Around the world, SCADA (supervisory control and data acquisition) systems and other real-time process control networks run mission-critical infrastructure--everything from the power grid to water treatment, chemical manufacturing to transportation. These networks are at increasing risk due to the move from proprietary systems to more standard platforms and protocols and the interconnection to other networks. Because there has been limited attention paid to security, these systems are seen as largely unsecured and very vulnerable to attack.
This book addresses currently undocumented security issues affecting SCADA systems and overall critical infrastructure protection. The respective co-authors are among the leading experts in the world capable of addressing these related-but-independent concerns of SCADA security. Headline-making threats and countermeasures like malware, sidejacking, biometric applications, emergency communications, security awareness llanning, personnel & workplace preparedness and bomb threat planning will be addressed in detail in this one of a kind book-of-books dealing with the threats to critical infrastructure protection. They collectivly have over a century of expertise in their respective fields of infrastructure protection. Included among the contributing authors are Paul Henry, VP of Technology Evangelism, Secure Computing, Chet Hosmer, CEO and Chief Scientist at Wetstone Technologies, Phil Drake, Telecommunications Director, The Charlotte Observer, Patrice Bourgeois, Tenable Network Security, Sean Lowther, President, Stealth Awareness and Jim Windle, Bomb Squad Commander, CMPD.
* Internationally known experts provide a detailed discussion of the complexities of SCADA security and its impact on critical infrastructure
* Highly technical chapters on the latest vulnerabilities to SCADA and critical infrastructure and countermeasures
* Bonus chapters on security awareness training, bomb threat planning, emergency communications, employee safety and much more
* Companion Website featuring video interviews with subject matter experts offer a "sit-down" with the leaders in the field

Kismet is the industry standard for examining wireless network traffic, and is used by over 250,000 security professionals, wireless networking enthusiasts, and WarDriving hobbyists.
Unlike other wireless networking books that have been published in recent years that geared towards Windows users, Kismet Hacking is geared to those individuals that use the Linux operating system. People who use Linux and want to use wireless tools need to use Kismet. Now with the introduction of Kismet NewCore, they have a book that will answer all their questions about using this great tool. This book continues in the successful vein of books for wireless users such as WarDriving: Drive, Detect Defend.
*Wardrive Running Kismet from the BackTrack Live CD
*Build and Integrate Drones with your Kismet Server
*Map Your Data with GPSMap, KisMap, WiGLE and GpsDrive

Citrix Presentation Server allows remote users to work off a network server as if they weren't remote. That means: Incredibly fast access to data and applications for users, no third party VPN connection, and no latency issues. All of these features make Citrix Presentation Server a great tool for increasing access and productivity for remote users. Unfortunately, these same features make Citrix just as dangerous to the network it's running on. By definition, Citrix is granting remote users direct access to corporate servers?..achieving this type of access is also the holy grail for malicious hackers. To compromise a server running Citrix Presentation Server, a hacker need not penetrate a heavily defended corporate or government server. They can simply compromise the far more vulnerable laptop, remote office, or home office of any computer connected to that server by Citrix Presentation Server.
All of this makes Citrix Presentation Server a high-value target for malicious hackers. And although it is a high-value target, Citrix Presentation Servers and remote workstations are often relatively easily hacked, because they are often times deployed by overworked system administrators who haven't even configured the most basic security features offered by Citrix. "The problem, in other words, isn't a lack of options for securing Citrix instances; the problem is that administrators aren't using them." (eWeek, October 2007). In support of this assertion Security researcher Petko D. Petkov, aka "pdp," said in an Oct. 4 posting that his recent testing of Citrix gateways led him to "tons" of "wide-open" Citrix instances, including 10 on government domains and four on military domains.
* The most comprehensive book published for system administrators providing step-by-step instructions for a secure Citrix Presentation Server.
* Special chapter by Security researcher Petko D. Petkov'aka "pdp detailing tactics used by malicious hackers to compromise Citrix Presentation Servers.
* Companion Web site contains custom Citrix scripts for administrators to install, configure, and troubleshoot Citrix Presentation Server.

