Articoli correlati a Security Power Tools
What if you could sit down with some of the most talented security engineers in the world and ask any network security question you wanted? Security Power Tools lets you do exactly that! Members of Juniper Networks' Security Engineering team and a few guest experts reveal how to use, tweak, and push the most popular network security applications, utilities, and tools available using Windows, Linux, Mac OS X, and Unix platforms.
Designed to be browsed, Security Power Tools offers you multiple approaches to network security via 23 cross-referenced chapters that review the best security tools on the planet for both black hat techniques and white hat defense tactics. It's a must-have reference for network administrators, engineers and consultants with tips, tricks, and how-to advice for an assortment of freeware and commercial tools, ranging from intermediate level command-line operations to advanced programming of self-hiding exploits.
Security Power Tools details best practices for:
- Reconnaissance -- including tools for network scanning such as nmap; vulnerability scanning tools for Windows and Linux; LAN reconnaissance; tools to help with wireless reconnaissance; and custom packet generation
- Penetration -- such as the Metasploit framework for automated penetration of remote computers; tools to find wireless networks; exploitation framework applications; and tricks and tools to manipulate shellcodes
- Control -- including the configuration of several tools for use as backdoors; and a review of known rootkits for Windows and Linux
- Defense -- including host-based firewalls; host hardening for Windows and Linux networks; communication security with ssh; email security and anti-malware; and device security testing
- Monitoring -- such as tools to capture, and analyze packets; network monitoring with Honeyd and snort; and host monitoring of production servers for file changes
- Discovery -- including The Forensic Toolkit, SysInternals and other popular forensic tools; application fuzzer and fuzzing techniques; and the art of binary reverse engineering using tools like Interactive Disassembler and Ollydbg
Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.
L'autore:
Contenuti:
Bryan Burns is the technical editor and general project leader of this book. He is the Chief Security Architect for Juniper Networks with more than a decade of experience in the security networking field and with numerous posts at leading network security companies.All other contributors are security engineers and researchers working at Juniper Networks in various posts both in the security network lab and in the field.
Dave Killion (NSCA, NSCP) is a senior security research engineer with Juniper Networks, Inc. Formerly with the U.S. Army's Information Operations Task Force as an Information Warfare Specialist, he currently researches, develops, and releases signatures for the NetScreen Deep Inspection and Intrusion Detection and Prevention platforms. Dave has also presented at several security conventions including DefCon and ToorCon, with a proof-of-concept network monitoring evasion device in affiliation with several local security interest groups that he helped form. Dave lives south of Silicon Valley with his wife Dawn and two children, Rebecca and Justin.
Nicolas Beauchesne is a network security engineer specializing in network penetration. He has worked with Juniper Networks for the past two years.
Eric Moret is originally from France and lives with his wife and two children in the San Francisco Bay Area. He obtained his Masters degree in Computer Sciences in 1997. He currently works at Juniper Networks where he manages a team dedicated to testing and releasing network protocol decoders for security appliance products. In addition to writing he enjoys traveling the world, photography and, depending on the season, snow boarding the Sierra Nevada or scuba diving Mexican caves.
Julien Sobrier is a network security engineer at Zscaler. He works on the web security in the cloud. He was previously working for Juniper Networks. His experience was on the Intrusion Detection and Preventions systems. He is also the creator of http://safe.mn/, a URL shortener focused on security.
Michael Lynn is a network security engineer at Juniper Networks. He has worked there for the past two years.
Eric Markham is a security engineer. He has been with Juniper Networks for the past five years.
Chris Iezzoni has been a security researcher and signature developer with Juniper's security team for several years.
Philippe Biondi is a research engineer at EADS Innovation Works. He works in the IT security lab, and is the creator of many programs like Scapy or ShellForge.
