbable-at-any-time shelf. What I learned, recalled, and was refreshed on with technically astute agnosticism cannot be measured; just appreciated as a profound historical compilation of security practice and theory. Bravo!"--Winn Schwartaul, Founder and Chief Visionary Officer, The Security Awareness Company "I am happy to endorse the central idea of this book--that cybersecurity is rife with myths that are themselves part of the problem. The brain wants to understand, the world grows ever more complicated, and the sum of the two is myth-making. As the authors say, even if some understanding is true at some time, with enough change what was true becomes a myth soon enough. As such, an acquired immunity to myths is a valuable skill for the cybersecurity practitioner if no other. The paramount goal of all security engineering is No Silent Failure, but myths perpetuate if not create silent failure. Why? Because a state of security is the absence of unmitigable surprise and you cannot mitigate what you don't know is going on. Myths blind us to reality. Ignorance of them is not bliss. This book is a vaccine."--Dan Geer, CISO, In-Q-Tel "This is a fun read for all levels. I like their rapid fire delivery and the general light they cast on so many diverse myths. This book will change the cybersecurity industry for the better."--Michael Sikorski, Author of Practical Malware Analysis & CTO, Unit 42 at Palo Alto NetworksTable of ContentsForeword by Vint Cerf xxiiiIntroduction xxivAcknowledgments xxxiiiAbout the Authors xxxiv Part I: General Issues 1 Chapter 1: What Is Cybersecurity? 2Everyone Knows What "Cybersecurity" Means 2We Can Measure How Secure Our Systems Are 5The Primary Goal of Cybersecurity Is Security 11Cybersecurity Is About Obvious Risks 12Sharing More Cyber Threat Intel Will Make Things Better 14What Matters to You Matters to Everyone Else 16Product X Will Make You Secure 17Macs Are Safer Than PCs, Linux Is Safer Than Windows 18Open Source Software Is More Secure Than Closed Source Software 19Technology X Will Make You Secure 20Process X Will Make You Secure 21Færie Dust Can Make Old Ideas Magically Revolutionary 22Passwords Should Be Changed Often 23Believe and Fear Every Hacking Demo You See 26Cyber Offense Is Easier Than Defense 27Operational Technology (OT) Is Not Vulnerable 29Breaking Systems Is the Best Way to Establish Yourself 30Because You Can, You Should 30Better Security Means Worse Privacy 32Further Reading 33 Chapter 2: What Is the Internet? 36Everyone Knows What the "Internet" Means 36An IP Address Identifies a Unique Machine 37The Internet Is Managed and Controlled by a Central Body 39The Internet Is Largely Static 40Your Network Is Static 41Email Is Private 43Cryptocurrency Is Untraceable 44Everything Can Be Fixed with Blockchain 46The Internet Is Like an Iceberg 46A VPN Makes You Anonymous 48A Firewall Is Enough 49Further Reading 51 Part II: Human Issues 55 Chapter 3: Faulty Assumptions and Magical Thinking 56Humans Will Behave Rationally, So Blame the User! 57We Know Everything We Need to Know About Cybersecurity Problems 62Compliance Equals (Complete) Security 63Authentication Provides Confidentiality 65I Can Never Be Secure, So Why Bother? 65I Am Too Small/Insignificant to Be a Target 66Everybody Is Out to Get Me 69I Engage Only with Trusted Websites, So My Data Is Safe from a Breach 71Security by Obscurity Is Reasonably Secure 72The Illusions of Visibility and Control 74Five 9's Is the Key to Cybersecurity 76Everybody Has Top-of-the-Line Technology 78We Can Predict Future Threats 80Security People Control Security Outcomes 81All Bad Outcomes Are the Result of a Bad Decision 82More Security Is Always Better 84Best Practices Are Always Best 85Because It Is Online It Must Be True/Correct 86Further Reading 87 Chapter 4: Fallacies and Misunderstandings 88The False Cause Fallacy: Correlation Is Causation 89Absence of Evidence Is Evidence of Absence 92The Straw Hacker Fallacy 94Ad Hominem Fallacy 95Hasty Generalization Fallacy 96Regression Fallacy 97Base Rate Fallacy 98Gambler's Fallacy 100Fallacies of Anomalies 100Ignorance of Black Swans 101Conjunction and Disjunction Fallacies 103Valence Effect 104Endowment Effect 104Sunk Cost Fallacy 105Bonus Fallacies 107Further Reading 109 Chapter 5: Cognitive Biases 110Action Bias 112Omission Bias 113Survivorship Bias 115Confirmation Bias 116Choice Affirmation Bias 117Hindsight Bias 117Availability Bias 119Social Proof 121Overconfidence Bias 122Zero Risk Bias 123Frequency Bias 124Bonus Biases 125Further Reading 128 Chapter 6: Perverse Incentives and the Cobra Effect 130The