Advanced Linux Programming is divided into two parts. The first covers generic UNIX system services, but with a particular eye towards Linux specific information. This portion of the book will be of use even to advanced programmers who have worked with other Linux systems since it will cover Linux specific details and differences. For programmers without UNIX experience, it will be even more valuable.The second section covers material that is entirely Linux specific. These are truly advanced topics, and are the techniques that the gurus use to build great applications. While this book will focus mostly on the Application Programming Interface (API) provided by the Linux kernel and the C library, a preliminary introduction to the development tools available will allow all who purchase the book to make immediate use of Linux.

· A one-stop resource for managers and executives at all levels–no matter the size of the company!
· Wide-ranging coverage of a vital area of IT in business

The International Handbook of Computer Security is written primarily to help business executives and information systems/computer professionals protect computer systems and data from a myriad of internal and external threats. The book addresses a wide range of computer security issues. It is intended to provide practical and thorough guidance in the quagmire of computers, technology, networks, and software.

Among the major topics discussed are: company security policies – physical security procedures – data preservation and protection – hardware and software protection –
personnel management and security – contingency planning – legal and auditing planning and control systems – network security, internal and external

“It’s imperative that everybody working in the field of cyber-security read this book to understand the growing threat of rootkits.”
–Mark Russinovich, editor, Windows IT Pro / Windows & .NET Magazine

“This material is not only up-to-date, it defines up-to-date. It is truly cutting-edge. As the only book on the subject, Rootkits will be of interest to any Windows security researcher or security programmer. It’s detailed, well researched and the technical information is excellent. The level of technical detail, research, and time invested in developing relevant examples is impressive. In one word: Outstanding.”
–Tony Bautts, Security Consultant; CEO, Xtivix, Inc.

“This book is an essential read for anyone responsible for Windows security. Security professionals, Windows system administrators, and programmers in general will want to understand the techniques used by rootkit authors. At a time when many IT and security professionals are still worrying about the latest e-mail virus or how to get all of this month’s security patches installed, Mr. Hoglund and Mr. Butler open your eyes to some of the most stealthy and significant threats to the Windows operating system. Only by understanding these offensive techniques can you properly defend the networks and systems for which you are responsible.”
–Jennifer Kolde, Security Consultant, Author, and Instructor

Java Database Bible is a comprehensive approach to learning how to develop and implement a professional level Java 2 database program using the Java database connection API (JDBC 3.0).
Includes an introduction to relational databases and designing database applications; covers interacting with a relational database using a Java program; and shows how to create and work with XML data storage using a Java program.

Book Info
Packed with lucid explanations and real-world examples, this comprehensive guide gives you everything you need to master Java database programming techniques. Covers JSP, XML, and EJB. Softcover.

What’s the worst an attacker can do to you? You’d better find out, right? That’s what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battleWhen it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm. What’s the worst an attacker can do to you? You’d better find out, right? That’s what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle. Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines — trojaned binaries, “spyware” that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It’s also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability. Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It’s often scary, and never comforting. If you’re on the front lines, defending your site against attackers, you need this book. On your shelf–and in your hands.

There is increasing agreement that we need to design secure computer systems that people can actually use, but less agreement about how to reach this goal. Destined to be the classic reference in this emerging field, Security & Usability collects 34 groundbreaking essays from leading security and human-computer interaction (HCI) researchers on authentication, privacy and anonymity, secure systems, commercialization, and much more. It is expected to start an avalanche of discussion, new ideas, and further advances in this important field.
Human factors and usability issues have traditionally played a limited role in security research and secure systems development. Security experts have largely ignored usability issues–both because they often failed to recognize the importance of human factors and because they lacked the expertise to address them.But there is a growing recognition that today’s security problems can be solved only by addressing issues of usability and human factors. Increasingly, well-publicized security breaches are attributed to human errors that might have been prevented through more usable software. Indeed, the world’s future cyber-security depends upon the deployment of security technology that can be broadly used by untrained computer users.

