Contrary to popular belief, there has never been any shortage of Macintosh-related security issues. OS9 had issues that warranted attention. However, due to both ignorance and a lack of research, many of these issues never saw the light of day. No solid techniques were published for executing arbitrary code on OS9, and there are no notable legacy Macintosh exploits. Due to the combined lack of obvious vulnerabilities and accompanying exploits, Macintosh appeared to be a solid platform. Threats to Macintosh's OS X operating system are increasing in sophistication and number. Whether it is the exploitation of an increasing number of holes, use of rootkits for post-compromise concealment or disturbed denial of service, knowing why the system is vulnerable and understanding how to defend it is critical to computer security.
* Macintosh OS X Boot Process and Forensic Software All the power, all the tools, and all the geekery of Linux is present in Mac OS X. Shell scripts, X11 apps, processes, kernel extensions...it's a UNIX platform....Now, you can master the boot process, and Macintosh forensic software.
* Look Back Before the Flood and Forward Through the 21st Century Threatscape Back in the day, a misunderstanding of Macintosh security was more or less industry-wide. Neither the administrators nor the attackers knew much about the platform. Learn from Kevin Finisterre how and why that has all changed
* Malicious Macs: Malware and the Mac As OS X moves further from desktops, laptops, and servers into the world of consumer technology (iPhones, iPods, and so on), what are the implications for the further spread of malware and other security breaches? Find out from David Harley.
* Malware Detection and the Mac Understand why the continuing insistence of vociferous Mac zealots that it "can't happen here" is likely to aid OS X exploitationg
* Mac OS X for Pen Testers With its BSD roots, super-slick graphical interface, and near-bulletproof reliability, Apple's Mac OS X provides a great platform for pen testing.
* WarDriving and Wireless Penetration Testing with OS X Configure and utilize the KisMAC WLAN discovery tool to WarDrive. Next, use the information obtained during a WarDrive, to successfully penetrate a customer's wireless network.
* Leopard and Tiger Evasion Follow Larry Hernandez through exploitation techniques, tricks, and features of both OS X Tiger and Leopard, using real-world scenarios for explaining and demonstrating the concepts behind them.
* Encryption Technologies and OS X Apple has come a long way from the bleak days of OS9. THere is now a wide array of encryption choices within Mac OS X. Let Gareth Poreus show you what they are.
* Cuts through the hype with a serious discussion of the security
vulnerabilities of the Mac OS X operating system
* Reveals techniques by which OS X can be "owned"
* Details procedures to defeat these techniques
* Offers a sober look at emerging threats and trends

As the cliche reminds us, information is power. In this age of computer systems and technology, an increasing majority of the world's information is stored electronically. It makes sense then that as an industry we rely on high-tech electronic protection systems to guard that information. As a professional hacker, I get paid to uncover weaknesses in those systems and exploit them. Whether breaking into buildings or slipping past industrial-grade firewalls, my goal has always been the same: extract the informational secrets using any means necessary. After hundreds of jobs, I discovered the secret to bypassing every conceivable high-tech security system. This book reveals those secrets, and as the title suggests, it has nothing to do with high technology. As it turns out, the secret isn't much of a secret at all. Hackers have known about these techniques for years. Presented in a light, accessible style, you'll get to ride shotgun with the authors on successful real-world break-ins as they share photos, videos and stories that prove how vulnerable the high-tech world is to no-tech attacks.
As you browse this book, you'll hear old familiar terms like "dumpster diving," "social engineering," and "shoulder surfing." Some of these terms have drifted into obscurity to the point of becoming industry folklore; the tactics of the pre-dawn information age. But make no mistake; these and other old-school tactics work with amazing effectiveness today. In fact, there's a very good chance that someone in your organization will fall victim to one or more of these attacks this year. Will they be ready?
-Dumpster Diving
Be a good sport and don't read the two "D" words written in big boldletters above, and act surprised when I tell you hackers can accomplish this without relying on a single bit of technology (punny).
-Tailgating
Hackers and ninja both like wearing black, and they do share the ability to slip inside a building and blend with the shadows.
-Shoulder Surfing
If you like having a screen on your laptop so you can see what you're working on, don't read this chapter.
-Physical Security
Locks are serious business and lock technicians are true engineers, most backed with years of hands-on experience. But what happens when you take the age-old respected profession of the locksmith and sprinkle it with hacker ingenuity?
-Social Engineering with Jack Wiles
Jack has trained hundreds of federal agents, corporate attorneys, CEOs and internal auditors on computer crime and security-related topics. His unforgettable presentations are filled with three decades of personal "war stories" from the trenches of Information Security and Physical Security.
-Google Hacking
A hacker doesn't even need his own computer to do the necessary research. If he can make it to a public library, Kinko's or Internet cafe, he can use Google to process all that data into something useful.
-P2P Hacking
Let's assume a guy has no budget, no commercial hacking software, no support from organized crime and no fancy gear. With all those restrictions, is this guy still a threat to you? Have a look at this chapter and judge for yourself.
-People Watching
Skilled people watchers can learn a whole lot in just a few quick glances. In this chapter we'll take a look at a few examples of the types of things that draws a no-tech hacker's eye.
-Kiosks
Whathappens when a kiosk is more than a kiosk? What happens when the kiosk holds airline passenger information? What if the kiosk holds confidential patient information? What if the kiosk holds cash?
-Vehicle Surveillance
Most people don't realize that some of the most thrilling vehicular espionage happens when the cars aren't moving at all!

