%{search_type} search results

• Introduction xiii
• Chapter 1 Introducing Wireshark 1 What Is Wireshark? 2 A Best Time to Use Wireshark? 2 Avoiding Being Overwhelmed 3 The Wireshark User Interface 3 Packet List Pane 5 Packet Details Pane 6 Packet Bytes Pane 8 Filters 9 Capture Filters 9 Display Filters 13 Summary 17 Exercises 18
• Chapter 2 Setting Up the Lab 19 Kali Linux 20 Virtualization 22 Basic Terminology and Concepts 23 Benefi ts of Virtualization 23 VirtualBox 24 Installing VirtualBox 24 Installing the VirtualBox Extension Pack 31 Creating a Kali Linux Virtual Machine 33 Installing Kali Linux 40 The W4SP Lab 46 Requirements 46 A Few Words about Docker 47 What Is GitHub? 48 Creating the Lab User 49 Installing the W4SP Lab on the Kali Virtual Machine 50 Setting Up the W4SP Lab 53 The Lab Network 54 Summary 55 Exercises 56
• Chapter 3 The Fundamentals 57 Networking 58 OSI Layers 58 Networking between Virtual Machines 61 Security 63 The Security Triad 63 Intrusion Detection and Prevention Systems 63 False Positives and False Negatives 64 Malware 64 Spoofi ng and Poisoning 66 Packet and Protocol Analysis 66 A Protocol Analysis Story 67 Ports and Protocols 71 Summary 73 Exercises 74
• Chapter 4 Capturing Packets 75 Sniffi ng 76 Promiscuous Mode 76 Starting the First Capture 78 TShark 82 Dealing with the Network 86 Local Machine 87 Sniffi ng Localhost 88 Sniffi ng on Virtual Machine Interfaces 92 Sniffi ng with Hubs 96 SPAN Ports 98 Network Taps 101 Transparent Linux Bridges 103 Wireless Networks 105 Loading and Saving Capture Files 108 File Formats 108 Ring Buffers and Multiple Files 111 Recent Capture Files 116 Dissectors 118 W4SP Lab: Managing Nonstandard HTTP Traffi c 118 Filtering SMB Filenames 120 Packet Colorization 123 Viewing Someone Else s Captures 126 Summary 127 Exercises 128
• Chapter 5 Diagnosing Attacks 129 Attack Type: Man-in-the-Middle 130 Why MitM Attacks Are Effective 130 How MitM Attacks Get Done: ARP 131 W4SP Lab: Performing an ARP MitM Attack 133 W4SP Lab: Performing a DNS MitM Attack 141 How to Prevent MitM Attacks 147 Attack Type: Denial of Service 148 Why DoS Attacks Are Effective 149 How DoS Attacks Get Done 150 How to Prevent DoS Attacks 155 Attack Type: Advanced Persistent Threat 156 Why APT Attacks Are Effective 156 How APT Attacks Get Done 157 Example APT Traffi c in Wireshark 157 How to Prevent APT Attacks 161 Summary 162 Exercises 162
• Chapter 6 Off ensive Wireshark 163 Attack Methodology 163 Reconnaissance Using Wireshark 165 Evading IPS/IDS 168 Session Splicing and Fragmentation 168 Playing to the Host, Not the IDS 169 Covering Tracks and Placing Backdoors 169 Exploitation 170 Setting Up the W4SP Lab with Metasploitable 171 Launching Metasploit Console 171 VSFTP Exploit 172 Debugging with Wireshark 173 Shell in Wireshark 175 TCP Stream Showing a Bind Shell 176 TCP Stream Showing a Reverse Shell 183 Starting ELK 188 Remote Capture over SSH 190 Summary 191 Exercises 192
• Chapter 7 Decrypting TLS, Capturing USB, Keyloggers, and Network Graphing 193 Decrypting SSL/TLS 193 Decrypting SSL/TLS Using Private Keys 195 Decrypting SSL/TLS Using Session Keys 199 USB and Wireshark 202 Capturing USB Traffi c on Linux 203 Capturing USB Traffi c on Windows 206 TShark Keylogger 208 Graphing the Network 212 Lua with Graphviz Library 213 Summary 218 Exercises 219
• Chapter 8 Scripting with Lua 221 Why Lua? 222 Scripting Basics 223 Variables 225 Functions and Blocks 226 Loops 228 Conditionals 230 Setup 230 Checking for Lua Support 231 Lua Initialization 232 Windows Setup 233 Linux Setup 233 Tools 234 Hello World with TShark 236 Counting Packets Script 237 ARP Cache Script 241 Creating Dissectors for Wireshark 244 Dissector Types 245 Why a Dissector Is Needed 245 Experiment 253 Extending Wireshark 255 Packet Direction Script 255 Marking Suspicious Script 257 Snooping SMB File Transfers 260 Summary 262 Index 265.
• (source: Nielsen Book Data)

Master Wireshark to solve real-world security problems If you don t already use Wireshark for a wide range of information security tasks, you will after this book. Mature and powerful, Wireshark is commonly used to find root cause of challenging network issues. This book extends that power to information security professionals, complete with a downloadable, virtual lab environment. Wireshark for Security Professionals covers both offensive and defensive concepts that can be applied to essentially any InfoSec role. Whether into network security, malware analysis, intrusion detection, or penetration testing, this book demonstrates Wireshark through relevant and useful examples. Master Wireshark through both lab scenarios and exercises. Early in the book, a virtual lab environment is provided for the purpose of getting hands-on experience with Wireshark. Wireshark is combined with two popular platforms: Kali, the security-focused Linux distribution, and the Metasploit Framework, the open-source framework for security testing. Lab-based virtual systems generate network traffic for analysis, investigation and demonstration. In addition to following along with the labs you will be challenged with end-of-chapter exercises to expand on covered material. Lastly, this book explores Wireshark with Lua, the light-weight programming language. Lua allows you to extend and customize Wireshark s features for your needs as a security professional. Lua source code is available both in the book and online. Lua code and lab source code are available online through GitHub, which the book also introduces. The book s final two chapters greatly draw on Lua and TShark, the command-line interface of Wireshark. By the end of the book you will gain the following: * Master the basics of Wireshark * Explore the virtual w4sp-lab environment that mimics a real-world network * Gain experience using the Debian-based Kali OS among other systems * Understand the technical details behind network attacks * Execute exploitation and grasp offensive and defensive activities, exploring them through Wireshark * Employ Lua to extend Wireshark features and create useful scripts To sum up, the book content, labs and online material, coupled with many referenced sources of PCAP traces, together present a dynamic and robust manual for information security professionals seeking to leverage Wireshark.
(source: Nielsen Book Data)