Goal of a Security Vendor Is to Keep You Secure 131Your Cybersecurity Decisions Affect Only You 132Bug Bounties Eliminate Bugs from the Offensive Market 134Cyber Insurance Causes People to Take Less Risk 135Fines and Penalties Cause People to Take Less Risk 136Attacking Back Would Help Stop Cyber Crime 137Innovation Increases Security and Privacy Incidents 138Further Reading 139 Chapter 7: Problems and Solutions 140Failure Is Not an Option in Cybersecurity 141Every Problem Has a Solution 142Anecdotes Are Good Leads for Cybersecurity Solutions 147Detecting More "Bad Stuff" Means the New Thing Is an Improvement 148Every Security Process Should Be Automated 149Professional Certifications Are Useless 151Further Reading 158 Part III: Contextual Issues 161 Chapter 8: Pitfalls of Analogies and Abstractions 162Cybersecurity Is Like the Physical World 165Cybersecurity Is Like Medicine and Biology 170Cybersecurity Is Like Fighting a War 172Cybersecurity Law Is Analogous to Physical-World Law 175Tips for Analogies and Abstractions 175Further Reading 178 Chapter 9: Legal Issues 180Cybersecurity Law Is Analogous to Physical-World Law 181Your Laws Do Not Apply to Me Where I Am 182That Violates My First Amendment Rights! 184Legal Code Supersedes Computer Code 186Law Enforcement Will Never Respond to Cyber Crimes 191You Can Always Hide Information by Suing 193Suing to Suppress a Breach Is a Good Idea 194Terms and Conditions Are Meaningless 194The Law Is on My Side, So I Do Not Need to Worry 195Further Reading 196 Chapter 10: Tool Myths and Misconceptions 198The More Tools, The Better 199Default Configurations Are Always Secure 201A Tool Can Stop All Bad Things 203Intent Can Be Determined from Tools 205Security Tools Are Inherently Secure and Trustworthy 207Nothing Found Means All Is Well 209Further Reading 212 Chapter 11: Vulnerabilities 214We Know Everything There Is to Know About Vulnerabilities 215Vulnerabilities Are Sparse 218Attackers Are Getting More Proficient 218Zero-Day Vulnerabilities Are Most Important 219All Attacks Hinge on a Vulnerability 223Exploits and Proofs of Concept Are Bad 226Vulnerabilities Happen Only in Complex Code 228First Movers Should Sacrifice Security 230Patches Are Always Perfect and Available 231Defenses Might Become Security Vulnerabilities with Time 236All Vulnerabilities Can Be Fixed 237Scoring Vulnerabilities Is Easy and Well Understood 239Because You Can, You Should--Vulnerabilities Edition 240Vulnerability Names Reflect Their Importance 241Further Reading 242 Chapter 12: Malware 244Using a Sandbox Will Tell Me Everything I Need to Know 246Reverse Engineering Will Tell Me Everything I Need to Know 249Malware and Geography Are/Are Not Related 251I Can Always Determine Who Made the Malware and Attacked Me 253Malware Is Always a Complex Program That Is Difficult to Understand 254Free Malware Protection Is Good Enough 256Only Shady Websites Will Infect Me 257Because You Can, You Should--Malware Edition 258Ransomware Is an Entirely New Kind of Malware 259Signed Software Is Always Trustworthy 261Malware Names Reflect Their Importance 263Further Reading 264 Chapter 13: Digital Forensics and Incident Response 266Movies and Television Reflect the Reality of Cyber 267Incidents Are Discovered as Soon as They Occur 269Incidents Are Discrete and Independent 270Every Incident Is the Same Severity 271Standard Incident Response Techniques Can Deal with Ransomware 272Incident Responders Can Flip a Few Switches and Magically EverythingIs Fixed 273Attacks Are Always Attributable 276Attribution Is Essential 278Most Attacks/Exfiltration of Data Originate from Outside the Organization 280The Trojan Horse Defense Is Dead 281Endpoint Data Is Sufficient for Incident Detection 282Recovering from an Event Is a Simple and Linear Process 284Further Reading 285 Part IV: Data Issues 287 Chapter 14: Lies, Damn Lies, and Statistics 288Luck Prevents Cyber Attacks 289The Numbers Speak for Themselves 290Probability Is Certainty 290Statistics Are Laws 293Data Is Not Important to Statistics 303Artificial Intelligence and Machine Learning Can Solve AllCybersecurity Problems 306Further Reading 310 Chapter 15: Illustrations, Visualizations, and Delusions 312Visualizations and Dashboards Are Inherently and Universally Helpful 313Cybersecurity Data Is Easy to Visualize 319Further Reading 324 Chapter 16: Finding Hope 326Creating a Less Myth-Prone World 328The Critical Value of Documentation 329Meta-Myths and Recommendations 331Avoiding Other and Future Traps 334Parting Thoughts 334 Appendix: Short Background Explanations 336 Acronyms 344Index 350

