Книги по взлому, безопасности, сетям, Wap

[beerkoff]

Network Security Bible

Автор: Eric Cole, Ronald L. Krutz, James Conley
Издательство: John Wiley & Sons
Год: 2005
Страниц: 697
Формат: pdf->rar
Размер: 5,8мб
Качество: отличное
Язык: английский

A must for working network and security professionals as well as anyone in IS seeking to build competence in the increasingly important field of security.
Written by three high-profile experts, including Eric Cole, an ex-CIA security guru who appears regularly on CNN and elsewhere in the media, and Ronald Krutz, a security pioneer who cowrote The CISSP Prep Guide and other security bestsellers.
Covers everything from basic security principles and practices to the latest security threats and responses, including proven methods for diagnosing network vulnerabilities and insider secrets for boosting security effectiveness.

You do not have permission to view link please Вход or Регистрация

 

[beerkoff]

Hacking a Terror Network

Издательство: Syngress
Год: 2005
Страниц: 448
Формат: pdf->rar
Размер: 5,54 мб
Качество: отличное
Язык: english

Written by a certified Arabic linguist from the Defense Language Institute with extensive background in decoding encrypted communications, this cyber-thriller uses a fictional narrative to provide a fascinating and realistic "insider's look" into technically sophisticated covert terrorist communications over the Internet.

You do not have permission to view link please Вход or Регистрация

 

[torosfx]

А что-нибудь про WAP , WML кто-нибудь имеет?
Очень надо!

 

[okun]

Hacking GPS

Kathie Kingsley-Hughes
Wiley Publishing 2005 г.
ISBN: 0-7645-8424-3
Страниц: 351
Формат: pdf

This is the "user manual" that didn't come with any of the 30 million GPS receivers currently in use, showing readers how to modify, tweak, and hack their GPS to take it to new levels! Crazy-cool modifications include exploiting secret keycodes, revealing hidden features, building power cords and cables, hacking the battery and antenna, protecting a GPS from impact and falls, making a screen protector, and solar-powering a GPS. Potential power users will take the function and performance of their GPS to a whole new level by hacking into the firmware and hacking into a PC connection with a GPS. Fear not! Any potentially dangerous mod (to the device) is clearly labeled, with precautions listed that should be taken. Game time! Readers can check out GPS games, check into hacking geocaching, and even use a GPS as a metal detector.

You do not have permission to view link please Вход or Регистрация

(6,81 Мб)

 

[okun]

OpenVPN
Building and Integrating Virtual Private Networks
Learn how to build secure VPNs using this powerful Open Source application

Markus Feilner
Packt Publishing (April 2006)
ISBN: 190481185X
Format: pdf

Preface
OpenVPN is an outstanding piece of software that was invented by James Yonan in the year 2001 and has steadily been improved since then. No other VPN solution offers a comparable mixture of enterprise-level security, usability, and feature richness. We have been working with OpenVPN for many years now, and it has always proven to be the best solution.
This book is intended to introduce OpenVPN Software to network specialists and VPN newbies alike. OpenVPN works where most other solutions fail and exists on almost any platform; thus it is an ideal solution for problematic setups and an easy approach for the inexperienced.
On the other hand, the complexity of classic VPN solutions, especially IPsec, gives the impression that VPN technology in general is difficult and a topic only for very experienced (network and security) specialists. OpenVPN proves that this can be different, and this book is aimed to document that.
I want to provide both a concise description of OpenVPN's features and an easy-to-understand introduction for the inexperienced. Though there may be many other possible ways to success in the scenarios described, the ones presented have been tested in many setups and have been selected for simplicity reasons.

Table of Contents 
Preface 1
[COLOR=YellowGreen]Chapter 1: VPN—Virtual Private Network[/COLOR]  5
Branches Connected by Dedicated Lines  5 
Broadband Internet Access and VPNs  6 
How Does a VPN Work?  7 
What are VPNs Used For?  9 
Networking Concepts—Protocols and Layers  10 
Tunneling and Overhead  11 
VPN Concepts—Overview  13 
A Proposed Standard for Tunneling  13 
Protocols Implemented on OSI Layer 2  13 
Protocols Implemented on OSI Layer 3  14 
Protocols Implemented on OSI Layer 4  15 
OpenVPN—An SSL/TLS-Based Solution  15 
Summary 15
 
