Encryption - Books On Amazon.com _{Check eBay.com!}

BOOK
Hacking: The Art of Exploitation, 2nd Edition
Jon Erickson
$30.98

About this product:
Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.

Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, 2nd Edition introduces the fundamentals of C programming from a hacker's perspective.

The included LiveCD provides a complete Linux programming and debugging environment-all without modifying your current operating system. Use it to follow along with the book's examples as you fill gaps in your knowledge and explore hacking techniques on your own. Get your hands dirty debugging code, overflowing buffers, hijacking network communications, bypassing protections, exploiting cryptographic weaknesses, and perhaps even inventing new exploits. This book will teach you how to:

• Program computers using C, assembly language, and shell scripts



• Corrupt system memory to run arbitrary code using buffer overflows and format strings



• Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening



• Outsmart common security measures like nonexecutable stacks and intrusion detection systems



• Gain access to a remote server using port-binding or connect-back shellcode, and alter a server's logging behavior to hide your presence



• Redirect network traffic, conceal open ports, and hijack TCP connections



• Crack encrypted wireless traffic using the FMS attack, and speed up brute-force attacks using a password probability matrix

Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.

BOOK
Guide to Computer Forensics and Investigations, Third Edition
Christopher Steuart
$52.36

About this product:
Master the skills necessary to launch and complete a successful computer investigation with the updated edition of this highly successful book, Guide to Computer Forensics and Investigations. This text will teach readers how to conduct a high-tech investigation, from acquiring digital evidence to reporting its findings. Coverage includes how to set up a forensics lab, how to acquire the proper and necessary tools, and how to conduct the investigation and subsequent digital analysis. The comprehensive coverage and detailed know-how led to the book being listed as recommended reading by the FBI Forensics Communications the United States Certified reading room. The book features free downloads of the latest forensic software, so students become familiar with the tools of the trade.

BOOK
The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography
Simon Singh
$6.80

About this product:
In his first book since the bestselling Fermat's Enigma, Simon Singh offers the first sweeping history of encryption, tracing its evolution and revealing the dramatic effects codes have had on wars, nations, and individual lives. From Mary, Queen of Scots, trapped by her own code, to the Navajo Code Talkers who helped the Allies win World War II, to the incredible (and incredibly simple) logisitical breakthrough that made Internet commerce secure, The Code Book tells the story of the most powerful intellectual weapon ever known: secrecy.

Throughout the text are clear technical and mathematical explanations, and portraits of the remarkable personalities who wrote and broke the world's most difficult codes. Accessible, compelling, and remarkably far-reaching, this book will forever alter your view of history and what drives it.  It will also make yo wonder how private that e-mail you just sent really is.

BOOK
Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition) (Radia Perlman Series in Computer Networking and Security)
Tom Liston
$34.00

About this product:
In defending your systems against intruders and other meddlers, a little knowledge can be used to make the bad guys--particularly the more casual among them--seek out softer targets. Counter Hack aims to provide its readers with enough knowledge to toughen their Unix and Microsoft Windows systems against attacks in general, and with specific knowledge of the more common sorts of attacks that can be carried out by relatively unskilled "script kiddies." The approach author Ed Skoudis has chosen is effective, in that his readers accumulate the knowledge they need and generally enjoy the process.

The best part of this book may be two chapters, one each for Windows and Unix, that explain the essential security terms, conventions, procedures, and behaviors of each operating system. This is the sort of information that readers need--a Unix person getting into Windows administration for the first time needs an introduction to the Microsoft security scheme, and vice versa. A third chapter explains TCP/IP with focus on security. With that groundwork in place, Skoudis explains how (with emphasis on tools) attackers look for vulnerabilities in systems, gain access, and maintain their access for periods of time without being discovered. You'll probably want to search online resources for more specific information--Skoudis refers to several--but this book by itself will provide you with the vocabulary and foundation knowledge you need to get the details you want. --David Wall

Topics covered: How black-hat hackers work, what tools and techniques they use, and how to assess and improve your systems' defenses. The author explains how Windows, Unix, and TCP/IP can be exploited for nefarious purposes, and details a modus operandi that's typical of the bad guys.

BOOK
Security in Computing, 4th Edition
Shari Lawrence Pfleeger
$57.00

About this product:
The New State-of-the-Art in Information Security: Now Covers the Economics of Cyber Security and the Intersection of Privacy and Information Security

For years, IT and security professionals and students have turned to Security in Computing as the definitive guide to information about computer security attacks and countermeasures. In their new fourth edition, Charles P. Pfleeger and Shari Lawrence Pfleeger have thoroughly updated their classic guide to reflect today's newest technologies, standards, and trends.

The authors first introduce the core concepts and vocabulary of computer security, including attacks and controls. Next, the authors systematically identify and assess threats now facing programs, operating systems, database systems, and networks. For each threat, they offer best-practice responses.

Security in Computing, Fourth Edition, goes beyond technology, covering crucial management issues faced in protecting infrastructure and information. This edition contains an all-new chapter on the economics of cybersecurity, explaining ways to make a business case for security investments. Another new chapter addresses privacy--from data mining and identity theft, to RFID and e-voting.

