Book Description
The complete guide to the most popular Cisco PIX®, ASA, FWSM, and IOS® firewall security features
- Learn about the various firewall models, user interfaces, feature sets, and configuration methods
- Understand how a Cisco firewall inspects traffic
- Configure firewall interfaces, routing, IP addressing services, and IP multicast support
- Maintain security contexts and Flash and configuration files, manage users, and monitor firewalls with SNMP
- Authenticate, authorize, and maintain accounting records for firewall users
- Control access through the firewall by implementing transparent and routed firewall modes, address translation, traffic filtering, user authentication, content filtering, application inspection, and traffic shunning
- Increase firewall availability with firewall failover operation
- Understand how firewall load balancing works
- Generate firewall activity logs and learn how to analyze the contents of the log
- Verify firewall operation and connectivity and observe data passing through a firewall
- Control access and manage activity on the Cisco IOS firewall
- Configure a Cisco firewall to act as an IDS sensor
Every organization has data, facilities, and workflow processes that are critical to their success. As more organizations make greater use of the Internet, defending against network attacks becomes crucial for businesses. Productivity gains and returns on company investments are at risk if the network is not properly defended. Firewalls have emerged as the essential foundation component in any network security architecture.
Cisco ASA and PIX Firewall Handbook is a guide for the most commonly implemented features of the popular Cisco Systems® firewall security solutions. This is the first book to cover the revolutionary Cisco ASA and PIX® version 7 security appliances. This book will help you quickly and easily configure, integrate, and manage the entire suite of Cisco® firewall products, including Cisco ASA, PIX version 7 and 6.3, the Cisco IOS router firewall, and the Catalyst Firewall Services Module (FWSM). Organized by families of features, this book helps you get up to speed quickly and efficiently on topics such as file management, building connectivity, controlling access, firewall management, increasing availability with failover, load balancing, logging, and verifying operation. Shaded thumbtabs mark each section for quick reference and each section provides information in a concise format, with background, configuration, and example components. Each section also has a quick reference table of commands that you can use to troubleshoot or display information about the features presented. Appendixes present lists of well-known IP protocol numbers, ICMP message types, and IP port numbers that are supported in firewall configuration commands and provide a quick reference to the many logging messages that can be generated from a Cisco PIX, ASA, FWSM, or IOS firewall.
Whether you are looking for an introduction to the firewall features of the new ASA security appliance, a guide to configuring firewalls with the new Cisco PIX version 7 operating system, or a complete reference for making the most out of your Cisco ASA, PIX, IOS, and FWSM firewall deployments, Cisco ASA and PIX Firewall Handbook helps you achieve maximum protection of your network resources.
âMany books on network security and firewalls settle for a discussion focused primarily on concepts and theory. This book, however, goes well beyond these topics. It covers in tremendous detail the information every network and security administrator needs to know when configuring and managing market-leading firewall products from Cisco.â
âJason Nolet, Sr. Director of Engineering, Security Technology Group, Cisco Systems
This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.
Customer Reviews:
A excellent, detailed book on PIX Firewall configurations.......2007-05-02
The Cisco ASA and PIX Firewall Handbook by Dave Hucaby is an excellent book on PIX firewalls and covers versions 6.x and 7.x, including FWSM configurations. There is negligible coverage of ASA and readers looking for a detailed ASA book best look elsewhere. The cream of this book is really Chapter 6 - Controlling Access Through the Firewall. A detailed chapter of running the Pix in Transparent mode, Address Translation, ACL's, Content filtering, Modular Policy Framework, along with Application Inspection. The section on the Modular Policy Framework is very good and detailed. I plan to refer to this book often when troubleshooting PIX's.
There were hardly any errors or issues with this book. For example, in Chapter 7: Increasing Firewall Availability with Failover, the author writes that Stateful firewall failover packets are sent using IP Protocol 8 (EGP). I presume they meant IP protocol 105.
The authors list configuration commands for FWSM , 6.x and 7.x versions of the PIX. Personally, I'm not too fond of this approach and would rather read commands pertaining to a single version. Commands of other versions are available at the Cisco Documentation site.
More detail, please.......2007-01-12
While the book was rather detailed in several areas, I was hoping it would be more detailed on the subject of VPN. While most of it is straight forward, configuring VPN on the 5520 was a pain. Someone reading this book should be from a large enterprise, using failover, etc. Someone from a small company that is not using these features might find it to be overkill, and start looking for other books to meet their specific needs.
Complement to other sources available.......2006-08-26
I think author did a wonderful job filling in where other popular litrature about PIX left off. I read the CCSP book, and leared alot. This book filled in stuff that CCSP book just does not talk about. Not to knock the CCSP book; each auther can only fill in so much. It is a difficult decision on what to keep and what to leave off. I find the PIX and ASA book is very practical. If you want a good understanding of this platform, then you want this book as the pliers in your tool box of knowledge. Do not expect it to be swiss army tool though. I think author was especially considerate to the reader's needs to publish items that other litrature just does not cover. There is alot of good information. Nice pictures which addressed questions I had and even posted to some CCIE sites and there was no answer. Definately worth buying.