[COLOR=YellowGreen]Chapter 2: VPN Security[/COLOR]  17
VPN Security  17 
Privacy—Encrypting the Traffic  18 
Symmetric Encryption and Pre-Shared Keys  18 
Reliability and Authentication  19 
The Problem of Complexity in Classic VPNs  19 
Asymmetric Encryption with SSL/TLS  20 
SSL/TLS Security  20 
Understanding SSL/TLS Certificates  21 
Trusted Certificates  21 
Self-Signed Certificates  23 
SSL/TLS Certificates and VPNs  25 
Summary 25 

[COLOR=YellowGreen] Chapter 3: OpenVPN [/COLOR] 27
Advantages of OpenVPN  27 
History of OpenVPN  28 
OpenVPN Version 1  29 
OpenVPN Version 2  31 
Networking with OpenVPN  32 
OpenVPN and Firewalls  33 
Configuring OpenVPN  34 
Problems with OpenVPN  35 
OpenVPN Compared to IPsec VPN  35 
Sources for Help and Documentation  36 
The Project Community  36 
Documentation in the Software Packages  37 
Summary 37 

[COLOR=YellowGreen] Chapter 4: Installing OpenVPN[/COLOR]  39
Prerequisites 39 
Obtaining the Software  40 
Installing OpenVPN on Windows  41 
Downloading and Starting Installation  41 
Selecting Components and Location  42 
Finishing Installation  44 
Testing the Installation—A First Look at the Panel Applet  45 
Installing OpenVPN on Mac OS X (Tunnelblick)  46 
Testing the Installation—The Tunnelblick Panel Applet  47 
Installing OpenVPN on SuSE Linux  48 
Using YaST to Install Software  49 
Installing OpenVPN on Redhat Fedora Using yum  52 
Installing OpenVPN on RPM-Based Systems  55 
Using wget to Download OpenVPN RPMs  55 
Testing Installation and Installing with rpm 56 
Installing OpenVPN and the LZO Library with wget and RPM  56 
Using rpm to Obtain Information on the Installed OpenVPN Version  57 
Installing OpenVPN on Debian  58 
Installing Debian Packages  60 
Using Aptitude to Search and Install Packages  62 
OpenVPN—The Files Installed on Debian  64 
Installing OpenVPN on FreeBSD  64 
Installing a Newer Version of OpenVPN on FreeBSD—The Port System  66 
Installing the Port System with sysinstall  66 
Downloading and Installing a BSD Port  68 
Troubleshooting—Advanced Installation Methods  69 
Installing OpenVPN from Source Code  69 
Building Your Own RPM File from the OpenVPN Source Code  71 
Building and Distributing Your Own DEB Packages  72 
Enabling Linux Kernel Support for TUN/TAP Devices  72 
Using Menuconfig to Enable TUN/TAP Support  73 
Internet Links, Installation Guidelines, and Help  75 
Summary 76 

[COLOR=YellowGreen] Chapter 5: Configuring  an OpenVPN Server—The First Tunnel[/COLOR]  77
OpenVPN on Microsoft Windows  77 
Generating a Static OpenVPN Key  78 
Creating a Sample Connection  80 
Adapting the Sample Configuration File Provided by OpenVPN  81 
Starting and Testing the Tunnel  83 
A Brief Look at Windows OpenVPN Network Interfaces  84 
Connecting Windows and Linux  86 
File Exchange between Windows and Linux  86 
Installing WinSCP  87 
Transferring the Key File from Windows to Linux with WinSCP  89 
The Second Pitfall—Carriage Return/End of Line  90 
Configuring the Linux System  91 
Testing the Tunnel  93 
A Look at the Linux Network Interfaces  93 
Running OpenVPN Automatically  94 
OpenVPN as Server on Windows  94 
OpenVPN as Server on Linux  95 
Runlevels and init Scripts on Linux  96 
Using runlevel and init to Change and Check Runlevels  97 
The System Control for Runlevels  97 
Managing init Scripts  98 
Using Webmin to Manage init Scripts  99 
Using SuSE's YaST Module System Services (Runlevel)  101 
Troubleshooting Firewall Issues  104 
Deactivating Windows XP Service Pack 2 Firewall  105 
Stopping the SuSE Firewall  106 
Summary 108 

[COLOR=YellowGreen] Chapter 6: Setting Up OpenVPN with X509 Certificates[/COLOR]  109
Creating Certificates  109 
Certificate Generation on Windows XP with easy-rsa  110 
Setting Variables—Editing vars.bat  111 
Creating the Diffie-Hellman Key  112 
Building the Certificate Authority  113 
Generating Server and Client Keys  114 
Distributing the Files to the VPN Partners  117 
Configuring OpenVPN to Use Certificates  119 
Using easy-rsa on Linux  121 
Preparing Variables in vars  122 
Creating the Diffie-Hellman Key and the Certificate Authority  122 
Creating the First Server Certificate/Key Pair  123 
Creating Further Certificates and Keys  124 
Troubleshooting 124 
Summary 125 

