Bezpieczeństwo sieci
Bezpieczeństwo sieci komputerowych jest aktualnie ważnym, lecz coraz bardziej skomplikowanym zagadnieniem. Książki zebrane w tej kategorii przedstawiają praktycznie wszystkie jego aspekty. Nauczycie się implementacji bezpiecznych połączeń z wykorzystaniem szeregu różnych protokołów sieciowych, a także wykorzystywać protokół SSH do pracy na zdalnych systemach.
Opanujecie ponadto umiejętność konfiguracji tuneli VPN z wykorzystaniem protokołów SSL i IPSec. Dzięki wiedzy zawartej w tym dziale, nauczycie się skutecznie bronić przed włamaniami, atakami DDoS czy działaniom typu IP-spoofing.
Brian Sak, Jilumudi Raghu Ram
Kali Linux is a Debian-based Linux distribution designed for digital forensics and penetration testing. It gives access to a large collection of security-related tools for professional security testing - some of the major ones being Nmap, Aircrack-ng, Wireshark, and Metasploit.This book will take you on a journey where you will learn to master advanced tools and techniques to conduct wireless penetration testing with Kali Linux. You will begin by gaining an understanding of setting up and optimizing your penetration testing environment for wireless assessments. Then, the book will take you through a typical assessment from reconnaissance, information gathering, and scanning the network through exploitation and data extraction from your target. You will get to know various ways to compromise the wireless network using browser exploits, vulnerabilities in firmware, web-based attacks, client-side exploits, and many other hacking methods. You will also discover how to crack wireless networks with speed, perform man-in-the-middle and DOS attacks, and use Raspberry Pi and Android to expand your assessment methodology.By the end of this book, you will have mastered using Kali Linux for wireless security assessments and become a more effective penetration tester and consultant.
Donald A. Tevault
The third edition of Mastering Linux Security and Hardening is an updated, comprehensive introduction to implementing the latest Linux security measures, using the latest versions of Ubuntu and AlmaLinux.In this new edition, you will learn how to set up a practice lab, create user accounts with appropriate privilege levels, protect sensitive data with permissions settings and encryption, and configure a firewall with the newest firewall technologies. You’ll also explore how to use sudo to set up administrative accounts with only the privileges required to do a specific job, and you’ll get a peek at the new sudo features that have been added over the past couple of years. You’ll also see updated information on how to set up a local certificate authority for both Ubuntu and AlmaLinux, as well as how to automate system auditing. Other important skills that you’ll learn include how to automatically harden systems with OpenSCAP, audit systems with auditd, harden the Linux kernel configuration, protect your systems from malware, and perform vulnerability scans of your systems. As a bonus, you’ll see how to use Security Onion to set up an Intrusion Detection System.By the end of this new edition, you will confidently be able to set up a Linux server that will be secure and harder for malicious actors to compromise.
Alexey Kleymenov, Amr Thabet
New and developing technologies inevitably bring new types of malware with them, creating a huge demand for IT professionals that can keep malware at bay. With the help of this updated second edition of Mastering Malware Analysis, you’ll be able to add valuable reverse-engineering skills to your CV and learn how to protect organizations in the most efficient way.This book will familiarize you with multiple universal patterns behind different malicious software types and teach you how to analyze them using a variety of approaches.You'll learn how to examine malware code and determine the damage it can possibly cause to systems, along with ensuring that the right prevention or remediation steps are followed. As you cover all aspects of malware analysis for Windows, Linux, macOS, and mobile platforms in detail, you’ll also get to grips with obfuscation, anti-debugging, and other advanced anti-reverse-engineering techniques. The skills you acquire in this cybersecurity book will help you deal with all types of modern malware, strengthen your defenses, and prevent or promptly mitigate breaches regardless of the platforms involved.By the end of this book, you will have learned how to efficiently analyze samples, investigate suspicious activity, and build innovative solutions to handle malware incidents.