Read more less

Book SynopsisDr. Chuck Easttom is the author of 37 books, including several on computer security, forensics, and cryptography. He has also authored scientific papers on digital forensics, cyber warfare, cryptography, and applied mathematics. He is an inventor with 25 computer science patents. He holds a doctor of science degree in cybersecurity (dissertation topic: a study of lattice-based algorithms for post quantum cryptography), a Ph.D. in Computer Science (dissertation topic: A Systematic Framework for Network Forensics Using Graph Theory), and a Ph.D. in Nanotechnology (dissertation topic: The Effects of Complexity on Carbon Nanotube Failures) and three master's degrees (one in applied computer science, one in education, and one in systems engineering). He also holds more than 70 industry certifications (CISSP, CEH, etc.). He is a frequent speaker at cybersecurity, computer science, and engineering conferences. He is a Distinguished Speaker and senior member of the ACM and Table of ContentsIntroduction xxix Chapter 1: Introduction to Computer Security 2 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 How Seriously Should You Take Threats to Network Security?. . . . . . . . . . 4 Identifying Types of Threats.. . . . . . . . . . . . . . . . . . . . . . . . 7 Assessing the Likelihood of an Attack on Your Network.. . . . . . . . . . . . 17 Basic Security Terminology. . . . . . . . . . . . . . . . . . . . . . . . 18 Concepts and Approaches.. . . . . . . . . . . . . . . . . . . . . . . . 21 How Do Legal Issues Impact Network Security?.. . . . . . . . . . . . . . . 24 Online Security Resources.. . . . . . . . . . . . . . . . . . . . . . . . 25 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Chapter 2: Networks and the Internet 34 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Network Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 How the Internet Works. . . . . . . . . . . . . . . . . . . . . . . . . 43 History of the Internet.. . . . . . . . . . . . . . . . . . . . . . . . . . 50 Basic Network Utilities.. . . . . . . . . . . . . . . . . . . . . . . . . 52 Other Network Devices.. . . . . . . . . . . . . . . . . . . . . . . . . 59 Advanced Network Communications Topics.. . . . . . . . . . . . . . . . 60 Cloud Computing. . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Chapter 3: Cyber Stalking, Fraud, and Abuse 74 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 How Internet Fraud Works.. . . . . . . . . . . . . . . . . . . . . . . . 75 Identity Theft.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Cyber Stalking.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Protecting Yourself Against Cybercrime.. . . . . . . . . . . . . . . . . . 91 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Chapter 4: Denial of Service Attacks 106 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 DoS Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Illustrating an Attack.. . . . . . . . . . . . . . . . . . . . . . . . . . 107 Common Tools Used for DoS Attacks.. . . . . . . . . . . . . . . . . . . 109 DoS Weaknesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Specific DoS Attacks. . . . . . . . . . . . . . . . . . . . . . . . . . 112 Real-World Examples of DoS Attacks.. . . . . . . . . . . . . . . . . . . 120 How to Defend Against DoS Attacks.. . . . . . . . . . . . . . . . . . . 121 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 Chapter 5: Malware 130 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 Viruses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Trojan Horses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 The Buffer-Overflow Attack. . . . . . . . . . . . . . . . . . . . . . . 145 Spyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 Other Forms of Malware.. . . . . . . . . . . . . . . . . . . . . . . . 149 Detecting and Eliminating Viruses and Spyware. . . . . . . . . . . . . . . 153 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 Chapter 6: Techniques Used by Hackers 166 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 Basic Terminology.. . . . . . . . . . . . . . . . . . . . . . . . . . . 167 The Reconnaissance Phase.. . . . . . . . . . . . . . . . . . . . . . . 167 Actual Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 Malware Creation. . . . . . . . . . . . . . . . . . . . . . . . . . . 184 Penetration Testing.. . . . . . . . . . . . . . . . . . . . . . . . . . 187 The Dark Web. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 Chapter 7: Industrial Espionage in Cyberspace 200 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 What Is Industrial Espionage?.. . . . . . . . . . . . . . . . . . . . . . 202 Information as an Asset. . . . . . . . . . . . . . . . . . . . . . . . . 203 Real-World Examples of Industrial Espionage.. . . . . . . . . . . . . . . 205 How Does Espionage Occur?. . . . . . . . . . . . . . . . . . . . . . 207 Protecting Against Industrial Espionage.. . . . . . . . . . . . . . . . . . 212 Trade Secrets.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 The Industrial Espionage Act.. . . . . . . . . . . . . . . . . . . . . . 218 Spear Phishing.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 219 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220 Chapter 8: Encryption 226 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 Cryptography Basics.. . . . . . . . . . . . . . . . . . . . . . . . . . 227 History of Encryption.. . . . . . . . . . . . . . . . . . . . . . . . . . 228 Modern Cryptography Methods.. . . . . . . . . . . . . . . . . . . . . 236 Public Key (Asymmetric) Encryption.. . . . . . . . . . . . . . . . . . . 