[COLOR=YellowGreen] Chapter 7: The Command openvpn and its Configuration File[/COLOR]  127
Syntax of openvpn  127 
OpenVPN Command-Line Parameters  128 
Using OpenVPN at the Command Line  129 
Parameters Used in the Standard Configuration File for a Static Key Client 130 
Compressing the Data  130 
Controlling and Restarting the Tunnel  132 
Debugging Output—Troubleshooting  133 
Configuring OpenVPN with Certificates—Simple TLS Mode  134 
Overview of OpenVPN Parameters  135 
General Tunnel Options  135 
Routing 137 
Controlling the Tunnel  138 
Scripting 139 
Logging 140 
Specifying a User and Group  141 
The Management Interface  141 
Proxies 143 
Encryption Parameters  143 
Testing the Crypto System with --test-crypto  144 
SSL Information—Command Line  145 
Server Mode  147 
Server Mode Parameters  148 
--client-config Options  150 
Client Mode Parameters  151 
Push Options  152 
Important Windows-Specific Options  153 
Summary 154 

[COLOR=YellowGreen] Chapter 8: Securing OpenVPN Tunnels and Servers[/COLOR]  155
Securing and Stabilizing OpenVPN  155 
Linux and Firewalls  157 
Debian Linux and Webmin with Shorewall  158 
Installing Webmin and Shorewall  158 
Preparing Webmin and Shorewall for the First Start  160 
Starting Webmin  161 
Configuring the Shorewall with Webmin  165 
Creating Zones  167 
Editing Interfaces  168 
Default Policies  169 
Adding Firewall Rules  171 
Troubleshooting Shorewall—Editing the Configuration Files  173 
OpenVPN and SuSEfirewall  175 
Troubleshooting OpenVPN Routing and Firewalls  179 
Configuring a Router without a Firewall  179 
iptables—The Standard Linux Firewall Tool  179 
Configuring the Windows Firewall for OpenVPN  182 
Summary 186 

[COLOR=YellowGreen] Chapter 9: Advanced Certificate Management[/COLOR]  187
Certificate Management and Security  187 
Installing xca  187 
Using xca  189 
Creating a Database  190 
Importing a CA Certificate  191 
Creating and Signing a New Server/Client Certificate  195 
Revoking Certificates with xca  200 
Using TinyCA2 to Manage Certificates  202 
Importing Our CA  202 
Using TinyCA2 for CA Administration  203 
Creating New Certificates and Keys  204 
Exporting Keys and Certificates with TinyCA2  206 
Revoking Certificates with TinyCA2  207 
Summary 208 

[COLOR=YellowGreen] Chapter 10: Advanced OpenVPN Configuration[/COLOR]  209
Tunneling a Proxy Server and Protecting the Proxy  209 
Scripting OpenVPN—An Overview  211 
Using Authentication Methods  212 
Using a Client Configuration Directory with Per-Client Configurations 214 
Individual Firewall Rules for Connecting Clients  216 
Distributed Compilation through VPN Tunnels  with distcc  218 
Ethernet Bridging with OpenVPN  219 
Automatic Installation for Windows Clients  222 
Summary 226 

[COLOR=YellowGreen]Chapter 11: Troubleshooting and Monitoring[/COLOR] 227
Testing the Network Connectivity  227 
Checking Interfaces, Routing, and Connectivity on the VPN Servers  229 
Debugging with tcpdump and IPTraf  232 
Using OpenVPN Protocol and Status Files for Debugging  234 
Scanning Servers with Nmap  236 
Monitoring Tools  237 
ntop 237 
Munin 238 
Hints to Other Tools  239 
Summary 239
 
[COLOR=YellowGreen]Appendix[/COLOR] A: Internet Resources  241
VPN Basics  241 
OpenVPN Resources  242 
Configuration 245 
Scripts and More  247 
Network Tools  247 
Howtos 248 
Openvpn GUIs  249 
Index 251

You do not have permission to view link please Вход or Регистрация

(6,41 Мб) pass: http://netz.ru

 

[okun]

Preventing Web Attacks with Apache
The only end-to-end guide to securing Apache Web servers and Web applications

Ryan C. Barnett
Paperback: 624 pages
Publisher: Addison-Wesley Professional (January 27, 2006)
Language: English
ISBN: 032132128
Format: chm

From the Back Cover
“Ryan Barnett has raised the bar in terms of running Apache securely. If you run Apache, stop right now and leaf through this book; you need this information.”

