Security Power Tools
- Autorzy:
- Bryan Burns, Dave Killion, Nicolas Beauchesne
- Ocena:
- Bądź pierwszym, który oceni tę książkę
- Stron:
- 860
- Dostępne formaty:
-
ePubMobi
Opis ebooka: Security Power Tools
What if you could sit down with some of the most talented security engineers in the world and ask any network security question you wanted? Security Power Tools lets you do exactly that! Members of Juniper Networks' Security Engineering team and a few guest experts reveal how to use, tweak, and push the most popular network security applications, utilities, and tools available using Windows, Linux, Mac OS X, and Unix platforms.
Designed to be browsed, Security Power Tools offers you multiple approaches to network security via 23 cross-referenced chapters that review the best security tools on the planet for both black hat techniques and white hat defense tactics. It's a must-have reference for network administrators, engineers and consultants with tips, tricks, and how-to advice for an assortment of freeware and commercial tools, ranging from intermediate level command-line operations to advanced programming of self-hiding exploits.
Security Power Tools details best practices for:
- Reconnaissance -- including tools for network scanning such as nmap; vulnerability scanning tools for Windows and Linux; LAN reconnaissance; tools to help with wireless reconnaissance; and custom packet generation
- Penetration -- such as the Metasploit framework for automated penetration of remote computers; tools to find wireless networks; exploitation framework applications; and tricks and tools to manipulate shellcodes
- Control -- including the configuration of several tools for use as backdoors; and a review of known rootkits for Windows and Linux
- Defense -- including host-based firewalls; host hardening for Windows and Linux networks; communication security with ssh; email security and anti-malware; and device security testing
- Monitoring -- such as tools to capture, and analyze packets; network monitoring with Honeyd and snort; and host monitoring of production servers for file changes
- Discovery -- including The Forensic Toolkit, SysInternals and other popular forensic tools; application fuzzer and fuzzing techniques; and the art of binary reverse engineering using tools like Interactive Disassembler and Ollydbg
Wybrane bestsellery
-
Dzięki tej książce nauczysz się gromadzić publicznie dostępne informacje, korzystać z wiedzy o cyklu życia wrażliwych danych i przekształcać je w informacje wywiadowcze przydatne dla zespołów zajmujących się bezpieczeństwem. Opanujesz proces gromadzenia i analizy danych, poznasz również strategie...
Prawdziwa głębia OSINT. Odkryj wartość danych Open Source Intelligence Prawdziwa głębia OSINT. Odkryj wartość danych Open Source Intelligence
(59.40 zł najniższa cena z 30 dni)69.30 zł
99.00 zł(-30%) -
Światowy bestseller, który uczy, jak tworzyć bezpieczne systemy informatyczne. Podręcznik obejmuje nie tylko podstawy techniczne, takie jak kryptografia, kontrola dostępu i odporność na manipulacje, ale także sposób ich wykorzystania w prawdziwym życiu. Realne studia przypadków dotyczące bezpie...(93.12 zł najniższa cena z 30 dni)
111.20 zł
139.00 zł(-20%) -
Proponowany przez nas kurs video jest poświęcony grupie produktów typu open source, występujących pod wspólną nazwą Elastic Stack. Składają się na nią Elasticsearch, Kibana, Beats i – dla bardziej zaawansowanych – Logstash. Razem stanowią one zestaw narzędzi służących analizie i wizua...
Elastic Stack. Kurs video. Monitoring aplikacji i systemów IT Elastic Stack. Kurs video. Monitoring aplikacji i systemów IT
(39.59 zł najniższa cena z 30 dni)54.45 zł
99.00 zł(-45%) -
Kupując Część 1 ebooka, nie zapomniej o kolejnych, w tym: Część 2 CYBERHIGIENA - już w sprzedaży, a Część 3 Dziecko i Ty - będzie dostępna po 15 kwietnia. Wkrocz do cyfrowego świata z szeroko otwartymi oczami, a do tego z należytą ostrożnością. W tej książce: odkryjesz mroczne zaka...
Twoje bezpieczeństwo w świecie cyber i sztucznej inteligencji Część I Wprowadzenie Twoje bezpieczeństwo w świecie cyber i sztucznej inteligencji Część I Wprowadzenie
-
Ta książka pomoże Ci w doskonaleniu umiejętności potrzebnych na każdym etapie dochodzenia cyfrowego, od zbierania dowodów, poprzez ich analizę, po tworzenie raportów. Dzięki wielu wskazówkom i praktycznym ćwiczeniom przyswoisz techniki analizy, ekstrakcji danych i raportowania przy użyciu zaawans...
