Rating:
Author: Cyrus Peikari
ISBN : B0043EWV24
New from $19.79
Format: PDF
Download books file now Free Security Warrior from mediafire, rapishare, and mirror link
When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.
What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.
Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.
Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.
Books with free ebook downloads available Free Security Warrior [Kindle Edition]
- File Size: 2787 KB
- Print Length: 556 pages
- Simultaneous Device Usage: Unlimited
- Publisher: O'Reilly Media; 1 edition (February 9, 2009)
- Sold by: Amazon Digital Services, Inc.
- Language: English
- ASIN: B0043EWV24
- Text-to-Speech: Enabled
X-Ray:
- Lending: Not Enabled
- Amazon Best Sellers Rank: #365,239 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
Free Security Warrior
Target Audience
Intermediate to advanced programmers, network administrators, or security administrators who need an in-depth understanding of how software and systems can be exploited.Contents
This is a detailed guide on how to reverse-engineer and analyze software and systems for vulnerabilities and exploits.
The book is divided into five parts:
Part 1 - Software Cracking - Assembly Language; Windows Reverse Engineering; Linux Reverse Engineering; Windows CE Reverse Engineering; Overflow Attacks
Part 2 - Network Stalking - TCP/IP Analysis; Social Engineering; Reconnaissance; OS Fingerprinting; Hiding The Tracks
Part 3 - Platform Attacks - Unix Defense; Unix Attacks; Windows Client Attacks; Windows Server Attacks; SOAP XML Web Services Security; SQL Injection; Wireless Security
Part 4 - Advanced Defenses - Audit Trail Analysis; Intrusion Detection Systems; Honeypots; Incident Response; Forensics and Antiforensics
Part 5 - Appendix
Review
"Know Your Enemy". This phrase is on the cover of the book Security Warrior, and it is an apt subtitle for the book. Very few security books on the market today do more than just tell you about the types of software and network attacks that exist. Peikari and Chuvakin go beyond the "what" of attacks and show you "how" to exploit systems and software.
This book is definitely geared to the experienced developer or network administrator. For instance, the first eight pages is an explanation of assembly language, registers, stacks and the like. Each following chapter on reverse engineering then takes that knowledge and walks you through how to analyze an executable using tools that you can purchase or download. Obviously, if you have absolutely no assembler language knowledge, you'll be lost here.
A programmer friend of mine recently opined to me that security books tend not only to inform the "good guys" (sys admins and network security folk) about how attacks and hacker invasions occur, but also the "bad guys." I suspect most of the so-called "bad guys" already know the information presented in books like these. And if the "bad guys" already know most of the tricks, what better way to fight them than to use those "tricks" against them? This is the book's main purpose, to show the reader computer security from the perspective of the person trying to attack and invade your computer or network. This is clearly not a book for beginners, as the book's introduction states this. It is for system admins and others interested in learning all they can about computer security. It truly provides a wealth of information in its 500 pages about different ways those so inclined can wreak havoc on your computer system or network.
There are chapters on "reverse engineering" programs (after a brief introduction to assembly language which the book points out gives you lots of control over a computer's CPU). These are ways you can reverse engineer programs in Windows, Windows CE (interesting how before reading this book I'd never given thought to how handheld devices could also be attacked and/or infected with virii or worms), and Linux. This of course proves that even the Linux OS is not as secure as some might think.
I liked the chapter on social engineering because it proves how you can infiltrate a system by researching the company for specific names and charm your way into getting sensitive information, which leads into "online reconnaissance" and also ways to hide your tracks (or is this known as "covering your ass?