2008 Open Source Penetration Testing and Security Professional CD

Overview

Most IT professionals rely on a small core of books that are specifically targeted to their job responsibilities. These dog-eared volumes are used daily and considered essential. But budgets and space commonly limit just how many books can be added to your core library.

The 2008 Open Source Penetration Testing and Security Professional CD solves this problem. It contains seven of our best-selling titles, providing the "next level" of reference you will need for about less than ...

See more details below
Available through our Marketplace sellers.
Other sellers (Multimedia)
  • All (3) from $279.12   
  • New (2) from $285.61   
  • Used (1) from $600.48   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$285.61
Seller since 2010

Feedback rating:

(1811)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
159749206X BRAND NEW. Still in plastic wrap. We are a tested and proven company with over 900,000 satisfied customers since 1997. Choose expedited shipping (if available) for ... much faster delivery. Delivery confirmation on all US orders. Read more Show Less

Ships from: Nashua, NH

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$285.62
Seller since 2010

Feedback rating:

(1811)

Condition: New
159749206X BRAND NEW. Still in plastic wrap. We are a tested and proven company with over 900,000 satisfied customers since 1997. Choose expedited shipping (if available) for ... much faster delivery. Delivery confirmation on all US orders. Read more Show Less

Ships from: Nashua, NH

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Page 1 of 1
Showing All
Close
Sort by
Sending request ...

Overview

Most IT professionals rely on a small core of books that are specifically targeted to their job responsibilities. These dog-eared volumes are used daily and considered essential. But budgets and space commonly limit just how many books can be added to your core library.

The 2008 Open Source Penetration Testing and Security Professional CD solves this problem. It contains seven of our best-selling titles, providing the "next level" of reference you will need for about less than half the price of the hard-copy books purchased separately. The CD contains the complete PDF versions of the following Syngress titles:

•Snort Intrusion Detection and Prevention Toolkit; 1597490997
•Wireshark & Ethereal Network Protocol Analyzer Toolkit; 1597490733
•Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of An Insecure Network; 1597491098
•Nessus, Snort, & Ethereal Power Tools Customizing Open Source Security Applications; 1597490202
•Host Integrity Monitoring Using Osiris and Samhain; 1597490180
•Google Hacking for Penetration Testers; 1931836361
•Nessus Network Auditing; 1931836086

Add over 3,560 pages to your Open Source Penetration Testing and Security bookshelf.

Includes 7 best selling SYNGRESS Books in PDF Format.

Read More Show Less

Product Details

  • ISBN-13: 9781597492065
  • Publisher: Elsevier Science
  • Publication date: 8/13/2007
  • Product dimensions: 5.97 (w) x 7.54 (h) x 0.55 (d)

Table of Contents

Snort Intrusion Detection and Prevention Toolkit
From IDS to IPS and Beyond|Packet Inspection for Intrusion Analysis|Installing Snort for Optimum Performance|Fine Tuning Snort for Speed|Improving Snort Performance with Barnyard|Analyzing Snort’s Source Code and Inner Workings|Writing, Modifying, and Optimizing Preprocessors|Writing, Modifying, and Optimizing Rules|Mastering Output Plug-Ins, Reporting, and Log Management|Best Practices for Monitoring Sensors|Real World Attack Analysis|Active Response and Intrusion Prevention| Forensic Analysis and Incident Handling|Building a Honeynet with Snort

Wireshark & Ethereal Network Protocol Analyzer Toolkit
Introducing Network Analysis|Introducing Ethereal|Network Protocol Analyzer|Getting and Installing Ethereal|Building Ethereal from Source|Running Ethereal|Understanding Filters|Mastering Tethereal|Master MATE: The Configurable Upper Level Analysis Engine|Integrating Ethereal with Other Sniffers|Dissecting Real World Packet Captures|Coding for Ethereal|Capture File Formats|Protocol Dissectors| Reporting from Ethereal Appendix – Supported Protocols

Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network
Extending OSI to Network Security (20 pp)|Layer 1 – Physical layer (30 pp) Introduction Perimeter security Facility security Device security Identification and authentication Biometrics Attacking physical security Lock picks Wiretapping and Scanners Hardware hacking Layer 1 security project – Building a one-way data reception cable|Layer 2 - Data Link layer (40 pp) Introduction The Ethernet Frame structure Understanding MAC addressing Understanding PPP and SLIP How a protocol analyzer works Attacking the Data Link Layer Passive versus active sniffing Sniffing Wireless (Wireless basics) Wireless vulnerabilities Defending the Data Link Layer Defenses against active sniffing Detecting promiscuous devices Security in switches Layer 2 security project – Using Auditor to crack WEP|Layer 3 – Network layer (40 pp) Introduction The IP packet structure Attacking the network layer IP Attacks Fragmentation Analyzing an IPID scan The ICMP packet structure Attacking ICMP Smurf Redirects Analyzing the ARP Process Attacking ARP ARP Poisoning Defending the Network Layer Securing IP, ICMP, and ARP Layer 3 security project – Fragmenting traffic to bypass an IDS|Layer 4 – Transport layer (40 pp) Introduction The TCP packet structure Attacking TCP TCP port scanning Advanced port scanning tools Watching Amap in action Using Snort to identify a port scans The UDP datagram Attacking UDP Defending the Transport Layer Watching TLS/SSL Amap and SSL Layer 4 security project – Building a Snort system|Layer 5 – Session layer (40 pp) Introduction Attacking the Session Layer Session hijacking ettercap Observing a SYN attack Sniffing usernames and passwords during a session setup Establishing a session Lophtcrack Dsniff Using ettercap and Hunt Defending the Session Layer Port knocking Layer 5 security project - Building Snort filters to capture malicious traffic| Layer 6 – Presentation layer (40 pp) Introduction An analysis of the NetBIOS and SMB Attacking the Presentation layer NetBIOS and enumeration Sniffing Kerberos Using BurpProxy to intercept traffic Cracking weak encryption Defending the Presentation Layer Encryption Adding confidentiality and integrity with IPSec Protecting email with S-MIME Layer 6 security project – Cracking passwords and other encryption schemes|Layer 7 – Application layer (40 pp) Introduction The structure of FTP Analyzing DNS and its weaknesses Other insecure applications Attacking the Application layer Web Applications Cross site scripting DNS Spoofing and pharming Buffer Overflow attacks Using Snort to detect a buffer overflow attack Reverse engineering code Using the Exploitation Framework Metasploit Defending the Application Layer SSH PGP Vulnerability scanners Nessus Layer 7 security project – Using Nessus to secure the stack|Layer 8 –The People layer (35 pp) Introduction Attacking the People Layer Social Engineering Person to person and remote attacks Fun with Caller ID spoofing Defending the People Layer Policies, procedures, and guidelines Regulatory Requirements SOX / HIPAA / California law / PIPDA, etc. Making the case for stronger security Building a better stack Layer 8 security project – Building an orange box|Appendix A (12 pp) Risk Mitigation – Securing the Stack Tying the layers together Defense in depth

Nessus, Snort & Ethereal Power Tools Customizing Open Source Security Applications
Snort Rules|Configuration Files|Rule Headers|Rule Body|IP Options|TCP Options|ICMP Options|Rule Identifier Options|NESSUS PLUGINS and NASL|Script Structure|Description Section|Connecting Directly to Ports|String Manipulation| Regular Expressions in NASL|Protocol APIs|FTP|HTTP|NFS|Ethereal Filters|Writing Capture Filters|TCPdump|MAC Addresses|Protocols|Bitwise Operators|Writing Display Filters|Floating Point Numbers|Byte Sequences|Filter Dialogs|Part IV: Best of the Rest Appendix

Host Integrity Monitoring Using Osiris and Samhain
Fundamentals: The purpose of this chapter is to explain to the reader the importance of verifying the integrity of managed hosts, what is involved, how it fits into existing security practices, and an overview of the remaining chapters.| Understanding The Terrain In order to be effective at understanding what to monitor, and how to better interpret detected change, it is necessary to have a solid understanding of the host environments involved.|Threats: At this point, the reader is convinced that there is a need for integrity monitoring at the host level, and they understand elements of the environment enough to be useful in configuration and response.|Planning: The key to obtaining the most out of the adoption of host integrity tools is planning. Prior planning prevents piss-poor performance. It is critical that the reader understand the needs, requirements, and constraints before rushing into installing the software.|Osiris: This chapter walks the reader through the configuration, deployment, and administration of the Osiris host integrity monitoring system.|Samhain: This chapter walks the reader through the configuration, deployment, and administration of the Samhain host integrity monitoring system.|Analysis and Response: Deploying a host integrity solution is only half the battle. To be effective, administrators must plan ahead. Logging must be setup correctly. Logs must be read or analyzed in some way|Appendix A: Monitoring Linksys Devices|Appendix B: Advanced Strategies

Google Hacking for Penetration Testers
Google Search Techniques|Google Web Interface|Basic Search Techniques|Google Advanced Operators|About Google’s URL Syntax|Google Hacking Techniques| Domain Searches Using the ‘Site’ Operator|Finding ‘Googleturds’ Using the ‘Site’ Operator|Site Mapping: More About the ‘Site’ Operator|Finding Directory Listings| Versioning: Obtaining the Web Server Software/Version, Via Directory Listings, Via Default Pages, Via Manuals, Help Pages and Sample Programs|Using Google to Find Interesting Files and Directories|Inurl: Searches|File Type: Combination Searches| WS_FTP.log File Searches|Using Source Code to Find Vulnerable Targets|Using Google as a CGI Scanner|About Google Automated Scanning|Other Google Stuff| Google Appliances|Googledorks|Gooscan|Goopot|Google Sets|A Word About How Google Finds Pages (OPERA)|Protecting Yourself from Google Hackers

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)