Jennifer Stisa Granick is the Civil Liberties Director at the Electronic Frontier Foundation. Before EFF, Granick was a Lecturer in Law and Executive Director of the Center for Internet and Society at Stanford Law School where she taught Cyberlaw and Computer Crime Law. She practices in the full spectrum of Internet law issues including computer crime and security, national security, constitutional rights, and electronic surveillance, areas in which her expertise is recognized nationally.
Before teaching at Stanford, Jennifer spent almost a decade practicing criminal defense law in California. She was selected by Information Security magazine in 2003 as one of 20 "Women of Vision" in the computer security field. She earned her law degree from University of California, Hastings College of the Law and her undergraduate degree from the New College of the University of South Florida.
Steve Manzuik has more than 13 thirteen years of experience in the information technology and security industry. Steve founded and was the technical lead for Entrench Technologies. Prior to Entrench, Mr. Manzuik was a manager in Ernst & Young's Security & Technology Solutions practice. Steve co-authored Hack Proofing Your Network, Second Edition (Syngress, 1928994709).
Paul Guersch is a security technical writer and one of the developmental editors of Security Power Tools (O'Reilly). He has been with Juniper Networks for a year and a half.
Foreword; Credits; About the Author; Preface; Audience; Assumptions This Book Makes; Contents of This Book; Conventions Used in This Book; Using Code Examples; We'd Like to Hear from You; Safari® Books Online; Acknowledgments; Legal and Ethics; Chapter 1: Legal and Ethics Issues; 1.1 Core Issues; 1.2 Computer Trespass Laws: No "Hacking" Allowed; 1.3 Reverse Engineering; 1.4 Vulnerability Reporting; 1.5 What to Do from Now On; Reconnaissance; Chapter 2: Network Scanning; 2.1 How Scanners Work; 2.2 Superuser Privileges; 2.3 Three Network Scanners to Consider; 2.4 Host Discovery; 2.5 Port Scanning; 2.6 Specifying Custom Ports; 2.7 Specifying Targets to Scan; 2.8 Different Scan Types; 2.9 Tuning the Scan Speed; 2.10 Application Fingerprinting; 2.11 Operating System Detection; 2.12 Saving Nmap Output; 2.13 Resuming Nmap Scans; 2.14 Avoiding Detection; 2.15 Conclusion; Chapter 3: Vulnerability Scanning; 3.1 Nessus; 3.2 Nikto; 3.3 WebInspect; Chapter 4: LAN Reconnaissance; 4.1 Mapping the LAN; 4.2 Using ettercap and arpspoof on a Switched Network; 4.3 Dealing with Static ARP Tables; 4.4 Getting Information from the LAN; 4.5 Manipulating Packet Data; Chapter 5: Wireless Reconnaissance; 5.1 Get the Right Wardriving Gear; 5.2 802.11 Network Basics; 5.3 802.11 Frames; 5.4 How Wireless Discovery Tools Work; 5.5 Netstumbler; 5.6 Kismet at a Glance; 5.7 Using Kismet; 5.8 Sorting the Kismet Network List; 5.9 Using Network Groups with Kismet; 5.10 Using Kismet to Find Networks by Probe Requests; 5.11 Kismet GPS Support Using gpsd; 5.12 Looking Closer at Traffic with Kismet; 5.13 Capturing Packets and Decrypting Traffic with Kismet; 5.14 Wireshark at a Glance; 5.15 Using Wireshark; 5.16 AirDefense Mobile I was a