Special Ops: Host and Network Security for Microsoft Unix and Oracle
Syngress Media,U.S. (Verlag)
978-1-931836-69-2 (ISBN)
- Titel ist leider vergriffen;
keine Neuauflage - Artikel merken
Special Ops: Internal Network Security Guide is the solution for the impossible 24-hour IT work day. By now, most companies have hardened their perimeters and locked out the "bad guys," but what has been done on the inside? This book attacks the problem of the soft, chewy center in internal networks. We use a two-pronged approach-Tactical and Strategic-to give readers a complete guide to internal penetration testing. Content includes the newest vulnerabilities and exploits, assessment methodologies, host review guides, secure baselines and case studies to bring it all together. We have scoured the Internet and assembled some of the best to function as Technical Specialists and Strategic Specialists. This creates a diversified project removing restrictive corporate boundaries. The unique style of this book will allow it to cover an incredibly broad range of topics in unparalleled detail. Chapters within the book will be written using the same concepts behind software development. Chapters will be treated like functions within programming code, allowing the authors to call on each other's data. These functions will supplement the methodology when specific technologies are examined thus reducing the common redundancies found in other security books.
This book is designed to be the "one-stop shop" for security engineers who want all their information in one place. The technical nature of this may be too much for middle management; however technical managers can use the book to help them understand the challenges faced by the engineers who support their businesses.
Erik Pace Birkholz (CISSP) is a Principal Consultant for Foundstone, specializing in assessing Internet and Intranet security. He has performed nearly a hundred attack and penetration tests since he began his career in 1995. Most recently, he presented his research at the Black Hat Windows Security 2002 Briefings and presented Hacking Exposed: Live! to over 500 of Microsoft's Windows developers at their corporate headquarters in Redmond. Erik also serves asan instructor for Foundstone's "Ultimate Hacking: Hands On" and "Ultimate NT/2000 Security: Hands On" courses. Prior to joining Foundstone, Inc., he served as Assessment Lead for Internet Security System's (ISS) West Coast Consulting Group. Before ISS, Erik worked for Ernst and Young's eSecurity Services as a member of the company's National Attack and Penetration team. He also served as an instructor for E&Y's "Extreme Hacking" course. Erik also workedfor two years as a Research Analyst for the National Computer Security Association (NCSA, now TruSecure Corp).
Erik is a contributing author for the new "Hacking Exposed" titles: "Hacking Exposed: Windows 2000" and "Hacking Exposed, Third Edition." Previously, he was featured in the international best seller, "Hacking Exposed, Second Edition." He also has been published in The Journal of the National Computer Security Association and Foundstone's Digital Battlefield column. He has presented his research findings at multiple Black Hat Windows Security Briefings and The Internet Security Conference (TISC). In 2001, Erik was a panel member for the second annual Orange County Internet Security and Hacking Summit. Throughout his career, Erik has presented results of his research to members of the major federal government agencies, including the Federal Bureau of Investigation, National Security Agency and all branches of the Department of Defense. He lives in Huntington Beach, California.
Foreword by Stuart McClure
Part I: METHODOLOGY
Chapter 1: Defining Scope for the Project
Chapter 2: Identifying Targets
Chapter 3: High Severity Vulnerabilities
Chapter 4: Vulnerability Mapping
Chapter 5: Penetration Techniques
Part II: TACTICAL
Chapter 6: Windows 2000 Operating System
Chapter 7: Windows XP Operating System
Chapter 8: Windows Active Directory
Chapter 9: Exchange Server & OWA
Chapter 10: Terminal Server
Chapter 11: Microsoft IIS
Chapter 12: Attacking Web Applications
Chapter 13: Attacking and Defending SQL
Chapter 14: Attacking and Defending Oracle
Chapter 15: Defending UNIX
Chapter 16: Attacking and Defending Solaris
Chapter 17: Creating Custom Tools
Chapter 18: Network Architecture
Chapter 19: Building and Attacking Wireless Networks
Part III: STRATEGIC
Chapter 20: Internal Security Teams
Chapter 21: Public Source Information
Chapter 22: Security Policies
Chapter 23: Internal Education Programs
Erscheint lt. Verlag | 11.3.2003 |
---|---|
Verlagsort | Rockland, MA |
Sprache | englisch |
Maße | 152 x 229 mm |
Gewicht | 1550 g |
Themenwelt | Informatik ► Betriebssysteme / Server ► Unix / Linux |
Informatik ► Datenbanken ► Oracle | |
Informatik ► Netzwerke ► Sicherheit / Firewall | |
ISBN-10 | 1-931836-69-8 / 1931836698 |
ISBN-13 | 978-1-931836-69-2 / 9781931836692 |
Zustand | Neuware |
Haben Sie eine Frage zum Produkt? |
aus dem Bereich