Informatyka śledcza i Kali Linux. Przeprowadź analizy nośników pamięci, ruchu sieciowego i zawartości RAM-u za pomocą narzędzi systemu Kali Linux 2022.x. Wydanie III Informatyka śledcza i Kali Linux. Przeprowadź analizy nośników pamięci, ruchu sieciowego i zawartości RAM-u za pomocą narzędzi systemu Kali Linux 2022.x. Wydanie III
(59.40 zł najniższa cena z 30 dni)69.30 zł
99.00 zł(-30%) -
Rozwiązanie problemu znajdziesz w tej książce. Została ona napisana specjalnie z myślą o osobach, które administrują małymi sieciami, dysponują niewielkim budżetem i ograniczonym wsparciem profesjonalistów. Dzięki niej zrozumiesz podstawy zabezpieczania łączności sieciowej i poznasz sposoby zabez...
Cyberbezpieczeństwo w małych sieciach. Praktyczny przewodnik dla umiarkowanych paranoików Cyberbezpieczeństwo w małych sieciach. Praktyczny przewodnik dla umiarkowanych paranoików
(40.20 zł najniższa cena z 30 dni)46.90 zł
67.00 zł(-30%) -
Czy znany Ci jest termin pentesting? Jeśli nie, oto jego krótka definicja: pentestingiem nazywamy proces badawczy mający na celu identyfikację słabych punktów w systemach komputerowych, sieciach i aplikacjach. W ostatnim czasie zapotrzebowanie na specjalistów od pentestingu i etycznego hakingu, p...
Etyczny haking w praktyce. Kurs video. Łamanie haseł, phishing i testy penetracyjne Etyczny haking w praktyce. Kurs video. Łamanie haseł, phishing i testy penetracyjne
(39.90 zł najniższa cena z 30 dni)76.05 zł
169.00 zł(-55%) -
Jeśli słowo „szyfr” budzi w Tobie przyjemny dreszczyk emocji, mamy dla Ciebie prawdziwą gratkę. Już za chwilę poznasz największe tajemnice ludzkości. Prezentowane w tej książce tajemnicze kody służyły dyplomatom, armiom pierwszej i drugiej wojny światowej, wreszcie zimnowojennym szpie...(23.40 zł najniższa cena z 30 dni)
27.30 zł
39.00 zł(-30%) -
Zbieranie, analizowanie i wizualizacja danych w systemach IT – tak w skrócie można określić cele, dla których korzysta się z Zabbixa. Dodatkowo potrafi on wykryć każdą anomalię w infrastrukturze i powiadomić o niej użytkownika w odpowiedni (czytaj: skuteczny) sposób. I choć Zabbix nie jest ...(39.60 zł najniższa cena z 30 dni)
49.50 zł
99.00 zł(-50%) -
To drugie wydanie popularnego przewodnika dla śledczych. Dzięki niemu sprawnie przygotujesz się do pracy z narzędziami kryminalistycznymi i zapoznasz się ze stosowanymi w informatyce śledczej technikami. Nauczysz się pozyskiwać informacje o podejrzanych i zabezpieczać znajdujące się w sieci dane,...
Informatyka śledcza. Gromadzenie, analiza i zabezpieczanie dowodów elektronicznych dla początkujących. Wydanie II Informatyka śledcza. Gromadzenie, analiza i zabezpieczanie dowodów elektronicznych dla początkujących. Wydanie II
(47.40 zł najniższa cena z 30 dni)55.30 zł
79.00 zł(-30%)
Ebooka "Security Power Tools" przeczytasz na:
-
czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
-
systemach Windows, MacOS i innych
-
systemach Windows, Android, iOS, HarmonyOS
-
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi
Masz pytania? Zajrzyj do zakładki Pomoc »
Audiobooka "Security Power Tools" posłuchasz:
-
w aplikacji Ebookpoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych
-
na dowolnych urządzeniach i aplikacjach obsługujących format MP3 (pliki spakowane w ZIP)
Masz pytania? Zajrzyj do zakładki Pomoc »
Kurs Video "Security Power Tools" zobaczysz:
-
w aplikacjach Ebookpoint i Videopoint na Android, iOS, HarmonyOs
-
na systemach Windows, MacOS i innych z dostępem do najnowszej wersji Twojej przeglądarki internetowej
Szczegóły ebooka
- ISBN Ebooka:
- 978-05-965-5481-1, 9780596554811
- Data wydania ebooka:
- 2007-08-27 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
- Język publikacji:
- angielski
- Rozmiar pliku ePub:
- 18.4MB
- Rozmiar pliku Mobi:
- 37.7MB
Spis treści ebooka
- Security Power Tools
- SPECIAL OFFER: Upgrade this ebook with OReilly
- Foreword
- Credits
- About the Author
- Preface
- Audience
- Assumptions This Book Makes
- Contents of This Book
- Legal and Ethics
- Reconnaissance
- Penetration
- Control
- Defense
- Monitoring
- Discovery
- Conventions Used in This Book
- Using Code Examples
- Wed Like to Hear from You
- Safari Books Online
- Acknowledgments
- I. Legal and Ethics
- 1. Legal and Ethics Issues
- Core Issues
- Be Able to Identify These Legal Topics
- Core Issues
- Computer Trespass Laws: No "Hacking" Allowed
- What Does It Mean to Access or Use a Computer?