245 PGP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250 Legitimate Versus Fraudulent Encryption Methods.. . . . . . . . . . . . . 251 Digital Signatures. . . . . . . . . . . . . . . . . . . . . . . . . . . 252 Hashing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 MAC and HMAC.. . . . . . . . . . . . . . . . . . . . . . . . . . . 254 Steganography. . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 Cryptanalysis.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257 Cryptography Used on the Internet.. . . . . . . . . . . . . . . . . . . . 259 Quantum Computing Cryptography. . . . . . . . . . . . . . . . . . . . 259 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261 Chapter 9: Computer Security Technology 268 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268 Virus Scanners.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 269 Firewalls.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 Antispyware.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 IDSs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 Digital Certificates.. . . . . . . . . . . . . . . . . . . . . . . . . . . 292 SSL/TLS.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 Virtual Private Networks.. . . . . . . . . . . . . . . . . . . . . . . . 296 Wi-Fi Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299 Chapter 10: Security Policies 304 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304 What Is a Policy?.. . . . . . . . . . . . . . . . . . . . . . . . . . . 305 Important Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . 305 Defining User Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 308 Defining System Administration Policies.. . . . . . . . . . . . . . . . . . 316 Security Breaches.. . . . . . . . . . . . . . . . . . . . . . . . . . . 319 Defining Access Control.. . . . . . . . . . . . . . . . . . . . . . . . 321 Development Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 322 Standards, Guidelines, and Procedures.. . . . . . . . . . . . . . . . . . 323 Disaster Recovery.. . . . . . . . . . . . . . . . . . . . . . . . . . . 324 Zero Trust.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327 Important Laws.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330 Chapter 11: Network Scanning and Vulnerability Scanning 336 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336 Basics of Assessing a System.. . . . . . . . . . . . . . . . . . . . . . 337 Securing Computer Systems.. . . . . . . . . . . . . . . . . . . . . . 346 Scanning Your Network. . . . . . . . . . . . . . . . . . . . . . . . . 352 Testing and Scanning Standards.. . . . . . . . . . . . . . . . . . . . . 363 Getting Professional Help.. . . . . . . . . . . . . . . . . . . . . . . . 366 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369 Chapter 12: Cyber Terrorism and Information Warfare 378 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 379 Weapons of Cyber Warfare.. . . . . . . . . . . . . . . . . . . . . . . 382 Economic Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . 384 Military Operations Attacks. . . . . . . . . . . . . . . . . . . . . . . 386 General Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 387 Supervisory Control and Data Acquisitions (SCADA).. . . . . . . . . . . . . 387 Information Warfare.. . . . . . . . . . . . . . . . . . . . . . . . . . 388 Actual Cases of Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 391 Future Trends.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395 Defense Against Cyber Terrorism.. . . . . . . . . . . . . . . . . . . . . 399 Terrorist Recruiting and Communication.. . . . . . . . . . . . . . . . . . 399 TOR and the Dark Web.. . . . . . . . . . . . . . . . . . . . . . . . . 400 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 Chapter 13: Cyber Detective 408 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 General Searches. . . . . . . . . . . . . . . . . . . . . . . . . . . 410 Company Searches.. . . . . . . . . . . . . . . . . . . . . . . . . . 413 Court Records and Criminal Checks.. . . . . . . . . . . . . . . . . . . 413 Usenet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 Google.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 Maltego. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421 Chapter 14: Introduction to Forensics 426 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426 General Guidelines. . . . . . . . . . . . . . . . . . . . . . . . . . . 427 Finding Evidence on a PC. . . . . . . . . . . . . . . . . . . . . . . . 440 Finding Evidence in System Logs.. . . . . . . . . . . . . . . . . . . . 441 Getting Back Deleted Files.. . . . . . . . . . . . . . . . . . . . . . . 442 Operating System Utilities. . . . . . . . . . . . . . . . . . . . . . . . 445 The Windows Registry. . . . . . . . . . . . . . . . . . . . . . . . . 447 Mobile Forensics: Cell Phone Concepts.. . . . . . . . . . . . . . . . . . 452 The Need for Forensic Certification.. . . . . . . . . . . . . . . . . . . . 457 Expert Witnesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 458 Additional Types of Forensics.. . . . . . . . . . . . . . . . . . . . . . 459 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463 Chapter 15: Cybersecurity Engineering 466 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466 Defining Cybersecurity Engineering.. . . . . . . . . . . . . . . . . . . . 467 Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475 SecML. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 Modeling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 Glossary 494 Appendix A: Resources 500 Appendix B: Answers to the Multiple Choice Questions 502 9780137984787, TOC, 12/6/2022

Read more less

Book SynopsisOmar Santos is a Distinguished Engineer at Cisco, focusing on artificial intelligence (AI) security, cybersecurity research, incident response, and vulnerability disclosure. He is a board member of the OASIS Open standards organization and the founder of OpenEoX. Omar's collaborative efforts extend to numerous organizations, including the Forum of Incident Response and Security Teams (FIRST) and the Industry Consortium for Advancement of Security on the Internet (ICASI). Omar is the co-chair of the FIRST PSIRT Special Interest Group (SIG). Omar is the co-founder of the DEF CON Red Team Village and the chair of the Common Security Advisory Framework (CSAF) technical committee.   Omar is the author of more than 25 books, 21 video courses, and more than 50 academic research papers. He is a renowned expert in ethical hacking, vulnerability research, incident response, and AI security. He employs his deep understanding of these disciplines to help orga

Read more less

Book SynopsisDr. Chuck Easttom is the author of 41 books, including several on computer security, forensics, and cryptography. He is also an inventor with 25 patents and the author of over 70 research papers. He holds a Doctor of Science in cybersecurity, a Ph.D. in nanotechnology, a Ph.D. in computer science, and three master's degrees (one in applied computer science, one in education, and one in systems engineering). He is a senior member of both the IEEE and the ACM. He is also a Distinguished Speaker of the ACM and a Distinguished Visitor of the IEEE. Dr. Easttom is currently an adjunct professor for Georgetown University and for Vanderbilt University.Table of Contents Preface xxiii Chapter 1: Introduction to Network Security 2 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 The Basics of a Network.. . . . . . . . . . . . . . . . . . . . . . . . . 3 Basic Network Utilities.. . . . . . . . . . . . . . . . . . . . . . . . . 11 The OSI Model.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 What Does This Mean for Security?. . . . . . . . . . . . . . . . . . . . 16 Assessing Likely Threats to the Network. . . . . . . . . . . . . . . . . . 16 Classifications of Threats.. . . . . . . . . . . . . . . . . . . . . . . . 20 Likely Attacks.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Threat Assessment.. . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Understanding Security Terminology.. . . . . . . . . . . . . . . . . . . . 26 Choosing a Network Security Approach.. . . . . . . . . . . . . . . . . . 30 Network Security and the Law.. . . . . . . . . . . . . . . . . . . . . . 32 Using Security Resources. . . . . . . . . . . . . . . . . . . . . . . . 34 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 Chapter 2: Types of Attacks 42 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Understanding Denial of Service Attacks.. . . . . . . . . . . . . . . . . . 43 Defending Against Buffer Overflow Attacks.. . . . . . . . . . . . . . . . . 63 Defending Against IP Spoofing. . . . . . . . . . . . . . . . . . . . . . 64 Defending Against Session Hijacking.. . . . . . . . . . . . . . . . . . . 66 Blocking Virus and Trojan Horse Attacks. . . . . . . . . . . . . . . . . . 66 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Chapter 3: Fundamentals of Firewalls 82 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 What Is a Firewall?. . . . . . . . . . . . . . . . . . . . . . . . . . . 83 Implementing Firewalls.. . . . . . . . . . . . . . . . . . . . . . . . . 90 Firewall Deployment.. . . . . . . . . . . . . . . . . . . . . . . . . . 95 Selecting and Using a Firewall.. . . . . . . . . . . . . . . . . . . . . . 96 Using Proxy Servers.. . . . . . . . . . . . . . . . . . . . . . . . . . 97 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 Chapter 4: Firewall Practical Applications 106 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 Using Single Machine Firewalls.. . . . . . . . . . . . . . . . . . . . . 107 Windows 10 Firewall.. . . . . . . . . . . . . . . . . . . . . . . . . . 108 User Account Control.. . . . . . . . . . . . . . . . . . . . . . . . . 110 Linux Firewalls.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 Using Small Office/Home Office Firewalls.. . . . . . . . . . . . . . . . . 118 Using Medium-Sized Network Firewalls.. . . . . . . . . . . . . . . . . . 121 Using Enterprise Firewalls. . . . . . . . . . . . . . . . . . . . . . . . 124 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 Chapter 5: Intrusion-Detection Systems 132 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 Understanding IDS Concepts.. . . . . . . . . . . . . . . . . . . . . . 133 IDS Components and Processes.. . . . . . . . . . . . . . . . . . . . . 135 SIEM.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136 Evasion Techniques.. . . . . . . . . . . . . . . . . . . . . . . . . . 137 Understanding and Implementing IDSs.. . . . . . . . . . . . . . . . . . 138 Understanding and Implementing Honeypots. . . . . . . . . . . . . . . . 141 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 Chapter 6: Encryption Fundamentals 152 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 The History of Encryption.. . . . . . . . . . . . . . . . . . . . . . . . 153 Learning About Modern Encryption Methods.. . . . . . . . . . . . . . . . 160 Identifying Good Encryption.. . . . . . . . . . . . . . . . . . . . . . . 173 Understanding Digital Signatures and Certificates.. . . . . . . . . . . . . . 174 MAC and HMAC.. . . . . . . . . . . . . . . . . . . . . . 179 Understanding and Using Decryption.. . . . . . . . . . . . . . . . . . . 179 Cracking Passwords.. . . . . . . . . . . . . . . . . . . . . . . . . . 180 Steganography. . . . . . . . . . . . . . . . . . . . . . . . . . . . 184 Steganalysis.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 Quantum Computing and Quantum Cryptography. . . . . . . . . . . . . . 186 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Endnote.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Chapter 7: Virtual Private Networks 194 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 Basic VPN Technology.. . . . . . . . . . . . . . . . . . . . . . . . . 195 Using VPN Protocols for VPN Encryption.. . . . . . . . . . . . . . . . . 197 IPsec.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 SSL/TLS.