Stephen Northcutt, The SANS Institute​

The only end-to-end guide to securing Apache Web servers and Web applications
Apache can be hacked. As companies have improved perimeter security, hackers have increasingly focused on attacking Apache Web servers and Web applications. Firewalls and SSL won’t protect you: you must systematically harden your Web application environment. Preventing Web Attacks with Apache brings together all the information you’ll need to do that: step-by-step guidance, hands-on examples, and tested configuration files.

Building on his groundbreaking SANS presentations on Apache security, Ryan C. Barnett reveals why your Web servers represent such a compelling target, how significant exploits are performed, and how they can be defended against. Exploits discussed include: buffer overflows, denial of service, attacks on vulnerable scripts and programs, credential sniffing and spoofing, client parameter manipulation, brute force attacks, web defacements, and more.

Barnett introduces the Center for Internet Security Apache Benchmarks, a set of best-practice Apache security configuration actions and settings he helped to create. He addresses issues related to IT processes and your underlying OS; Apache downloading, installation, and configuration; application hardening; monitoring, and more. He also presents a chapter-length case study using actual Web attack logs and data captured “in the wild.”

For every sysadmin, Web professional, and security specialist responsible for Apache or Web application security.

With this book, you will learn to

• Address the OS-related flaws most likely to compromise Web server security
• Perform security-related tasks needed to safely download, configure, and install Apache
• Lock down your Apache httpd.conf file and install essential Apache security modules
• Test security with the CIS Apache Benchmark Scoring Tool
• Use the WASC Web Security Threat Classification to identify and mitigate application threats
• Test Apache mitigation settings against the Buggy Bank Web application
• Analyze an Open Web Proxy Honeypot to gather crucial intelligence about attackers
• Master advanced techniques for detecting and preventing intrusions

About the Author
Ryan C. Barnett is a chief security officer for EDS. He currently leads both Operations Security and Incident Response Teams for a government bureau in Washington, DC. In addition to his nine-to-five job, Ryan is also a faculty member for the SANS Institute, where his duties include instructor/courseware developer for Apache Security, Top 20 Vulnerabilities team member, and local mentor for the SANS Track 4, “Hacker Techniques, Exploits, and Incident Handling,” course. He holds six SANS Global Information Assurance Certifications (GIAC): Intrusion Analyst (GCIA), Systems and Network Auditor (GSNA), Forensic Analyst (GCFA), Incident Handler (GCIH), Unix Security Administrator (GCUX), and Security Essentials (GSEC). In addition to the SANS Institute, he is also the team lead for the Center for Internet Security Apache Benchmark Project and a member of the Web Application Security Consortium.

You do not have permission to view link please Вход or Регистрация

(6 Мб)

 

[-Garrett-]

Всем привет, недавно искал пару книжек на тему безопасности, очень помог этот форум и здешние люди. Спасибо, теперь поделюсь тем что накопал.

Инфо от Амазона:
Paperback: 352 pages
Publisher: Addison-Wesley Professional (July 22, 2005)
Language: English
ISBN: 0321294319

You do not have permission to view link please Вход or Регистрация

You do not have permission to view link please Вход or Регистрация

Давно искал, но к сожалению не успел скачать эту книгу - файл удален. Мог бы кто перезалить, если это не затруднит? Заранее благодарен.

 

[z0id]

Давно искал, но к сожалению не успел скачать эту книгу - файл удален. Мог бы кто перезалить, если это не затруднит? Заранее благодарен.

можно скачать

You do not have permission to view link please Вход or Регистрация

(~1,5 Mb)
пароль: megarapid.net

 

[azzimuth]

Просьба перезалить Network Security Foundations by Matthew Strebe

You do not have permission to view link please Вход or Регистрация

 

[-Garrett-]

John.Wiley.And.Sons.3G.Handset.And.Network.Design

3G Handset and Network Design
by Geoff Varrall, Roger Belcher
Не мог бы кто-нибудь выложить эту книгу на рапиду или другой обменник,
т.к. пароля для фтп у меня нет.
Заранее благодарен.

 

[MOCKuT]

Communications and Networking: An Introduction

Name: Communications and Networking: An Introduction
Author: John Cowley
Publisher: Springer
Year: 2006
Volume: VIII
Pages: 232p
Illustrations:
ISBN: 1-84628-488-0
Language: English
Filetype: Adobe PDF
Filesize: 3.56 Mb

Written for: Undergraduates.