- What Is Adequate Authorization to Access a Computer?
- Common Law Computer Trespass
- Case Study: Active Defense
- Law and Ethics: Protecting Yourself from Computer Trespass Claims
- 1. Legal and Ethics Issues
- Reverse Engineering
- Copyright Law and Reverse Engineering
- What to do to protect yourself with fair use
- Copyright Law and Reverse Engineering
- Reverse Engineering, Contracts, and Trade Secret Law
- What to do to protect yourself
- Reverse Engineering and Anti-Circumvention Rules
- What to do to protect yourself when working in DMCA
- Vulnerability Reporting
- What to do to protect yourself when reporting vulnerabilities
- What to Do from Now On
- II. Reconnaissance
- 2. Network Scanning
- How Scanners Work
- TCP Scanning
- UDP Scanning
- How Scanners Work
- Superuser Privileges
- Three Network Scanners to Consider
- Host Discovery
- Dealing with Blocked Pings
- Choosing the Right Ports
- Combining Multiple Host Scan Techniques
- 2. Network Scanning
- Port Scanning
- Default Port Ranges
- Specifying Custom Ports
- Nmap
- Unicornscan
- Scanrand
- Specifying Targets to Scan
- Different Scan Types
- UDP Scan Types
- TCP Scan Types
- Special TCP Scan Types in Nmap
- An Example of Using Multiple Scan Types
- Tuning the Scan Speed
- Nmap
- Unicornscan
- Scanrand
- Application Fingerprinting
- Operating System Detection
- Saving Nmap Output
- Resuming Nmap Scans
- Avoiding Detection
- Idle Scans
- Decoys
- Conclusion
- 3. Vulnerability Scanning
- Nessus
- License
- Architecture
- Tenable Security Center
- Windows Configuration
- Linux Configuration
- Local Vulnerabilities
- Network Scan
- Scan Results
- Policy Configuration
- Plug-ins
- Plug-in Code Example
- Linux Command Line
- Windows Command Line
- Nessus
- Nikto
- Types of Vulnerabilities
- Command Line
- Evasion Techniques
- WebInspect
- Purpose
- WebInspect Scan
- Policy Tuning
- Settings Tuning
- Report Analysis
- False Positives Analysis
- WebInspect Tools
- Assessment Management Platform (AMP)
- 4. LAN Reconnaissance
- Mapping the LAN
- Using ettercap and arpspoof on a Switched Network
- Running ettercap
- Running arpspoof from the dsniff suite
- Dealing with Static ARP Tables
- Using macof to Stupefy a Switch
- Super-Stealthy Sniffing
- Getting Information from the LAN
- Logging Packet Data
- Filtering Incoming Packets
- Fingerprinting LAN Hosts
- Sniffing Plain-Text Passwords
- Shadow Browsing
- Manipulating Packet Data
- 5. Wireless Reconnaissance
- Get the Right Wardriving Gear
- 802.11 Network Basics
- 802.11 Frames
- How Wireless Discovery Tools Work
- Netstumbler
- Kismet at a Glance
- Using Kismet
- Sorting the Kismet Network List
- Using Network Groups with Kismet
- Using Kismet to Find Networks by Probe Requests
- Kismet GPS Support Using gpsd
- Generating Maps
- Kismet Location Tracking
- Looking Closer at Traffic with Kismet
- Capturing Packets and Decrypting Traffic with Kismet
- Wireshark at a Glance
- Enabling rfmon Mode
- Linux
- OpenBSD, NetBSD, and FreeBSD
- Mac OS X
- Windows
- Enabling rfmon Mode
- Using Wireshark
- AirDefense Mobile
- AirMagnet Analyzers
- Other Wardriving Tools
- Airopeek
- KisMac
- 6. Custom Packet Generation
- Why Create Custom Packets?
- Custom Packet Example: Ping of Death
- Hping
- Getting Started with Hping2
- Hping2's Limitations
- Why Create Custom Packets?
