Defend I.T.: Security by Example

Ajay Gupta, Scott Laliberte

  • 出版商: Addison Wesley
  • 出版日期: 2004-05-29
  • 定價: $1,360
  • 售價: 6.0$816
  • 語言: 英文
  • 頁數: 384
  • 裝訂: Paperback
  • ISBN: 0321197674
  • ISBN-13: 9780321197672
  • 相關分類: 資訊安全
  • 立即出貨(限量) (庫存=2)

買這商品的人也買了...

商品描述

Table of Contents:

Preface.

About the Authors.

Introduction.

I. BASIC HACKING.

1. Getting to Know the Enemy: Nmap the Target Network.

Network Architecture.

Port Scans.

OS Identification.

Additional OS Identification Tools.

Partial Picture.

Hiding.

Lessons Learned.

2. Home Architecture.

Introduction.

Background.

The Incident.

The Monthly Bill.

The E-mail.

The Investigation.

The Disclosure.

The Investigation at REM.

Incident Reconstruction.

Repercussions.

The Hacker.

Aspen's Response.

Lessons Learned.

Access Logs.

Responding to Changing Usage Patterns.

User Names and Passwords.

Architecture.

3. No Service for You!

The Discovery.

The Response.

The Process.

DoS Root Kit.

DDoS IRC Bots.

Lessons Learned.

References.

II. CURRENT METHODS.

4. Look, Ma, No Wires!

Introduction.

Background.

The Project.

Existing Security.

Recommendations.

The End State.

5. Virus Outbreak I.

Introduction.

How Did You Get In?

How Much Have We Lost?

Lessons Learned.

6. Virus Outbreak II: The Worm.

Introduction.

Background.

The Worm Infection.

Diagnosis.

Plan of Attack.

Count Your Losses.

Lessons Learned.

System Backups.

Constant Monitoring.

Contingency Plans.

Corrective Actions.

7. Changing Face.

Introduction.

The Assessment.

Lessons Learned.

And What Did the Consultant Learn?

III. ADDITIONAL ITEMS ON THE PLATE.

8. Protecting Borders: Perimeter Defense with an IDS.

Background.

The Company.

Developing Requirements.

Market Research.

Pilot Testing.

Test Plans.

Implementation on Production.

Implementation Follow-up.

Lessons Learned.

9. Disaster All Around.

Introduction.

Disaster Strikes.

Analyzing the Incident.

The Negatives.

The Positives.

The Solution.

IT Risk Assessment.

Agency Tasks.

Lessons Learned.

10. Security Is the Best Policy.

Introduction.

The Company.

The Call.

The Interviews.

Evaluating the Interviews.

The Initial Writing.

The Review Stage.

You Have a Policy . . . Now What?

Policy Awareness.

11. HIPAA: Security by Regulation.

Introduction.

The Assessment.

The Client.

The External Review.

The Internal Review.

Analysis.

Consequences.

The Solution.

Conclusion.

IV. OLD SCHOOL.

12. A War-Dialing Attack.

War Dialing.

The Attack.

Lessons Learned.

Restricting Access.

Implementing User Privileges.

Maintaining Logs.

Creating a Demilitarized Zone.

Installing Digital Lines.

Placing Controls on Vendor Accounts.

13. A Low-Tech Path into the High-Tech World.

Introduction.

Doing Your Homework.

The Hack.

The Fallout.

Lessons Learned.

IV. COMPUTER FORENSICS.

14. Industrial Espionage.

Spies All around Us.

The Investigation.

Acquire Evidence.

Authenticate the Evidence.

Analyze the Evidence.

Archive the Evidence.

Lessons Learned.

Intellectual Asset Protection.

Additional Intellectual Asset Considerations.

Chain of Custody.

Federal Guidelines of Computer Evidence Admissibility.

15. Executive Fraud.

Introduction: The Whistle-Blower.

Preparation.

The Nature and Source of the Allegation.

Evidence Collection and Chain of Custody.

Take Your Hands off That Keyboard and Slowly Back Away.

Drive Imaging.

Review of the Logical File Structure.

Review of Unallocated Space and File Slack.

Smoking Gun.

Reporting.

Lessons Learned.

16. Cyber Extortion.

Introduction.

To Press or Not to Press Charges.

The Investigation.

Acquire Evidence.

Authenticate the Evidence.

Analyze the Evidence.

Archive the Evidence and Results.

Lessons Learned.

What Would Be Done Differently Today?

Hardware.

Software.

Conclusion.

Recommended Reading.

Index

商品描述(中文翻譯)

目錄:


前言。

關於作者。


導論。


I. 基礎駭客。



1. 了解敵人:Nmap掃描目標網絡。



網絡架構。



端口掃描。



操作系統識別。



其他操作系統識別工具。



部分圖像。



隱藏。



經驗教訓。



2. 家庭架構。



導論。



背景。



事件。



月度帳單。



電子郵件。



調查。



披露。



在REM的調查。



事件重建。



後果。



駭客。



Aspen的回應。



經驗教訓。



訪問日誌。



應對使用模式的變化。



用戶名和密碼。



架構。



3. 沒有服務給你!



發現。



回應。



過程。



DoS Root Kit。



DDoS IRC Bots。



經驗教訓。



參考資料。


II. 現行方法。



4. 看吧,沒有線!



導論。



背景。



項目。



現有安全措施。



建議。



最終狀態。



5. 病毒爆發I。



導論。



你是怎麼進來的?



我們損失了多少?



經驗教訓。



6. 病毒爆發II:蠕蟲。



導論。



背景。



蠕蟲感染。



診斷。



攻擊計劃。



計算損失。