• Foreword xxxi Introduction xxxiii
• 1 What Type of Hacker Are You? 1
• 2 How Hackers Hack 9
• 3 Profile: Bruce Schneier 23
• 4 Social Engineering 27
• 5 Profile: Kevin Mitnick 33
• 6 Software Vulnerabilities 39
• 7 Profile: Michael Howard 45
• 8 Profile: Gary McGraw 51
• 9 Malware 55
• 10 Profile: Susan Bradley 61
• 11 Profile: Mark Russinovich 65
• 12 Cryptography 69
• 13 Profile: Martin Hellman 75
• 14 Intrusion Detection/APTs 81
• 15 Profile: Dr. Dorothy E. Denning 87
• 16 Profile: Michael Dubinsky 91
• 17 Firewalls 95
• 18 Profile: William Cheswick 101
• 19 Honeypots 107
• 20 Profile: Lance Spitzner 111
• 21 Password Hacking 115
• 22 Profile: Dr. Cormac Herley 123
• 23 Wireless Hacking 127
• 24 Profile: Thomas d Otreppe de Bouvette 133
• 25 Penetration Testing 137
• 26 Profile: Aaron Higbee 147
• 27 Profile: Benild Joseph 151
• 28 DDoS Attacks 155
• 29 Profile: Brian Krebs 161
• 30 Secure OS 165
• 31 Profile: Joanna Rutkowska 171
• 32 Profile: Aaron Margosis 175
• 33 Network Attacks 181
• 34 Profile: Laura Chappell 185
• 35 IoT Hacking 189
• 36 Profile: Dr. Charlie Miller 193
• 37 Policy and Strategy 201
• 38 Profile: Jing de Jong-Chen 205
• 39 Threat Modeling 211
• 40 Profile: Adam Shostack 217
• 41 Computer Security Education 221
• 42 Profile: Stephen Northcutt 227
• 43 Privacy 231
• 44 Profile: Eva Galperin 235
• 45 Patching 239
• 46 Profile: Window Snyder 245
• 47 Writing as a Career 249
• 48 Profile: Fahmida Y. Rashid 259
• 49 Guide for Parents with Young Hackers 263
• 50 Hacker Code of Ethics 271 Index 275.
• (source: Nielsen Book Data)

Meet the world's top ethical hackers and explore the tools of the trade Hacking the Hacker takes you inside the world of cybersecurity to show you what goes on behind the scenes, and introduces you to the men and women on the front lines of this technological arms race. Twenty-six of the world's top white hat hackers, security researchers, writers, and leaders, describe what they do and why, with each profile preceded by a no-experience-necessary explanation of the relevant technology. Dorothy Denning discusses advanced persistent threats, Martin Hellman describes how he helped invent public key encryption, Bill Cheswick talks about firewalls, Dr. Charlie Miller talks about hacking cars, and other cybersecurity experts from around the world detail the threats, their defenses, and the tools and techniques they use to thwart the most advanced criminals history has ever seen. Light on jargon and heavy on intrigue, this book is designed to be an introduction to the field; final chapters include a guide for parents of young hackers, as well as the Code of Ethical Hacking to help you start your own journey to the top. Cybersecurity is becoming increasingly critical at all levels, from retail businesses all the way up to national security. This book drives to the heart of the field, introducing the people and practices that help keep our world secure. * Go deep into the world of white hat hacking to grasp just how critical cybersecurity is * Read the stories of some of the world's most renowned computer security experts * Learn how hackers do what they do no technical expertise necessary * Delve into social engineering, cryptography, penetration testing, network attacks, and more As a field, cybersecurity is large and multi-faceted yet not historically diverse. With a massive demand for qualified professional that is only going to grow, opportunities are endless. Hacking the Hacker shows you why you should give the field a closer look.
(source: Nielsen Book Data)