- Scapy
- Decode, Do Not Interpret
- Probe Once, Interpret Many Times
- Scapy's Limitations
- Working with Scapy
- Creating and Manipulating Packets with Scapy
- Navigating Between Layers
- Scapy Tips and Shortcuts
- Looking only at the custom data in a packet
- Viewing computed data in a packet
- Decoding the packet payload differently
- Sprintf shortcut for creating custom packets
- Operations on packet lists
- Producing a simple diagram of packet flow
- Sending and interacting with Scapy
- Super-sockets
- Building Custom Tools with Scapy
- Studying a New Protocol
- Writing Add-Ons
- Examples of creating Scapy add-ons
- Test Campaigns
- Packet-Crafting Examples with Scapy
- ARP Cache Poisoning
- Tracerouting: A Step-by-Step Example
- Traceroute and NAT
- Firewalking
- Sliced Network Scan
- Fuzzing
- Packet Mangling with Netfilter
- Transparent Proxying
- QUEUE and NFQUEUE
- References
- III. Penetration
- 7. Metasploit
- Metasploit Interfaces
- The Metasploit Console
- The Metasploit Command-Line Interface
- The Metasploit Web Interface
- Metasploit Interfaces
- Updating Metasploit
- Choosing an Exploit
- Choosing a Payload
- Metasploit Payloads
- Choosing a Payload Variant
- 7. Metasploit
- Setting Options
- Hidden Options
- Running an Exploit
- Debugging Exploitation
- Managing Sessions and Jobs
- Sessions
- Jobs
- The Meterpreter
- Some Useful Meterpreter Commands
- Meterpreter Session Example
- Security Device Evasion
- Sample Evasion Output
- Evasion Using NOPs and Encoders
- NOP Generators
- Payload Encoders
- In Conclusion
- 8. Wireless Penetration
- WEP and WPA Encryption
- Aircrack
- Installing Aircrack-ng
- Windows Installation
- Linux Installation
- Running Aircrack-ng
- Airpwn
- Basic Airpwn Usage
- Command-Line Options
- Airpwn Configuration Files
- Using Airpwn on WEP-Encrypted Networks
- Scripting with Airpwn
- Karma
- Installing Karma
- Scanning for Victims
- Basic Configuration
- Proxy Network Traffic
- Conclusion
- 9. Exploitation Framework Applications
- Task Overview
- Other Framework Advantages
- Task Overview
- Core Impact Overview
- Running Core Impact Behind a NAT
- Automatic Network Penetration with Core Impact
- Network Reconnaissance with Core Impact
- Importing Module Information with Core Impact
- Core Impact Exploit Search Engine
- Running an Exploit
- Bypassing Core Impact's Exploit Version Restrictions
- Running Macros
- The Local Side
- Using the Mini-Shell
- Bouncing Off an Installed Agent
- Enabling an Agent to Survive a Reboot
- Mass Scale Exploitation
- Writing Modules for Core Impact
- The Canvas Exploit Framework
- The Covertness Bar
- Porting Exploits Within Canvas
- Using Canvas from the Command Line
- Digging Deeper with Canvas
- Advanced Exploitation with MOSDEF
- Writing Exploits for Canvas
- Exploiting Alternative Tools
- 10. Custom Exploitation
- Understanding Vulnerabilities
- Performing a Simple Exploit
- Understanding Vulnerabilities
- Analyzing Shellcode
- Disassemblers
- The libopcode Disassembling Library
- The libdisasm Disassembling Library
- Testing Shellcode
- Inclusion into a C File
- A Shellcode Loader
- Debugging Shellcode
- Creating Shellcode
- nasm
- GNU Compiler Collection
- Quick glance at the binary-building internals
- Building shellcode from assembly language
- Building shellcode in C
- The SFlib Library
- What SFLib looks like
- Using SFLib
- ShellForge
- Getting started
- Cross-platform generation
- Loaders
- Inline shellcoding
- InlineEgg
- Metasploit Framework's msfpayload
- Disguising Shellcode
- alpha2
- Metasploit Framework's msfencoder
- Execution Flow Hijacking
- Metasploit Framework's msfelfscan and msfpescan
- EEREAP
- Code Injection
- References
- IV. Control
- 11. Backdoors
- Choosing a Backdoor
- VNC
- Creating and Packaging a VNC Backdoor
- Consolidating the Backdoor
- Packaging VNC As a Backdoor
- Connecting to and Removing the VNC Backdoor
- Removing the Backdoor
- 11. Backdoors
- Back Orifice 2000
- Configuring a BO2k Server
- Setting Variables
- Minimum Configuration
- IO plug-in
- Encryption plug-in
- Authentication plug-in
- Control plug-ins
- Configuring a BO2k Client
- Adding New Servers to the BO2k Workspace
- Using the BO2k Backdoor
- BO2k Powertools
- Server Setup
- Client Setup
- The BO Tools Connect To window
- Using the File Browser
- Using the Registry Editor
- A Sneak Peek at the Backdoor's Desktop with BO Peep
- BO Peep installation and configuration
- The VidStream listener
- The VidStream client
- The Hijack listener
- The Hijack client
- Encryption for BO2k Communications
- Concealing the BO2k Protocol
- Removing BO2k
- A Few Unix Backdoors
- A Simple Unix Backdoor
- Netcat
- A Simple Netcat Backdoor
- Crontab and Netcat
- Lots of Options
- 12. Rootkits
- Windows Rootkit: Hacker Defender
- Configuring hxdef
- Making hxdef harder to detect
- Configuring hxdef
- Connecting to Hacker Defender's Backdoor
- Install/uninstall/reconfigure hxdef
- Uninstalling a process you cannot see
- Windows Rootkit: Hacker Defender