founding employee of AirDefense, Inc. I wrote a considerable portion of AirDefense Mobile's core engine, and while I no longer work for AirDefense, Inc., I remain a shareholder.; 5.17 AirMagnet Analyzers; 5.18 Other Wardriving Tools; Chapter 6: Custom Packet Generation; 6.1 Why Create Custom Packets?; 6.2 Scapy; 6.3 Packet-Crafting Examples with Scapy; 6.4 Packet Mangling with Netfilter; 6.5 References; Penetration; Chapter 7: Metasploit; 7.1 Metasploit Interfaces; 7.2 Updating Metasploit; 7.3 Choosing an Exploit; 7.4 Choosing a Payload; 7.5 Setting Options; 7.6 Running an Exploit; 7.7 Managing Sessions and Jobs; 7.8 The Meterpreter; 7.9 Security Device Evasion; 7.10 Sample Evasion Output; 7.11 Evasion Using NOPs and Encoders; 7.12 In Conclusion; Chapter 8: Wireless Penetration; 8.1 WEP and WPA Encryption; 8.2 Aircrack; 8.3 Installing Aircrack-ng; 8.4 Running Aircrack-ng; 8.5 Airpwn; 8.6 Basic Airpwn Usage; 8.7 Airpwn Configuration Files; 8.8 Using Airpwn on WEP-Encrypted Networks; 8.9 Scripting with Airpwn; 8.10 Karma; 8.11 Conclusion; Chapter 9: Exploitation Framework Applications; 9.1 Task Overview; 9.2 Core Impact Overview; 9.3 Network Reconnaissance with Core Impact; 9.4 Core Impact Exploit Search Engine; 9.5 Running an Exploit; 9.6 Running Macros; 9.7 Bouncing Off an Installed Agent; 9.8 Enabling an Agent to Survive a Reboot; 9.9 Mass Scale Exploitation; 9.10 Writing Modules for Core Impact; 9.11 The Canvas Exploit Framework; 9.12 Porting Exploits Within Canvas; 9.13 Using Canvas from the Command Line; 9.14 Digging Deeper with Canvas; 9.15 Advanced Exploitation with MOSDEF; 9.16 Writing Exploits for Canvas; 9.17 Exploiting Alternative Tools; Chapter 10: Custom Exploitation; 10.1 Understanding Vulnerabilities; 10.2 Analyzing Shellcode; 10.3 Testing Shellcode; 10.4 Creating Shellcode; 10.5 Disguising Shellcode; 10.6 Execution Flow Hijacking; 10.7 References; Control; Chapter 11: Backdoors; 11.1 Choosing a Backdoor; 11.2 VNC; 11.3 Creating and Packaging a VNC Backdoor; 11.4 Connecting to and Removing the VNC Backdoor; 11.5 Back Orifice 2000; 11.6 Configuring a BO2k Server; 11.7 Configuring a BO2k Client; 11.8 Adding New Servers to the BO2k Workspace; 11.9 Using the BO2k Backdoor; 11.10 BO2k Powertools; 11.11 Encryption for BO2k Communications; 11.12 Concealing the BO2k Protocol; 11.13 Removing BO2k; 11.14 A Few Unix Backdoors; Chapter 12: Rootkits; 12.1 Windows Rootkit: Hacker Defender; 12.2 Linux Rootkit: Adore-ng; 12.3 Detecting Rootkits Techniques; 12.4 Windows Rootkit Detectors; 12.5 Linux Rootkit Detectors; 12.6 Cleaning an Infected System; 12.7 The Future of Rootkits; Defense; Chapter 13: Proactive Defense: Firewalls; 13.1 Firewall Basics; 13.2 Network Address Translation; 13.3 Securing BSD Systems with ipfw/natd; 13.4 Securing GNU/Linux Systems with netfilter/iptables; 13.5 Securing Windows Systems with Windows Firewall/Internet Connection Sharing; 13.6 Verifying Your Coverage; Chapter 14: Host Hardening; 14.1 Controlling Services; 14.2 Turning Off What You Do Not Need; 14.3 Limiting Access; 14.4 Limiting Damage; 14.5 Bastille Linux; 14.6 SELinux; 14.7 Password Cracking; 14.8 Chrooting; 14.9 Sandboxing with