• Introduction xxi
• 1 Introduction to Network Forensics 1 What Is Forensics? 3 Handling Evidence 4 Cryptographic Hashes 5 Chain of Custody 8 Incident Response 8 The Need for Network Forensic Practitioners 10 Summary 11 References 12
• 2 Networking Basics 13 Protocols 14 Open Systems Interconnection (OSI) Model 16 TCP/IP Protocol Suite 18 Protocol Data Units 19 Request for Comments 20 Internet Registries 23 Internet Protocol and Addressing 25 Internet Protocol Addresses 28 Internet Control Message Protocol (ICMP) 31 Internet Protocol Version 6 (IPv6) 31 Transmission Control Protocol (TCP) 33 Connection-Oriented Transport 36 User Datagram Protocol (UDP) 38 Connectionless Transport 39 Ports 40 Domain Name System 42 Support Protocols (DHCP) 46 Support Protocols (ARP) 48 Summary 49 References 51
• 3 Host-Side Artifacts 53 Services 54 Connections 60 Tools 62 netstat 63 nbstat 66 ifconfi g/ipconfi g 68 Sysinternals 69 ntop 73 Task Manager/Resource Monitor 75 ARP 77 /proc Filesystem 78 Summary 79
• 4 Packet Capture and Analysis 81 Capturing Packets 82 Tcpdump/Tshark 84 Wireshark 89 Taps 91 Port Spanning 93 ARP Spoofi ng 94 Passive Scanning 96 Packet Analysis with Wireshark 98 Packet Decoding 98 Filtering 101 Statistics 102 Following Streams 105 Gathering Files 106 Network Miner 108 Summary 110
• 5 Attack Types 113 Denial of Service Attacks 114 SYN Floods 115 Malformed Packets 118 UDP Floods 122 Amplifi cation Attacks 124 Distributed Attacks 126 Backscatter 128 Vulnerability Exploits 130 Insider Threats 132 Evasion 134 Application Attacks 136 Summary 140
• 6 Location Awareness 143 Time Zones 144 Using whois 147 Traceroute 150 Geolocation 153 Location-Based Services 156 WiFi Positioning 157 Summary 158
• 7 Preparing for Attacks 159 NetFlow 160 Logging 165 Syslog 166 Windows Event Logs 171 Firewall Logs 173 Router and Switch Logs 177 Log Servers and Monitors 178 Antivirus 180 Incident Response Preparation 181 Google Rapid Response 182 Commercial Offerings 182 Security Information and Event Management 183 Summary 185
• 8 Intrusion Detection Systems 187 Detection Styles 188 Signature-Based 188 Heuristic 189 Host-Based versus Network-Based 190 Snort 191 Suricata and Sagan 201 Bro 203 Tripwire 205 OSSEC 206 Architecture 206 Alerting 207 Summary 208
• 9 Using Firewall and Application Logs 211 Syslog 212 Centralized Logging 216 Reading Log Messages 220 LogWatch 222 Event Viewer 224 Querying Event Logs 227 Clearing Event Logs 231 Firewall Logs 233 Proxy Logs 236 Web Application Firewall Logs 238 Common Log Format 240 Summary 243
• 10 Correlating Attacks 245 Time Synchronization 246 Time Zones 246 Network Time Protocol 247 Packet Capture Times 249 Log Aggregation and Management 251 Windows Event Forwarding 251 Syslog 252 Log Management Offerings 254 Timelines 257 Plaso 258 PacketTotal 259 Wireshark 261 Security Information and Event Management 262 Summary 263
• 11 Network Scanning 265 Port Scanning 266 Operating System Analysis 271 Scripts 273 Banner Grabbing 275 Ping Sweeps 278 Vulnerability Scanning 280 Port Knocking 285 Tunneling 286 Passive Data Gathering 287 Summary 289
• 12 Final Considerations 291 Encryption 292 Keys 293 Symmetric 294 Asymmetric 295 Hybrid 296 SSL/TLS 297 Cloud Computing 306 Infrastructure as a Service 306 Storage as a Service 309 Software as a Service 310 Other Factors 311 The Onion Router (TOR) 314 Summary 317 Index 319.
• (source: Nielsen Book Data)

Intensively hands-on training for real-world network forensics Network Forensics provides a uniquely practical guide for IT and law enforcement professionals seeking a deeper understanding of cybersecurity. This book is hands-on all the way by dissecting packets, you gain fundamental knowledge that only comes from experience. Real packet captures and log files demonstrate network traffic investigation, and the learn-by-doing approach relates the essential skills that traditional forensics investigators may not have. From network packet analysis to host artifacts to log analysis and beyond, this book emphasizes the critical techniques that bring evidence to light. Network forensics is a growing field, and is becoming increasingly central to law enforcement as cybercrime becomes more and more sophisticated. This book provides an unprecedented level of hands-on training to give investigators the skills they need. * Investigate packet captures to examine network communications * Locate host-based artifacts and analyze network logs * Understand intrusion detection systems and let them do the legwork * Have the right architecture and systems in place ahead of an incident Network data is always changing, and is never saved in one place; an investigator must understand how to examine data over time, which involves specialized skills that go above and beyond memory, mobile, or data forensics. Whether you're preparing for a security certification or just seeking deeper training for a law enforcement or IT role, you can only learn so much from concept; to thoroughly understand something, you need to do it. Network Forensics provides intensive hands-on practice with direct translation to real-world application.
(source: Nielsen Book Data)

Kali Linux: a complete pentesting toolkit facilitating smooth backtracking for working hackers About This Book * Conduct network testing, surveillance, pen testing and forensics on MS Windows using Kali Linux * Footprint, monitor, and audit your network and investigate any ongoing infestations * Customize Kali Linux with this professional guide so it becomes your pen testing toolkit Who This Book Is For If you are a working ethical hacker who is looking to expand the offensive skillset with a thorough understanding of Kali Linux, then this is the book for you. Prior knowledge about Linux operating systems and the BASH terminal emulator along with Windows desktop and command line would be highly beneficial. What You Will Learn * Set up Kali Linux for pen testing * Map and enumerate your Windows network * Exploit several common Windows network vulnerabilities * Attack and defeat password schemes on Windows * Debug and reverse-engineer Windows programs * Recover lost files, investigate successful hacks and discover hidden data in innocent-looking files * Catch and hold admin rights on the network, and maintain backdoors on the network after your initial testing is done In Detail Microsoft Windows is one of the two most common OS and managing its security has spawned the discipline of IT security. Kali Linux is the premier platform for testing and maintaining Windows security. Kali is built on the Debian distribution of Linux and shares the legendary stability of that OS. This lets you focus on using the network penetration, password cracking, forensics tools and not the OS. This book has the most advanced tools and techniques to reproduce the methods used by sophisticated hackers to make you an expert in Kali Linux penetration testing. First, you are introduced to Kali's top ten tools and other useful reporting tools. Then, you will find your way around your target network and determine known vulnerabilities to be able to exploit a system remotely. Next, you will prove that the vulnerabilities you have found are real and exploitable. You will learn to use tools in seven categories of exploitation tools. Further, you perform web access exploits using tools like websploit and more. Security is only as strong as the weakest link in the chain. Passwords are often that weak link. Thus, you learn about password attacks that can be used in concert with other approaches to break into and own a network. Moreover, you come to terms with network sniffing, which helps you understand which users are using services you can exploit, and IP spoofing, which can be used to poison a system's DNS cache. Once you gain access to a machine or network, maintaining access is important. Thus, you not only learn penetrating in the machine you also learn Windows privilege's escalations. With easy to follow step-by-step instructions and support images, you will be able to quickly pen test your system and network. Style and approach This book is a hands-on guide for Kali Linux pen testing. This book will provide all the practical knowledge needed to test your network's security using a proven hacker's methodology. The book uses easy-to-understand yet professional language for explaining concepts.
(source: Nielsen Book Data)

