Autore	Salmon Arthur
Edizione	[1st edition]
Pubbl/distr/stampa	Birmingham, England ; ; Mumbai, [India] : , : Packt, , 2017
Descrizione fisica	1 online resource (320 pages) : illustrations
Disciplina	005.8
Soggetto topico	Computer networks - Security measures Business enterprises - Computer networks - Security measures
Soggetto genere / forma	Electronic books.
ISBN	1-78646-968-5
Formato	Materiale a stampa
Livello bibliografico	Monografia
Lingua di pubblicazione	eng
Nota di contenuto	Cover -- Copyright -- Credits -- About the Authors -- About the Reviewer -- www.PacktPub.com -- Customer Feedback -- Table of Contents -- Preface -- Chapter 1: Introduction to Network Security -- Murphy's law -- Hackers (and their types) defined -- Hacker tools -- The hacking process -- Ethical hacking issues -- Current technologies -- Recent events and statistics of network attacks -- Our defense -- Security for individuals versus companies -- Wi-Fi vulnerabilities -- Knowns and unknowns -- False positives -- Mitigation against threats -- Building an assessment -- Summary -- References -- Chapter 2: Sniffing the Network -- What is network sniffing? -- Why network sniffing is important -- Scan a single IP -- Scan a host -- Scan a range of IPs -- Scan a subnet -- Nmap port selection -- Scan a single port -- Scan a range of ports -- Scan 100 most common ports (fast) -- Scan all 65535 ports -- Nmap port scan types -- Scan using TCP SYN scan (default) -- Scan using TCP connect -- Service and OS detection -- Detect OS and services -- Standard service detection -- More aggressive service detection -- Lighter banner-grabbing detection -- Nmap output formats -- Save default output to file -- Save in all formats -- Scan using a specific NSE script -- Scan with a set of scripts -- Lab 1-a scan to search for DDoS reflection UDP services -- Using Wireshark filters -- Wireshark filter cheat sheet -- Lab 2 -- Sparta -- Brute-force passwords -- Lab 3-scanning -- Scanning a subnet -- Spoofing and decoy scans -- Evading firewalls -- Gathering version info -- UDP scan -- The reason switch -- Using a list -- Output to a file -- Commands -- Starting the listener -- Countermeasures -- Summary -- Chapter 3: How to Crack Wi-Fi Passwords -- Why should we crack our own Wi-Fi? -- What's the right way to do it? -- The method -- The requirements -- What is packet injection?. Wi-Fi cracking tools -- The steps -- The Transmission Control Protocol (TCP) handshake -- The password lists -- How to make a strong password -- The short version (a cheat-sheet for the aircrack-ng suite) -- Summary -- Chapter 4: Creating a RAT Using Msfvenom -- Remote Access Trojans -- Ways to disguise your RAT though Metasploit -- PDF-embedded RAT -- MS Word-embedded RAT -- Android RAT -- Your defence -- Summary -- References -- Chapter 5: Veil Framework -- Veil-Evasion -- Veil-Pillage -- How do hackers hide their attack? -- Intrusion with a PDF -- The scenario -- Veil-PowerTools -- What is antivirus protection? -- What are some vulnerabilities in antivirus protection? -- Evasion and antivirus signatures -- Summary -- References -- Chapter 6: Social Engineering Toolkit and Browser Exploitation -- Social engineering -- What are web injections? -- How SQL injections work -- Cross site scripting (XSS) attacks -- Preventative measures against XSS attacks -- How to reduce your chances of being attacked -- Browser exploitation with BeEF -- Browser hijacking -- BeEF with BetterCap -- BeEF with man-in-the-middle framework (MITMF) -- BeEF with SET -- Summary -- Chapter 7: Advanced Network Attacks -- What is an MITM attack? -- Related types of attacks -- Examples of MITM -- Tools for MITM attacks -- Installing MITMF using Kali Linux -- Summary -- Chapter 8: Passing and Cracking the Hash -- What is a hash? -- Authentication protocols -- Cryptographic hash functions -- How do hackers obtain the hash? -- What tools are used to get the hash? -- How are hashes cracked? -- How do pass the hash attacks impact businesses? -- What defences are there against hash password attacks? -- Summary -- References -- Links to download tools -- Chapter 9: SQL Injection -- What is SQL and how does it work? -- SQL command examples -- SQL injection. Examples of SQL injection attacks -- Ways to defend against SQL injection attacks -- Attack vectors for web applications -- Bypassing authentication -- Bypass blocked and filtered websites -- Finding vulnerabilities from a targeted sites -- Extracting data with SQLmap -- Hunting for web app vulnerabilities with Open Web Application Security Project (OWASP) ZAP -- Summary -- Chapter 10: Scapy -- Scapy -- Creating our first packet -- Sending and receiving -- Layering -- Viewing the packet -- Handling files -- The TCP three way handshake -- SYN scan -- A DNS query -- Malformed packets -- Ping of death -- Teardrop attack (aka Nestea) -- ARP cache poisoning -- ARP poisoning commands -- ACK scan -- TCP port scanning -- VLAN hopping -- Wireless sniffing -- OS fingerprinting ISN -- Sniffing -- Passive OS detection -- Summary -- Chapter 11: Web Application Exploits -- Web application exploits -- What tools are used for web application penetration testing? -- What is Autopwn? -- Using Autopwn2 -- What is BeEF and how to use it? -- Defenses against web application attacks -- Summary -- Chapter 12: Evil Twins and Spoofing -- What is an evil twin? -- What is address spoofing? -- What is DNS spoofing? -- What tools are used for setting up an evil twin? -- The dangers of public Wi-Fi and evil twins -- How to detect an evil twin? -- Summary -- Chapter 13: Injectable Devices -- A deeper look into USB -- A possible threat -- An evil USB -- How does the Rubber Ducky work? -- Disabling ports -- A KeyGrabber? -- What the glitch? -- Summary -- Chapter 14: The Internet of Things -- What is the Internet of Things? -- IOT vulnerabilities and cyber security -- IOT and botnets -- Summary -- Sources -- Chapter 15: Detection Systems -- IDS -- IPS -- Host based -- Network-based -- Physical -- Summary of differences -- Why? -- Who and when?. Security Information and Event Management (SIEM) -- Splunk -- Alert status -- IDS versus IPS -- Snort as an IPS -- How? -- Lab 1-installing Snort and creating ICMP rules lab -- Lab 2-create the following snort.conf and icmp.rules files -- Rule options -- Lab 3-execute Snort -- Show log alert -- Alert explanation -- Lab 4-execute Snort as Daemon -- Summary -- Chapter 16: Advance Wireless Security Lab Using the Wi-Fi Pineapple Nano/Tetra -- The history of Wi-Fi - the WLAN standard -- Wireless vulnerability -- The Wi-Fi Pineapple -- For penetration testing -- Lab 1-how to set up -- Getting connected -- Performing a scan -- Getting connected, managing your network, and broadcasting Wi-Fi -- Reporting data -- Logging data with Pineapple -- Reporting data -- Enabling the landing page -- Summary -- Chapter 17: Offensive Security and Threat Hunting -- What is offensive security? -- What tools are used for offensive security? -- SET browser exploit lab -- Threat hunting platforms -- Using the Pineapple for offensive security -- Lab 1-setting up an Evil Portal on the Pineapple -- Summary -- Index.
Record Nr.	UNINA-9910465787003321

