As a system administrator or security professionals, you probably find yourself inundated each day with a deluge of log files from seemingly countless devices, servers, and applications on your network ranging from Windows Server to Snort to your PIX firewall and everything in between. At times, the task of “seeing the forest through the trees” to extract useful, repeatable information from these logs may seem almost impossible. This unique book will show you how to use a combination of open source software such as Tcpdstats, and Snort perfmonitor to create succinct, meaningful reports that give you the big picture of your network’s overall health and well being. So, if you need to analyze and prioritize everything from how much of your bandwidth is devoted to browsing ESPN.com, to the most targeted machines in your IDS logs, this is the book for you. This book teaches IT professionals how to analyze, manage, and automate their security log files to generate useful, repeatable information that can be use to make their networks more efficient and secure using primarily open source tools.

The book begins by discussing the “Top 10″ security logs that every IT professional should be regularly analyzing. These 10 logs cover everything from the top workstations sending/receiving data through a firewall to the top targets of IDS alerts. The book then goes on to discuss the relevancy of all of this information. Next, the book describes how to script open source reporting tools like Tcpdstats to automatically correlate log files from the various network devices to the “Top 10″ list. By doing so, the IT professional is instantly made aware of any critical vulnerabilities or serious degradation of network performance. All of the scripts presented within the book will be available for download from the Syngress Solutions Web site.

(more…)

Writing Security Tools and Exploits is the foremost authority on vulnerability and security code and will serve as the premier educational reference for security professionals and software developers. The book has over 600 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, this book dives right into deep code analysis. Previously undisclosed security research in combination with superior programming techniques are included in both the Local and Remote Code sections of the book.

The book is accompanied with a companion Web site containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD also contains a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library includes multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions simplify exploit and vulnerability tool development to an extent never before possible with publicly available software.

(more…)

LDAP in the Solaris Operating Environment Deploying Secure Directory
Services Provides an in-depth discussion of Solaris Operating
Environment security methods and how they relate to LDAP as a naming
service Covers migration planning tips from NIS/NIS+ to an LDAP-based
naming service including capacity planning Presents an overview of LDAP
tools and toolkits, and how they are used to administer LDAP as a
naming service Discusses performance principles and benchmarking
techniques for optimizing directory server performance LDAP in the
Solaris Operating Environment is a follow-on to the Sun BluePrints book
Solaris and LDAP Naming Services, and describes the significant
improvements to the Solaris LDAP client and directory server. Deploying
the Solaris Secured LDAP Client is covered in detail. This Sun
BluePrints book introduces NIS/NIS+ migration tools and techniques to
aid in the transition to an LDAP-based naming service. Troubleshooting
tips, examples of extending Solaris authentication methods, and
examples of extending Solaris authentication methods using the
Pluggable Authentication Module (PAM) framework are provided.

(more…)

Understand the total cost of ownership and return on investment for network security solutions

• Understand what motivates hackers and how to classify threats
• Learn how to recognize common vulnerabilities and common types of attacks
• Examine modern day security systems, devices, and mitigation techniques
• Integrate policies and personnel with security equipment to effectively lessen security risks
• Analyze the greater implications of security breaches facing corporations and executives today
• Understand the governance aspects of network security to help implement a climate of change throughout your organization
• Learn how to qualify your organization�s aversion to risk
• Quantify the hard costs of attacks versus the cost of security technology investment to determine ROI
• Learn the essential elements of security policy development and how to continually assess security needs and vulnerabilities

The Business Case for Network Security: Advocacy, Governance, and ROI addresses the needs of networking professionals and business executives who seek to assess their organization�s risks and objectively quantify both costs and cost savings related to network security technology investments. This book covers the latest topics in network attacks and security. It includes a detailed security-minded examination of return on investment (ROI) and associated financial methodologies that yield both objective and subjective data. The book also introduces and explores the concept of return on prevention (ROP) and discusses the greater implications currently facing corporations, including governance and the fundamental importance of security, for senior executives and the board.

(more…)

Cryptography is the key to securing the Internet If every communication
network were to use a secure system based on encryption, then viruses,
worms and hackers would have a very hard time. Unfortunately, this
scenario does not reflect the reality of the Internet world today.
However, with security issues becoming more and more important
internationally, engineers of the future will be required to design
tougher, safer systems. This book takes a long-term view. It is not a
‘how-to’ implementation guide for today’s practitioners. It is a
training text for the engineers of the future. Features: Detailed
discussion of block cipher design principles, including coverage of
IDEA, RC5, RC6, Triple DES and Advanced Encryption Standard (AES)
Information on hash functions and message digests, including the latest
protocols for digital signature, authentication and key-sharing HMAC.
Expanded coverage of public-key encryption/signature algorithms,
including Diffie-Hellman secret key exchange, RSA, ElGamal, Schnorr,
DSA and Elliptic Curve Cryptography (ECC) Profiles for Public Key
Infrastructure (PKI) Complete and detailed guides to the entire TCP/IP
protocol suite IPsec for network-layer security PGP and S/MIME for
e-mail security SSL/TLS for transport-layer security Firewalls for
trusted systems SET security protocols used in the smart card As well
as providing an in-depth introduction to relevant cryptographic
principles, algorithms and protocols, Internet Security links them to
the technologies in use on the Internet today. State-of-the-art
analyses of IETF standards plus summaries and explanations of RFC
documents, numerous examples and a list of frequently used acronyms
make this book a comprehensive and valuable reference for students,
researchers and professional engineers alike - anyone engaged in the
long-term development of secure systems.

(more…)

With the popularity of the Wireless Local Area Network (WLAN) standard 802.11 WiFi� and the growing interest in the next generation Wireless Metropolitan Area Network (WMAN) standard 802.16 WiMax�, the need for effective solutions to the inherent security weaknesses of these networking technologies has become of critical importance. Thoroughly explaining the risks associated with deploying WLAN and WMAN networks,
this groundbreaking book offers you practical insight into identifying and overcoming these security issues. Including detailed descriptions of possible solutions to a number of specific security problems, the book gives you the hands-on techniques that you
need to secure wireless networks in the enterprise and the home. This handy reference also defines key security terms to help you fully understand concepts and evaluate security products on the market today.Moreover, the book discusses the future direction of the WLAN and WMAN industry, allowing you to plan ahead for emerging technologies in the field.
(more…)

Software Security is about putting the touchpoints to work for you.
Because you can apply these touchpoints to the software artifacts you
already produce as you develop software, you can adopt this book’s
methods without radically changing the way you work. Inside you’ll find
detailed explanations of Risk management frameworks and processes.Code
review using static analysis tools.Architectural risk analysis.Penetration testing.Security testing.Abuse case development in
addition to the touchpoints, Software Security covers knowledge
management, training and awareness, and enterprise-level software
security programs.Now that the world agrees that software security is
central to computer security, it is time to put philosophy into
practice. Create your own secure development lifecycle by enhancing
your existing software development lifecycle with the touchpoints
described in this book. Let this expert author show you how to build
more secure software by building security in.

(more…)