by
Babbin, Jacob.
Call Number
005.8 22
Publication Date
2006
Summary
This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks.
Format:
Electronic Resources
Relevance:
54899.1914
by
Contos, Brian T.
Call Number
005.8 22
Publication Date
2006
Summary
Packed with vivid real-life cases, this comprehensive book addresses the most difficult to manage and costly of all security threats: the insider.
Format:
Electronic Resources
Relevance:
41500.2852
View Other Search Results
by
Harley, David.
Call Number
005.8 22
Publication Date
2007
Summary
Members of AVIEN (the Anti-Virus Information Exchange Network) have been setting agendas in malware management for several years: they led the way on generic filtering at the gateway, and in the sharing of information about new threats at a speed that even anti-virus companies were hard-pressed to match. AVIEN members represent the best-protected large organizations in the world, and millions of users. When they talk, security vendors listen: so should you. AVIENs sister organization AVIEWS is an invaluable meeting ground between the security vendors and researchers who know most about malicious code and anti-malware technology, and the top security administrators of AVIEN who use those technologies in real life. This new book uniquely combines the knowledge of these two groups of experts. Anyone who is responsible for the security of business information systems should be aware of this major addition to security literature. * Customer Power takes up the theme of the sometimes stormy relationship between the antivirus industry and its customers, and tries to dispel some common myths. It then considers the roles of the independent researcher, the vendor-employed specialist, and the corporate security specialist. * Stalkers on Your Desktop considers the thorny issue of malware nomenclature and then takes a brief historical look at how we got here, before expanding on some of the malware-related problems we face today. * A Tangled Web discusses threats and countermeasures in the context of the World Wide Web. * Big Bad Bots tackles bots and botnets, arguably Public Cyber-Enemy Number One. * Cr̈me de la CyberCrime takes readers into the underworld of old-school virus writing, criminal business models, and predicting future malware hotspots. * Defense in Depth takes a broad look at DiD in the enterprise, and looks at some specific tools and technologies. * Perilous Outsorcery offers sound advice on how to avoid the perils and pitfalls of outsourcing, incorporating a few horrible examples of how not to do it. * Education in Education offers some insights into user education from an educationalists perspective, and looks at various aspects of security in schools and other educational establishments. * DIY Malware Analysis is a hands-on, hands-dirty approach to security management, considering malware analysis and forensics techniques and tools. * Antivirus Evaluation & Testing continues the D-I-Y theme, discussing at length some of the thorny issues around the evaluation and testing of antimalware software. * AVIEN & AVIEWS: the Future looks at future developments in AVIEN and AVIEWS.
Format:
Electronic Resources
Relevance:
1.0130
by
Allen, Lee.
Call Number
005.8 23
Publication Date
2012
Summary
An intensive hands-on guide to perform professional penetration testing for highly-secured environments from start to finish. You will learn to provide penetration testing services to clients with mature security infrastructure. Understand how to perform each stage of the penetration test by gaining hands-on experience in performing attacks that mimic those seen in the wild. In the end, take the challenge and perform a virtual penetration test against a fictional corporation. If you are looking for guidance and detailed instructions on how to perform a penetration test from start to finish, are looking to build out your own penetration testing lab, or are looking to improve on your existing penetration testing skills, this book is for you. Although the books attempts to accommodate those that are still new to the penetration testing field, experienced testers should be able to gain knowledge and hands-on experience as well. The book does assume that you have some experience in web application testing and as such the chapter regarding this subject may require you to understand the basic concepts of web security. The reader should also be familiar with basic IT concepts, and commonly used protocols such as TCP/IP.
Format:
Electronic Resources
Relevance:
0.8852
5.
by
Snedaker, Susan.
Call Number
658.478 22
Publication Date
2007
Summary
"Powerful Earthquake Triggers Tsunami in Pacific. Hurricane Katrina Makes Landfall in the Gulf Coast. Avalanche Buries Highway in Denver. Tornado Touches Down in Georgia. These headlines not only have caught the attention of people around the world, they have had a significant effect on IT professionals as well." "As technology continues to become more integral to corporate operations at every level of the organization, the job of IT has expanded to become almost all-encompassing. These days, it's difficult to find corners of a company that technology does not touch. As a result, the need to plan for potential disruptions to technology services has increased exponentially." "Business Continuity Planning (BCP) and Disaster Recovery Planning (ORP) are emerging as the 'next big thing' in corporate IT circles. With distributed networks, increasing demands for confidentiality, integrity and availability of data, and the widespread risks to the security of personal, confidential and sensitive data, no organization can afford to ignore the need for disaster planning." "The British Standards Institute is releasing a new standard for BCP this year, the Disaster Recovery Institute has developed a certification for DRP/BCP professionals in conjunction with the British Standards Institute, trade shows are popping up on this topic and the news is filled with companies facing disasters from all sides."--Jacket.