This book is a convenient, targeted, single-source guide to integrating Microsoft's ISA Server with Exchange 2007 SP1. Unlike longwinded "comprehensive resources" it doesn't waste time re-hashing general information on the architectures and purposes of ISA and Exchange for raw beginners. Instead, its pragmatic purpose is to smooth the path of the busy administrator who is under pressure to get the integration done quickly, and done right, the first time. It features "break-out sessions" for issues that require in-depth discussion, "tips and tricks" sections that hone in on and demystify trouble spots, and "FAQs" alphabetized by topic that act as a quick-reference for readers who just want a quick answer to a specific question.
Readers will learn how to:
*Create the protocol definitions and firewall policy to allow only authorized users to connect to your Exchange Server
*Configure SMTP Filtering and SMTP Message Screener
*Troubleshoot the SSL connection to your Exchange Server
*Take advantage of ISA 2006's integrated Exchange 2007 support
*Enable forms-based authentication for Outlook Web Access
*Leverage unified SSL, VPN, application-layer filtering and endpoint security
to optimize access for mobile devices
*Configure user-based settings to provide pre-authenticated access to specific Web applications
...and much more

*Practical and focused, this guide explains explains everything you need to know in order to successfully integrate ISA 2006 and Exchange 2007, without wasting time on minutiae
*Tips and tricks from the expert author help you avoid pitfalls before you stumble into them, troubleshoot problems with ease, and optimize performance
*In-depth coverage of Exchange SP1 highlights the many security enhancements that optimize integration with ISA

Network Security: Know It All explains the basics, describes the protocols, and discusses advanced topics, by the best and brightest experts in the field of network security.
Assembled from the works of leading researchers and practitioners, this best-of-the-best collection of chapters on network security and survivability is a valuable and handy resource. It consolidates content from the field's leading experts while creating a one-stop-shopping opportunity for readers to access the information only otherwise available from disparate sources.
* Chapters contributed by recognized experts in the field cover theory and practice of network security technology, allowing the reader to develop a new level of knowledge and technical expertise.
* Up-to-date coverage of network security issues facilitates learning and lets the reader remain current and fully informed from multiple viewpoints.
* Presents methods of analysis and problem-solving techniques, enhancing the reader's grasp of the material and ability to implement practical solutions.
* Examples illustrate core security concepts for enhanced comprehension

The future for Nagios in the enterprise is certainly bright! "Nagios 3 Enterprise Network Monitoring" can help you harness the full power of Nagios in your organization. Nagios 3 contains many significant new features and updates, and this book details them all for you. Once up and running, you'll see how a number of useful add-ons and enhancements for Nagios can extend the functionality of Nagios throughout your organization. And, if you want to learn how to write your own plugins...this is the book for you! In these pages you'll find a cookbook-style chapter full of useful plugins that monitor a variety of devices, from HTTP-based applications to CPU utilization to LDAP servers and more.
* Complete Case Study Demonstrates how to Deploy Nagios Globally in an Enterprise Network
* Monitor Third Party Hardware Devices with Nagios

Advances in mobile computing, wireless communications, mobile positioning, and sensor technologies have given rise to a new class of context-aware mobile and ubiquitous applications. ""Context-Aware Mobile and Ubiquitous Computing for Enhanced Usability: Adaptive Technologies and Applications"" provides thorough insights and significant research developments on mobile technologies and services. This significant reference book explains how users of such applications access intelligent and adaptable information services, maximizing convenience and minimizing intrusion.

