Hacking Exposed Windows Microsoft Windows Security Secrets and Solutions Third Edition

Author: Joel Scambray
Publisher: McGraw Hill Professional
ISBN: 0071596690
Release Date: 2007-12-25
Genre: Computers

The latest Windows security attack and defense strategies "Securing Windows begins with reading this book." --James Costello (CISSP) IT Security Specialist, Honeywell Meet the challenges of Windows security with the exclusive Hacking Exposed "attack-countermeasure" approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in Windows XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors' and contributors' many years as security professionals hired to break into the world's largest IT infrastructures. Dramatically improve the security of Microsoft technology deployments of all sizes when you learn to: Establish business relevance and context for security by highlighting real-world risks Take a tour of the Windows security architecture from the hacker's perspective, exposing old and new vulnerabilities that can easily be avoided Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries, and Google searches to locate vulnerable Windows systems Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing, rogue server/man-in-the-middle attacks, and cracking vulnerable services See up close how professional hackers reverse engineer and develop new Windows exploits Identify and eliminate rootkits, malware, and stealth software Fortify SQL Server against external and insider attacks Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control, the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization

Hacking Exposed Windows Microsoft Windows Security Secrets and Solutions Third Edition

Author: Joel Scambray
Publisher: McGraw Hill Professional
ISBN: 9780071494267
Release Date: 2007-12-04
Genre: Computers

The latest Windows security attack and defense strategies "Securing Windows begins with reading this book." --James Costello (CISSP) IT Security Specialist, Honeywell Meet the challenges of Windows security with the exclusive Hacking Exposed "attack-countermeasure" approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in Windows XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors' and contributors' many years as security professionals hired to break into the world's largest IT infrastructures. Dramatically improve the security of Microsoft technology deployments of all sizes when you learn to: Establish business relevance and context for security by highlighting real-world risks Take a tour of the Windows security architecture from the hacker's perspective, exposing old and new vulnerabilities that can easily be avoided Understand how hackers use reconnaissance techniques such as footprinting, scanning, banner grabbing, DNS queries, and Google searches to locate vulnerable Windows systems Learn how information is extracted anonymously from Windows using simple NetBIOS, SMB, MSRPC, SNMP, and Active Directory enumeration techniques Prevent the latest remote network exploits such as password grinding via WMI and Terminal Server, passive Kerberos logon sniffing, rogue server/man-in-the-middle attacks, and cracking vulnerable services See up close how professional hackers reverse engineer and develop new Windows exploits Identify and eliminate rootkits, malware, and stealth software Fortify SQL Server against external and insider attacks Harden your clients and users against the latest e-mail phishing, spyware, adware, and Internet Explorer threats Deploy and configure the latest Windows security countermeasures, including BitLocker, Integrity Levels, User Account Control, the updated Windows Firewall, Group Policy, Vista Service Refactoring/Hardening, SafeSEH, GS, DEP, Patchguard, and Address Space Layout Randomization

Hacking Exposed 7 Network Security Secrets Solutions Seventh Edition

Author: Stuart McClure
Publisher: McGraw Hill Professional
ISBN: 9780071780285
Release Date: 2012-07-11
Genre: Computers

The latest tactics for thwarting digital attacks “Our new reality is zero-day, APT, and state-sponsored attacks. Today, more than ever, security professionals need to get into the hacker’s mind, methods, and toolbox to successfully deter such relentless assaults. This edition brings readers abreast with the latest attack vectors and arms them for these continually evolving threats.” --Brett Wahlin, CSO, Sony Network Entertainment “Stop taking punches--let’s change the game; it’s time for a paradigm shift in the way we secure our networks, and Hacking Exposed 7 is the playbook for bringing pain to our adversaries.” --Shawn Henry, former Executive Assistant Director, FBI Bolster your system’s security and defeat the tools and tactics of cyber-criminals with expert advice and defense strategies from the world-renowned Hacking Exposed team. Case studies expose the hacker’s latest devious methods and illustrate field-tested remedies. Find out how to block infrastructure hacks, minimize advanced persistent threats, neutralize malicious code, secure web and database applications, and fortify UNIX networks. Hacking Exposed 7: Network Security Secrets & Solutions contains all-new visual maps and a comprehensive “countermeasures cookbook.” Obstruct APTs and web-based meta-exploits Defend against UNIX-based root access and buffer overflow hacks Block SQL injection, spear phishing, and embedded-code attacks Detect and terminate rootkits, Trojans, bots, worms, and malware Lock down remote access using smartcards and hardware tokens Protect 802.11 WLANs with multilayered encryption and gateways Plug holes in VoIP, social networking, cloud, and Web 2.0 services Learn about the latest iPhone and Android attacks and how to protect yourself

Hacking Exposed

Author: Joel Scambray
Publisher: McGraw-Hill Osborne Media
ISBN: 0072230614
Release Date: 2003
Genre: Computers

Provides coverage of the security features in Windows Server 2003. This book is useful for network professionals working with a Windows Server 2003 and/or Windows XP system.