The sexy, elegant design of the Apple PowerBook combined with the Unix-like OS X operating system based on FreeBSD, have once again made OS X the Apple of every hacker s eye. In this unique and engaging book covering the brand new OS X 10.4 Tiger, the world s foremost true hackers unleash the power of OS X for everything form cutting edge research and development to just plain old fun.
OS X 10.4 Tiger is a major upgrade for Mac OS X for running Apple s Macintosh computers and laptops. This book is not a reference to every feature and menu item for OS X. Rather, it teaches hackers of all types from software developers to security professionals to hobbyists, how to use the most powerful (and often obscure) features of OS X for wireless networking, WarDriving, software development, penetration testing, scripting administrative tasks, and much more.
* Analyst reports indicate that OS X sales will double in 2005. OS X Tiger is currently the #1 selling software product on Amazon and the 12-inch PowerBook is the #1 selling laptop
* Only book on the market directly appealing to groundswell of hackers migrating to OS X
* Each chapter written by hacker most commonly associated with that topic, such as Chris Hurley (Roamer) organizer of the World Wide War Drive"

"Stealing the Network: How to Own the Box is a unique book in the fiction department. It combines stories that are fictional with technology that is real."
--Jeff Moss, Founder and CEO of Black Hat
The "Stealing the Network Series" has developed a passionate, cult following which includes more than 30,000 readers. Over 3,000 readers have registered their copies of Stealing on the Syngress Web site. The Stealing book signings at the Black Hat Briefings in Las Vegas have become an annual event, attracting hundreds of readers, who want to meet the authors who serve as the heroes and villains of the series. These are true fans. They want the inside scoop. They want their picture taken with the legend, Kevin Mitnick. They want to know if the elaborate hacks in the stories are actually based on real-life, close-encounters. They want to know it all?.Did Jay Beale base his character on the movie "Real Genius"?.....Does FX ever smile?...How tall is Thor?...Is ?Blah? really Roelof Temmingh? Did the guys from Sensepost really receive death threats in South Africa for ?revealing too much?. But maybe most importantly?..they want to know: How does the story end?
"Stealing the Network: The Complete Series Collector's Edition, Final Chapter, and DVD" answers all these questions and more. Not only will longtime fans of the series find out how the story ends in the much anticipated "Final Chapter" (The "Final Chapter" will also be available separately as an E-Only product six months after publication of the Collector's Edition). They will get much more than this. The collector's edition also contains author-annotated versions of the entire series: How to Own the Box, How to Own a Continent, How to Own and Identity, and How to Own a Shadow. For the first time, the authors will reveal which of the stories and characters are actually based on fact. The authors will share e-mails they exchanged during the writing of the books....and even a few flames directed at one another! Fans of the series have always been attracted to the "rock stars" of the hacking underground who have contributed to the series over the years including: Dan Kaminsky (Effugas), Fyodor, Tim Mullen (Thor), Johnny Long, Ryan Russell (Blue Boar), Jay Beale, Joe Grand (Kingpin), Jeff Moss, and Kevin Mitnick...just to name a few. Friends and foes alike of the authors scour the internet for information on the authors, and some some have even successfully hacked into their computers and e-mail to find out more about them. Now...they can find out everything they ever wanted to know without risking federal prosecution in "Stealing the Network: The Complete Series Collector's Edition, Final Chapter, and DVD,"
In addition to "The Final Chapter" and the "Annotated Complete Series," the fanatics will also receive a DVD containing extended, personal interviews with the primary authors and editors of the series. The DVD also contains digital photographs from exclusive and secretive author dinners and meetings at Black Hat and Defcon.
Long time fans of the series as well as a new generation of hackers will be drawn to this unique collector's edition either for themselves or as a gift for their favorite hacker.
* Annotated by the original authors, readers find out for the first time which hacks and characters are real.
* The DVD contains exclusive, personal interviews with the rock star authors shot atBlack Hat and Defcon.
* Readers will finally learn the fate of "Knuth" in the much anticipated Final Chapter.