SHORT DESCRIPTION:
Multiprotocol Label Switching (MPLS) is a data plane and control technology that is used in packet (that is Internet Protocol) networks. Now over ten years old, it has taken root firmly as a fundamental tool in many service provider networks. The last ten years have seen a considerable consolidation of MPLS techniques and protocols. This has resulted in the abandoning of some of the original features of MPLS, and the development of other new features. MPLS has moved from a prospective solution, to a grown-up technology. Now that MPLS has reached this level of maturity, these new tools and features allow more sophisticated services to the users of the network. These tools and features are discussed within various contexts throughout several networking-related books published by MK and this presents us with a unique publishing opportunity.
The proposed book is a best-of-the-best collection of existing content from several books MK has published in recent years on MPLS technology (multi-label protocol switching). Individual chapters on MPLS technology are derived from a handful of MK books and are combined in one new volume in a way that makes sense as a reference work for those interested in new and developing aspects of this technology, i.e., network operators and designers who need to determine which aspects of their networks would benefit from MPLS technology and applications. It also serves as a definitive reference for engineers implementing MPLS-based products.
This book represents a quick and efficient way to bring valuable content together from leading experts in the field while creating a one-stop-shopping opportunity for customers to receive the information they would otherwise need to round up from separate sources. Suitable and current content will be collected from the following titles: Evans, Deploying IP and MPLS QoS (2006); Farrel, GMPLS (2005); Ash, Traffic Engineering (2006); Vasseur, Network Recovery (2005); Farrel, The Internet and Its Protocols (2004); Nadeau, MPLS Management (2003); and Davie, MPLS Technology and Applications (2000). These chapters will be updated where necessary and two new chapters will be added at the beginning and the end of the book to bring the content into focus and discuss next generation developments.

* Coverage of major applications of MPLS such as traffic engineering, VPNs, IP integration, GMPLS, and QoS written by leading experts in the field contributes to your practical knowledge of this key technology
* Shows you how to implement various MPLS applications that will result in saving your organization time and money
* Shows you how you can evaluate MPLS applications and techniques in relation to one another so you can develop an optimum network design

Offering a structured approach to handling and recovering from a catastrophic data loss, this book will help both technical and non-technical professionals put effective processes in place to secure their business-critical information and provide a roadmap of the appropriate recovery and notification steps when calamity strikes.
*Addresses a very topical subject of great concern to security, general IT and business management
*Provides a step-by-step approach to managing the consequences of and recovering from the loss of sensitive data.
*Gathers in a single place all information about this critical issue, including legal, public relations and regulatory issues

Over the past decade, the world has witnessed an explosion in the development and deployment of new wireless network technologies. From cellular mobile telephony to the ubiquitous "WiFi" networks in coffee-shops and airports, to the emerging WiMAX wireless broadband access networks, the menu of wireless access systems has become so comprehensive that wireline access to user devices may soon become a relic of the past. Wireless Networking serves as a one-stop view of cellular, WiFi, and WiMAX networks, as well as the emerging wireless ad hoc and sensor networks. Rather than provide descriptive accounts of these technologies and standards, the book emphasizes conceptual perspectives on the modeling, analysis, design and optimization of such networks. Furthermore, the authors present wireless networking within the unifying framework of resource allocation, using simple abstractions of the underlying physical wireless communication. In short, Wireless Networking is an in-depth, exhaustive, and invaluable asset to anyone working in this rapidly evolving field.
*Goes beyond descriptive and qualitative treatments, by presenting the foundations underlying the various wireless networking technologies
*Provides abstractions, models and analyses of established and emerging wireless networks, thereby supplying the reader with a conceptual and quantitative treatment, thus ensuring longevity of the learning from this material
*Aids comprehension by including over 120 figures, four appendices on the mathematics of the various models, several inline exercises, and extensive problem sets at the end of each chapter

