Uh-oh, it looks like your Internet Explorer is out of date.
For a better shopping experience, please upgrade now.
Ops is an adrenaline-pumping tour of the most critical security weaknesses
present on most any corporate network today..."
�Joel Scambray, Senior Director, Microsoft�s MSN, and Co-Author, Hacking Exposed Fourth Edition, Windows 2000, and Web Hacking Editions
Ops has brought some of the best speakers and researchers of computer
security together to cover what you need to know to survive in today�s
�Jeff Moss, President & CEO, Black Hat, Inc.
Ops brings perspective from today�s best computer security minds into
a single, enormously informative book."
�Mike Schiffman, Director of Security Architecture, @stake, Inc., and Author of Building Open Source Network Security Tools and The Hacker�s Challenge Series
Special Ops: Host and Network Security for Microsoft, UNIX, and Oracle provides solutions for the impossible 24-hour IT work day. By now, most companies have hardened their perimeters and locked out the "bad guys," but what has been done on the inside? Have you considered the damage that could be done by recently laid-off or disgruntled employees, contractors and consultants, building security guards, cleaning staff, and of course the unsecured wireless network? This is the one book you need to defend the soft, chewy center of internal networks.
Erik Pace Birkholz with David Litchfield, Mark Burnett, Chip Andrews, Jim McBee, Roelof Temmingh, Haroon Meer, Tim Mullen, Eric Schultze, Hal Flynn, Vitaly Osipov, and Norris L. Johnson
Foundstone Authors: John Bock, Earl Crane, Mike O'Dea,and Brian Kenyon, Matt Ploessel, James C. Foster
Foreword by: Stuart McClure
|Product dimensions:||7.40(w) x 9.12(h) x 2.08(d)|
Table of ContentsAssessing Internal Network Security
Inventory and Exposure of Corporate Assets
Hunting for High Severity Vulnerabilities (HSV)
Attacking and Defending Windows XP Professional
Attacking and Defending Windows 2000
Securing Active Directory
Securing Exchange and Outlook Web Access
Attacking and Defending DNS
Attacking and Defending Microsoft Terminal Services
Hacking Custom Web Applications
Attacking and Defending Microsoft SQL Server
Attacking and Defending Oracle
Attacking and Defending UNIX
Wireless LANs: Discovery and Defense
Architecting the Human Factor
Creating Effective Corporate Security Policies
In the fast-paced, caffeine-powered, and sometimes reckless world of computer security, the security analogy of a �hard crunchy outside and soft chewy inside,� a staple of the security community today, is uncannily apropos as we spend millions to protect and fortify the outside perimeter network and nary spend a dime to address internal threats. However, as convenient as it may be to leave internal systems free from controls, it�s a disaster once someone �bites� through to that unprotected inside; consider, too, the potential damage (whether intentional or not) that could be generated by those employees or partners who have legitimate access to the center. Lackadaisical attention to the soft and chewy inside could compromise your security at any time. The authors of Special OPs: Host and Network Security for Microsoft, UNIX, and Oracle immerse you in this analogy of intranet security and �the soft chewy inside� so frequently neglected in today�s security oration. In this book, you will find the critical pieces to securing your vital internal systems from attackers (both friend and foe) and a near complete picture to understanding your internal security risk.
The task of securing the inside of your organization is daunting and unenviable: so many systems, so many vulnerabilities, so little time. You must manage a myriad of system frailties and control the day-to-day cyber mayhem. You must be able to allocate your meager IT security resources to the battles that matter most. You may feel you cannot possibly do it all. At the end of the day, if the right assets are not secure from the right risks with the right measures, you might wonder what you really are accomplishing. Motion does not equal progress, and effort does not equal execution. Although you may be keeping everything under control in the short run, eventually some breach will test that control. Management does not care about how many vulnerabilities exist, how difficult they are to fix, or how diversely controlled they are; all they care about is an accurate answer to the questions �Are we secure?� and �Are we getting better?� If you cannot answer those vital questions in the positive, eventually you and your company will cease to thrive.
This book emphasizes a process that will help you answer those questions affirmatively, by teaching you first how to identify and understand your assets, your vulnerabilities, and the threats that face you, and then how to best protect those assets against those threats. Much of this approach can be attributed to Pareto�s Principle, or the 80/20 Rule. This law is often applied to computer security with the phrase �80 percent of the risk is represented by 20 percent of the vulnerabilities.� Simply stated, focus on correcting the few most vital flaws and you will reduce the vast majority of your risk.
Following this principle requires two things: first, that the quality of the data collection is solid, and second, that your methods of analyzing that data are equally solid.
The first variable in collecting solid data, asset inventory, is one of the most underestimated drivers of security. Understanding what assets exist, where they are located (for example, from what country, to what building, and in what room), and what criticality and value they hold, is vitally important in calculating your security risk and can help you create a stellar security management program.
The second variable involves identifying vulnerabilities. The ability to derive an accurate vulnerability picture of your enterprise is critical to collecting clean baseline data. To do this, you must reduce false positives (reporting vulnerabilities present when there actually are none) and eliminate false negatives (not reporting a vulnerability present when there actually is one).
The final variable is in understanding the threats to your system. A vulnerability by itself is not a critical risk�only when a hacker takes that vulnerability, writes a solid exploit, and begins using it does it become a critical risk. To understand the nature of the threats most relevant to you, you need to know the current activities of the underground, how they work and communicate, and how they eventually exploit known weaknesses. Without understanding those threats, your data (that is, your assets and known vulnerabilities) does not exist in a context of security management.
Only when your data collection has enabled you to understand the threats to your system can you go about the task of securing it. This book provides you with the tools and techniques that can help you analyze your data and determine the vital fixes necessary to harden the �chewy inside� of your network according to Pareto�s Principle. You will never be 100 percent secure from attackers, but you can be 100 percent sure that you are applying your resources to the battles that will matter the most.
Data for its own sake holds little value. Too many trees have died in the service of security vulnerability reports that attempt to provide a �complete picture of your risk.� In actuality, those reports often provide little beyond a confusing mix of irrelevant or conflicting concerns, combined with an avalanche of unqualified data. Without an effective, dynamic, robust interface to your data, and without acting upon Pareto�s Principle, you may never shore up your true internal risk.
The definition of insanity is doing the same thing over and over again while expecting a different result�so if you�ve been caught in the vicious cycle of generating too much unfiltered data, don�t let the failures of the past go unheeded. Read this book, heed its warnings, and take steps to effectively manage your security today.