Autore	Halpert Ben
Edizione	[1st edition]
Pubbl/distr/stampa	Hoboken, N.J., : John Wiley & Sons, c2011
Descrizione fisica	1 online resource (224 p.)
Disciplina	005.8
Altri autori (Persone)	HalpertBen <1986->
Collana	Wiley corporate F & A
Soggetto topico	Business enterprises - Computer networks - Security measures Cloud computing - Security measures Information technology - Security measures Data protection
ISBN	1-118-11604-6 1-283-17726-9 9786613177261 1-118-26909-8 1-118-11602-X
Classificazione	BUS003000
Formato	Materiale a stampa
Livello bibliografico	Monografia
Lingua di pubblicazione	eng
Nota di contenuto	AUDITING CLOUD COMPUTING: A Security and Privacy Guide; Contents; Preface; Chapter 1: Introduction to Cloud Computing; Chapter 2: Cloud-Based IT Audit Process; Chapter 3: Cloud-Based IT Governance; Chapter 4: System and Infrastructure Lifecycle Management for the Cloud; Chapter 5: Cloud-Based IT Service Delivery and Support; Chapter 6: Protection and Privacy of Information Assets in the Cloud; Chapter 7: Business Continuity and Disaster Recovery; Chapter 8: Global Regulation and Cloud Computing; Chapter 9: Cloud Morphing: Shaping the Future of Cloud Computing Security and Audit Appendix: Cloud Computing Audit ChecklistAbout the Editor; About the Contributors; Index
Record Nr.	UNINA-9910139629403321

Autore	Panko Raymond R.
Edizione	[Tenth, global edition.]
Pubbl/distr/stampa	Harlow, England : , : Pearson, , [2015]
Descrizione fisica	1 online resource (515 pages) : illustrations
Disciplina	658.478
Collana	Always learning
Soggetto topico	Business enterprises - Computer networks - Security measures
ISBN	1-292-07548-1
Formato	Materiale a stampa
Livello bibliografico	Monografia
Lingua di pubblicazione	eng
Record Nr.	UNINA-9910154774003321

Autore	Calder Alan
Edizione	[Second edition.]
Pubbl/distr/stampa	Cambridgeshire, England : , : IT Governance Publishing, , 2013
Descrizione fisica	1 online resource (111 p.)
Disciplina	658.478
Soggetto topico	Business enterprises - Computer networks - Security measures Confidential business information Computer security - Management - Standards
ISBN	1-84928-531-4
Formato	Materiale a stampa
Livello bibliografico	Monografia
Lingua di pubblicazione	eng
Record Nr.	UNINA-9910788865403321

Autore	Smith Gordon E (Gordon Edward)
Pubbl/distr/stampa	Hoboken, N.J., : Wiley, c2004
Descrizione fisica	1 online resource (242 p.)
Disciplina	658.8/4
Soggetto topico	Electronic commerce - Security measures Business enterprises - Computer networks - Security measures
Soggetto genere / forma	Electronic books.
ISBN	1-280-34607-8 9786610346073 0-471-67493-1
Formato	Materiale a stampa
Livello bibliografico	Monografia
Lingua di pubblicazione	eng
Nota di contenuto	Introduction -- Legal issues related to E-commerce -- Information security -- Certificates and non-repudiation -- Protecting the E-commerce environment -- Protecting E-commerce data -- Auditing an E-commerce application.
Record Nr.	UNINA-9910456180603321