Nipun Jaswal
Metasploit is a popular penetration testing framework that has one of the largest exploit databases around. This book will show you exactly how to prepare yourself against the attacks you will face every day by simulating real-world possibilities.We start by reminding you about the basic functionalities of Metasploit and its use in the most traditional ways. You’ll get to know about the basics of programming Metasploit modules as a refresher, and then dive into carrying out exploitation as well building and porting exploits of various kinds in Metasploit. In the next section, you’ll develop the ability to perform testing on various services such as SCADA, databases, IoT, mobile, tablets, and many more services. After this training, we jump into real-world sophisticated scenarios where performing penetration tests are a challenge. With real-life case studies, we take you on a journey through client-side attacks using Metasploit and various scripts built on the Metasploit framework.By the end of the book, you will be trained specifically on time-saving techniques using Metasploit.
Christiaan Brinkhoff, Per Larsen, Ken Pan, Scott...
Microsoft Modern Workplace solutions can simplify the management layer of your environment remarkably if you take the time to understand and implement them. With this book, you’ll learn everything you need to know to make the shift to Modern Workplace, running Windows 10, Windows 11, or Windows 365.Mastering Microsoft Endpoint Manager explains various concepts in detail to give you the clarity to plan how to use Microsoft Endpoint Manager (MEM) and eliminate potential migration challenges beforehand. You'll get to grips with using new services such as Windows 365 Cloud PC, Windows Autopilot, profile management, monitoring and analytics, and Universal Print. The book will take you through the latest features and new Microsoft cloud services to help you to get to grips with the fundamentals of MEM and understand which services you can manage. Whether you are talking about physical or cloud endpoints—it’s all covered.By the end of the book, you'll be able to set up MEM and use it to run Windows 10, Windows 11, and Windows 365 efficiently.
Erez Ben-Ari, Rainier Amara, Erez Y Ben
While UAG is built to integrate with many environments and publish dozens of application types, many organizations require a certain level of customization to meet their needs.With this book in hand, you will be equipped to deal with these types of customization scenarios, and you will be confident in using such workarounds without hassle and trial and error.Written by some of the leading experts on UAG, Mastering Microsoft Forefront UAG 2010 Customization covers the most complex and challenging options for customizing UAG in a way that is friendly and easy to follow. It walks you through various customization tasks, including explanations and code samples, as well as creative ideas for troubleshooting your work.Until now, only a few of the extensions to UAG's services have been publicly available, and most were only known to a select few. Now, this can include you!Throughout this book, you will tackle how to change the system's look-and-feel, deal with advanced authentication schemes and write special functions that need to be executed as part of the client interaction. With Mastering Microsoft Forefront UAG 2010 Customization, you too can learn how to customize various aspects of UAG's functionality to enhance your organization or customers' experience.
Prakhar Prasad, Rafay Baloch
Web penetration testing is a growing, fast-moving, and absolutely critical field in information security. This book executes modern web application attacks and utilises cutting-edge hacking techniques with an enhanced knowledge of web application security.We will cover web hacking techniques so you can explore the attack vectors during penetration tests. The book encompasses the latest technologies such as OAuth 2.0, Web API testing methodologies and XML vectors used by hackers. Some lesser discussed attack vectors such as RPO (relative path overwrite), DOM clobbering, PHP Object Injection and etc. has been covered in this book.We'll explain various old school techniques in depth such as XSS, CSRF, SQL Injection through the ever-dependable SQLMap and reconnaissance. Websites nowadays provide APIs to allow integration with third party applications, thereby exposing a lot of attack surface, we cover testing of these APIs using real-life examples. This pragmatic guide will be a great benefit and will help you prepare fully secure applications.
Rick Roetenberg, Marius Sandbu, Andy Paul
Citrix NetScaler is one of the best Application Delivery Controller products in the world. The Application Delivery Controllers are commonly used for load balancing purposes, to optimize traffic, and to perform extra security settings.This book will give you an insight into all the available features that the Citrix NetScaler appliance has to offer. The book will start with the commonly used NetScaler VPX features, such as load balancing and NetScaler Gateway functionality. Next, we cover features such as Responder, Rewrite, and the AppExpert templates, and how to configure these features. After that, you will learn more about the other available Citrix technologies that can interact with Citrix NetScaler. We also cover troubleshooting, optimizing traffic, caching, performing protection using Application Firewall, and denying HTTP DDoS attacks for web services.Finally, we will demonstrate the different configuration principles real-world Citrix NetScaler deployment scenarios.