- Linux Rootkit: Adore-ng
- Installing Adore
- Using Adore
- Detecting Rootkits Techniques
- Signature Scanner
- Inspecting Dangerous Calls
- Differentiating Call Results
- Looking for Hooks
- System Integrity
- Windows Rootkit Detectors
- Rootkit Revealer
- IceSword
- Functionalities of IceSword
- Finding a rootkit and killing it
- Removing the rootkit with IceSword
- Linux Rootkit Detectors
- Kstat
- Interface lookup
- Listing processes
- Investigating individual processes
- Examining the syscall table
- Kstat
- Zeppoo
- Chkrootkit
- Detecting new rootkits
- Using safe binaries
- In the cron
- Cleaning an Infected System
- The Future of Rootkits
- V. Defense
- 13. Proactive Defense: Firewalls
- Firewall Basics
- Router/Network Address Translation Router
- Endpoint/Host
- Transparent/Bridge Firewall
- The Tools
- Securing Concepts
- Allowing limited inbound connections
- Tightening inbound connections by host
- Further Investigation
- Firewall Basics
- 13. Proactive Defense: Firewalls
- Network Address Translation
- Setting Up a Basic NAT Gateway
- NAT with Inbound Service Mapping
- Securing BSD Systems with ipfw/natd
- Initial Setup
- Inbound Connection Blocking with BSD ipfw/natd
- Allowing Inbound Connections with BSD ipfw2/natd
- Filtering Connections with BSD ipfw2/natd
- BSD ipfw2/natd NAT Gateway
- Inbound Service Mapping with BSD ipfw2/natd
- Securing GNU/Linux Systems with netfilter/iptables
- Initial Setup
- Inbound Connection Blocking with Netfilter
- Filtering Connections with Netfilter
- Allowing Inbound Connections with Netfilter
- Netfilter NAT Gateway
- Inbound Service Mapping with Netfilter
- Internet-in-a-Box: All Traffic to One Destination Using Netfilter
- Securing Windows Systems with Windows Firewall/Internet Connection Sharing
- Initial Setup
- Inbound Connection Blocking with Windows FW/ICS
- Allowing Inbound Connections with Windows FW/ICS
- Filtering Connections with Windows FW/ICS
- A Windows FW/ICS NAT Gateway
- Inbound Service Mapping with Windows FW/ICS
- Verifying Your Coverage
- 14. Host Hardening
- Controlling Services
- Turning Off What You Do Not Need
- Limiting Access
- sudo
- sudowin
- Issues with sudowin
- Limiting Damage
- Mounting Volumes As noexec
- Controlling the Linux Kernel Through /proc/sys
- /proc/sys/kernel/cap-bound
- /proc/sys/net
- /proc/sys/kernel/modprobe
- Bastille Linux
- SELinux
- Enabling SELinux
- Transparent Usage of SELinux
- Tweaking SELinux's Policy
- Local SELinux Policy Generation
- Underlying SELinux Principle of Operations
- Password Cracking
- John the Ripper
- Rainbow Cracking
- Chrooting
- Sandboxing with OS Virtualization
- Cooperative Linux
- KVM
- OpenVZ: OS-Level Virtualization
- Parallels
- QEMU
- UserMode Linux: Paravirtualization
- VMWare
- Xen: Paravirtulization
- Virtualization Summary
- 15. Securing Communications
- The SSH-2 Protocol
- The Transport Layer
- The User Authentication Layer
- The Connection Layer
- The SSH-2 Protocol
- SSH Configuration
- Server Configuration
- User Access Restriction
- SSH Client Connection
- Tune the Client's Configuration
- SSH Authentication
- SSH Shortcomings
- SSH Man-in-the-Middle Attacks
- Host Public Key Distribution with DNSSEC
- User's Public Key Distribution
- User's Key Operation Restrictions
- SSH Troubleshooting
- The Client Is Logged Out Just After Logging In
- File Permissions
- Restrictions to Users or Groups
- Remote File Access with SSH
- File Copy
- FTP Through SSH
- File Synchronization
- Remote Filesystem
- Source Code Transfer
- SSH Advanced Use
- Agent Forwarding
- X and Port Forwarding
- Escape Sequences
- Perpetual Tunneling with autossh
- Storing Your SSH Private Key on a USB Drive
- Using SSH Under Windows
- Cygwin
- PuTTY
- WinSCP
- SecureCRT
- File and Email Signing and Encryption
- GPG
- Theory of Operations
- How to Obtain Public Keys
- Web of Trust
- In Practice
- Create Your GPG Keys
- Adding Subkeys
- Different Keys for Different Addresses
- Modify Your Web of Trust Model
- Import of Public Keys
- Revoke a Key
- Encryption and Signature with GPG
- File Signature
- Email Encryption and Signature
- PGP Versus GPG Compatibility
- Encryption and Signature with S/MIME
- X.509 Certificate
- S/MIME
- Certificate Authority
- S/MIME Versus GPG/PGP
- Stunnel
- SSL Versus TLS
- Create an X.509 Certificate
- Client Encryption
- Server Encryption
- Client and Server Encryption
- Transparent Proxy
- Disk Encryption
- Windows Filesystem Encryption with PGP Disk
- Linux Filesystem Encryption with LUKS
- Comparing dm-crypt to cryptoloop and loop-AES
- Conclusion
- 16. Email Security and Anti-Spam
- Norton Antivirus
- Installation Test
- Configuration Tuning
- Failed tests
- Updates
- Norton Antivirus
- The ClamAV Project
- ClamWin
- Configuration
- Freshclam
- How to Run Freshclam
- Examples of Commands for Freshclam
- Clamscan
- clamd and clamdscan
- On-Access Scanning
- Clamd As a Network Server
- Clamd Commands
- Test clamscan and clamdscan/clamd
- clamscan or clamdscan?