Achieve the gold standard in penetration testing with Kali using this masterpiece, now in its third edition! About This Book * Get a rock-solid insight into penetration testing techniques and test your corporate network against threats like never before * Formulate your pentesting strategies by relying on the most up-to-date and feature-rich Kali version in town-Kali Linux 2 (aka Sana). * Experience this journey with new cutting-edge wireless penetration tools and a variety of new features to make your pentesting experience smoother Who This Book Is For If you are an IT security professional or a student with basic knowledge of Unix/Linux operating systems, including an awareness of information security factors, and you want to use Kali Linux for penetration testing, this book is for you. What You Will Learn * Find out to download and install your own copy of Kali Linux * Properly scope and conduct the initial stages of a penetration test * Conduct reconnaissance and enumeration of target networks * Exploit and gain a foothold on a target system or network * Obtain and crack passwords * Use the Kali Linux NetHunter install to conduct wireless penetration testing * Create proper penetration testing reports In Detail Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux - Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age. Style and approach This practical guide will showcase penetration testing through cutting-edge tools and techniques using a coherent, step-by-step approach.
(source: Nielsen Book Data)

Get started with the art and science of digital forensics with this practical, hands-on guide! About This Book * Champion the skills of digital forensics by understanding the nature of recovering and preserving digital information which is essential for legal or disciplinary proceedings * Explore new and promising forensic processes and tools based on 'disruptive technology' to regain control of caseloads. * Richard Boddington, with 10+ years of digital forensics, demonstrates real life scenarios with a pragmatic approach Who This Book Is For This book is for anyone who wants to get into the field of digital forensics. Prior knowledge of programming languages (any) will be of great help, but not a compulsory prerequisite. What You Will Learn * Gain familiarity with a range of different digital devices and operating and application systems that store digital evidence. * Appreciate and understand the function and capability of forensic processes and tools to locate and recover digital evidence. * Develop an understanding of the critical importance of recovering digital evidence in pristine condition and ensuring its safe handling from seizure to tendering it in evidence in court. * Recognise the attributes of digital evidence and where it may be hidden and is often located on a range of digital devices. * Understand the importance and challenge of digital evidence analysis and how it can assist investigations and court cases. * Explore emerging technologies and processes that empower forensic practitioners and other stakeholders to harness digital evidence more effectively. In Detail Digital Forensics is a methodology which includes using various tools, techniques, and programming language. This book will get you started with digital forensics and then follow on to preparing investigation plan and preparing toolkit for investigation. In this book you will explore new and promising forensic processes and tools based on 'disruptive technology' that offer experienced and budding practitioners the means to regain control of their caseloads. During the course of the book, you will get to know about the technical side of digital forensics and various tools that are needed to perform digital forensics. This book will begin with giving a quick insight into the nature of digital evidence, where it is located and how it can be recovered and forensically examined to assist investigators. This book will take you through a series of chapters that look at the nature and circumstances of digital forensic examinations and explains the processes of evidence recovery and preservation from a range of digital devices, including mobile phones, and other media. This book has a range of case studies and simulations will allow you to apply the knowledge of the theory gained to real-life situations. By the end of this book you will have gained a sound insight into digital forensics and its key components. Style and approach The book takes the reader through a series of chapters that look at the nature and circumstances of digital forensic examinations and explains the processes of evidence recovery and preservation from a range of digital devices, including mobile phones, and other media. The mystery of digital forensics is swept aside and the reader will gain a quick insight into the nature of digital evidence, where it is located and how it can be recovered and forensically examined to assist investigators.
(source: Nielsen Book Data)

• Introduction: Three Stigmata
• 1. A "New Dimension" for the Security of Information
• 2. The Promise, Success, and Failure of the Early Researchers
• 3. The Creation of the Internet and the Web, and a Dark Portent
• 4. The Dot-Com Boom and the Genesis of a Lucrative Feedback Loop
• 5. Software Security and the "Hamster Wheel of Pain"
• 6. Usable Security, Economics, and Psychology
• 7. Vulnerability Disclosure, Bounties, and Markets
• 8. Data Breaches, Nation-State Hacking, and Epistemic Closure
• 9. The Wicked Nature of Information Security Epilogue: The Past, Present, and a Possible Future.
• (source: Nielsen Book Data)

As threats to the security of information pervade the fabric of everyday life, A Vulnerable System describes how, even as the demand for information security increases, the needs of society are not being met. The result is that the confidentiality of our personal data, the integrity of our elections, and the stability of foreign relations between countries are increasingly at risk. Andrew J. Stewart convincingly shows that emergency software patches and new security products cannot provide the solution to threats such as computer hacking, viruses, software vulnerabilities, and electronic spying. Profound underlying structural problems must first be understood, confronted, and then addressed. A Vulnerable System delivers a long view of the history of information security, beginning with the creation of the first digital computers during the Cold War. From the key institutions of the so-called military industrial complex in the 1950s to Silicon Valley start-ups in the 2020s, the relentless pursuit of new technologies has come at great cost. The absence of knowledge regarding the history of information security has caused the lessons of the past to be forsaken for the novelty of the present, and has led us to be collectively unable to meet the needs of the current day. From the very beginning of the information age, claims of secure systems have been crushed by practical reality. The myriad risks to technology, Stewart reveals, cannot be addressed without first understanding how we arrived at this moment. A Vulnerable System is an enlightening and sobering history of a topic that affects crucial aspects of our lives.
(source: Nielsen Book Data)