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 Other VPN Protocols.. . . . . . . . . . . . . . . . . . . . . . . . . . 209 Implementing VPN Solutions.. . . . . . . . . . . . . . . . . . . . . . 210 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 Chapter 8: Operating System Hardening 222 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222 Configuring Windows Properly.. . . . . . . . . . . . . . . . . . . . . . 223 Configuring Linux Properly.. . . . . . . . . . . . . . . . . . . . . . . 244 Patching the Operating System.. . . . . . . . . . . . . . . . . . . . . 245 Configuring Browsers.. . . . . . . . . . . . . . . . . . . . . . . . . 246 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 Chapter 9: Defending Against Virus Attacks 260 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260 Understanding Virus Attacks.. . . . . . . . . . . . . . . . . . . . . . 261 Virus Scanners.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 270 Virus Scanning Techniques. . . . . . . . . . . . . . . . . . 272 When Antivirus Causes a Problem. . . . . . . . . . . . . . . 274 Commercial Antivirus Software.. . . . . . . . . . . . . . . . 274 Antivirus Policies and Procedures.. . . . . . . . . . . . . . . . . . . . 283 Additional Methods for Defending Your System.. . . . . . . . . . . . . . . 284 What to Do If Your System Is Infected by a Virus.. . . . . . . . . . . . . . 285 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 Chapter 10: Defending Against Trojan Horses and Phishing 296 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 Trojan Horses.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297 Phishing.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 Chapter 11: Security Policies 318 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318 ISO 27002. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319 Important Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . 322 Defining User Policies.. . . . . . . . . . . . . . . . . . . . . . . . . 324 Defining System Administration Policies.. . . . . . . . . . . . . . . . . . 331 Defining Access Control.. . . . . . . . . . . . . . . . . . . . . . . . 336 Defining Developmental Policies.. . . . . . . . . . . . . . . . . . . . . 337 Disaster Recovery.. . . . . . . . . . . . . . . . . . . . . . . . . . . 338 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339 Chapter 12: Assessing System Security 346 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346 Risk Assessment Concepts.. . . . . . . . . . . . . . . . . . . . . . . 347 Evaluating the Security Risk.. . . . . . . . . . . . . . . . . . . . . . . 348 Conducting the Initial Assessment. . . . . . . . . . . . . . . . . . . . 351 Probing the Network.. . . . . . . . . . . . . . . . . . . . . . . . . . 357 Vulnerabilities.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381 McCumber Cube.. . . . . . . . . . . . . . . . . . . . . . . . . . . 384 Security Documentation.. . . . . . . . . . . . . . . . . . . . . . . . 385 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388 Chapter 13: Security Standards 394 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394 COBIT.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394 ISO Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 396 NIST Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 397 U.S. DoD Standards.. . . . . . . . . . . . . . . . . . . . . . . . . . 403 Using the Common Criteria.. . . . . . . . . . . . . . . . . . . . . . . 405 Using Security Models.. . . . . . . . . . . . . . . . . . . . . . . . . 407 U.S. Federal Regulations, Guidelines, and Standards.. . . . . . . . . . . . 410 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413 Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414 Chapter 14: Physical Security and Disaster Recovery 422 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422 Physical Security.. . . . . . . . . . . . . . . . . . . . . . . . . . . 422 Disaster Recovery.. . . . . . . . . . . . . . . . . . . . . . . . . . . 428 Ensuring Fault Tolerance.. . . . . . . . . . . . . . . . . . . . . . . . 432 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435 Chapter 15: Techniques Used by Attackers 438 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438 Preparing to Hack.. . . . . . . . . . . . . . . . . . . . . . . . . . . 439 The Attack Phase. . . . . . . . . . . . . . . . . . . . . . . . . . . 453 Session Hijacking. . . . . . . . . . . . . . . . . . . . . . . . . . . 457 Wi-Fi Hacking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459 Bluetooth Hacking.. . . . . . . . . . . . . . . . . . . . . . . . . . . 459 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462 Chapter 16: Introduction to Forensics 466 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466 General Forensics Guidelines.. . . . . . . . . . . . . . . . . . . . . . 467 FBI Forensics Guidelines. . . . . . . . . . . . . . . . . . . . . . . . 470 Imaging a Drive.. . . . . . . . . . . . . . . . . . . . . . . . . . . . 471 Finding Evidence on the PC.. . . . . . . . . . . . . . . . . . . . . . . 474 Gathering Evidence from a Cell Phone.. . . . . . . . . . . . . . . . . . 485 Forensic Tools to Use.. . . . . . . . . . . . . . . . . . . . . . . . . 491 AccessData Forensic Toolkit.. . . . . . . . . . . . . . . . . 491 EnCase.. . . . . . . . . . . . . . . . . . . . . . . . . . 492 The Sleuth Kit. . . . . . . . . . . . . . . . . . . . . . . 492 OSForensics. . . . . . . . . . . . . . . . . . . . . . . . 492 Forensic Science.. . . . . . . . . . . . . . . . . . . . . . . . . . . 493 To Certify or Not to Certify?.. . . . . . . . . . . . . . . . . . . . . . . 493 Expert Witnesses.. . . . . . . . . . . . . . . . . . . . . . . . . . . 494 Additional Types of Forensics.. . . . . . . . . . . . . . . . . . . . . . 495 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499 Endnote.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499 Chapter 17: Cyber Warfare and Terrorism 504 Introduction.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504 Defending Against Computer-Based Espionage. . . . . . . . . . . . . . . 505 Defending Against Computer-Based Terrorism. . . . . . . . . . . . . . . 508 Choosing Defense Strategies.. . . . . . . . . . . . . . . . . . . . . . 514 Summary.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524 Endnotes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524 Appendix A: Answers 530 Glossary 542 9780138200589, 9/1/2023