New coverage also includes

• Programming mistakes that compromise security: man-in-the-middle, timing, and privilege escalation attacks
• Web application threats and vulnerabilities
• Networks of compromised systems: bots, botnets, and drones
• Rootkits--including the notorious Sony XCP
• Wi-Fi network security challenges, standards, and techniques
• New malicious code attacks, including false interfaces and keystroke loggers
• Improving code quality: software engineering, testing, and liability approaches
• Biometric authentication: capabilities and limitations
• Using the Advanced Encryption System (AES) more effectively
• Balancing dissemination with piracy control in music and other digital content
• Countering new cryptanalytic attacks against RSA, DES, and SHA
• Responding to the emergence of organized attacker groups pursuing profit

BOOK
Computer Security: Art and Science
Matt Bishop
$71.13

About this product:
I used this book for a graudate-level introductory computer security class and it was very detailed and explained concepts well. I took a security and privacy course in undergrad and Bishop's book is much better than the book I used last fall. If you have strong math skills and strong coding skills, this is the book for you. It is even helpful to people studying for the CISSP and Security+ certifications in information security.

BOOK
File System Forensic Analysis
Brian Carrier
$35.54

About this product:
Thanks a lot, we are very happy to have this book in our library!

BOOK
Network Security: Private Communication in a Public World (2nd Edition) (Radia Perlman Series in Computer Networking and Security)
Mike Speciner
$45.99

About this product:
This is a very good book on network security. It is a bit too technical for leisure/work reading. I got this book because it is a required text for my graduate class.

BOOK
How to Cheat at Configuring Exchange Server 2007: Including Outlook Web, Mobile, and Voice Access (How to Cheat) (How to Cheat)
Henrik Walther
$24.10

About this product:
According to Microsoft, Exchange Server delivers over 75% of all corporate e-mail. The 2007 release is the fist major overhaul since 2003. It attempts to address the challenge of delivering greater performance and accessibility while increasing protection against a new generation of high risk security threats. Microsoft has added many new features that dramatically improve the scope of Exchange Server and the Outlook web client, positioning the platform as a groupware and collaboration tool that is accessible to remote and wireless users as will as those wired directly to the corporate intranet. The typical SysAdmin needs a reference that cuts through all the complexity and seldom-used features to get the product successfully deployed as efficiently as possible---exactly the job of the "How to Cheat" series.

BOOK
Security Metrics: Replacing Fear, Uncertainty, and Doubt
Andrew Jaquith
$28.99

About this product:
<>The Definitive Guide to Quantifying, Classifying, and Measuring Enterprise IT Security Operations

Security Metrics is the first comprehensive best-practice guide to defining, creating, and utilizing security metrics in the enterprise.

Using sample charts, graphics, case studies, and war stories, Yankee Group Security Expert Andrew Jaquith demonstrates exactly how to establish effective metrics based on your organization’s unique requirements. You’ll discover how to quantify hard-to-measure security activities, compile and analyze all relevant data, identify strengths and weaknesses, set cost-effective priorities for improvement, and craft compelling messages for senior management.

Security Metrics successfully bridges management’s quantitative viewpoint with the nuts-and-bolts approach typically taken by security professionals. It brings together expert solutions drawn from Jaquith’s extensive consulting work in the software, aerospace, and financial services industries, including new metrics presented nowhere else. You’ll learn how to:

• Replace nonstop crisis response with a systematic approach to security improvement

• Understand the differences between “good” and “bad” metrics

• Measure coverage and control, vulnerability management, password quality, patch latency, benchmark scoring, and business-adjusted risk

• Quantify the effectiveness of security acquisition, implementation, and other program activities

• Organize, aggregate, and analyze your data to bring out key insights

• Use visualization to understand and communicate security issues more clearly

• Capture valuable data from firewalls and antivirus logs, third-party auditor reports, and other resources

• Implement balanced scorecards that present compact, holistic views of organizational security effectiveness

Whether you’re an engineer or consultant responsible for security and reporting to management–or an executive who needs better information for decision-making–Security Metrics is the resource you have been searching for.

Andrew Jaquith, program manager for Yankee Group’s Security Solutions and Services Decision Service, advises enterprise clients on prioritizing and managing security resources. He also helps security vendors develop product, service, and go-to-market strategies for reaching enterprise customers. He co-founded @stake, Inc., a security consulting pioneer acquired by Symantec Corporation in 2004. His application security and metrics research has been featured in CIO, CSO, InformationWeek, IEEE Security and Privacy, and The Economist.

Foreword

Preface

Acknowledgments

About the Author

Chapter 1 Introduction: Escaping the Hamster Wheel of Pain

Chapter 2 Defining Security Metrics

Chapter 3 Diagnosing Problems and Measuring Technical Security

Chapter 4 Measuring Program Effectiveness

Chapter 5 Analysis Techniques

Chapter 6 Visualization

Chapter 7 Automating Metrics Calculations

Chapter 8 Designing Security Scorecards

Index