Keywords: Communication Systems, Internet Protocols, Mobile technologies, Network programming, Network technologies

Communications and Networking: An Introduction provides a clear and easy to follow treatment of the subject, written specifically for undergraduates who have no previous experience in the field. The author takes a step by step approach, with examples and exercises designed to give the reader increased confidence in using and understanding communications systems.

Topics covered include communications technologies, networking models and standards, local area and wide area networks, network protocols, TCP/IP-based networks and network management.

Key features:

• Includes plenty of material on wireless communications, both fixed and mobile
• Offers coverage of network security
• Features many explanatory diagrams
• Incorporates a comprehensive glossary

Written by John Cowley, a lecturer with many years' experience teaching undergraduate programmes, the text takes the reader through the essentials of networking and provides a comprehensive, reliable and thorough treatment of the subject.

The Author's website

You do not have permission to view link please Вход or Регистрация

provides further material in the form of solutions, further examples and other relevant subject materials.

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Foundations of Computer Security

Name: Foundations of Computer Security
Author: David Salomon
Publisher: Springer
Year: 2006
Volume: XXII
Pages: 369
Illustrations: 45
ISBN: 978-1-84628-193-8
Language: English
Filetype: Adobe PDF
Filesize: 2.07 Mb

Written for: Advanced undergraduates.

Keywords: Authentication, Computer Security, Cryptography, Encryption, Firewalls, Identity Theft, Malware, Physical Security, Spyware, Trojan Horses, Viruses, Worms

Anyone with a computer has heard of viruses, had to deal with several, and has been struggling with spam, spyware, and disk crashes. This book is intended as a starting point for those familiar with basic concepts of computers and computations and who would like to extend their knowledge into the realm of computer and network security. Its comprehensive treatment of all the major areas of computer security aims to give readers a complete foundation in the field of Computer Security. Exercises are given throughout the book and are intended to strengthening the reader’s knowledge - answers are also provided.

Written in a clear, easy to understand style, aimed towards advanced undergraduates and non-experts who want to know about the security problems confronting them everyday. The technical level of the book is low and requires no mathematics, and only a basic concept of computers and computations. Foundations of Computer Security will be an invaluable tool for students and professionals alike.

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Fundamental Networking in Java

Name: Fundamental Networking in Java
Author: Esmond Pitt
Publisher: Springer
Year: 2006
Volume: XVIII
Pages: 381
Illustrations: 23
ISBN: 978-1-84628-030-6
Language: English
Filetype: Adobe PDF
Filesize: 1.30 Mb

Written for: Lecturers, advanced undergraduates, graduates, computing practitioners: programmer (junior/senior), architect, designer.

Keywords: Design, Java, Multicast, Networking, Programming, Scalable,
Server, TCP/IP, UDP, event-driven architecture

The book provides complete coverage of fundamental IP networking in Java. It introduces the concepts behind TCP/IP and UDP and their intended use and purpose; gives complete coverage of Java networking APIs, includes an extended discussion of advanced server design, so that the various design principles and tradeoffs concerned are discussed and equips the reader with analytic queuing-theory tools to evaluate design alternatives; covers UDP multicasting, and covers multi-homed hosts, leading the reader to understand the extra programming steps and design considerations required in such environments.

After reading this book the reader will have an advanced knowledge of fundamental network design and programming concepts in the Java language, enabling them to design and implement distributed applications with advanced features and to predict their performance. Special emphasis is given to the scalable I/O facilities of Java 1.4 as well as complete treatments of multi-homing and UDP both unicast and multicast.

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Name: Sockets, Shellcode, Porting, & Coding: Reverse Engineering Exploits and Tool Coding for Security Professionals [ILLUSTRATED]
Authors: James C Foster (Author), Mike Price (Author), Stuart McClure (Foreword)

Product Details:
* Paperback: 667 pages
* Publisher: Syngress Publishing; 1 edition (March 21, 2005)
* Language: English
* ISBN-10: 1597490059
* ISBN-13: 978-1597490054

The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals:

1. Coding The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL.

2. Sockets The technology that allows programs and scripts to communicate over a network is sockets. Even though the theory remains the same communication over TCP and UDP, sockets are implemented differently in nearly ever language.

3. Shellcode Shellcode, commonly defined as bytecode converted from Assembly, is utilized to execute commands on remote systems via direct memory access.