Format:
Electronic Resources
Relevance:
0.6067
by
Johnson, Mark, 1959-
Call Number
658.478 23
Publication Date
2013
Summary
"Today's digital economy is uniquely dependent on the Internet, yet few users or decision makers have more than a rudimentary understanding of the myriad of online risks that threaten us. Cyber crime is one of the main threats to the integrity and availability of data and systems. From insiders to complex external attacks and industrial worms, modern business faces unprecedented challenges; and while cyber security and digital intelligence are the necessary responses to this challenge, they are understood by only a tiny minority. In his second book on high-tech risks, Mark Johnson goes far beyond enumerating past cases and summarising legal or regulatory requirements. He describes in plain, non-technical language how cyber crime has evolved and the nature of the very latest threats. He confronts issues that are not addressed by codified rules and practice guidelines, supporting this with over 30 valuable illustrations and tables. Written for the non-technical layman and the high tech risk manager alike, the book also explores countermeasures, penetration testing, best practice principles, cyber conflict and future challenges. A discussion of Web 2.0 risks delves into the very real questions facing policy makers, along with the pros and cons of open source data. In a chapter on Digital Intelligence readers are provided with an exhaustive guide to practical, effective and ethical online investigations. Cyber Crime, Security and Digital Intelligence is an important work of great relevance in today's interconnected world and one that nobody with an interest in either risk or technology should be without."--Unedited summary from book.
Format:
Electronic Resources
Relevance:
0.5320
7.
by
Xiao, Yang, 1966-
Call Number
005.8 22
Publication Date
2011
Format:
Electronic Resources
Relevance:
0.0913
by
Hardjono, Thomas.
Call Number
005.8 22
Publication Date
2003
Summary
A handbook for engineers, architects and other practitioners working in the field of Internet security. It presents detailed coverage of security technologies and techniques for IP (Internet protocol) multicast networks, along with algorithms and protocols for multi-party secure communication.
Format:
Electronic Resources
Relevance:
0.0772
by
Beyah, Raheem (Raheem A.), 1976-
Call Number
621.38 22
Publication Date
2010
Summary
Security issues in ad hoc and sensor networks have become extremely important. This edited book provides a comprehensive treatment for security issues in these networks, ranging from attack mitigation to recovery after an attack has been successfully executed. Security issues addressed include (but are not limited to) attacks, malicious node detection, access control, authentication, intrusion detection, privacy and anonymity, key management, location verification, security architectures and protocols, secrecy and integrity, network resilience and survivability, and trust models. This complete book provides an excellent reference for students, researchers, and industry practitioners related to these areas.
Format:
Electronic Resources
Relevance:
0.0680
by
Furnell, Steven, 1970-
Call Number
005.8 22
Publication Date
2008
Summary
This one-stop reference gives you the latest expertise on everything from access control and network security, to smart cards and privacy. Representing a total blueprint to security design and operations, this book brings all modern considerations into focus. It maps out user authentication methods that feature the latest biometric techniques, followed by authorization and access controls including DAC, MAC, and ABAC and how these controls are best applied in today's relational and multilevel secure database systems.
Format:
Electronic Resources
Relevance:
0.0657
by
Phaltankar, Kaustubh M.
Call Number
005.8 21
Publication Date
2000
Format:
Electronic Resources
Relevance:
0.0615
by
Wiles, Jack.
Call Number
363.25968 22
Publication Date
2007
Summary
This book provides IT security professionals with the information (hardware, software, and procedural requirements) needed to create, manage and sustain a digital forensics lab and investigative team that can accurately and effectively analyze forensic data and recover digital evidence, while preserving the integrity of the electronic evidence for discovery and trial. IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference, to which this book is linked, has increased in size by almost 50% in its second year; another example of the rapid growth in the digital forensics world. The TechnoSecurity Guide to Digital Forensics and E-Discovery features: * Internationally known experts in computer forensics share their years of experience at the forefront of digital forensics * Bonus chapters on how to build your own Forensics Lab * 50% discount to the upcoming Techno Forensics conference for everyone who purchases a book.
Format:
Electronic Resources
Relevance:
0.0539
Limit Search Results
Narrowed by: