E-Book, Englisch, 500 Seiten, Web PDF
Graham Syngress Force Emerging Threat Analysis
1. Auflage 2006
ISBN: 978-0-08-047559-2
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
From Mischief to Malicious
E-Book, Englisch, 500 Seiten, Web PDF
ISBN: 978-0-08-047559-2
Verlag: Elsevier Science & Techn.
Format: PDF
Kopierschutz: 1 - PDF Watermark
A One-Stop Reference Containing the Most Read Topics in the Syngress Security Library
This Syngress Anthology Helps You Protect Your Enterprise from Tomorrow's Threats Today
This is the perfect reference for any IT professional responsible for protecting their enterprise from the next generation of IT security threats. This anthology represents the best of this year's top Syngress Security books on the Human, Malware, VoIP, Device Driver, RFID, Phishing, and Spam threats likely to be unleashed in the near future..
* From Practical VoIP Security, Thomas Porter, Ph.D. and Director of IT Security for the FIFA 2006 World Cup, writes on threats to VoIP communications systems and makes recommendations on VoIP security.
* From Phishing Exposed, Lance James, Chief Technology Officer of Secure Science Corporation, presents the latest information on phishing and spam.
* From Combating Spyware in the Enterprise, Brian Baskin, instructor for the annual Department of Defense Cyber Crime Conference, writes on forensic detection and removal of spyware.
* Also from Combating Spyware in the Enterprise, About.com's security expert Tony Bradley covers the transformation of spyware.
* From Inside the SPAM Cartel, Spammer-X shows how spam is created and why it works so well.
* From Securing IM and P2P Applications for the Enterprise, Paul Piccard, former manager of Internet Security Systems' Global Threat Operations Center, covers Skype security.
* Also from Securing IM and P2P Applications for the Enterprise, Craig Edwards, creator of the IRC security software IRC Defender, discusses global IRC security.
* From RFID Security, Brad Renderman Haines, one of the most visible members of the wardriving community, covers tag encoding and tag application attacks.
* Also from RFID Security, Frank Thornton, owner of Blackthorn Systems and an expert in wireless networks, discusses management of RFID security.
* From Hack the Stack, security expert Michael Gregg covers attacking the people layer.
* Bonus coverage includes exclusive material on device driver attacks by Dave Maynor, Senior Researcher at SecureWorks.
* The best of this year: Human, Malware, VoIP, Device Driver, RFID, Phishing, and Spam threats
* Complete Coverage of forensic detection and removal of spyware, the transformation of spyware, global IRC security, and more
* Covers secure enterprise-wide deployment of hottest technologies including Voice Over IP, Pocket PCs, smart phones, and more
Zielgruppe
Academic/professional/technical: Research and professional
Autoren/Hrsg.
Weitere Infos & Material
1;Cover;1
2;Contents;17
3;Foreword;31
4;Part I VoIP;33
4.1;Chapter 1 Threats to VoIP Communications Systems By Thomas Porter;35
4.1.1;Introduction;36
4.1.2;Denial-of-Service or VoIP Service Disruption;36
4.1.3;Call Hijacking and Interception;44
4.1.4;H.323-Specific Attacks;52
4.1.5;SIP-Specific Attacks;53
4.2;Chapter 2 Validate Existing Security Infrastructure for VoIP By Thomas Porter;59
4.2.1;Introduction;60
4.2.2;Security Policies and Processes;61
4.2.3;Physical Security;73
4.2.4;Server Hardening;77
4.2.5;Supporting Services;90
4.2.6;Unified Network Management;95
4.3; Chapter 3 Recommendations for VoIP Security By Thomas Porter;105
4.3.1;Introduction;106
4.3.2;Reuse Existing Security Infrastructure Wisely;107
4.3.3;Confirm User Identity;111
4.3.4;Active Security Monitoring;114
4.3.5;Logically Segregate VoIP from Data Traffic;116
4.4;Chapter 4 Skype Security By Paul Piccard;135
4.4.1;Introduction;136
4.4.2;Skype Architecture;137
4.4.3;Features and Security Information;139
4.4.4;Malicious Code;145
4.4.5;Client Security;146
5;Part II Malware;155
5.1;Chapter 5 The Transformation of Spyware By Tony Bradley;157
5.1.1;Introduction;158
5.1.2;The Humble Beginnings;158
5.1.3;Spyware in the Twenty-First Century;166
5.1.4;The Future of Spyware;170
5.2;Chapter 6 Spyware and the Enterprise Network By Jeremy Faircloth;175
5.2.1;Introduction;176
5.2.2;Keystroke Loggers;177
5.2.3;Trojan Encapsulation;187
5.2.4;Spyware and Backdoors;191
5.3;Chapter 7 Global IRC Security By Craig Edwards;199
5.3.1;Introduction;200
5.3.2;DDoS Botnets Turned Bot-Armies;200
5.3.3;Information Leakage;207
5.3.4;Copyright Infringement;208
5.3.5;Transfer of Malicious Files;211
5.3.6;Firewall/IDS Information;215
5.4;Chapter 8 Forensic Detection and Removal of Spyware By Brian Baskin;221
5.4.1;Introduction;222
5.4.2;Manual Detection Techniques;222
5.4.3;Detection and Removal Tools;240
5.4.4;Enterprise Removal Tools;267
6;Part III Phishing and Spam;277
6.1;Chapter 9 Go Phish! By Lance James;279
6.1.1;Introduction;280
6.1.2;The Impersonation Attack;282
6.1.3;The Forwarding Attack;302
6.1.4;The Popup Attack;308
6.2;Chapter 10 E-Mail: The Weapon of Mass Delivery By Lance James;321
6.2.1;Introduction;322
6.2.2;E-Mail Basics;322
6.3;Chapter 11 How Spam Works By Spammer X;367
6.3.1;Who Am I?;368
6.3.2;The Business of Spam;368
6.3.3;Spam in the Works: A Real-World Step-by-Step Example;370
6.4;Chapter 12 Sending Spam By Spammer X;381
6.4.1;The Required Mindset to Send Spam;382
6.4.2;Methods of Sending Spam;383
6.5;Chapter 13 Your E-mail: Digital Gold By Spammer X;415
6.5.1;What Does Your E-mail Address Mean to a Spammer?;416
6.5.2;Hackers and Spammers: Their United Partnership;418
6.5.3;Harvesting the Crumbs of the Internet;421
6.5.4;Mass Verification;429
6.6;Chapter 14 Creating the Spam Message and Getting It Read By Spammer X;437
6.6.1;Jake Calderon? Who Are You?;438
7;Part IV RFID;463
7.1; Chapter 15 RFID Attacks: Tag Encoding Attacks By Brad “Renderman” Haines;465
7.1.1;Introduction;466
7.1.2;Case Study: John Hopkins vs. SpeedPass;466
7.1.3;The SpeedPass;466
7.2;Chapter 16 RFID Attacks: Tag Application Attacks By Brad “Renderman” Haines;479
7.2.1;MIM;480
7.2.2;Chip Clones—Fraud and Theft;480
7.2.3;Tracking: Passports/Clothing;485
7.2.4;Chip Cloning > Fraud;489
7.2.5;Disruption;491
7.3;Chapter 17 RFID Attacks: Securing Communications Using RFID Middleware By Anand M. Das;493
7.3.1;RFID Middleware Introduction;494
7.3.2;Attacking Middleware with the Air Interface;505
7.3.3;Understanding Security Fundamentals and Principles of Protection;510
7.3.4;Addressing Common Risks and Threats;523
7.3.5;Securing RFID Data Using Middleware;526
7.3.6;Using DES in RFID Middleware for Robust Encryption;528
7.3.7;Using Stateful Inspection in the Application Layer Gateway For Monitoring RFID Data Streams;529
7.3.8;Providing Bulletproof Security Using Discovery, Resolution, and Trust Services in AdaptLink™;531
7.4;Chapter 18 RFID Security: Attacking the Backend By Hersh Bhargava;535
7.4.1;Introduction;536
7.4.2;Overview of Backend Systems;536
7.4.3;Data Attacks;538
7.4.4;Virus Attacks;540
7.4.5;RFID Data Collection Tool— Backend Communication Attacks;542
7.4.6;Attacks on ONS;543
7.5;Chapter 19 Management of RFID Security By Frank Thornton;547
7.5.1;Introduction;548
7.5.2;Risk and Vulnerability Assessment;548
7.5.3;Risk Management;551
7.5.4;Threat Management;553
8;Part V Non-Traditional Threats;557
8.1;Chapter 20 Attacking The People Layer By Michael Gregg and Ron Bandes;559
8.1.1;Attacking the People Layer;560
8.1.2;Defending the People Layer;582
8.1.3;Making the Case for Stronger Security;597
8.1.4;People Layer Security Project;604
8.2;Chapter 21 Device Driver Auditing By David Maynor;609
8.2.1;Introduction;610
8.2.2;Why Should You Care?;610
8.2.3;What Is a Device Driver?;613
9;Index;629