4. Porting Due to the differences between operating platforms and language implementations on those platforms, it is a common practice to modify an original body of code to work on a different platforms. This technique is known as porting and is incredible useful in the real world environments since it allows you to not recreate the wheel.

5. Coding Tools The culmination of the previous four sections, coding tools brings all of the techniques that you have learned to the forefront. With the background technologies and techniques you will now be able to code quick utilities that will not only make you more productive, they will arm you with an extremely valuable skill that will remain with you as long as you make the proper time and effort dedications.

*Contains never before seen chapters on writing and automating exploits on windows systems with all-new exploits.

*Perform zero-day exploit forensics by reverse engineering malicious code.

*Provides working code and scripts in all of the most common programming languages for readers to use TODAY to defend their networks.

Download:

You do not have permission to view link please Вход or Регистрация

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering

Name: Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering
Author: Alex Kalinovsky
Paperback: 288 pages
Publisher: Sams (May 3, 2004)
Language: English
ISBN-10: 0672326388
ISBN-13: 978-0672326387
Format: .pdf
Size: 3.84 Mb

Book Description

As a Java developer, you may find yourself in a situation where you have to maintain someone else's code or use a third-party's library for your own application without documentation of the original source code. Rather than spend hours feeling like you want to bang your head against the wall, turn to Covert Java: Techniques for Decompiling, Patching, and Reverse Engineering. These techniques will show you how to better understand and work with third-party applications. Each chapter focuses on a technique to solve a specific problem, such as obfuscation in code or scalability vulnerabilities, outlining the issue and demonstrating possible solutions. Summaries at the end of each chapter will help you double check that you understood the crucial points of each lesson. You will also be able to download all code examples and sample applications for future reference from the publisher's website. Let Covert Java help you crack open mysterious codes!

Download:

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

CD Cracking Uncovered: Protection Against Unsanctioned CD Copying

Name: CD Cracking Uncovered: Protection Against Unsanctioned CD Copying
Author: Kris Kaspersky
Paperback: 300 pages
Publisher: A-List (April 1, 2004)
Language: English
ISBN-10: 1931769338
ISBN-13: 978-1931769334
Format: .chm
Size: 8.98 Mb

Book Description
A manual on protecting CDs against illegal copying, this book shows how crackers copy CDs using various access methods. The methods covered include the CDFS driver, cooked mode, SPTI, ASPI, the SCSI port, and the MSCDEX driver. Explained is how to prevent cracker break-ins using protections based on nonstandard CD formats such as the CD driver and weak CD sectors. Information on CD functioning fundamentals and tips related to CD protection in a format free of math and assembling-such as data formats, the scrambler, the Reed-Solomon coder/encoder, the CIRC coder/encoder, and a weak-sectors generator-are also provided. The main program interfaces, which provide direct control via peripheral devices on the application level in UNIX, Novell, and Windows 9x/NT/2000/XP, are considered, as is how to read and write RAW sectors.

Download:

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Reverse Engineering of Object Oriented Code

Name: Reverse Engineering of Object Oriented Code
Author: Paolo Tonella, Alessandra Potrich
Paperback: 210 pages
Publisher: Springer; 1 edition (December 17, 2004)
Language: English
ISBN-10: 0387402950
ISBN-13: 978-0387402956
Format: .pdf
Size: 5.83 Mb

Book Description
During maintenance of a software system, not all questions can be answered directly by resorting to otherwise reliable and accurate source code. Reverse engineering aims at extracting abstract, goal-oriented views of the system, able to summarize relevant properties of the program's computations. Reverse Engineering of Object-Oriented Code provides a comprehensive overview of several techniques that have been recently investigated in the field of reverse engineering. The book describes the algorithms involved in recovering UML diagrams from the code and the techniques that can be adopted for their visualization. This is important because the UML has become the standard for representing design diagrams in object-oriented development. A state-of-the-art exposition on how to design object-oriented code and accompanying algorithms that can be reverse engineered for greater flexibility in future code maintenance and alteration. Essential object-oriented concepts and programming methods for software engineers and researchers.