Nmap, or Network Mapper, is a free, open source tool that is available under the GNU General Public License as published by the Free Software Foundation. It is most often used by network administrators and IT security professionals to scan corporate networks, looking for live hosts, specific services, or specific operating systems. Part of the beauty of Nmap is its ability to create IP packets from scratch and send them out utilizing unique methodologies to perform the above-mentioned types of scans and more. This book provides comprehensive coverage of all Nmap features, including detailed, real-world case studies.
-Understand Network Scanning
Master networking and protocol fundamentals, network scanning techniques, common network scanning tools, along with network scanning and policies.
-Get Inside Nmap
Use Nmap in the enterprise, secure Nmap, optimize Nmap, and master advanced Nmap scanning techniques.
-Install, Configure, and Optimize Nmap
Deploy Nmap on Windows, Linux, Mac OS X, and install from source.
-Take Control of Nmap with the Zenmap GUI
Run Zenmap, manage Zenmap scans, build commands with the Zenmap command wizard, manage Zenmap profiles, and manage Zenmap results.
-Run Nmap in the Enterprise
Start Nmap scanning, discover hosts, port scan, detecting operating systems, and detect service and application versions
-Raise those Fingerprints
Understand the mechanics of Nmap OS fingerprinting, Nmap OS fingerprint scan as an administrative tool, and detect and evade the OS fingerprint scan.
-"Tool" around with Nmap
Learn about Nmap add-on and helper tools: NDiff--Nmap diff, RNmap--Remote Nmap, Bilbo, Nmap-parser.
-Analyze Real-WorldNmap Scans
Follow along with the authors to analyze real-world Nmap scans.
-Master Advanced Nmap Scanning Techniques
Torque Nmap for TCP scan flags customization, packet fragmentation, IP and MAC address spoofing, adding decoy scan source IP addresses, add random data to sent packets, manipulate time-to-live fields, and send packets with bogus TCP or UDP checksums.

This book provides an in-depth exploration of the phenomenon of hacking from a multidisciplinary perspective that addresses the social and technological aspects of this unique activity as well as its impact. What defines the social world of hackers? How do individuals utilize hacking techniques against corporations, governments, and the general public? And what motivates them to do so? This book traces the origins of hacking from the 1950s to today and provides an in-depth exploration of the ways in which hackers define themselves, the application of malicious and ethical hacking techniques, and how hackers' activities are directly tied to the evolution of the technologies we use every day. Rather than presenting an overly technical discussion of the phenomenon of hacking, this work examines the culture of hackers and the technologies they exploit in an easy-to-understand format. Additionally, the book documents how hacking can be applied to engage in various forms of cybercrime, ranging from the creation of malicious software to the theft of sensitive information and fraud-acts that can have devastating effects upon our modern information society. Documents how computer hacking fits into various forms of cybercrime Describes the subculture of computer hackers and explains how this social world plays an integral role in the business of hacking Clarifies the subtle differences between ethical and malicious hacks Focuses on the non-technical aspects of computer hacking to enable the reader to better understand the actors and their motives

This book will teach the reader how to make the most of their WRT54G series hardware. These handy little inexpensive devices can be configured for a near endless amount of networking tasks. The reader will learn about the WRT54G s hardware components, the different third-party firmware available and the differences between them, choosing the firmware that is right for you, and how to install different third-party firmware distributions. Never before has this hardware been documented in this amount of detail, which includes a wide-array of photographs and complete listing of all WRT54G models currently available, including the WRTSL54GS.
Once this foundation is laid, the reader will learn how to implement functionality on the WRT54G for fun projects, penetration testing, various network tasks, wireless spectrum analysis, and more This title features never before seen hacks using the WRT54G. For those who want to make the most out of their WRT54G you can learn how to port code and develop your own software for the OpenWRT operating system.
* Never before seen and documented hacks, including wireless spectrum analysis
* Most comprehensive source for documentation on how to take advantage of advanced features on the inexpensive wrt54g platform
* Full coverage on embedded device development using the WRT54G and OpenWRT"