• Front Matter
• Network Security Overview
• Data Encryption Algorithms
• Public-Key Cryptography and Key Management
• Data Authentication
• Network Security Protocols in Practice
• Wireless Network Security
• Cloud Security
• Network Perimeter Security
• Intrusion Detections
• The Art of Anti-Malicious Software
• 7-bit ASCII code
• SHA-512 Constants (in Hexadecimal)
• Data Compression Using ZIP
• Base64 Encoding
• Cracking WEP Keys Using WEPCrack
• Acronyms
• Further Readings
• Index

Introductory textbook in the important area of network security for undergraduate and graduate students * Comprehensively covers fundamental concepts with newer topics such as electronic cash, bit-coin, P2P, SHA-3, E-voting, and Zigbee security * Fully updated to reflect new developments in network security * Introduces a chapter on Cloud security, a very popular and essential topic * Uses everyday examples that most computer users experience to illustrate important principles and mechanisms * Features a companion website with Powerpoint slides for lectures and solution manuals to selected exercise problems, available at http://www.cs.uml.edu/~wang/NetSec.
(source: Nielsen Book Data)

Learn how to build complex virtual architectures that allow you to perform virtually any required testing methodology and perfect it About This Book * Explore and build intricate architectures that allow you to emulate an enterprise network * Test and enhance your security skills against complex and hardened virtual architecture * Learn methods to bypass common enterprise defenses and leverage them to test the most secure environments. Who This Book Is For While the book targets advanced penetration testing, the process is systematic and as such will provide even beginners with a solid methodology and approach to testing. You are expected to have network and security knowledge. The book is intended for anyone who wants to build and enhance their existing professional security and penetration testing methods and skills. What You Will Learn * Learning proven security testing and penetration testing techniques * Building multi-layered complex architectures to test the latest network designs * Applying a professional testing methodology * Determining whether there are filters between you and the target and how to penetrate them * Deploying and finding weaknesses in common firewall architectures. * Learning advanced techniques to deploy against hardened environments * Learning methods to circumvent endpoint protection controls In Detail Security flaws and new hacking techniques emerge overnight - security professionals need to make sure they always have a way to keep . With this practical guide, learn how to build your own virtual pentesting lab environments to practice and develop your security skills. Create challenging environments to test your abilities, and overcome them with proven processes and methodologies used by global penetration testing teams. Get to grips with the techniques needed to build complete virtual machines perfect for pentest training. Construct and attack layered architectures, and plan specific attacks based on the platforms you're going up against. Find new vulnerabilities for different kinds of systems and networks, and what these mean for your clients. Driven by a proven penetration testing methodology that has trained thousands of testers, Building Virtual Labs for Advanced Penetration Testing, Second Edition will prepare you for participation in professional security teams. Style and approach The book is written in an easy-to-follow format that provides a step-by-step, process-centric approach. Additionally, there are numerous hands-on examples and additional references for readers who might want to learn even more. The process developed throughout the book has been used to train and build teams all around the world as professional security and penetration testers.
(source: Nielsen Book Data)

• Medical Records (In)security
• Stealing Research
• Twenty-First Century Heist
• Pharma Karma
• Guns and Ammo
• Criminal Intelligence
• War Games
• Hack Journalists
• Northern Exposure.

Featuring techniques not taught in any certification prep or covered by common defensive scanners, this book integrates social engineering, programming, and vulnerability exploits into a multidisciplinary approach for targeting and compromising high security environments. -- Edited summary from book.

• 1. Introduction
• Part I. Security Experts' Perspective: 2. LAX - terror target: the history, the reason, the countermeasure Erroll Southers
• 3. Maritime transportation system security and the use of game theory: a perfect match to address operational and tactical concerns Joe DiRenzo III, Erik Jensen and Fred Bertsch
• Part II. Deployed Applications: 4. Deployed ARMOR protection: the application of a game theoretic model for security at the Los Angeles International Airport James Pita, Manish Jain, Craig Western, Praveen Paruchuri, Janusz Marecki, Milind Tambe, Fernando Ordonez and Sarit Kraus
• 5. IRIS: a tool for strategic security allocation in transportation networks Jason Tsai, Shyamsunder Rathi, Christopher Kiekintveld, Milind Tambe and Fernando Ordonez
• 6. GUARDS - game theoretic security allocation on a national scale James Pita, Christopher Kiekintveld, Milind Tambe, Shane Cullen and Erin Steigerwald
• Part III. Efficient Algorithms for Massive Security Games: 7. Coordinating randomized policies for increasing security of agent systems Praveen Paruchuri, Jonathan Pearce, Janusz Marecki, Milind Tambe, Fernando Ordonez and Sarit Kraus
• 8. Computing optimal randomized resource allocations for massive security games Christopher Kiekintveld, James Pita, Manish Jain, Jason Tsai, Milind Tambe and Fernando Ordonez
• 9. Security games with arbitrary schedules: a branch and price approach Manish Jain, Christopher Kiekintveld, Erim Kardes, Fernando Ordonez and Milind Tambe
• Part IV. Future Research: 10. Effective solutions for real-world Stackelberg games: when agents must deal with human uncertainties James Pita, Manish Jain, Milind Tambe, Fernando Ordonez, Sarit Kraus and Romi Magori-Cohen
• 11. Robust Bayesian methods for Stackelberg security games Christopher Kiekintveld, Janusz Marecki and Milind Tambe
• 12. Stackelberg vs. Nash in security games: interchangeability, equivalence, and uniqueness Zhengyu Yin, Dmytro Korzhyk, Christopher Kiekintveld, Vincent Conitzer and Milind Tambe
• 13. Evaluating deployed decision support systems for security: challenges, arguments, and approaches Matthew E. Taylor, Christopher Kiekintveld and Milind Tambe.
• (source: Nielsen Book Data)

Global threats of terrorism, drug-smuggling and other crimes have led to a significant increase in research on game theory for security. Game theory provides a sound mathematical approach to deploy limited security resources to maximize their effectiveness. A typical approach is to randomize security schedules to avoid predictability, with the randomization using artificial intelligence techniques to take into account the importance of different targets and potential adversary reactions. This book distills the forefront of this research to provide the first and only study of long-term deployed applications of game theory for security for key organizations such as the Los Angeles International Airport police and the US Federal Air Marshals Service. The author and his research group draw from their extensive experience working with security officials to intelligently allocate limited security resources to protect targets, outlining the applications of these algorithms in research and the real world.
(source: Nielsen Book Data)

• Foreword ix Preface xi Acknowledgments xv 1 Introduction 1 1.1 What Is Cyber Security? 1 1.2 What Is Cyber Security Policy? 3 1.3 Domains of Cyber Security Policy 7 1.3.1 Laws and Regulations 7 1.3.2 Enterprise Policy 9 1.3.3 Technology Operations 10 1.3.4 Technology Configuration 10 1.4 Strategy versus Policy 11 2 Cyber Security Evolution 15 2.1 Productivity 15 2.2 Internet 21 2.3 e-Commerce 28 2.4 Countermeasures 34 2.5 Challenges 37 3 Cyber Security Objectives 39 3.1 Cyber Security Metrics 40 3.2 Security Management Goals 45 3.3 Counting Vulnerabilities 49 3.4 Security Frameworks 51 3.4.1 e-Commerce Systems 52 3.4.2 Industrial Control Systems 57 3.4.3 Personal Mobile Devices 62 3.5 Security Policy Objectives 67 4 Guidance for Decision Makers 69 4.1 Tone at the Top 69 4.2 Policy as a Project 71 4.3 Cyber Security Management 73 4.3.1 Arriving at Goals 74 4.3.2 Cyber Security Documentation 77 4.4 Using the Catalog 79 5 The Catalog Approach 83 5.1 Catalog Format 87 5.2 Cyber Security Policy Taxonomy 89 6 Cyber Security Policy Catalog 93 6.1 Cyber Governance Issues 94 6.1.1 Net Neutrality 95 6.1.2 Internet Names and Numbers 96 6.1.3 Copyrights and Trademarks 103 6.1.4 Email and Messaging 107 6.2 Cyber User Issues 112 6.2.1 Malvertising 116 6.2.2 Impersonation 117 6.2.3 Appropriate Use 121 6.2.4 Cyber Crime 125 6.2.5 Geolocation 136 6.2.6 Privacy 138 6.3 Cyber Conflict Issues 140 6.3.1 Intellectual Property Theft 144 6.3.2 Cyber Espionage 145 6.3.3 Cyber Sabotage 150 6.3.4 Cyber Warfare 150 6.4 Cyber Management Issues 155 6.4.1 Fiduciary Responsibility 162 6.4.2 Risk Management 163 6.4.3 Professional Certification 171 6.4.4 Supply Chain 172 6.4.5 Security Principles 175 6.4.6 Research and Development 185 6.5 Cyber Infrastructure Issues 186 6.5.1 Banking and Finance 190 6.5.2 Health Care 194 6.5.3 Industrial Control Systems 197 7 One Government s Approach to Cyber Security Policy 211 7.1 U.S. Federal Cyber Security Strategy 211 7.2 A Brief History of Cyber Security Public Policy Development in the U.S. Federal Government 212 7.2.1 The Bombing of New York's World Trade Center on February 26, 1993 212 7.2.2 Cyber Attacks against the United States Air Force, March May
• 1994: Targeting the Pentagon 213 7.2.3 The Citibank Caper, June October,
• 1994: How to Catch a Hacker 214 7.2.4 Murrah Federal Building, Oklahoma City April 19,
• 1995: Major Terrorism Events and Their U.S. Outcomes 215 7.2.5 President s Commission on Critical Infrastructure Protection 1996 216 7.2.6 Presidential Decision Directive 63 1998 218 7.2.7 National Infrastructure Protection Center (NIPC) and ISACs 1998 219 7.2.8 Eligible Receiver 1997 219 7.2.9 Solar Sunrise 1998 220 7.2.10 Joint Task Force Computer Network Defense (JTF-CND) 1998 221 7.2.11 Terrorist Attacks against the United States September 11, 2001 Effects of Catastrophic Events on Transportation System Management and Operations 222 7.2.12 U.S. Government Response to the September 11, 2001 Terrorist Attacks 224 7.2.13 Homeland Security Presidential Directives 226 7.2.14 National Strategies 227 7.3 The Rise of Cyber Crime 230 7.4 Espionage and Nation-State Actions 232 7.5 Policy Response to Growing Espionage Threats: U.S. Cyber Command 233 7.6 Congressional Action 235 7.7 Summary 236 8 Conclusion 239 Glossary 243 References 255 Index 267.
• (source: Nielsen Book Data)

Drawing upon a wealth of experience from academia, industry, and government service, Cyber Security Policy Guidebook details and dissects, in simple language, current organizational cyber security policy issues on a global scale taking great care to educate readers on the history and current approaches to the security of cyberspace. It includes thorough descriptions as well as the pros and cons of a plethora of issues, and documents policy alternatives for the sake of clarity with respect to policy alone. The Guidebook also delves into organizational implementation issues, and equips readers with descriptions of the positive and negative impact of specific policy choices. Inside are detailed chapters that: * Explain what is meant by cyber security and cyber security policy * Discuss the process by which cyber security policy goals are set * Educate the reader on decision-making processes related to cyber security * Describe a new framework and taxonomy for explaining cyber security policy issues * Show how the U.S. government is dealing with cyber security policy issues With a glossary that puts cyber security language in layman's terms and diagrams that help explain complex topics Cyber Security Policy Guidebook gives students, scholars, and technical decision-makers the necessary knowledge to make informed decisions on cyber security policy.
(source: Nielsen Book Data)