Read more less

Book Synopsis

Read more less

Book SynopsisSecurity is now the number one concern for businesses world wide. The gold standard for attaining security is cryptography; it provides the most reliable tools for storing or transmitting digital information. This is the first textbook showing students how to implement cryptography and incorporate it into real-world systems on the Web.Table of Contents1. Basic security skills on the World Wide Web1.1 An introduction to network security1.1.1 Secure and insecure networks1.1.2 Digital cryptography on the web 1.2 The web browser-server dialog 1.2.1 The structure and configurations of the web1.2.2 Web browser and server dialog1.2.3 My first page with security1.2.4 Using HTML and migrating to XHTML1.3 Webpage skills for message manipulation and Security 1.3.1 Number Systems Used On The Web1.3.2 The Ascii Character Set1.3.3 Using Unicode On The Web1.3.4 Numerical Representations Of Messages1.3.5 Implementation Of The Caesar Code1.4 Bitwise Operators And Base64 Encoding/Decoding 1.4.1 An Introduction To Bitwise Operators 1.4.2 Bitwise Operations and Encryptions on The Web1.4.3 Base64 Encoding And Decoding1.5 The Xor And Pkzip/Winzip Encryption Schemes 1.5.1 Xor Encryption/Decryption1.5.2 Implementation Of The Xor Scheme On The Web 1.5.3 Encryption/Decryption Of Pkzip And Winzip1.5.4 Implementation Of The Pkzip/Winzip Encryption Scheme 2. Cryptology, Website Protection And Attacks2.1 An Overview Of Cryptology What Is Cryptology? Examples On Classic Ciphers And Attacks Basic User Authentication And Website Protections 2.2.1 The Beginning Of Cipher-Based Authentication 2.2.2 Basic HTTP Authentication With Apache

Read more less

Book Synopsis"Security engineering is different from any other kind of programming... if you're even thinking of doing any security engineering, you need to read this book. " -- Bruce Schneier "This is the best book on computer security. Buy it, but more importantly, read it and apply it in your work.Trade Review"At over a thousand pages, this is a comprehensive volume." Engineering & Technology Saturday 7 June 2008Table of ContentsPreface to the Second Edition. Foreword by Bruce Schneier. Preface. Acknowledgments. Part I. Chapter 1 What Is Security Engineering? Chapter 2 Usability and Psychology. Chapter 3 Protocols. Chapter 4 Access Control. Chapter 5 Cryptography. Chapter 6 Distributed Systems. Chapter 7 Economics. Part II. Chapter 8 Multilevel Security. Chapter 9 Multilateral Security. Chapter 10 Banking and Bookkeeping. Chapter 11 Physical Protection. Chapter 12 Monitoring and Metering. Chapter 13 Nuclear Command and Control. Chapter 14 Security Printing and Seals. Chapter 15 Biometrics. Chapter 16 Physical Tamper Resistance. Chapter 17 Emission Security. Chapter 18 API Attacks. Chapter 19 Electronic and Information Warfare. Chapter 20 Telecom System Security. Chapter 21 Network Attack and Defense. Chapter 22 Copyright and DRM. Chapter 23 The Bleeding Edge. Part III. Chapter 24 Terror, Justice and Freedom. Chapter 25 Managing the Development of Secure Systems. Chapter 26 System Evaluation and Assurance. Chapter 27 Conclusions. Bibliography. Index.

