Tài liệu miễn phí An ninh - Bảo mật
Download Tài liệu học tập miễn phí An ninh - Bảo mật
Windows 2000/XP Professional
The upgrade to Windows 2000 Professional is Windows XP Professional. The upgrade to Windows 2000 Server will be Windows Server .NET. Windows 2000 and XP Professional are very similar. They both inherit multiple security configuration tools from the Windows 2000 platform – but XP adds some new security features as well. Any study of Windows 2000/XP Professional should keep in mind the numerous Windows 2000 platform security features.
8/29/2018 4:28:35 PM +00:00
Security Essentials Day 3
Hello. Welcome to Network Fundamentals. Over the next several modules we are going to look at various aspects of networking and how computers connect over a network. Understanding the key issues of networking is critical to being able to secure a network. The basic question comes down to if you do not understand how a network operates, how are you going to be able to secure it? In this module, we are going to cover some of the fundamental principles of networking that you will need to understand in order to build a secure network....
8/29/2018 4:28:34 PM +00:00
IP Concepts
In this module we are going to cover various aspects of IP. We are going to start by looking at one of the most common protocol stacks: The OSI protocol stack and look at how communications is broken down into seven core areas. We are then going to compare the seven layer OSI stack with the TCP/IP protocol stack. Then, we are going to cover numbering systems and see how to translate between decimal and binary.
8/29/2018 4:28:34 PM +00:00
The IP Behavior
In this module, IP Behavior, we are going to take a look at how to analyze TCP/IP information and how one would actually go about pulling it off the wire and looking for patterns. The key point when it comes to security is, “Knowledge is power and ignorance is deadly.” Not understanding what is occurring on your network can be very dangerous from a security standpoint because if you do not understand what is occurring, then how can you determine whether it is good or bad?
8/29/2018 4:28:34 PM +00:00
Routing Fundamentals
Hello, welcome to Routing Fundamentals. Just like it is important to understand how networks operate in order to secure them, it is also critical to understand how routers and routing work in order to have a secure network. What allows people from all over the world to communicate and what allows the Internet to function is routers. Routers are responsible for determining the path and sending traffic from source to destination.
8/29/2018 4:28:34 PM +00:00
Host Perimeter Defense
Most of us have a problem. We are under attack. At this very moment, our internet-connected computer systems are being subjected to a surprising number of probes, penetration attempts, and other malicious attention. In this talk, we will discuss the types of attacks that are being used against our computers, and how to defend against these attacks.
8/29/2018 4:28:34 PM +00:00
Securing Exchange Server and Outlook Web Access
Even as recently as five years ago, many computer industry experts would never have guessed how pervasive and “business critical” electronic messaging would eventually become. The degree to which some information technology professionals are surprised by the pervasive nature of today’s electronic mails systems is merely amusing to those of us that have had an e-mail address for more than 20 years. I have been using electronic mail of one type or another since 1980 and have specialized in messaging systems since 1988, so it comes as no surprise to me the current dependency that businesses and government entities have on...
8/29/2018 4:28:33 PM +00:00
Windows 9x Security
For our third session of the second part of the course, we will focus on the Windows 95 and Windows 98 operating systems. The examples are tested on Windows 98 since 95 systems are starting to be retired. The most important thing to know about this flavor of Windows is there is no file security.
8/29/2018 4:28:33 PM +00:00
Windows NT 4.0 Security
In our next sections together we will consider the Windows NT and Windows 2000 operating systems. Windows NT was Microsoft’s first effort in building a production server operating system, and they made a number of changes and improvements in Windows 2000. We are going to take a quick look at the architecture and file system and then move into the tools that you can use to gather clues from your operating system.