Hacking Exposed Web Applications Third Edition

Author: Joel Scambray
Publisher: McGraw Hill Professional
ISBN: 9780071740425
Release Date: 2010-10-22
Genre: Computers

The latest Web app attacks and countermeasures from world-renowned practitioners Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web Applications, Third Edition is fully updated to cover new infiltration methods and countermeasures. Find out how to reinforce authentication and authorization, plug holes in Firefox and IE, reinforce against injection attacks, and secure Web 2.0 features. Integrating security into the Web development lifecycle (SDL) and into the broader enterprise information security program is also covered in this comprehensive resource. Get full details on the hacker's footprinting, scanning, and profiling tools, including SHODAN, Maltego, and OWASP DirBuster See new exploits of popular platforms like Sun Java System Web Server and Oracle WebLogic in operation Understand how attackers defeat commonly used Web authentication technologies See how real-world session attacks leak sensitive data and how to fortify your applications Learn the most devastating methods used in today's hacks, including SQL injection, XSS, XSRF, phishing, and XML injection techniques Find and fix vulnerabilities in ASP.NET, PHP, and J2EE execution environments Safety deploy XML, social networking, cloud computing, and Web 2.0 services Defend against RIA, Ajax, UGC, and browser-based, client-side exploits Implement scalable threat modeling, code review, application scanning, fuzzing, and security testing procedures

Hacking Exposed Web Applications Second Edition

Author: Joel Scambray
Publisher: Mcgraw-hill
ISBN: 0072262990
Release Date: 2006-06-05
Genre: Computers

Implement bulletproof e-business security the proven Hacking Exposed way Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals.

Microsoft Windows Security Essentials

Author: Darril Gibson
Publisher: John Wiley & Sons
ISBN: 1118114574
Release Date: 2011-06-03
Genre: Computers

Windows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built. This straightforward guide begins each chapter by laying out a list of topics to be discussed, followed by a concise discussion of the core networking skills you need to have to gain a strong handle on the subject matter. Chapters conclude with review questions and suggested labs so you can measure your level of understanding of the chapter's content. Serves as an ideal resource for gaining a solid understanding of fundamental security concepts and skills Offers a straightforward and direct approach to security basics and covers anti-malware software products, firewalls, network topologies and devices, network ports, and more Reviews all the topics you need to know for taking the MTA 98-367 exam Provides an overview of security components, looks at securing access with permissions, addresses audit policies and network auditing, and examines protecting clients and servers If you're new to IT and interested in entering the IT workforce, then Microsoft Windows Security Essentials is essential reading.

Hacking Exposed Unified Communications VoIP Security Secrets Solutions Second Edition

Author: Mark Collier
Publisher: McGraw Hill Professional
ISBN: 9780071798778
Release Date: 2013-12-20
Genre: Computers

The latest techniques for averting UC disaster Establish a holistic security stance by learning to view your unified communications infrastructure through the eyes of the nefarious cyber-criminal. Hacking Exposed Unified Communications & VoIP, Second Edition offers thoroughly expanded coverage of today’s rampant threats alongside ready-to deploy countermeasures. Find out how to block TDoS, toll fraud, voice SPAM, voice social engineering and phishing, eavesdropping, and man-in-the-middle exploits. This comprehensive guide features all-new chapters, case studies, and examples. See how hackers target vulnerable UC devices and entire networks Defend against TDoS, toll fraud, and service abuse Block calling number hacks and calling number spoofing Thwart voice social engineering and phishing exploits Employ voice spam mitigation products and filters Fortify Cisco Unified Communications Manager Use encryption to prevent eavesdropping and MITM attacks Avoid injection of malicious audio, video, and media files Use fuzzers to test and buttress your VoIP applications Learn about emerging technologies such as Microsoft Lync, OTT UC, other forms of UC, and cloud and WebRTC

Hacking Exposed Linux

Author: ISECOM
Publisher: McGraw Hill Professional
ISBN: 0071596429
Release Date: 2007-08-22
Genre: Computers