OS Virtualization; Chapter 15: Securing Communications; 15.1 The SSH-2 Protocol; 15.2 SSH Configuration; 15.3 SSH Authentication; 15.4 SSH Shortcomings; 15.5 SSH Troubleshooting; 15.6 Remote File Access with SSH; 15.7 SSH Advanced Use; 15.8 Using SSH Under Windows; 15.9 File and Email Signing and Encryption; 15.10 GPG; 15.11 Create Your GPG Keys; 15.12 Encryption and Signature with GPG; 15.13 PGP Versus GPG Compatibility; 15.14 Encryption and Signature with S/MIME; 15.15 Stunnel; 15.16 Disk Encryption; 15.17 Windows Filesystem Encryption with PGP Disk; 15.18 Linux Filesystem Encryption with LUKS; 15.19 Conclusion; Chapter 16: Email Security and Anti-Spam; 16.1 Norton Antivirus; 16.2 The ClamAV Project; 16.3 ClamWin; 16.4 Freshclam; 16.5 Clamscan; 16.6 clamd and clamdscan; 16.7 ClamAV Virus Signatures; 16.8 Procmail; 16.9 Basic Procmail Rules; 16.10 Advanced Procmail Rules; 16.11 ClamAV with Procmail; 16.12 Unsolicited Email; 16.13 Spam Filtering with Bayesian Filters; 16.14 SpamAssassin; 16.15 SpamAssassin Rules; 16.16 Plug-ins for SpamAssassin; 16.17 SpamAssassin with Procmail; 16.18 Anti-Phishing Tools; 16.19 Conclusion; Chapter 17: Device Security Testing; 17.1 Replay Traffic with Tcpreplay; 17.2 Traffic IQ Pro; 17.3 ISIC Suite; 17.4 Protos; Monitoring; Chapter 18: Network Capture; 18.1 tcpdump; 18.2 Ethereal/Wireshark; 18.3 pcap Utilities: tcpflow and Netdude; 18.4 Python/Scapy Script Fixes Checksums; 18.5 Conclusion; Chapter 19: Network Monitoring; 19.1 Snort; 19.2 Implementing Snort; 19.3 Honeypot Monitoring; 19.4 Gluing the Stuff Together; Chapter 20: Host Monitoring; 20.1 Using File Integrity Checkers; 20.2 File Integrity Hashing; 20.3 The Do-It-Yourself Way with rpmverify; 20.4 Comparing File Integrity Checkers; 20.5 Prepping the Environment for Samhain and Tripwire; 20.6 Database Initialization with Samhain and Tripwire; 20.7 Securing the Baseline Storage with Samhain and Tripwire; 20.8 Running Filesystem Checks with Samhain and Tripwire; 20.9 Managing File Changes and Updating Storage Database with Samhain and Tripwire; 20.10 Recognizing Malicious Activity with Samhain and Tripwire; 20.11 Log Monitoring with Logwatch; 20.12 Improving Logwatch's Filters; 20.13 Host Monitoring in Large Environments with Prelude-IDS; 20.14 Conclusion; Discovery; Chapter 21: Forensics; 21.1 Netstat; 21.2 The Forensic ToolKit; 21.3 Sysinternals; Chapter 22: Application Fuzzing; 22.1 Which Fuzzer to Use; 22.2 Different Types of Fuzzers for Different Tasks; 22.3 Writing a Fuzzer with Spike; 22.4 The Spike API; 22.5 File-Fuzzing Apps; 22.6 Fuzzing Web Applications; 22.7 Configuring WebProxy; 22.8 Automatic Fuzzing with WebInspect; 22.9 Next-Generation Fuzzing; 22.10 Fuzzing or Not Fuzzing; Chapter 23: Binary Reverse Engineering; 23.1 Interactive Disassembler; 23.2 Sysinternals; 23.3 OllyDbg; 23.4 Other Tools; Colophon;
Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.
- EditoreO′Reilly
- Data di pubblicazione2007
- ISBN 10 0596009631
- ISBN 13 9780596009632
- RilegaturaPaperback
- Numero di pagine856
- Valutazione libreria
Compra nuovo
Scopri di più su questo articolo
EUR 20,70
Spese di spedizione:
EUR 3,76
In U.S.A.