- ClamAV Virus Signatures
- MD5 Signatures
- Hexadecimal Signatures
- Advanced Hexadecimal Signatures
- HTML Signatures
- Procmail
- Mail Delivery Chain
- Basic Procmail Rules
- Examples
- Advanced Procmail Rules
- Scoring
- ClamAV with Procmail
- Unsolicited Email
- Spam Filtering with Bayesian Filters
- Spamprobe
- Automate the Learning Phase
- Maintenance
- SpamProbe with Procmail
- Inconvenient
- SpamAssassin
- Configuration Files
- SpamAssassin Variables
- Administrator Settings
- SpamAssassin Rules
- Meta Tests
- Score
- Whitelist and Blacklist
- Language
- Bayesian Filter
- Plug-ins for SpamAssassin
- Collaborative Plug-ins
- SpamAssassin Network Tests
- SpamAssassin with Procmail
- SpamAssassin As a Daemon or Server
- ClamAV, SpamProbe, and SpamAssassin with Procmail
- Anti-Phishing Tools
- Email Filtering
- Toolbar for Web Browsers
- Conclusion
- 17. Device Security Testing
- Replay Traffic with Tcpreplay
- What and How to Test
- tcpreplay
- Rewrite Packets with Tcpreplay
- MAC address
- IP address
- TCP/UDP port
- Tcpreplay with Two Interfaces
- flowreplay
- Tomahawk
- Replay Traffic with Tcpreplay
- Traffic IQ Pro
- Setup
- Replay Traffic Files
- Attack Files
- Standard Traffic Files
- Scan
- Import Custom Packet Captures
- Packet Editing
- Conclusion
- ISIC Suite
- Network Setup
- esic
- isic, icmpsic, tcpsic, udpsic, and multisic
- Automation
- Protos
- VI. Monitoring
- 18. Network Capture
- tcpdump
- Basics
- Berkeley Packet Filter (BPF)
- Writing Packets to Disk
- Advanced BPF Filtering
- Advanced Dump Display
- Using tcpdump to Extract Packets
- tcpdump
- Ethereal/Wireshark
- Basics
- Starting a Capture
- Capture
- Display Options
- Name Resolution
- Loading a Previously Created Capture
- Viewing a Capture
- Basic Wireshark Display Filters
- Advanced Wireshark Display Filters
- Saving Select Packets to Disk
- Packet Colorization
- Overriding Default Protocol Decoders
- TShark Techniques
- Wireshark Statistics
- Setting Useful Defaults
- 18. Network Capture
- pcap Utilities: tcpflow and Netdude
- tcpflow
- Basics
- tcpflow
- Netdude
- Basics
- Cleaning up a botched pcap file
- Editing packet payloads
- Python/Scapy Script Fixes Checksums
- Basics
- Conclusion
- 19. Network Monitoring
- Snort
- Different Snort Modes
- Writing Signatures for Snort
- Passive Network Mapping
- Stealth Ethernet
- Disabling a Rule
- Changing the Default Port of a Service
- Snort Preprocessor
- Excluding Authorized Scans
- Log Analysis
- Updating Rules
- Blocking Port Scan
- From a NIDS to an ILDS
- Protocols that should be monitored
- Limitations of Snort as an ILDS
- Monitoring Network Usage
- Snort
- Implementing Snort
- NIDS
- User Monitoring
- ILDS
- Honeypot Monitoring
- The Value of a Honeypot
- Using Honeyd to Emulate a Server
- Using Honeyd to Emulate a Network
- Using Honeyd As a Tar Pit
- Implementing Honeyd
- Writing New Scripts with Honeyd
- Jail
- HoneyView and Log Management
- Gluing the Stuff Together
- 20. Host Monitoring
- Using File Integrity Checkers
- File Integrity Hashing
- The Do-It-Yourself Way with rpmverify
- Comparing File Integrity Checkers
- Afick
- Aide
- Integrit
- Remote Filesystem Checker (RFC)
- Samhain/Beltane
- Open Source Tripwire
- Prepping the Environment for Samhain and Tripwire
- Samhain
- Tripwire
- Database Initialization with Samhain and Tripwire
- Samhain
- Tripwire
- Securing the Baseline Storage with Samhain and Tripwire
- Samhain
- Tripwire
- Running Filesystem Checks with Samhain and Tripwire
- Samhain
- Tripwire
- Managing File Changes and Updating Storage Database with Samhain and Tripwire
- Samhain
- Tripwire
- Recognizing Malicious Activity with Samhain and Tripwire
- Tripwire
- Samhain
- Log Monitoring with Logwatch
- Improving Logwatch's Filters
- Host Monitoring in Large Environments with Prelude-IDS
- Log Correlation
- Conclusion
- VII. Discovery
- 21. Forensics
- Netstat
- Finding a Linux Backdoor with Netstat
- Finding a Windows Backdoor with Netstat
- Netstat
- The Forensic ToolKit
