par
Babbin, Jacob.
Numéro de rayon préféré
005.8 22
Date de publication
2006
Résumé
This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools. The book begins by discussing the Top 10 security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the Top 10 list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site. Almost every operating system, firewall, router, switch, intrusion detection system, mail server, Web server, and database produces some type of log file. This is true of both open source tools and commercial software and hardware from every IT manufacturer. Each of these logs is reviewed and analyzed by a system administrator or security professional responsible for that particular piece of hardware or software. As a result, almost everyone involved in the IT industry works with log files in some capacity. * Provides turn-key, inexpensive, open source solutions for system administrators to analyze and evaluate the overall performance and security of their network * Dozens of working scripts and tools presented throughout the book are available for download from Syngress Solutions Web site. * Will save system administrators countless hours by scripting and automating the most common to the most complex log analysis tasks.
Format :
Ressources électroniques
Pertinence:
54899.1914
par
Contos, Brian T.
Numéro de rayon préféré
005.8 22
Date de publication
2006
Résumé
Packed with vivid real-life cases, this comprehensive book addresses the most difficult to manage and costly of all security threats: the insider.
Format :
Ressources électroniques
Pertinence:
41500.2852
Voir d’autres résultats de recherche
par
Harley, David.
Numéro de rayon préféré
005.8 22
Date de publication
2007
Résumé
Members of AVIEN (the Anti-Virus Information Exchange Network) have been setting agendas in malware management for several years: they led the way on generic filtering at the gateway, and in the sharing of information about new threats at a speed that even anti-virus companies were hard-pressed to match. AVIEN members represent the best-protected large organizations in the world, and millions of users. When they talk, security vendors listen: so should you. AVIENs sister organization AVIEWS is an invaluable meeting ground between the security vendors and researchers who know most about malicious code and anti-malware technology, and the top security administrators of AVIEN who use those technologies in real life. This new book uniquely combines the knowledge of these two groups of experts. Anyone who is responsible for the security of business information systems should be aware of this major addition to security literature. * Customer Power takes up the theme of the sometimes stormy relationship between the antivirus industry and its customers, and tries to dispel some common myths. It then considers the roles of the independent researcher, the vendor-employed specialist, and the corporate security specialist. * Stalkers on Your Desktop considers the thorny issue of malware nomenclature and then takes a brief historical look at how we got here, before expanding on some of the malware-related problems we face today. * A Tangled Web discusses threats and countermeasures in the context of the World Wide Web. * Big Bad Bots tackles bots and botnets, arguably Public Cyber-Enemy Number One. * Cr̈me de la CyberCrime takes readers into the underworld of old-school virus writing, criminal business models, and predicting future malware hotspots. * Defense in Depth takes a broad look at DiD in the enterprise, and looks at some specific tools and technologies. * Perilous Outsorcery offers sound advice on how to avoid the perils and pitfalls of outsourcing, incorporating a few horrible examples of how not to do it. * Education in Education offers some insights into user education from an educationalists perspective, and looks at various aspects of security in schools and other educational establishments. * DIY Malware Analysis is a hands-on, hands-dirty approach to security management, considering malware analysis and forensics techniques and tools. * Antivirus Evaluation & Testing continues the D-I-Y theme, discussing at length some of the thorny issues around the evaluation and testing of antimalware software. * AVIEN & AVIEWS: the Future looks at future developments in AVIEN and AVIEWS.
Format :
Ressources électroniques
Pertinence:
1.0130
par
Allen, Lee.
Numéro de rayon préféré
005.8 23
Date de publication
2012
Résumé
An intensive hands-on guide to perform professional penetration testing for highly-secured environments from start to finish. You will learn to provide penetration testing services to clients with mature security infrastructure. Understand how to perform each stage of the penetration test by gaining hands-on experience in performing attacks that mimic those seen in the wild. In the end, take the challenge and perform a virtual penetration test against a fictional corporation. If you are looking for guidance and detailed instructions on how to perform a penetration test from start to finish, are looking to build out your own penetration testing lab, or are looking to improve on your existing penetration testing skills, this book is for you. Although the books attempts to accommodate those that are still new to the penetration testing field, experienced testers should be able to gain knowledge and hands-on experience as well. The book does assume that you have some experience in web application testing and as such the chapter regarding this subject may require you to understand the basic concepts of web security. The reader should also be familiar with basic IT concepts, and commonly used protocols such as TCP/IP.
Format :
Ressources électroniques
Pertinence:
0.8852
5.
par
Snedaker, Susan.