8/29/2018 4:28:33 PM +00:00
Unix Use and Security From The Ground Up_ The Prophet
A Unix system can easily be identified by its prompts. When you first connect to a Unix system, you should receive the login prompt, which is usually Login: (Note, that the first character may or may not be capitalized.) On some systems, this prompt may be ;Login: or User: (Again, the first letter may or may not be capitalized.) This may be preceded by a short message,
8/29/2018 4:28:33 PM +00:00
Risk Management The Big Picture – Part 2
If attackers are going to take advantage of vulnerabilities, it makes sense that we need to find them before they do. System, network, and telephone vulnerability scanning tools are a powerful method of doing this. Lets take a look at another Internet threat. This is the threat introduced by users who download and run utilities that are designed to share and search for files across the Internet. Examples are the programs Napster, Gnutella, and more recently Scour. In the next two slides we’ll examine Gnutella, its function, and the dangers it introduces....
8/29/2018 4:28:33 PM +00:00
Risk Management The Big Picture – Part III
Host-based intrusion detection could also be called host-specific intrusion detection, in that its primary purpose is to detect suspicious activity or known attack patterns on the specific host it is installed on. Some host-based intrusion detection systems (HIDS) have a number of host detectors reporting to a central management console that can flag alerts, centralize logs, and update the host detectors’ policies. Other HIDS are stand-alone.
8/29/2018 4:28:33 PM +00:00
Security Essentials Day 2 Threat and the Need for Defense in Depth
Welcome. As we begin day 2, or the second major set of courses in Security Essentials, the focus will be on defense in depth. This is a term that was coined by the Department of Defense and is a crucially important concept in information assurance. The topics that we are going to cover areshown below.
8/29/2018 4:28:33 PM +00:00
Risk Management The Big Picture – Part IV
In our next section we are going to introduce network-based intrusion detection. The detect engine in this case is either a firewall, a personal firewall, or an intrusion detection system. All of these work quite well. We will begin with a single attack, just to see how one might work and how we might detect it. Then we will explore the range of tools and show you how you can get in the game with a very low investment, possibly even free.
8/29/2018 4:28:33 PM +00:00
Ebook: Basic Security Policy
I never cease to be amazed by the fact that you can’t take a class in Information Security without being told to do this or that in accordance with “your security policy”, but nobody ever explains what the policy is, let alone how to write or evaluate it.
8/29/2018 4:28:33 PM +00:00
Risk Management The Big Picture – Part V
Welcome, let’s take a minute and revisit what we have learned so far. We started out with an example attack and then focused on one tool that would have given a lot of bang for the buck, a firewall. If you reflect back carefully on the firewalls and ways to avoid firewalls then you realize we introduced the concepts of threats and countermeasures. We covered the history of the threat as far back as 1995 to the most recent type of attacks.
8/29/2018 4:28:33 PM +00:00
Basic Security Policy
I never cease to be amazed by the fact that you can’t take a class in Information Security without being told to do this or that in accordance with “your security policy”, but nobody ever explains what the policy is let alone how to write or evaluate it. That is why we undertook this research and education project into basic security policy. We hope you will find this module useful and that you will participate in its evolution. Consensus is a powerful tool. We need the ideas and criticisms from the information security community in order to make this The Roadmap for usable, effective policy....
8/29/2018 4:28:33 PM +00:00
Risk Management The Big Picture – Part VI
Now that we know the tools and the primary concepts, this part of the course is designed to help you pull everything together. This section is especially important if you need to present security proposals to management. Your next slide, titled Risk Management – Where do I Start presents the roadmap we showed you almost at the beginning of the course. We will bet you have a much clearer idea of how to analyze risks and establish a security infrastructure at this point. Let’s go take a look at the roadmap!...
8/29/2018 4:28:33 PM +00:00
Password Assessment and Management
This module will address password security. Although user names and passwords are a familiar technology, most people are not aware of the inherent weaknesses in many of the different passwordbased authentication schemes in use today. These weaknesses are important to understand since many networks would be compromised if passwords on just a few key machines (such as firewalls, DNS servers, or Windows domain controllers) were known to an attacker.
8/29/2018 4:28:33 PM +00:00
Incident Handling Foundations
Hello. The material we are going to cover this next hour is central to understanding the theory and practice of information security. This is a foundational course, developed for the SANS Security Essentials program. When you complete this course there will be a quiz available from the SANS web page to help reinforce the material and ensure your mastery of it.