Download:

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Reversing - Secrets of Reverse Engineering

Name: Reversing - Secrets of Reverse Engineering
Author: Eldad Eilam
Paperback: 617 pages
Publisher: Wiley (April 15, 2005)
Language: English
ISBN-10: 0764574817
ISBN-13: 978-0764574818
Format: .pdf
Size: 8.56 Mb

Book Description
Beginning with a basic primer on reverse engineering-including computer internals, operating systems, and assembly language-and then discussing the various
applications of reverse engineering, this book provides readers with practical, in-depth techniques for software reverse engineering. The book is broken into two parts, the first deals with security-related reverse engineering and the second explores the more practical aspects of reverse engineering. In addition, the author explains how to reverse engineer a third-party software library to improve interfacing and how to reverse engineer a competitor's software to build a better product.
* The first popular book to show how software reverse engineering can help defend against security threats, speed up development, and unlock the secrets of competitive products
* Helps developers plug security holes by demonstrating how hackers exploit reverse engineering techniques to crack copy-protection schemes and identify software targets for viruses and other malware
* Offers a primer on advanced reverse-engineering, delving into "disassembly"-code-level reverse engineering-and explaining how to decipher assembly language.

Download:

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Hacking: The Art of Exploitation

Name: Hacking: The Art of Exploitation
Author: Jon Erickson
Paperback: 264 pages
Publisher: No Starch Press; 1 edition (October 2003)
Language: English
ISBN-10: 1593270070
ISBN-13: 978-1593270070
Format: .chm
Size: 1.39 Mb

Book Description
About.com, November 2003
"This is an excellent book."

Security Forums, January 2004
"the seminal hackers handbook"

Download:

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Hacker Disassembling Uncovered

Name: Hacker Disassembling Uncovered
Author: Kris Kaspersky
Paperback: 600 pages
Publisher: A-List Publishing (April 1, 2003)
Language: English
ISBN-10: 1931769222
ISBN-13: 978-1931769228
Format: .chm
Size: 4.72 Mb

Book Description
Going beyond the issues of analyzing and optimizing programs as well as creating the means of protecting information, this guide takes on the programming problem of, once having found holes in a program, how to go about disassembling it without its source code. Covered are the hacking methods used to analyze programs using a debugger and disassembler. These methods include virtual functions, local and global variables, branching, loops, objects and their hierarchy, and mathematical operators. Also covered are methods of fighting disassemblers, self-modifying code in operating systems, and executing code in the stack. Advanced disassembler topics such as optimizing compilers and movable code are discussed as well.

Download:

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Introduction to Reverse Engineering Software

Name: Introduction to Reverse Engineering Software
Author: Mike Perry, Nasko Oskov
Paperback: 110 pages, v1.3 2003
Publisher: -
Language: English
ISBN-10: -
ISBN-13: -
Format: .pdf
Size: 0.3 Mb

Book Description
This book is an attempt to provide an introduction to reverse engineering software under both Linux and Microsoft Windows�. The goal of this book is not to cover how to reproduce an entire program from a binary, but instead how to use the Scientific Method to deduce specific behavior and to target, analyze, extract and modify specific operations of a program, usually for interoperability purposes. As such, the book takes a top-down approach, starting at the highest level (program behavior) and drilling down to assembly when it is needed.
This book is currently incomplete, and we are looking for a publisher to publish a completed version. Please contact the authors if you are interested in helping to publish this book or know someone who would be.

Download:

You do not have permission to view link please Вход or Регистрация

 

[MOCKuT]

Static and Dynamic Reverse Engineering Techniques for Java Software Systems

Name: Static and Dynamic Reverse Engineering Techniques for Java Software Systems
Author: Systä Tarja
Paperback: 232 pages
Publisher: Acta Electronica Universitatis, 2000
Language: English
ISBN-10: 951-44-4787-5
ISBN-13: -
Format: .pdf
Size: 1.11 Mb

Dissertation Description

The main contributions of this dissertation are as follows:

methods for using the dependencies between static and dynamic models for goal driven reverse engineering tasks, including
– merging dynamic information to a static Rigiview;
– using static information to guide the generation of dynamici nformation;
– slicing a Rigi view using SCED scenarios; and
– raising the level of abstraction of SCED scenarios using a high-level Rigigraph;

algorithms for optimizing synthesized state diagrams using UMLnotation;
-application of the synthesis algorithm presented by Koskimies and Mäkinen [54] to SCED;

string matching algorithms for raising the level of abstraction of SCED scenario iagrams;

the prototype reverse ngineering environment Shimba, which integrates two existing tools:
– Rigi for reverse engineering the static structure of Javasoftware; and
– SCED and its state diagram synthesis facility for reverse engineering the dynamic behavior of Java software;

methods and tools for gathering information, including
– extraction of static information from Java byte code;and
–extraction of run-time information by running the target system under a customized jdk debugger;

a case study to evaluate the facilities of Shimba.

Download:

You do not have permission to view link please Вход or Регистрация

 

[okun]

Computer Security and Cryptography

Alan G. Konheim
Hardcover: 544 pages
Publisher: Wiley-Interscience (January 29, 2007)
Language: English
ISBN-10: 0471947830
ISBN-13: 978-0471947837
Format: pdf

Review
"...essential reading for professionals in e-commerce and information technology...it is also ideal for students." (IEEE Computer Magazine, March 2007)

Book Description
Gain the skills and knowledge needed to create effective data security systems

This book updates readers with all the tools, techniques, and concepts needed to understand and implement data security systems. It presents a wide range of topics for a thorough understanding of the factors that affect the efficiency of secrecy, authentication, and digital signature schema. Most importantly, readers gain hands-on experience in cryptanalysis and learn how to create effective cryptographic systems.

The author contributed to the design and analysis of the Data Encryption Standard (DES), a widely used symmetric-key encryption algorithm. His recommendations are based on firsthand experience of what does and does not work.

Thorough in its coverage, the book starts with a discussion of the history of cryptography, including a description of the basic encryption systems and many of the cipher systems used in the twentieth century. The author then discusses the theory of symmetric- and public-key cryptography. Readers not only discover what cryptography can do to protect sensitive data, but also learn the practical limitations of the technology. The book ends with two chapters that explore a wide range of cryptography applications.

Three basic types of chapters are featured to facilitate learning:

• Chapters that develop technical skills
• Chapters that describe a cryptosystem and present a method of analysis
• Chapters that describe a cryptosystem, present a method of analysis, and provide problems to test your grasp of the material and your ability to implement practical solutions

With consumers becoming increasingly wary of identity theft and companies struggling to develop safe, secure systems, this book is essential reading for professionals in e-commerce and information technology. Written by a professor who teaches cryptography, it is also ideal for students.

You do not have permission to view link please Вход or Регистрация

(8,37 Мб)

 

[okun]

Cross Site Scripting Attacks: Xss Exploits and Defense

Seth Fogie, Jeremiah Grossman, Robert Hansen, Anton Rager
Paperback: 488 pages
Publisher: Syngress (May 15, 2007)
Language: English
ISBN-10: 1597491543
ISBN-13: 978-1597491549
Format: pdf

Book Description
Cross Site Scripting Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.

*XSS Vulnerabilities exist in 8 out of 10 Web sites
*The authors of this book are the undisputed industry leading authorities
*Contains independent, bleeding edge research, code listings and exploits that can not be found anywhere else

About the Author
Seth Fogie is the VP of Dallas-based Airscanner Corporation where he oversees the development of security software for the Window Mobile (Pocket PC) platform. He has co-authored numerous technical books on information security, including the top selling "Maximum Wireless Security" from SAMS, and "Security Warrior" from O'Reilly. Seth frequently speaks at IT and security conferences/seminars, including Black Hat, Defcon, CSI, and Dallascon. In addition, Seth has co-authored the HIPAA medical education course for the Texas Medical Associate and is acting Site Host for Security at the "InformIT.com" website where he writes articles and reviews/manages weekly information security related books and articles Jeremiah Grossman, founder and chief technology officer of WhiteHat Security, is a world-renowned expert in web application security and a founding member of the Web Application Security Consortium (WASC). At WhiteHat, Mr. Grossman is responsible for web application security R&D and industry evangelism. He is a frequent speaker at industry events including the Black Hat Briefings, ISACA, OWASP, NASA, ISSA and Defcon. A trusted media resource, Mr. Grossman has been featured in USA Today, the Washington Post, Information Week, NBC Nightly News, and many others. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo! Robert Hansen, also known as RSnake, is the founder of the ha.ckers.org web application security lab and has been heavily involved in the hacking and the security industry since the mid 1990s. Robert has worked in banner advertizing and built click fraud detection in his role as CSO for several startups. For many years he ran the managed security services product lines for Cable & Wireless. At eBay he worked on anti-cross site scripting, anti-phishing, anti-virus and web application intrusion detection and countermeasures. He has spoken at Black Hat, the Gartner security round table and at Networld+Interop and he is a member of WASC, OWASP, and ISSA. Anton Rager is a Sr. Security Engineer with Avaya Labs and a founding member of Avaya's Enterprise Security Practice. He specializes in vulnerability research, VPN security and wireless security and is best known for his WEPCrack, WEPWedgie and IKECrack security tools. He has presented at Defcon, Toorcon, Interz0ne and many other lesser-known conferences, and was a contributing technical editor to the book Maximum Wireless Security.

You do not have permission to view link please Вход or Регистрация

(4,88 Мб)