• 1. Corporate surveillance and the need for transparency
• 2. Technologies for corporate surveillance
• 3. Methods of corporate surveillance
• 4. Experiment design
• 5. Data collection
• 6. Data analysis
• 7. Transparency for corporate surveillance methods
• 8. Transparency for corporate services
• 9. Effectiveness of countermeasures
• 10. Making it count: towards real-world impact
• 11. Future directions in transparency research.
• (source: Nielsen Book Data)

News headlines about privacy invasions, discrimination, and biases discovered in the platforms of big technology companies are commonplace today, and big tech's reluctance to disclose how they operate counteracts ideals of transparency, openness, and accountability. This book is for computer science students and researchers who want to study big tech's corporate surveillance from an experimental, empirical, or quantitative point of view and thereby contribute to holding big tech accountable. As a comprehensive technical resource, it guides readers through the corporate surveillance landscape and describes in detail how corporate surveillance works, how it can be studied experimentally, and what existing studies have found. It provides a thorough foundation in the necessary research methods and tools, and introduces the current research landscape along with a wide range of open issues and challenges. The book also explains how to consider ethical issues and how to turn research results into real-world change.
(source: Nielsen Book Data)

• Foreword Daniel E. Geer, Jr. ix Foreword Stuart McClure xi Acknowledgments xiii About the Authors xv Introduction 1 PART I WHY CYBERSECURITY NEEDS BETTER MEASUREMENTS FOR RISK 5
• CHAPTER 1 The One Patch Most Needed in Cybersecurity 7
• CHAPTER 2 A Measurement Primer for Cybersecurity 19
• CHAPTER 3 Model Now!: An Introduction to Practical Quantitative Methods for Cybersecurity 35
• CHAPTER 4 The Single Most Important Measurement in Cybersecurity 55
• CHAPTER 5 Risk Matrices, Lie Factors, Misconceptions, and Other Obstacles to Measuring Risk 81 PART II EVOLVING THE MODEL OF CYBERSECURITY RISK 111
• CHAPTER 6 Decompose It: Unpacking the Details 113
• CHAPTER 7 Calibrated Estimates: How Much Do You Know Now ? 133
• CHAPTER 8 Reducing Uncertainty with Bayesian Methods 157
• CHAPTER 9 Some Powerful Methods Based on Bayes 169 PART III CYBERSECURITY RISK MANAGEMENT FOR THE ENTERPRISE 197
• CHAPTER 10 Toward Security Metrics Maturity 199
• CHAPTER 11 How Well Are My Security Investments Working Together? 213
• CHAPTER 12 A Call to Action: How to Roll Out Cybersecurity Risk Management 229 APPENDIX A Select Distributions 239 APPENDIX B Guest Contributors 247 Index 269.
• (source: Nielsen Book Data)

A ground shaking expose on the failure of popular cyber risk management methods How to Measure Anything in Cybersecurity Risk exposes the shortcomings of current "risk management" practices, and offers a series of improvement techniques that help you fill the holes and ramp up security. In his bestselling book How to Measure Anything, author Douglas W. Hubbard opened the business world's eyes to the critical need for better measurement. This book expands upon that premise and draws from The Failure of Risk Management to sound the alarm in the cybersecurity realm. Some of the field's premier risk management approaches actually create more risk than they mitigate, and questionable methods have been duplicated across industries and embedded in the products accepted as gospel. This book sheds light on these blatant risks, and provides alternate techniques that can help improve your current situation. You'll also learn which approaches are too risky to save, and are actually more damaging than a total lack of any security. Dangerous risk management methods abound; there is no industry more critically in need of solutions than cybersecurity. This book provides solutions where they exist, and advises when to change tracks entirely. * Discover the shortcomings of cybersecurity's "best practices" * Learn which risk management approaches actually create risk * Improve your current practices with practical alterations * Learn which methods are beyond saving, and worse than doing nothing Insightful and enlightening, this book will inspire a closer examination of your company's own risk management practices in the context of cybersecurity. The end goal is airtight data protection, so finding cracks in the vault is a positive thing as long as you get there before the bad guys do. How to Measure Anything in Cybersecurity Risk is your guide to more robust protection through better quantitative processes, approaches, and techniques.
(source: Nielsen Book Data)

• Building a Hardware and Software Test Platform
• Passive Information Gathering
• Analyzing Network Traffic
• Detecting Live Systems and Analyzing Results
• Enumerating Systems
• Automating Encryption and Tunneling Techniques
• Automated Attack and Penetration Tools
• Securing Wireless Systems
• An Introduction to Malware
• Detecting Intrusions and Analyzing Malware
• Forensic Detection.

The ultimate hands-on guide to IT security and proactive defense The Network Security Test Lab is a hands-on, step-by-step guide to ultimate IT security implementation. Covering the full complement of malware, viruses, and other attack technologies, this essential guide walks you through the security assessment and penetration testing process, and provides the set-up guidance you need to build your own security-testing lab. You'll look inside the actual attacks to decode their methods, and learn how to run attacks in an isolated sandbox to better understand how attackers target systems, and how to build the defenses that stop them. You'll be introduced to tools like Wireshark, Networkminer, Nmap, Metasploit, and more as you discover techniques for defending against network attacks, social networking bugs, malware, and the most prevalent malicious traffic. You also get access to open source tools, demo software, and a bootable version of Linux to facilitate hands-on learning and help you implement your new skills. Security technology continues to evolve, and yet not a week goes by without news of a new security breach or a new exploit being released. The Network Security Test Lab is the ultimate guide when you are on the front lines of defense, providing the most up-to-date methods of thwarting would-be attackers. * Get acquainted with your hardware, gear, and test platform * Learn how attackers penetrate existing security systems * Detect malicious activity and build effective defenses * Investigate and analyze attacks to inform defense strategy The Network Security Test Lab is your complete, essential guide.
(source: Nielsen Book Data)

