Security Warrior: Know Your Enemy

"O'Reilly Media, Inc."
1
Free sample

When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.
Read more
5.0
1 total
Loading...

Additional Information

Publisher
"O'Reilly Media, Inc."
Read more
Published on
Jan 12, 2004
Read more
Pages
556
Read more
ISBN
9780596552398
Read more
Language
English
Read more
Genres
Computers / Networking / General
Computers / Networking / Intranets & Extranets
Computers / Networking / Network Protocols
Computers / Security / General
Read more
Content Protection
This content is DRM free.
Read more
Read Aloud
Available on Android devices
Read more
Eligible for Family Library

Reading information

Smartphones and Tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and Computers

You can read books purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like the Sony eReader or Barnes & Noble Nook, you'll need to download a file and transfer it to your device. Please follow the detailed Help center instructions to transfer the files to supported eReaders.
Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as NFC, P2PE, CNP/Mobile, and EMV. This is the first book to address the recent updates to PCI DSS. The real-world scenarios and hands-on guidance are also new approaches to this topic. All-new case studies and fraud studies have been added to the Fourth Edition.

Each chapter has how-to guidance to walk you through implementing concepts, and real-world scenarios to help you relate to the information and better grasp how it impacts your data. This book provides the information that you need in order to understand the current PCI Data Security standards and how to effectively implement security on network infrastructure in order to be compliant with the credit card industry guidelines, and help you protect sensitive and personally-identifiable information.

Completely updated to follow the most current PCI DSS standard, version 3.0Packed with help to develop and implement an effective strategy to keep infrastructure compliant and secureIncludes coverage of new and emerging technologies such as NFC, P2PE, CNP/Mobile, and EMVBoth authors have broad information security backgrounds, including extensive PCI DSS experience
Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management introduces information technology professionals to the basic concepts of logging and log management. It provides tools and techniques to analyze log data and detect malicious activity.
The book consists of 22 chapters that cover the basics of log data; log data sources; log storage technologies; a case study on how syslog-ng is deployed in a real environment for log collection; covert logging; planning and preparing for the analysis log data; simple analysis techniques; and tools and techniques for reviewing logs for potential problems. The book also discusses statistical analysis; log data mining; visualizing log data; logging laws and logging mistakes; open source and commercial toolsets for log data collection and analysis; log management procedures; and attacks against logging systems. In addition, the book addresses logging for programmers; logging and compliance with regulations and policies; planning for log analysis system deployment; cloud logging; and the future of log standards, logging, and log analysis.
This book was written for anyone interested in learning more about logging and log management. These include systems administrators, junior security engineers, application developers, and managers.Comprehensive coverage of log management including analysis, visualization, reporting and moreIncludes information on different uses for logs -- from system operations to regulatory complianceFeatures case Studies on syslog-ng and actual real-world situations where logs came in handy in incident responseProvides practical guidance in the areas of report, log analysis system selection, planning a log analysis system and log data normalization and correlation
Written by networking veteran with 20 years of experience, Network Warrior provides a thorough and practical introduction to the entire network infrastructure, from cabling to the routers. What you need to learn to pass a Cisco certification exam such as CCNA and what you need to know to survive in the real world are two very different things. The strategies that this book offers weren 't on the exam, but they 're exactly what you need to do your job well.

Network Warrior takes you step by step through the world of hubs, switches, firewalls, and more, including ways to troubleshoot a congested network, and when to upgrade and why. Along the way, you 'll gain an historical perspective of various networking features, such as the way Ethernet evolved. Based on the author 's own experience as well as those he worked for and with, Network Warrior is a Cisco-centric book, focused primarily on the TCP/IP protocol and Ethernet networks -- the realm that Cisco Systems now dominates. The book covers:

The type of networks now in use, from LANs, WANs and MANs to CANs



The OSI Model and the layers involved in sending dataHubs, repeaters, switches, and trunks in practiceAuto negotiation and why it 's a common problem in network slowdownsRoute maps, routing protocols, and switching algorithms in Cisco routersThe resilient Ethernet -- how to make things truly redundantCisco 6500 multi-layer switches and the Catalyst 3750 switchTelecom nomenclature -- why it 's different from the data worldT1 and DS3Firewall theory, designing access lists, authentication in Cisco devicesServer load balancing technologyContent switch module in actionDesigning QOS and what QOS does not doIP design and subnetting made easy



The book also explains how to sell your ideas to management, how networks become a mess as a company grows, and why change control is your friend. Network Warrior will help network administrators and engineers win the complex battles they face every day.
Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management introduces information technology professionals to the basic concepts of logging and log management. It provides tools and techniques to analyze log data and detect malicious activity.
The book consists of 22 chapters that cover the basics of log data; log data sources; log storage technologies; a case study on how syslog-ng is deployed in a real environment for log collection; covert logging; planning and preparing for the analysis log data; simple analysis techniques; and tools and techniques for reviewing logs for potential problems. The book also discusses statistical analysis; log data mining; visualizing log data; logging laws and logging mistakes; open source and commercial toolsets for log data collection and analysis; log management procedures; and attacks against logging systems. In addition, the book addresses logging for programmers; logging and compliance with regulations and policies; planning for log analysis system deployment; cloud logging; and the future of log standards, logging, and log analysis.
This book was written for anyone interested in learning more about logging and log management. These include systems administrators, junior security engineers, application developers, and managers.Comprehensive coverage of log management including analysis, visualization, reporting and moreIncludes information on different uses for logs -- from system operations to regulatory complianceFeatures case Studies on syslog-ng and actual real-world situations where logs came in handy in incident responseProvides practical guidance in the areas of report, log analysis system selection, planning a log analysis system and log data normalization and correlation
Identity theft and other confidential information theft have now topped the charts as the leading cybercrime. In particular, credit card data is preferred by cybercriminals. Is your payment processing secure and compliant? The new Fourth Edition of PCI Compliance has been revised to follow the new PCI DSS standard version 3.0, which is the official version beginning in January 2014. Also new to the Fourth Edition: additional case studies and clear guidelines and instructions for maintaining PCI compliance globally, including coverage of technologies such as NFC, P2PE, CNP/Mobile, and EMV. This is the first book to address the recent updates to PCI DSS. The real-world scenarios and hands-on guidance are also new approaches to this topic. All-new case studies and fraud studies have been added to the Fourth Edition.

Each chapter has how-to guidance to walk you through implementing concepts, and real-world scenarios to help you relate to the information and better grasp how it impacts your data. This book provides the information that you need in order to understand the current PCI Data Security standards and how to effectively implement security on network infrastructure in order to be compliant with the credit card industry guidelines, and help you protect sensitive and personally-identifiable information.

Completely updated to follow the most current PCI DSS standard, version 3.0Packed with help to develop and implement an effective strategy to keep infrastructure compliant and secureIncludes coverage of new and emerging technologies such as NFC, P2PE, CNP/Mobile, and EMVBoth authors have broad information security backgrounds, including extensive PCI DSS experience
©2018 GoogleSite Terms of ServicePrivacyDevelopersArtistsAbout Google|Location: United StatesLanguage: English (United States)
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.