- Hfind.exe: Discover Hidden Files
- Sfind.exe: Discover Files Hidden in Alternate Data Streams
- FileStat.exe: Very Detailed Data on a Specific File
- The Security Descriptor
- File streams
- Timestamps
- Working with Alternate Data Streams
- 21. Forensics
- Sysinternals
- Autoruns: What Runs Without Your Help?
- Trimming down the list
- Autoruns: What Runs Without Your Help?
- RootkitRevealer: Rooting Out Rootkits
- RootkitRevealer from the console
- Streams: Find and Delete Data Hidden in Streams the Sysinternals Way
- TCPView: A Graphical Netstat
- Process Explorer: Powerful Process Management
- Replacing the Task Manager with Process Explorer
- Run as...
- Now What?
- 22. Application Fuzzing
- Which Fuzzer to Use
- Different Types of Fuzzers for Different Tasks
- Block-Based Fuzzers
- Riot
- Flipper
- Inline Fault Injection
- Setting Up a Network Fuzzer Test Bed
- The client
- The fuzzer
- The server/target
- Gathering Information of the Target's Side
- Writing a Fuzzer with Spike
- The Spike API
- Reversing a Protocol with Spike
- File-Fuzzing Apps
- PaiMei
- FileFuzz
- Fuzzing Web Applications
- Configuring WebProxy
- Automatic Fuzzing with WebInspect
- Next-Generation Fuzzing
- Fuzzing or Not Fuzzing
- 23. Binary Reverse Engineering
- Interactive Disassembler
- Opening the Binary
- Special cases
- Opening the Binary
- Searching in IDA
- Searching for text strings
- Searching for immediate values
- Interactive Disassembler
- Defining Data Types
- Structures and unions
- An example
- Structures and unions
- Enumerations
- Annotating the Code
- Setting comments
- Marking positions
- An example
- Code Navigation
- Tracking the Flow of Execution
- Cross-reference
- Flow charts
- Tracking function calls
- Using Subview Windows
- Functions window
- Strings window
- Names window
- Imports and exports windows
- Debugging with IDA
- Initial configuration
- Setting breakpoints and watchpoints
- Stepping through the program
- Examining data
- Tracing
- Taking a memory snapshot
- Remote debugging
- Configuring the client
- Configuring the remote host
- Finding the Bugs
- Making Scripts with IDC
- IDC Hello World
- Functions and variables
- Expressions and statements
- Interacting with the IDA database
- Adding graphical interfaces
- Faking global variables with arrays
- Making hotkeys
- Automating large tasks
- Using IDA Plug-ins
- Sysinternals
- RegMon
- FileMon
- Setting Filters
- OllyDbg
- The Basics
- Setting breakpoints and watchpoints
- Stepping through the program
- Animated stepping
- Examining data
- The Basics
- Navigating Through the Disassembly
- Using bookmarks
- Editing Data
- Copying and pasting binary sections
- The patches window
- Undoing edits
- Saving your changes
- Using OllyDbg with the FreeCiv Case Study
- Finding the location of interest
- Making our changes
- Running the hack
- Other Tools
- SoftICE
- HT
- Index
- About the Authors
- Colophon
- SPECIAL OFFER: Upgrade this ebook with OReilly
O'Reilly Media - inne książki
-
JavaScript gives web developers great power to create rich interactive browser experiences, and much of that power is provided by the browser itself. Modern web APIs enable web-based applications to come to life like never before, supporting actions that once required browser plug-ins. Some are s...(177.65 zł najniższa cena z 30 dni)
186.15 zł
219.00 zł(-15%) -
How will software development and operations have to change to meet the sustainability and green needs of the planet? And what does that imply for development organizations? In this eye-opening book, sustainable software advocates Anne Currie, Sarah Hsu, and Sara Bergman provide a unique overview...(160.65 zł najniższa cena z 30 dni)
177.65 zł
209.00 zł(-15%) -
OpenTelemetry is a revolution in observability data. Instead of running multiple uncoordinated pipelines, OpenTelemetry provides users with a single integrated stream of data, providing multiple sources of high-quality telemetry data: tracing, metrics, logs, RUM, eBPF, and more. This practical gu...(143.65 zł najniższa cena z 30 dni)