The Latest Linux Security Solutions This authoritative guide will help you secure your Linux network--whether you use Linux as a desktop OS, for Internet services, for telecommunications, or for wireless services. Completely rewritten the ISECOM way, Hacking Exposed Linux, Third Edition provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest ISECOM security research and shows you, in full detail, how to lock out intruders and defend your Linux systems against catastrophic attacks. Secure Linux by using attacks and countermeasures from the latest OSSTMM research Follow attack techniques of PSTN, ISDN, and PSDN over Linux Harden VoIP, Bluetooth, RF, RFID, and IR devices on Linux Block Linux signal jamming, cloning, and eavesdropping attacks Apply Trusted Computing and cryptography tools for your best defense Fix vulnerabilities in DNS, SMTP, and Web 2.0 services Prevent SPAM, Trojan, phishing, DoS, and DDoS exploits Find and repair errors in C code with static analysis and Hoare Logic

Hacking Exposed Mobile

Author: Neil Bergman
Publisher: McGraw Hill Professional
ISBN: 9780071817028
Release Date: 2013-08-05
Genre: Computers

Proven security tactics for today's mobile apps, devices, and networks "A great overview of the new threats created by mobile devices. ...The authors have heaps of experience in the topics and bring that to every chapter." -- Slashdot Hacking Exposed Mobile continues in the great tradition of the Hacking Exposed series, arming business leaders and technology practitioners with an in-depth understanding of the latest attacks and countermeasures--so they can leverage the power of mobile platforms while ensuring that security risks are contained." -- Jamil Farshchi, Senior Business Leader of Strategic Planning and Initiatives, VISA Identify and evade key threats across the expanding mobile risk landscape. Hacking Exposed Mobile: Security Secrets & Solutions covers the wide range of attacks to your mobile deployment alongside ready-to-use countermeasures. Find out how attackers compromise networks and devices, attack mobile services, and subvert mobile apps. Learn how to encrypt mobile data, fortify mobile platforms, and eradicate malware. This cutting-edge guide reveals secure mobile development guidelines, how to leverage mobile OS features and MDM to isolate apps and data, and the techniques the pros use to secure mobile payment systems. Tour the mobile risk ecosystem with expert guides to both attack and defense Learn how cellular network attacks compromise devices over-the-air See the latest Android and iOS attacks in action, and learn how to stop them Delve into mobile malware at the code level to understand how to write resilient apps Defend against server-side mobile attacks, including SQL and XML injection Discover mobile web attacks, including abuse of custom URI schemes and JavaScript bridges Develop stronger mobile authentication routines using OAuth and SAML Get comprehensive mobile app development security guidance covering everything from threat modeling to iOS- and Android-specific tips Get started quickly using our mobile pen testing and consumer security checklists

Securing Windows Server 2008

Author: Aaron Tiensivu
Publisher: Syngress
ISBN: 0080569978
Release Date: 2008-07-01
Genre: Computers

Microsoft hails the latest version of its flagship server operating system, Windows Server 2008, as "the most secure Windows Server ever". However, to fully achieve this lofty status, system administrators and security professionals must install, configure, monitor, log, and troubleshoot a dizzying array of new features and tools designed to keep the bad guys out and maintain the integrity of their network servers. This is no small task considering the market saturation of Windows Server and the rate at which it is attacked by malicious hackers. According to IDC, Windows Server runs 38% of all network servers. This market prominence also places Windows Server at the top of the SANS top 20 Security Attach Targets. The first five attack targets listed in the SANS top 20 for operating systems are related to Windows Server. This doesn't mean that Windows is inherently less secure than other operating systems; it's simply a numbers game. More machines running Windows Server. More targets for attackers to hack. As a result of being at the top of the "most used" and "most hacked" lists, Microsoft has released a truly powerful suite of security tools for system administrators to deploy with Windows Server 2008. This book is the comprehensive guide needed by system administrators and security professionals to master seemingly overwhelming arsenal of new security tools including: 1. Network Access Protection, which gives administrators the power to isolate computers that don't comply with established security policies. The ability to enforce security requirements is a powerful means of protecting the network. 2. Enhanced solutions for intelligent rules and policies creation to increase control and protection over networking functions, allowing administrators to have a policy-driven network. 3. Protection of data to ensure it can only be accessed by users with the correct security context, and to make it available when hardware failures occur. 4. Protection against malicious software with User Account Control with a new authentication architecture. 5. Increased control over your user settings with Expanded Group Policy. ...to name just a handful of the new security features. In short, Windows Server 2008 contains by far the most powerful and complex suite of security tools ever released in a Microsoft Server product. Securing Windows Server 2008 provides system administrators and security professionals with the knowledge they need to harness this power. * Describes new technologies and features in Windows Server 2008, such as improvements to networking and remote access features, centralized server role management, and an improved file system. * Outlines steps for installing only the necessary components and subsystems of Windows Server 2008 in your environment. No GUI needed. * Describes Windows Server 2008?s security innovations, such as Network Access Protection, Federated Rights Management, and Read-Only Domain Controller * Includes coverage of monitoring, securing, and troubleshooting Windows Server 2008 * Covers Microsoft's Hyper-V virtualization technology, which is offered as an add-on to four of the eight versions of Windows Server 2008 and as a stand-alone product