A virtual evolution in IT shops large and small has begun. VMware s ESX Server is the enterprise tool to free your infrastructure from its physical limitations providing the great transformation into a virtual environment--this book shows you how. Use Syngress proven How to Cheat methodology to configure and build VMware s ESX Server version 3. This clear, concise guide provides all the information you need to become a virtual whiz
This book will detail the default and custom installation of VMware s ESX server as well as basic and advanced virtual machine configurations. It will then walk the reader through post installation configurations including installation and configuration of VirtualCenter. From here, readers will learn to efficiently create and deploy virtual machine templates. Best practices for securing and backing up your virtual environment are also provided. The book concludes with a series of handy, time-saving command and configuration for: bash shell keystrokes, Linux commands, configuration files, common/proc files, VMware ESX commands, and troubleshooting.
Reap the Benefits of Server Virtualization
Realize improved ROI, ensure efficient mergers and acquisitions, and reduce compliance risk exposure through server virtualization and consolidation.
Build a Virtual Machine
Create a Gold Master and use your VMlibrary to leverage the power and flexibility of VMware.
Manage Your Virtual Infrastructure
Use VMware tools to partition physical servers and manage virtual machines.
Set Up Scripted Installation
See how a scripted installation method can be a fast and efficient way to provision ESX hosts.
Master ESX Native Tools
Use tools like Esxtop to diagnose performance issues and vmkfstools to import and export
Install and Use VMware Scripting APIs
Develop programs to help automate and ease administration even with a limited background in scripting or programming.
Learn the Fundamentals of a VM Backup
VMware ESX ships with three scripts that work together to create a backup and restore system: vmsnap.pl, vmsnap_all.pl, and vmres.pl.
Extend a Cloned Windows VM s Root Partition
Use Microsoft s Sysprep utility to extend a newly deployed virtual machine s root partition from the original clone size to a larger size."

Fuzzing is often described as a "black box" software testing technique. It works by automatically feeding a program multiple input iterations in an attempt to trigger an internal error indicative of a bug, and potentially crash it. Such program errors and crashes are indicative of the existence of a security vulnerability, which can later be researched and fixed.
Fuzz testing is now making a transition from a hacker-grown tool to a commercial-grade product. There are many different types of applications that can be fuzzed, many different ways they can be fuzzed, and a variety of different problems that can be uncovered. There are also problems that arise during fuzzing; when is enough enough? These issues and many others are fully explored.
-Learn How Fuzzing Finds Vulnerabilities
Eliminate buffer overflows, format strings and other potential flaws
-Find Coverage of Available Fuzzing Tools
Complete coverage of open source and commercial tools and their uses
-Build Your Own Fuzzer
Automate the process of vulnerability research by building your own tools
-Understand How Fuzzing Works within the Development Process
Learn how fuzzing serves as a quality assurance tool for your own and third-party software

In this book, we aim to describe how to make a computer bend to your will by finding and exploiting vulnerabilities specifically in Web applications. We will describe common security issues in Web applications, tell you how to find them, describe how to exploit them, and then tell you how to fix them. We will also cover how and why some hackers (the bad guys) will try to exploit these vulnerabilities to achieve their own end. We will also try to explain how to detect if hackers are actively trying to exploit vulnerabilities in your own Web applications.
.Learn to defend Web-based applications developed with AJAX, SOAP, XMLPRC, and more.
.See why Cross Site Scripting attacks can be so devastating.
.Download working code from the companion Web site.

In today's fast paced, infocentric environment, professionals increasingly rely on networked information technology to do business. Unfortunately, with the advent of such technology came new and complex problems that continue to threaten the availability, integrity, and confidentiality of our electronic information. It is therefore absolutely imperative to take measures to protect and defend information systems by ensuring their security and non-repudiation. Information Assurance skillfully addresses this issue by detailing the sufficient capacity networked systems need to operate while under attack, and itemizing failsafe design features such as alarms, restoration protocols, and management configurations to detect problems and automatically diagnose and respond. Moreover, this volume is unique in providing comprehensive coverage of both state-of-the-art survivability and security techniques, and the manner in which these two components interact to build robust Information Assurance (IA).
KEY FEATURES
* The first and (so far) only book to combine coverage of both security AND survivability in a networked information technology setting
* Leading industry and academic researchers provide state-of-the-art survivability and security techniques and explain how these components interact in providing information assurance
* Additional focus on security and survivability issues in wireless networks

Dr. Tom Shinder's ISA Server 2006 Migration Guide provides a clear, concise, and thorough path to migrate from previous versions of ISA Server to ISA Server 2006. ISA Server 2006 is an incremental upgrade from ISA Server 2004, this book provides all of the tips and tricks to perform a successful migration, rather than rehash all of the features which were rolled out in ISA Server 2004. Also, learn to publish Exchange Server 2007 with ISA 2006 and to build a DMZ.
* Highlights key issues for migrating from previous versions of ISA Server to ISA Server 2006.
* Learn to Publish Exchange Server 2007 Using ISA Server 2006.
* Create a DMZ using ISA Server 2006.
* Dr. Tom Shinder's previous two books on configuring ISA Server have sold more than 50,000 units worldwide.
* Dr. Tom Shinder is a Microsoft Most Valuable Professional (MVP) for ISA Server and a member of the ISA Server beta testing team.
* This book will be the "Featured Product" on the Internet's most popular ISA Server site www.isaserver.org.

Electronic discovery refers to a process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a legal case. Computer forensics is the application of computer investigation and analysis techniques to perform an investigation to find out exactly what happened on a computer and who was responsible. IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference has increased in size by almost 50% in its second year; another example of the rapid growth in the market.
This book is the first to combine cybercrime and digital forensic topics to provides law enforcement and IT security professionals with the information needed to manage a digital investigation. Everything needed for analyzing forensic data and recovering digital evidence can be found in one place, including instructions for building a digital forensics lab.
* Digital investigation and forensics is a growing industry
* Corporate I.T. departments needing to investigate incidents related to corporate espionage or other criminal activities are learning as they go and need a comprehensive step-by-step guide to e-discovery
* Appeals to law enforcement agencies with limited budgets

Digital audio, video, images, and documents are flying through cyberspace to their respective owners. Unfortunately, along the way, individuals may choose to intervene and take this content for themselves. Digital watermarking and steganography technology greatly reduces the instances of this by limiting or eliminating the ability of third parties to decipher the content that he has taken. The many techiniques of digital watermarking (embedding a code) and steganography (hiding information) continue to evolve as applications that necessitate them do the same. The authors of this second edition provide an update on the framework for applying these techniques that they provided researchers and professionals in the first well-received edition. Steganography and steganalysis (the art of detecting hidden information) have been added to a robust treatment of digital watermarking, as many in each field research and deal with the other. New material includes watermarking with side information, QIM, and dirty-paper codes. The revision and inclusion of new material by these influential authors has created a must-own book for anyone in this profession.
*This new edition now contains essential information on steganalysis and steganography
*New concepts and new applications including QIM introduced
*Digital watermark embedding is given a complete update with new processes and applications

Network Security and how to traceback, attack and react to network vulnerability and threats. Concentration on traceback techniques for attacks launched with single packets involving encrypted payloads, chaff and other obfuscation techniques. Due to the development of various tools and techniques to increase the source of network attacks, our interest will include network forensics, with the goal of identifying the specific host which launched the attack and cause denial of services (DoS). Also we will include tracing an attack that would compromise the confidentiality and integrity of information on the Intelligence Community (IC) network, which includes the NIPRNET, SIPRNET, JWICS, and IC enclaves. Deliverables will be technical reports, software, demonstrations, and results of experiments, which will provide evidence and metrics. The emergence of hybrid worm attacks utilizing multiple exploits to breach security infrastructures has forced enterprises to look into solutions that can defend their critical assets against constantly shifting threats.

An all-star cast of authors analyze the top IT security threats for 2008 as selected by the editors and readers of Infosecurity Magazine. This book, compiled from the Syngress Security Library, is an essential reference for any IT professional managing enterprise security. It serves as an early warning system, allowing readers to assess vulnerabilities, design protection schemes and plan for disaster recovery should an attack occur. Topics include Botnets, Cross Site Scripting Attacks, Social Engineering, Physical and Logical Convergence, Payment Card Industry (PCI) Data Security Standards (DSS), Voice over IP (VoIP), and Asterisk Hacking.
Each threat is fully defined, likely vulnerabilities are identified, and detection and prevention strategies are considered. Wherever possible, real-world examples are used to illustrate the threats and tools for specific solutions.
* Provides IT Security Professionals with a first look at likely new threats to their enterprise
* Includes real-world examples of system intrusions and compromised data
* Provides techniques and strategies to detect, prevent, and recover
* Includes coverage of PCI, VoIP, XSS, Asterisk, Social Engineering, Botnets, and Convergence