Read more less

Book SynopsisAs Web use has grown, so have the threats to security and privacy - from credit card fraud to invasions of privacy by marketers to Web site defacements. This book aims to go behind the headlines, examine the major security risks in the 20th century and explain how to minimize them.Table of ContentsPreface Part I. Web Technology 1. The Web Security Landscape The Web Security Problem Risk Analysis and Best Practices 2. The Architecture of the World Wide Web History and Terminology A Packet's Tour of the Web Who Owns the Internet? 3. Cryptography Basics Understanding Cryptography Symmetric Key Algorithms Public Key Algorithms Message Digest Functions 4. Cryptography and the Web Cryptography and Web Security Working Cryptographic Systems and Protocols What Cryptography Can't Do Legal Restrictions on Cryptography 5 Understanding SSL and TLS What Is SSL? SSL: The User's Point of View 6 Digital Identification I: Passwords, Biometrics, and Digital Signatures Physical Identification Using Public Keys for Identification Real-World Public Key Examples 7. Digital Identification II: Digital tificates, CAs, and PKI Understanding Digital Certificates with PGP Certification Authorities: Third-Party Registrars Public Key Infrastructure Open Policy Issues Part II. Privacy and Security for Users 8. The Web's War on Your Privacy Understanding Privacy User-Provided Information Log Files Understanding Cookies Web Bugs Conclusion 9. Privacy-Protecting Techniques Choosing a Good Service Provider Picking a Great Password Cleaning Up After Yourself Avoiding Spam and Junk Email Identity Theft 10. Privacy-Protecting Technologies Blocking Ads and Crushing Cookies Anonymous Browsing Secure Email 1. Backups and Antitheft Using Backups to Protect Your Data Preventing Theft 12. Mobile Code I: Plug-Ins, ActiveX, and Visual Basic When Good Browsers Go Bad Helper Applications and Plug-ins Microsoft's ActiveX The Risks of Downloaded Code Conclusion 1. Mobile Code II: Java, JavaScript, Flash, and Shockwave Java JavaScript Flash and Shockwave Conclusion Part III. Web Server Security 14. Physical Security for Servers Planning for the Forgotten Threats Protecting Computer Hardware Protecting Your Data Personnel Story: A Failed Site Inspection 15. Host Security for Servers Current Host Security Problems Securing the Host Computer Minimizing Risk by Minimizing Services Operating Securely Secure Remote Access and Content Updating Firewalls and the Web Conclusion 16. Securing Web Applications A Legacy of Extensibility and Risk Rules to Code By Securely Using Fields, Hidden Fields, and Cookies Rules for Programming Languages Using PHP Securely Writing Scripts That Run with Additional Privileges Connecting to Databases Conclusion 17. Deploying SSL Server Certificates Planning for Your SSL Server Creating SSL Servers with FreeBSD Installing an SSL Certificate on Microsoft IIS Obtaining a Certificate from a Commercial CA When Things Go Wrong 18. Securing Your Web Service Protecting Via Redundancy Protecting Your DNS Protecting Your Domain Registration 19. Computer Crime Your Legal Options After a Break-In Criminal Hazards Criminal Subject Matter Part IV. Security for Content Providers 20. Controlling Access to Your Web Content Access Control Strategies Controlling Access with Apache Controlling Access with Microsoft IIS 21. Client-Side Digital Certificates Client Certificates A Tour of the VeriSign Digital ID Center 22. Code Signing and Microsoft's Authenticode Why Code Signing? Microsoft's Authenticode Technology Obtaining a Software Publishing Certificate Other Code Signing Methods 23. Pornography, Filtering Software, and Censorship Pornography Filtering PICS RSACi Conclusion 24. Privacy Policies, Legislation, and P3P Policies That Protect Privacy and Privacy Policies Children's Online Privacy Protection Act P3P Conclusion 25. Digital Payments Charga-Plates, Diners Club, and Credit Cards Internet-Based Payment Systems How to Evaluate a Credit Card Payment System 26. Intellectual Property and Actionable Content Copyright Patents Trademarks Actionable Content Part V. Appendixes A. Lessons from Vineyard.NET B. The SSL/TLS Protocol C. P3P: The Platform for Privacy Preferences Project D. The PICS Specification E. References Index

Read more less

Book SynopsisIf you've been avoiding Kerberos because it's confusing and poorly documented, it's time to get on board! This book shows you how to put Kerberos authentication to work on your Windows and Unix systems.Table of ContentsPreface 1. Introduction Origins What Is Kerberos? Goals Evolution Other Products 2. Pieces of the Puzzle The Three As Directories Privacy and Integrity Kerberos Terminology and Concepts Putting the Pieces Together 3. Protocols The Needham-Schroeder Protocol Kerberos 4 Kerberos 5 The Alphabet Soup of Kerberos-Related Protocols 4. Implementation The Basic Steps Planning Your Installation Before You Begin KDC Installation DNS and Kerberos Client and Application Server Installation 5. Troubleshooting A Quick Decision Tree Debugging Tools Errors and Solutions 6. Security Kerberos Attacks Protocol Security Issues Security Solutions Protecting Your KDC Firewalls, NAT, and Kerberos Auditing 7. Applications What Does Kerberos Support Mean? Services and Keytabs Transparent Kerberos Login with PAM Mac OS X and the Login Window Kerberos and Web-Based Applications The Simple Authentication and Security Layer (SASL) Kerberos-Enabled Server Packages Kerberos-Enabled Client Packages More Kerberos-Enabled Packages 8. Advanced Topics Cross-Realm Authentication Using Kerberos 4 Services with Kerberos 5 Windows Issues Windows and Unix Interoperability 9. Case Study The Organization Planning Implementation 10. Kerberos Futures Public Key Extensions Smart Cards Better Encryption Kerberos Referrals Web Services Appendix: Administration Reference Index

Read more less