152.15 zł
179.00 zł(-15%) -
Interested in developing embedded systems? Since they don't tolerate inefficiency, these systems require a disciplined approach to programming. This easy-to-read guide helps you cultivate good development practices based on classic software design patterns and new patterns unique to embedded prog...(152.15 zł najniższa cena z 30 dni)
160.65 zł
189.00 zł(-15%) -
If you use Linux in your day-to-day work, then Linux Pocket Guide is the perfect on-the-job reference. This thoroughly updated 20th anniversary edition explains more than 200 Linux commands, including new commands for file handling, package management, version control, file format conversions, an...(92.65 zł najniższa cena z 30 dni)
101.15 zł
119.00 zł(-15%) -
Gain the valuable skills and techniques you need to accelerate the delivery of machine learning solutions. With this practical guide, data scientists, ML engineers, and their leaders will learn how to bridge the gap between data science and Lean product delivery in a practical and simple way. Dav...(245.65 zł najniższa cena z 30 dni)
254.15 zł
299.00 zł(-15%) -
This practical book provides a detailed explanation of the zero trust security model. Zero trust is a security paradigm shift that eliminates the concept of traditional perimeter-based security and requires you to "always assume breach" and "never trust but always verify." The updated edition off...(203.15 zł najniższa cena z 30 dni)
211.65 zł
249.00 zł(-15%) -
Decentralized finance (DeFi) is a rapidly growing field in fintech, having grown from $700 million to $100 billion over the past three years alone. But the lack of reliable information makes this area both risky and murky. In this practical book, experienced securities attorney Alexandra Damsker ...(203.15 zł najniższa cena z 30 dni)
211.65 zł
249.00 zł(-15%) -
Whether you're a startup founder trying to disrupt an industry or an entrepreneur trying to provoke change from within, your biggest challenge is creating a product people actually want. Lean Analytics steers you in the right direction.This book shows you how to validate your initial idea, find t...(126.65 zł najniższa cena z 30 dni)
126.65 zł
149.00 zł(-15%) -
When it comes to building user interfaces on the web, React enables web developers to unlock a new world of possibilities. This practical book helps you take a deep dive into fundamental concepts of this JavaScript library, including JSX syntax and advanced patterns, the virtual DOM, React reconc...(194.65 zł najniższa cena z 30 dni)
211.65 zł
249.00 zł(-15%)
Dzieki opcji "Druk na żądanie" do sprzedaży wracają tytuły Grupy Helion, które cieszyły sie dużym zainteresowaniem, a których nakład został wyprzedany.
Dla naszych Czytelników wydrukowaliśmy dodatkową pulę egzemplarzy w technice druku cyfrowego.
Co powinieneś wiedzieć o usłudze "Druk na żądanie":
- usługa obejmuje tylko widoczną poniżej listę tytułów, którą na bieżąco aktualizujemy;
- cena książki może być wyższa od początkowej ceny detalicznej, co jest spowodowane kosztami druku cyfrowego (wyższymi niż koszty tradycyjnego druku offsetowego). Obowiązująca cena jest zawsze podawana na stronie WWW książki;
- zawartość książki wraz z dodatkami (płyta CD, DVD) odpowiada jej pierwotnemu wydaniu i jest w pełni komplementarna;
- usługa nie obejmuje książek w kolorze.
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.
Książka, którą chcesz zamówić pochodzi z końcówki nakładu. Oznacza to, że mogą się pojawić drobne defekty (otarcia, rysy, zagięcia).
Co powinieneś wiedzieć o usłudze "Końcówka nakładu":
- usługa obejmuje tylko książki oznaczone tagiem "Końcówka nakładu";
- wady o których mowa powyżej nie podlegają reklamacji;
Masz pytanie o konkretny tytuł? Napisz do nas: sklep[at]helion.pl.
Książka drukowana
Oceny i opinie klientów: Security Power Tools Bryan Burns, Dave Killion, Nicolas Beauchesne (0) Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.