Review
“The authors of this book explain these issues and how to fight against them.” (Computer Law & Security Report, 1st September 2004)

Book Description
Hackers have uncovered the dark side of cryptography—that device developed to defeat Trojan horses, viruses, password theft, and other cyber-crime. It’s called cryptovirology, the art of turning the very methods designed to protect your data into a means of subverting it. In this fascinating, disturbing volume, the experts who first identified cryptovirology show you exactly what you’re up against and how to fight back.

They will take you inside the brilliant and devious mind of a hacker—as much an addict as the vacant-eyed denizen of the crackhouse—so you can feel the rush and recognize your opponent’s power. Then, they will arm you for the counterattack.

This book reads like a futuristic fantasy, but be assured, the threat is ominously real. Vigilance is essential, now.

• Understand the mechanics of computationally secure information stealing
• Learn how non-zero sum Game Theory is used to develop survivable malware
• Discover how hackers use public key cryptography to mount extortion attacks
• Recognize and combat the danger of kleptographic attacks on smart-card devices
• Build a strong arsenal against a cryptovirology attack

With the release of Java 2 Micro Edition (J2ME), Sun Microsystems opened Java to the rapidly expanding Personal Digital Assistant (PDA) market.This comprehensive tutorial and reference provides an in-depth look at developing PDA software with J2ME and PersonalJava, covering both Palm and PocketPC devices. Succinct and practical, Java(TM) Development on PDAs focuses on real-world programming tasks with extensive code examples and an end-to-end PDA application demonstrating techniques for integrating devices with the enterprise via Web services.

This book describes the J2ME platform and PersonalJava and discusses design issues specific to resource-constrained devices. It also provides in-depth coverage of networking and Internet access, the user interface, data storage, and integrating PDAs into the corporation.

The .NET Developer’s Guide to Windows Security is required reading for .NET programmers who want to develop secure Windows applications. Readers gain a deep understanding of Windows security and the know-how to program secure systems that run on Windows Server 2003, Windows XP, and Windows 2000.Author Keith Brown crystallizes his application security expertise into 75 short, specific guidelines. Each item is clearly explained, cross-referenced, and illustrated with detailed examples. The items build on one another until they produce a comprehensive picture of what tools are available and how developers should use them.

The book highlights new features in Windows Server 2003 and previews features of the upcoming version 2.0 of the .NET Framework. A companion Web site includes the source code and examples used throughout the book.

Networking is one of the core tasks of enterprise-level programming, and for the programmer familiar with the C# language this book will provide the information to put network programming at the heart of their .NET applications. Prior knowledge of network programming is not assumed, but the reader already familiar with networking from another environment will find the pace quick enough for the book to still prove valuable.This book will give the reader:

An understanding of the general concepts of networking
Information about network programming in .NET with C#
Skills to build network-based applications in .NET
The confidence to use the classes shipped with .NET to implement your own application-level protocols.

After reading this book, readers will be confident C# network programmers, and understand the underlying protocols.

We begin with an overview of the most important background material, such as the architecture of physical networks, network protocols, the OSI model, streams in .NET, and the classes provided to facilitate access to streams such as StreamReader and StreamWriter.

Then we move onto sockets programming, with an introduction to the concept of sockets, and full coverage of using sockets in .NET. We look at TCP, UDP, and using multicast sockets in .NET. We also look briefly at application-level protocols built on top of these layers, such as SMTP and FTP.

The next stop is Internet programming, with a look at HTTP, the underlying protocol of the Internet, and e-mail protocols – we look at the .NET classes for sending e-mails via SMTP, and we see how we can implement POP3 and NNTP clients in .NET to read mailboxes and newsgroups.

The book finishes with an exploration of how to secure network communications in .NET – encrypting network traffic, certificates and SSL, authenticating and authorizing users with NTLM and Kerberos.