• Domain 1 - Security Leadership & Management : Mission Statements. Business Functions. Define the Security Governance Structure. Domain 2 - Security Lifecycle Management: Managing Security in Different Methods of Systems Development. Approval of Security Design. Domain 3 - Security Compliance Management: The Cyber Domain Compliance. Domain 4 - Contingency Management: Contingency Plans. Domain 5 - Law, Ethics, and Incident Management: Information Security Laws. Security Incident Management Process. Appendix A - Answers to Domain Review Questions. Index.
• (source: Nielsen Book Data)

The Certified Information Systems Security Professional-Information Systems Security Management Professional (CISSP-ISSMP (R)) certification was developed for CISSPs who are seeking to further their careers and validate their expertise in information systems security management. Candidates for the ISSMP need to demonstrate a thorough understanding of the five domains of the ISSMP Common Body of Knowledge (CBK (R)), along with the ability to apply this in-depth knowledge to establish, present, and govern information security programs, while demonstrating management and leadership skills. Supplying an authoritative review of key concepts and requirements, the Official (ISC)2 (R) Guide to the CISSP (R)-ISSMP (R) CBK (R), Second Edition is both up to date and relevant. This book provides a comprehensive review of the five domains in the ISSMP CBK: Security Leadership and Management, Security Lifecycle Management, Security Compliance Management, Contingency Management, and Law, Ethics, and Incident Management. Numerous illustrated examples and practical exercises are included in this book to demonstrate concepts and real-life scenarios. Endorsed by (ISC)2 and compiled and reviewed by ISSMPs and industry luminaries around the world, this book provides unrivaled preparation for the exam. Earning your ISSMP is a deserving achievement that should ultimately help to enhance your career path and give you a competitive advantage.
(source: Nielsen Book Data)

• 1. Access Control Systems and Methodology
• 2. Telecommunications and Network Security
• 3. Security Management Practices
• 4. Application Program Security
• 5. Cryptography
• 6. Computer, System, and Security Architecture
• 7. Operations Security
• 8. Business Continuity Planning
• 9. Law, Investigation, and Ethics
• 10. Physical Security.
• (source: Nielsen Book Data)

The Information Security Management Handbook continues its tradition of consistently communicating the fundamental concepts of security needed to be a true CISSP. In response to new developments, Volume 4 supplements the previous volumes with new information covering topics such as wireless, HIPAA, the latest hacker attacks and defenses, intrusion detection, and provides expanded coverage on security management issues and applications security. Even those that don't plan on sitting for the CISSP exam will find that this handbook is a great information security reference. The changes in the technology of information security and the increasing threats to security make a complete and up-to-date understanding of this material essential. Volume 4 supplements the information in the earlier volumes of this handbook, updating it and keeping it current. Organized by the ten domains of the Common Body of Knowledge (CBK) on which the CISSP exam is based, this volume gives you the information you need to understand what makes information secure and how to secure it. Because the knowledge required to master information security - the CBK - is growing so quickly, there is little duplication of material among the four volumes. As a study guide or resource that you can use on the job, the Information Security Management Handbook, Fourth Edition, Volume 4 is the book you will refer to over and over again.
(source: Nielsen Book Data)

• Outlining the Overall Problem. The CISO as a Major Business Asset. Security in Marketing and Sales. The CISO and the General Counsel. Gotta Talk about Compliance, Right? The Technical Stuff. Rethinking the CISO.
• (source: Nielsen Book Data)

This book provides insight as to why and how current security management practices fail at their basic foundation, resulting in overall dissatisfaction by practitioners and lack of success in the corporate environment. The author examines the reasons and how to fix them. The resulting improvement is highly beneficial to any corporation that chooses to pursue this approach or strategy and from a bottom-line and business operations perspective, not just in technical operations. This book transforms the understanding of the role of the CISO, the selection process for a CISO, and the financial impact that security plays in any organization.
(source: Nielsen Book Data)

Master the art of managing, securing, and monitoring your network using the powerful pfSense 2.3 About This Book * You can always do more to secure your software - so extend and customize your pfSense firewall * Build a high availability security system that's fault tolerant - and capable of blocking any threats * Put the principles of better security into practice - unlock a more stable and reliable firewall Who This Book Is For SysAdmins and security pros - get more from the world's leading firewall with this book. You can always do more to secure your software, so start here. What You Will Learn * Configure pfSense services such as DHCP, Dynamic DNS, captive portal, DNS, NTP and SNMP * Set up a managed switch to work with VLANs * Use pfSense to allow, block and deny traffic * Make use of the traffic shaper to lower and raise the priority of certain types of traffic * Set up and connect to a VPN tunnel with pfSense * Incorporate redundancy and high availability by utilizing load balancing and the Common Address Redundancy Protocol (CARP) * Explore diagnostic tools in pfSense to solve network problems In Detail pfSense has the same reliability and stability as even the most popular commercial firewall offerings on the market - but, like the very best open-source software, it doesn't limit you. You're in control - you can exploit and customize pfSense around your security needs. If you're familiar with pfSense you probably knew that already. This book builds on any knowledge you may already have, and provides you with a clear route to expand your skills and pfSense's capabilities. You'll learn how to customize and configure pfSense to construct a firewall that can protect you from any potential security threats. Find out how to set up a VPN, and build a high-availability system that provides redundancy and fault tolerance - essential when security and software performance are so interdependent. With further guidance on how to use a diverse range of third-party packages - all of which will help you unlock more from pfSense, this book covers everything you need - and more - to get a high-quality, reliable firewall up and running for a fraction of the cost. Style and approach Practical and actionable, tackle some advanced functionalities of pfSense with minimum fuss. We know you don't just want an instruction manual - you want to put the principles of better security into practice. That's exactly why we produced this book.
(source: Nielsen Book Data)