I migliori risultati di ricerca su AbeBooks
Foto dell'editore
Security Power Tools
Editore:
Oreilly & Associates Inc
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Paperback
Quantità: 1
Da:
Valutazione libreria
Descrizione libro Paperback. Condizione: new. New. Fast Shipping and good customer service. Codice articolo Holz_New_0596009631
Compra nuovo
EUR 20,70
Convertire valuta
Foto dell'editore
Security Power Tools
Editore:
Oreilly & Associates Inc
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Paperback
Quantità: 1
Da:
Valutazione libreria
Descrizione libro Paperback. Condizione: new. New. Codice articolo Wizard0596009631
Compra nuovo
EUR 25,56
Convertire valuta
Foto dell'editore
Security Power Tools
Editore:
Oreilly & Associates Inc
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Paperback
Quantità: 1
Da:
Valutazione libreria
Descrizione libro Paperback. Condizione: new. New Copy. Customer Service Guaranteed. Codice articolo think0596009631
Compra nuovo
EUR 26,90
Convertire valuta
Foto dell'editore
Security Power Tools
Editore:
O'Reilly Media
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Brossura
Quantità: 1
Da:
Valutazione libreria
Descrizione libro Condizione: new. Codice articolo FrontCover0596009631
Compra nuovo
EUR 28,39
Convertire valuta
Immagini fornite dal venditore
Security Power Tools by Burns, Bryan, Killion, Dave, Beauchesne, Nicolas, Moret, Eric, Sobrier, Julien, Lynn, Michael, Markham, Eric, Iezzoni, Chris, Biondi, Philippe, Granick, Jennifer Stisa, Manzuik, Steve, Guersch, Paul [Paperback ]
Editore:
O'Reilly Media
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Soft Cover
Quantità: 1
Da:
Valutazione libreria
Descrizione libro Soft Cover. Condizione: new. Codice articolo 9780596009632
Compra nuovo
EUR 34,06
Convertire valuta
Immagini fornite dal venditore
Security Power Tools (Paperback or Softback)
Editore:
O'Reilly Media 9/6/2007
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Paperback or Softback
Quantità: 5
Da:
Valutazione libreria
Descrizione libro Paperback or Softback. Condizione: New. Security Power Tools 2.95. Book. Codice articolo BBS-9780596009632
Compra nuovo
EUR 43,28
Convertire valuta
Foto dell'editore
Security Power Tools
Editore:
O'Reilly Media
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Brossura
Quantità: > 20
Da:
Valutazione libreria
Descrizione libro Condizione: New. Brand New! Not Overstocks or Low Quality Book Club Editions! Direct From the Publisher! We're not a giant, faceless warehouse organization! We're a small town bookstore that loves books and loves it's customers! Buy from Lakeside Books!. Codice articolo OTF-S-9780596009632
Compra nuovo
EUR 39,65
Convertire valuta
Immagini fornite dal venditore
Security Power Tools
Editore:
Oreilly & Associates Inc
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Brossura
Quantità: 2
Da:
Valutazione libreria
Descrizione libro Condizione: New. Codice articolo 5079218-n
Compra nuovo
EUR 41,89
Convertire valuta
Foto dell'editore
Security Power Tools
Editore:
Oreilly & Associates Inc
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Brossura
Quantità: > 20
Da:
Valutazione libreria
Descrizione libro Condizione: New. Codice articolo ABLIING23Feb2416190070862
Compra nuovo
EUR 43,56
Convertire valuta
Foto dell'editore
Security Power Tools
Editore:
Oreilly & Associates Inc
(2007)
ISBN 10: 0596009631
ISBN 13: 9780596009632
Nuovo
Brossura
Quantità: 1
Da:
Valutazione libreria
Descrizione libro Condizione: New. Buy with confidence! Book is in new, never-used condition. Codice articolo bk0596009631xvz189zvxnew
Compra nuovo
EUR 58,06
Convertire valuta