Hacking Exposed Computer Forensics

Author: Chris Davis
Publisher: McGraw Hill Professional
ISBN: 0072256753
Release Date: 2005
Genre: Computers

Whether retracing the steps of a security breach or tracking down high-tech crime, this complete package shows how to be prepared with both the necessary tools and expert knowledge that ultimately helps the forensics stand up in court. The bonus CD-ROM contains the latest version of each of the forensic tools covered in the book and evidence files for real-time investigation.

Hacking Exposed Wireless Third Edition

Author: Joshua Wright
Publisher: McGraw Hill Professional
ISBN: 9780071827621
Release Date: 2015-03-19
Genre: Computers

Exploit and defend against the latest wireless network attacks Learn to exploit weaknesses in wireless network environments using the innovative techniques in this thoroughly updated guide. Inside, you’ll find concise technical overviews, the latest attack methods, and ready-to-deploy countermeasures. Find out how to leverage wireless eavesdropping, break encryption systems, deliver remote exploits, and manipulate 802.11 clients, and learn how attackers impersonate cellular networks. Hacking Exposed Wireless, Third Edition features expert coverage of ever-expanding threats that affect leading-edge technologies, including Bluetooth Low Energy, Software Defined Radio (SDR), ZigBee, and Z-Wave. Assemble a wireless attack toolkit and master the hacker’s weapons Effectively scan and enumerate WiFi networks and client devices Leverage advanced wireless attack tools, including Wifite, Scapy, Pyrit, Metasploit, KillerBee, and the Aircrack-ng suite Develop and launch client-side attacks using Ettercap and the WiFi Pineapple Hack cellular networks with Airprobe, Kraken, Pytacle, and YateBTS Exploit holes in WPA and WPA2 personal and enterprise security schemes Leverage rogue hotspots to deliver remote access software through fraudulent software updates Eavesdrop on Bluetooth Classic and Bluetooth Low Energy traffic Capture and evaluate proprietary wireless technology with Software Defined Radio tools Explore vulnerabilities in ZigBee and Z-Wave-connected smart homes and offices Attack remote wireless networks using compromised Windows systems and built-in tools

Hacking Exposed Wireless

Author: Johnny Cache
Publisher: McGraw Hill Professional
ISBN: 9780071509695
Release Date: 2007-04-10
Genre: Computers

Secure Your Wireless Networks the Hacking Exposed Way Defend against the latest pervasive and devastating wireless attacks using the tactical security information contained in this comprehensive volume. Hacking Exposed Wireless reveals how hackers zero in on susceptible networks and peripherals, gain access, and execute debilitating attacks. Find out how to plug security holes in Wi-Fi/802.11 and Bluetooth systems and devices. You'll also learn how to launch wireless exploits from Metasploit, employ bulletproof authentication and encryption, and sidestep insecure wireless hotspots. The book includes vital details on new, previously unpublished attacks alongside real-world countermeasures. Understand the concepts behind RF electronics, Wi-Fi/802.11, and Bluetooth Find out how hackers use NetStumbler, WiSPY, Kismet, KisMAC, and AiroPeek to target vulnerable wireless networks Defend against WEP key brute-force, aircrack, and traffic injection hacks Crack WEP at new speeds using Field Programmable Gate Arrays or your spare PS3 CPU cycles Prevent rogue AP and certificate authentication attacks Perform packet injection from Linux Launch DoS attacks using device driver-independent tools Exploit wireless device drivers using the Metasploit 3.0 Framework Identify and avoid malicious hotspots Deploy WPA/802.11i authentication and encryption using PEAP, FreeRADIUS, and WPA pre-shared keys

Hacking Exposed Malware and Rootkits

Author: Michael A. Davis
Publisher: McGraw Hill Professional
ISBN: 9780071591195
Release Date: 2009-10-14
Genre: Computers

Malware and rootkits are on the rise and becoming more complex, according to security company McAfee Author speaks at major security conferences worldwide Hands-on examples, attacks, and countermeasures are included in every chapter