"Security warrior".Based on the principle that the best way to defend yourself is to understand your attacker in depth, "Security Warrior" (O'Reilly) by Cyrus Peikari and Anton Chuvakin Anton Chuvakin is a computer security specialist, currently Chief Logging Evangelist with LogLogic, a U.S. Log Management and Intelligence company. His past positions included a role of a Security Strategist with netForensics, a U.S. Security Information Management company. reveals how your systems can be threatened. Covering everything from reverse engineering to SQL SQL in full Structured Query Language. Computer programming language used for retrieving records or parts of records in databases and performing various calculations before displaying the results. attacks, and including topics like social engineering, antiforensics, and advanced attacks against Unix and Windows systems, this book leaves you knowing your enemy and prepared to do battle. "Security Warrior" offers readers unique methods for honing their information security (or infosec) techniques, presented in an entertaining and easy-to-read style. Covering a combination of formal science and real-life infosec experiences, multiple platforms Refers to two or more operating environments, which typically include the CPU family and operating system. For example, if versions of a program run on Windows and the Macintosh, the software is said to support multiple platforms. , and attacks and defenses, the book explores areas of computer security that will gratify grat·i·fy tr.v. grat·i·fied, grat·i·fy·ing, grat·i·fies 1. To please or satisfy: His achievement gratified his father. See Synonyms at please. 2. even the most seasoned veterans. According to the Peikari and Chuvakin, one example of this is their coverage of reverse code engineering (RCE Recurrent corneal erosion (RCE) Repeated erosion of the cornea. May be a result of inadequate healing of a previous abrasion. Mentioned in: Corneal Abrasion ), including the esoteric subjects of Linux and embedded RCE. As they explain, "RCE is indispensable for dissecting dis·sect tr.v. dis·sect·ed, dis·sect·ing, dis·sects 1. To cut apart or separate (tissue), especially for anatomical study. 2. malicious code, unveiling corporate spyware, and extracting application vulnerabilities, but until this book, it has received sparse coverage in printed literature." Reverse code engineering is thoroughly examined in the first section of the book, "Software Cracking." Part II, "Network Stalking," reviews security aspects of TCP/IP TCP/IP in full Transmission Control Protocol/Internet Protocol Standard Internet communications protocols that allow digital computers to communicate over long distances. , network reconnaissance, OS fingerprinting, and examines social engineering using psychological theories to explore possible attacks and how hackers hide their tracks. Next, in "Platform Attacks," readers learn about platform-specific attacks and defenses, including weaknesses in Windows XP Remote Assistance, flaws in Kerberos authentication on Windows Server, web services security, and SQL injection attacks. Part IV, "Advanced Defense," tackles advanced methods of network defense, including the use of Bayesian analysis Bayesian analysis A decision-making analysis that '…permits the calculation of the probability that one treatment is superior based on the observed data and prior beliefs…subjectivity of beliefs is not a liability, but rather explicitly allows to implement intrusion detection systems. As attacks against computer systems become increasingly sophisticated, a strong defense is essential, and the best way to build an effective defense is to understand and anticipate potential attacks. Anyone who is on the front lines defending against the enemy needs this book. It gives you the knowledge you need to render the most persistent enemy ineffectual. Additional Resources: Chapter 2, "Windows Reverse Engineering," is available online at: http://www.oreilly.com/catalog/swarrior/chapter/index.html For more information about the book, including table of contents, index, author bios, and samples, see: http://www.oreilly.com/catalog/swarrior/ISBN 0-596-00545-8. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion