Bezpieczeństwo sieci
Kaizhe Huang, Pranjal Jumde
Kubernetes is an open source orchestration platform for managing containerized applications. Despite widespread adoption of the technology, DevOps engineers might be unaware of the pitfalls of containerized environments. With this comprehensive book, you'll learn how to use the different security integrations available on the Kubernetes platform to safeguard your deployments in a variety of scenarios.Learn Kubernetes Security starts by taking you through the Kubernetes architecture and the networking model. You'll then learn about the Kubernetes threat model and get to grips with securing clusters. Throughout the book, you'll cover various security aspects such as authentication, authorization, image scanning, and resource monitoring. As you advance, you'll learn about securing cluster components (the kube-apiserver, CoreDNS, and kubelet) and pods (hardening image, security context, and PodSecurityPolicy). With the help of hands-on examples, you'll also learn how to use open source tools such as Anchore, Prometheus, OPA, and Falco to protect your deployments.By the end of this Kubernetes book, you'll have gained a solid understanding of container security and be able to protect your clusters from cyberattacks and mitigate cybersecurity threats.
Learn Mobile Forensics. The Complete Guide from Extraction to Courtroom Testimony
William Oettinger
Unlock the secrets hidden within smartphones and tablets with Learn Mobile Forensics, an indispensable guide providing end-to-end coverage of techniques and tools for extracting and analysing evidentiary data from iOS and Android devices. This practical handbook is designed for forensic examiners, computer security professionals, researchers, and anyone seeking a deeper understanding of mobile internals.Distinguishing itself from other resources, this book focuses on decoding and extracting artifacts from mobile applications. It goes beyond surface-level overviews, offering advanced instructions for interpreting database files and artifacts associated with popular apps. The guide also dedicates an entire chapter to critical legal and ethical considerations, providing clear guidance on maintaining evidentiary integrity and handling personal data ethically.Whether you are assessing WhatsApp message databases or extracting geolocation tracks from Facebook, Mobile Forensics equips you with specialized techniques to uncover crucial app forensic evidence. Stay ahead in the evolving field of mobile forensics with this comprehensive and practical guide.
David Zientara
As computer networks become ubiquitous, it has become increasingly important to both secure and optimize our networks. pfSense, an open-source router/firewall, provides an easy, cost-effective way of achieving this – and this book explains how to install and configure pfSense in such a way that even a networking beginner can successfully deploy and use pfSense.This book begins by covering networking fundamentals, deployment scenarios, and hardware sizing guidelines, as well as how to install pfSense. The book then covers configuration of basic services such as DHCP, DNS, and captive portal and VLAN configuration. Careful consideration is given to the core firewall functionality of pfSense, and how to set up firewall rules and traffic shaping. Finally, the book covers the basics of VPNs, multi-WAN setups, routing and bridging, and how to perform diagnostics and troubleshooting on a network.
Learn Social Engineering. Learn the art of human hacking with an internationally renowned expert
Dr. Erdal Ozkaya, Troy Hunt
This book will provide you with a holistic understanding of social engineering. It will help you to avoid and combat social engineering attacks by giving you a detailed insight into how a social engineer operates.Learn Social Engineering starts by giving you a grounding in the different types of social engineering attacks,and the damages they cause. It then sets up the lab environment to use different toolS and then perform social engineering steps such as information gathering. The book covers topics from baiting, phishing, and spear phishing, to pretexting and scareware.By the end of the book, you will be in a position to protect yourself andyour systems from social engineering threats and attacks.All in all, the book covers social engineering from A to Z , along with excerpts from many world wide known security experts.
Lisa Bock
Wireshark is a popular and powerful packet analysis tool that helps network administrators investigate latency issues and potential attacks. Over the years, there have been many enhancements to Wireshark’s functionality. This book will guide you through essential features so you can capture, display, and filter data with ease. In addition to this, you’ll gain valuable tips on lesser-known configuration options, which will allow you to complete your analysis in an environment customized to suit your needs.This updated second edition of Learn Wireshark starts by outlining the benefits of traffic analysis. You’ll discover the process of installing Wireshark and become more familiar with the interface. Next, you’ll focus on the Internet Suite and then explore deep packet analysis of common protocols such as DNS, DHCP, HTTP, and ARP. The book also guides you through working with the expert system to detect network latency issues, create I/O and stream graphs, subset traffic, and save and export captures. Finally, you’ll understand how to share captures using CloudShark, a browser-based solution for analyzing packet captures.By the end of this Wireshark book, you’ll have the skills and hands-on experience you need to conduct deep packet analysis of common protocols and network troubleshooting as well as identify security issues.
Swaroop Yermalkar
iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This book will show you how to conduct a wide range of penetration tests on iOS devices to uncover vulnerabilities and strengthen the system from attacks.Learning iOS Penetration Testing discusses the common vulnerabilities and security-related shortcomings in an iOS application and operating system, and will teach you to conduct static and dynamic analysis of iOS applications.This practical guide will help you uncover vulnerabilities in iOS phones and applications. We begin with basics of iOS security and dig deep to learn about traffic analysis, code analysis, and various other techniques. Later, we discuss the various utilities, and the process of reversing and auditing.
Raul Lapaz
With readily available services, support, and tools, Kubernetes has become a foundation for digital transformation and cloud-native development, but it brings significant security challenges such as breaches and supply chain attacks.This updated edition equips you with defense strategies to protect your applications and infrastructure while understanding the attacker mindset, including tactics like container escapes and exploiting vulnerabilities to compromise clusters. The author distills his 25+ years of experience to guide you through Kubernetes components, architecture, and networking, addressing authentication, authorization, image scanning, resource monitoring, and traffic sniffing. You’ll implement security controls using third-party plugins (krew) and tools like Falco, Tetragon, and Cilium. You’ll also secure core components, such as the kube-apiserver, CoreDNS, and kubelet, while hardening images, managing security contexts, and applying PodSecurityPolicy. Through practical examples, the book teaches advanced techniques like redirecting traffic from misconfigured clusters to rogue pods and enhances your support incident response with effective cluster monitoring and log analysis.By the end of the book, you'll have a solid grasp of container security as well as the skills to defend your clusters against evolving threats.
Wojciech Kocjan
This is a beginner-level book, which will introduce Nagios to System Administrators who are interested in monitoring their systems. The focus is on teaching system administrators to secure their systems in a much improved manner incorporating the newer features of Nagios.It will teach Nagios beginners the basics of installation and configuration of version 3; it will show professionals who have already worked on earlier versions of Nagios the new features of Nagios like inheritance and also the new internal functions like better check scheduling. The target readers for this book are System Administrators interested in using Nagios. This book will introduce Nagios with the new features of Version 3 for System Administrators.