8/29/2018 4:28:33 PM +00:00
Information Warfare
Warfare can be broadly defined as the waging of armed conflict against an enemy. In this module we will consider what warfare means in the context of today's information systems and networks. We will see that the fundamental principles of warfare known for thousands of years are still relevant on today's new battleground.
8/29/2018 4:28:33 PM +00:00
Web Security
Hello. With everything that is occurring on the Internet and all of the articles that have been written, web security is a very exciting area. Most attacks that are publicized are either directly or indirectly web-based attacks. Every company and person seems to have a web site, yet most web sites are not designed or built properly from a security standpoint.
8/29/2018 4:28:33 PM +00:00
THE ART OF DECEPTION FULL
Some hackers destroy people's files or entire hard drives; they're called crackers or vandals. Some novice hackers don't bother learning the technology, but simply download hacker tools to break into computer systems; they're called script kiddies. More experienced hackers with programming skills develop hacker programs and post them to the Web and to bulletin board systems. And then there are individuals who have no interest in the technology, but use the computer merely as a tool to aid them in stealing money, goods, or services. Despite the media-created myth of Kevin Mitnick, I am not a malicious hacker. But I'm getting ahead of myself....
8/29/2018 4:28:32 PM +00:00
(ebook) computer security handbook
This handbook provides assistance in securing computer-based resources (including hardware, software, and information) by explaining important concepts, cost considerations, and interrelationships of security controls. It illustrates the benefits of security controls, the major techniques or approaches for each control, and important related considerations. 1
8/29/2018 4:28:31 PM +00:00
Using Your Sybex Electronic
T his book has been a great project to work on. I’d like to thank the people at Sybex who helped put this book together: Julie Sakaue and Emily Wolman for their wonderful editorial work, Shannon Murphy for cracking the scheduling whip and helping keep us all organized, Judy Fung and Jangshi Wang for making sure all the pages fit, and Heather O’Connor and Neil Edde for their guidance throughout.
8/29/2018 4:28:31 PM +00:00
Why Do You Need a Firewall?
A firewall is a piece of software or hardware that filters all network traffic between your computer, home network, or company network and the Internet. It is our position that everyone who uses the Internet needs some kind of firewall protection. This chapter tells you what a firewall does and sets down the basic questions that you should ask as you are evaluating spe- cific firewalls.
8/29/2018 4:28:30 PM +00:00
The Little Black Book of Computers Viruses
The Little Black Book of Computer Viruses has seen five good years in print. In those five years it has opened a door to seriously ask the question whether it is better to make technical information about computer viruses known or not. When I wrote it, it was largely an experiment. I had no idea what would happen. Would people take the viruses it contained and rewrite them to make all kinds of horrificly destructive viruses? Or would they by and large be used responsibly?
8/29/2018 4:28:29 PM +00:00
Game Console Hacking: Xbox, Playstation, Nintendo Atari and Gamepark 32
The way we customize our things says a lot about who we are. Today, everywhere we look, we are surrounded by a convergence of media – videogames, advertisements, and television.We are told what to believe, how to think, and how to act.We are told what’s cool and what’s not, what we should buy, what we should wear, and what music we should listen to. Hardware hacking has never been about what the mainstream media thinks. It’s about creativity, education, experimentation, personalization, and just having fun.This book is no different....
8/29/2018 4:28:29 PM +00:00
Haking live_ New Version Available
Our magazine is more than just eighty printed pages enclosed in a colourful cover. Just take a look at our website, forum, online store, hakin9.live... All this just for you, our valued readers. Our primary goal is to help you expand your knowledge. And we are constantly trying to fi nd new ways to reach this goal. There is probably no need to mention that in both the current and future issues of the hakin9 magazine you will fi nd valuable articles showing you secrets of IT security. But there is more to it....
8/29/2018 4:28:28 PM +00:00
Managing Information Risk and the Economics of Security
Preface Security has been a human concern since the dawn of time. With the rise of the digital society, information security has rapidly grown to an area of serious study and ongoing research. While much research has focused on the technical aspects of computer security, far less attention has been given to the management issues of information risk and the economic concerns facing firms and nations.
8/29/2018 4:28:28 PM +00:00