作者:Ajay Gupta, Scott Laliberte
出版日期:May 19, 2004
出版社:Addison Wesley
页数:384
ISBN:0-321-19767-4
文件格式:CHM
“Ajay and Scott take an interesting approach in filling Defend I.T.with case studies and using them to demonstrate important securityprinciples. This approach works well and is particularly valuable inthe security space, where companies and consultants are often hesitantto discuss true security incidents for potential embarrassment andconfidentiality reasons. Defend I.T. is full of engaging stories and isa good read.”
-Fyodor, author of the Nmap Security Scanner and Insecure.Org
“Defend I.T. answers reader demand for scenario-driven examples.Security professionals will be able to look at these case studies andrelate them to their own experiences. That sets this book apart.”
-Lance Hayden, Cisco Systems
“This is an exciting book! It's like reading several mysteries atonce from different viewpoints, with the added benefit of learningforensic procedures along the way. Readers will benefit from theprocedures, and the entertaining presentation is a real plus.”
-Elizabeth Zinkann, Equilink Consulting
The battle between IT professionals and those who use the Internetfor destructive purposes is raging-and there is no end in sight.Reports of computer crime and incidents from the CERT CoordinationCenter at Carnegie Mellon University more than double each year and areexpected to rise. Meanwhile, viruses and worms continue to take downorganizations for days.
Defend I.T.: Security by Example draws on detailed war stories toidentify what was done right and what was done wrong in actualcomputer-security attacks, giving you the opportunity to benefit fromreal experiences. Approaches to securing systems and networks varywidely from industry to industry and organization to organization. Byexamining a variety of real-life incidents companies are tooembarrassed to publicly share, the authors explain what could have beendone differently to avoid the losses incurred–whether creating adifferent process for incident response or having better securitycountermeasures in place to begin with.
Inside, you'll find in-depth case studies in a variety of categories:
Basic Hacking: Blackhat bootcamp, including mapping a network,exploiting vulnerable architecture, and launching denial-of-serviceattacks
Current Methods: The latest in malicious deeds, including attacks onwireless networks, viruses and worms, and compromised Web servers
Additional Items on the Plate: Often overlooked security measuressuch as developing a security policy, intrusion-detection systems,disaster recovery, and government regulations
Old School: Classic means of compromising networks-war dialing and social engineering
Forensics: How to investigate industrial espionage, financial fraud, and network intrusion
Aimed at both information-security professionals and networkadministrators, Defend I.T. shows you how to tap the bestcomputer-security practices and industry standards to deter attacks andbetter defend networks.