Numéro de rayon préféré
658.478 22
Date de publication
2007
Résumé
"Powerful Earthquake Triggers Tsunami in Pacific. Hurricane Katrina Makes Landfall in the Gulf Coast. Avalanche Buries Highway in Denver. Tornado Touches Down in Georgia. These headlines not only have caught the attention of people around the world, they have had a significant effect on IT professionals as well." "As technology continues to become more integral to corporate operations at every level of the organization, the job of IT has expanded to become almost all-encompassing. These days, it's difficult to find corners of a company that technology does not touch. As a result, the need to plan for potential disruptions to technology services has increased exponentially." "Business Continuity Planning (BCP) and Disaster Recovery Planning (ORP) are emerging as the 'next big thing' in corporate IT circles. With distributed networks, increasing demands for confidentiality, integrity and availability of data, and the widespread risks to the security of personal, confidential and sensitive data, no organization can afford to ignore the need for disaster planning." "The British Standards Institute is releasing a new standard for BCP this year, the Disaster Recovery Institute has developed a certification for DRP/BCP professionals in conjunction with the British Standards Institute, trade shows are popping up on this topic and the news is filled with companies facing disasters from all sides."--Jacket.
Format :
Ressources électroniques
Pertinence:
0.6067
par
Johnson, Mark, 1959-
Numéro de rayon préféré
658.478 23
Date de publication
2013
Résumé
"Today's digital economy is uniquely dependent on the Internet, yet few users or decision makers have more than a rudimentary understanding of the myriad of online risks that threaten us. Cyber crime is one of the main threats to the integrity and availability of data and systems. From insiders to complex external attacks and industrial worms, modern business faces unprecedented challenges; and while cyber security and digital intelligence are the necessary responses to this challenge, they are understood by only a tiny minority. In his second book on high-tech risks, Mark Johnson goes far beyond enumerating past cases and summarising legal or regulatory requirements. He describes in plain, non-technical language how cyber crime has evolved and the nature of the very latest threats. He confronts issues that are not addressed by codified rules and practice guidelines, supporting this with over 30 valuable illustrations and tables. Written for the non-technical layman and the high tech risk manager alike, the book also explores countermeasures, penetration testing, best practice principles, cyber conflict and future challenges. A discussion of Web 2.0 risks delves into the very real questions facing policy makers, along with the pros and cons of open source data. In a chapter on Digital Intelligence readers are provided with an exhaustive guide to practical, effective and ethical online investigations. Cyber Crime, Security and Digital Intelligence is an important work of great relevance in today's interconnected world and one that nobody with an interest in either risk or technology should be without."--Unedited summary from book.
Format :
Ressources électroniques
Pertinence:
0.5320
7.
par
Xiao, Yang, 1966-
Numéro de rayon préféré
005.8 22
Date de publication
2011
Format :
Ressources électroniques
Pertinence:
0.0913
par
Hardjono, Thomas.
Numéro de rayon préféré
005.8 22
Date de publication
2003
Résumé
A handbook for engineers, architects and other practitioners working in the field of Internet security. It presents detailed coverage of security technologies and techniques for IP (Internet protocol) multicast networks, along with algorithms and protocols for multi-party secure communication.
Format :
Ressources électroniques
Pertinence:
0.0772
par
Beyah, Raheem (Raheem A.), 1976-
Numéro de rayon préféré
621.38 22
Date de publication
2010
Résumé
Security issues in ad hoc and sensor networks have become extremely important. This edited book provides a comprehensive treatment for security issues in these networks, ranging from attack mitigation to recovery after an attack has been successfully executed. Security issues addressed include (but are not limited to) attacks, malicious node detection, access control, authentication, intrusion detection, privacy and anonymity, key management, location verification, security architectures and protocols, secrecy and integrity, network resilience and survivability, and trust models. This complete book provides an excellent reference for students, researchers, and industry practitioners related to these areas.
Format :
Ressources électroniques
Pertinence:
0.0680
par
Furnell, Steven, 1970-
Numéro de rayon préféré
005.8 22
Date de publication
2008
Résumé
This one-stop reference gives you the latest expertise on everything from access control and network security, to smart cards and privacy. Representing a total blueprint to security design and operations, this book brings all modern considerations into focus. It maps out user authentication methods that feature the latest biometric techniques, followed by authorization and access controls including DAC, MAC, and ABAC and how these controls are best applied in today's relational and multilevel secure database systems.
Format :
Ressources électroniques
Pertinence:
0.0657
par
Phaltankar, Kaustubh M.
Numéro de rayon préféré
005.8 21
Date de publication
2000
Format :
Ressources électroniques
Pertinence:
0.0615
par
Bradley, Tony, 1969-
Numéro de rayon préféré
005.80218 22
Date de publication
2007
Résumé
Identity theft has been steadily rising in recent years, and credit card data is one of the number one targets for identity theft. With a few pieces of key information. Organized crime has made malware development and computer networking attacks more professional and better defenses are necessary to protect against attack. The credit card industry established the PCI Data Security standards to provide a baseline expectancy for how vendors, or any entity that handles credit card transactions or data, should protect data to ensure it is not stolen or compromised. This book will provide the information that you need to understand the PCI Data Security standards and how to effectively implement security on the network infrastructure in order to be compliant with the credit card industry guidelines and protect sensitive and personally identifiable information. *PCI Data Security standards apply to every company globally that processes or transmits credit card transaction data *Information with helps to develop and implement an effective security strategy to keep their infrastructure compliant *The authors are well known and each has an extensive information security background, making them ideal for conveying the information the reader needs.
Format :
Ressources électroniques
Pertinence:
0.0539
Limiter les résultats de recherche
Affiner par :