Google is the most popular search engine ever created, but Google's search capabilities are so powerful, they sometimes discover content that no one ever intended to be publicly available on the Web, including social security numbers, credit card numbers, trade secrets, and federally classified documents. Google Hacking for Penetration Testers, Third Edition, shows you how security professionals and system administratord manipulate Google to find this sensitive information and "self-police" their own organizations. You will learn how Google Maps and Google Earth provide pinpoint military accuracy, see how bad guys can manipulate Google to create super worms, and see how they can "mash up" Google with Facebook, LinkedIn, and more for passive reconnaissance. This third edition includes completely updated content throughout and all new hacks such as Google scripting and using Google hacking with other search engines and APIs. Noted author Johnny Long, founder of Hackers for Charity, gives you all the tools you need to conduct the ultimate open source reconnaissance and penetration testing.

This book contains some of the most up-to-date information available anywhere on a wide variety of topics related to Techno Security. As you read the book, you will notice that the authors took the approach of identifying some of the risks, threats, and vulnerabilities and then discussing the countermeasures to address them. Some of the topics and thoughts discussed here are as new as tomorrow s headlines, whereas others have been around for decades without being properly addressed. I hope you enjoy this book as much as we have enjoyed working with the various authors and friends during its development. Donald Withers, CEO and Cofounder of TheTrainingCo.
Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30-plus years of experience in the worlds of both physical and technical security.
Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise.
Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving.
Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency.
Kevin O Shea on Seizure of Digital Information discusses collecting hardware and information from the scene.
Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics.
Dennis O Brien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations.
Ron Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards.
Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologist s responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works.
Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, what it can and can t do, and arms you with the information you need to set your career path.
Eric Cole on Insider Threat discusses why the insider threat is worse than the external threat and the effects of insider threats on a company.
*Internationally known experts in information security share their wisdom
*Free pass to Techno Security Conference for everyone who purchases a book $1,200 value
*2-HOUR DVD with cutting edge information on the future of information security"

Nationwide and around the world, instant messaging use is growing, with more than 7 billion instant messages being sent every day worldwide, according to IDC. comScore Media Metrix reports that there are 250 million people across the globe--and nearly 80 million Americans--who regularly use instant messaging as a quick and convenient communications tool.
Google Talking takes communication to the next level, combining the awesome power of Text and Voice This book teaches readers how to blow the lid off of Instant Messaging and Phone calls over the Internet.
This book will cover the program Google Talk in its entirety. From detailed information about each of its features, to a deep-down analysis of how it works. Also, we will cover real techniques from the computer programmers and hackers to bend and tweak the program to do exciting and unexpected things.
* Google has 41% of the search engine market making it by far the most commonly used search engine
* The Instant Messaging market has 250 million users world wide
* Google Talking will be the first book to hit the streets about Google Talk"

The best-selling Stealing the Network series reaches its climactic conclusion as law enforcement and organized crime form a high-tech web in an attempt to bring down the shadowy hacker-villain known as Knuth in the most technically sophisticated Stealing book yet.
Stealing the Network: How to Own a Shadow is the final book in Syngress ground breaking, best-selling, Stealing the Network series. As with previous title, How to Own a Shadow is a fictional story that demonstrates accurate, highly detailed scenarios of computer intrusions and counter-strikes. In How to Own a Thief, Knuth, the master-mind, shadowy figure from previous books, is tracked across the world and the Web by cyber adversaries with skill to match his own. Readers will be amazed at how Knuth, Law Enforcement, and Organized crime twist and torque everything from game stations, printers and fax machines to service provider class switches and routers steal, deceive, and obfuscate. From physical security to open source information gathering, Stealing the Network: How to Own a Shadow will entertain and educate the reader on every page. The book s companion Web site will also provide special, behind-the-scenes details and hacks for the reader to join in the chase for Knuth.
. The final book in the Stealing the Network series will be a must read for the 50,000 readers worldwide of the first three titles
. The companion Web site to the book will provide challenging scenarios from the book to allow the reader to track down Knuth
. Law enforcement and security professionals will gain practical, technical knowledge for apprehending the most supplicated cyber-adversaries"

"InfoSec Career Hacking" starts out by describing the many, different InfoSec careers available including Security Engineer, Security Analyst, Penetration Tester, Auditor, Security Administrator, Programmer, and Security Program Manager. The particular skills required by each of these jobs will be described in detail, allowing the reader to identify the most appropriate career choice for them.
Next, the book describes how the reader can build his own test laboratory to further enhance his existing skills and begin to learn new skills and techniques. The authors also provide keen insight on how to develop the requisite soft skills to migrate form the hacker to corporate world.
* The InfoSec job market will experience explosive growth over the next five years, and many candidates for these positions will come from thriving, hacker communities
* Teaches these hackers how to build their own test networks to develop their skills to appeal to corporations and government agencies
* Provides specific instructions for developing time, management, and personal skills to build a successful InfoSec career