Very little on ASA.......2006-06-26
This book is very helpful for PIX firewalls, but is mislabeled for ASA. There is very little on the ASA product. Usually just a mention of command differences between ASA and PIX. If you are looking for a book on ASA do not buy this book.
One point makes this book a must have.......2006-05-27
Most commands explained have three lines:
PIX 6.3
PIX 7.0
FWSM
This allows you to work on multiple platforms easily with one handbook. Also tells you when something ISN'T supported so you don't have to go digging on the web.
Book Description
Information Technology Control and Audit, Second Edition is an excellent introductory textbook for IT auditing. It covers a wide range of topics in the field including the audit process, the legal environment of IT auditing, security and privacy, and much more. This textbook first examines the foundation of IT audit and control, discussing what IT auditing involves and the guidance provided by organizations in dealing with control and auditability issues. It then analyzes the process of audit and review, explores IT governance and control, and discusses the CobiT framework and steps that align IT decisions with business strategy. This volume examines project management processes that ensure that projects are controlled from inception through integration. It continues by addressing auditing IT acquisition and implementation, describing risks and controls as related to the life cycle of application systems. It highlights the purchase and installation of new systems, as well as change management. The next section examines the auditing of IT operations in both standalone and global environments, covering types of IT operation, issues related to specific platforms, risk and control assessment, and audit methods and support tools. The textbook concludes with a review of emerging issues, providing undergraduate and graduate students with a thorough overview of a topic critical to organizational security and integrity.
Customer Reviews:
Not good for the CISA exam.......2007-10-02
I bought this book as an additional material to study for the CISA exam. However it didn't help me with the exam at all. Furthermore, in an attempt to cover many things, it did not cover anything in detail. This book is just an endless recollection of bullet points. On top of that, it misses very sensitive topics like disaster recovery planning.
Useful reference material.......2007-02-02
This book has some material relevant to the CISA examination based on the 2003 content areas, although it is not organized or focused as a CISA examination guide. If you are looking for CISA review material for the test, I would strongly suggest to stick with ISACA's combination of review manual and questions CD. I also searched everywhere for study aids for this grueling test and ended up using ISACA's expensive material, but it proved to be the best choice as I passed the Dec 2006 test.
However, as owner of a copy of this book, I assure you that this is an excellent reference of IT management, planning, implementation, risk assessment and control procedures for anyone in the IT business. Most of the material is still relevant as of 2007.
Finally a usable explanation of controls!.......2006-12-30
Audit is not the most exciting topic in the world, but this no fluff book really sets the standard. The care the authors took is obvious from the start, the table of contents is one of the most detailed I have ever seen, it allows the book to be used as a reference.
My favorite chapter was Quality Management, best job of making quality approachable I have seen to date. My least favorite was Project Management, it seemed to lack the application and lean to theory a bit.
I am not an auditor, but as an auditee, this book really helped me understand how they think. Recommended!
Too thin.......2006-03-24
This is a huge book but spends no more then 1 page on any topic. In my opinion the authors only have financial audit experience and little understanding of IT controls. This book shows the failure of the 'integrated auditor' as the authors are tyring to be IT auditors with little IT experience. They touch on some very good points in a few instances and, in general, the book is decent. The authors do not know much outside of the CISA, IIA and financial based certifications as they seem to think that the ISSA (Information Systems Security Assoc.) is sponsored by ISC2/CISSP's (it is not). Overall, I have not been impressed with this book.
Great resource.......2005-12-13
Not having much experience in the IT audit field, this book was a great resource and was easy to understand.
Book Description
- Examines where security holes come from, how to discover them, how hackers exploit them and take control of systems on a daily basis, and most importantly, how to close these security holes so they never occur again
- A unique author team-a blend of industry and underground experts- explain the techniques that readers can use to uncover security holes in any software or operating system
- Shows how to pinpoint vulnerabilities in popular operating systems (including Windows, Linux, and Solaris) and applications (including MS SQL Server and Oracle databases)
- Details how to deal with discovered vulnerabilities, sharing some previously unpublished advanced exploits and techniques
Customer Reviews:
The hacker's bible.......2007-01-06
Watching the series "24" I'm often impress by how Chloe O'Brian and Edgar Stiles get to break into any system they want to with ease. Reading this book I now know where they got their information from. This book is a classic,any kind of exploit is analyse by accomplished security experts. The coverage is pretty intence and even seniors c and assembler programmers will need to read some of the material a few times to make sure they get it. This is the kind of book you have to take your time reading, yes it is that deep. Eventhough the book was released four years ago the price of the book remain the same, which tell me the information in it is valuable. If exploiting is something that is something to want to get into, look no further this is the only book you need.
Need some work........2006-09-28
As a security consultant and penetration tester I can say that this books is quite interesting and covers lots of software exploitation area but it still need some work. Mostly on how concept are explained, used and writen. You'll still find lots of papers on internet with better (more complete) explanation but still, this is a must have for every penetration testers and security auditor.
Be advise: This book is for not for beginners.
Excellent Book.......2005-09-26
In the last few months I've read several white hat/black hat books on security, and I must say that this one is the best. Not for the completely new to the subject, and a little too quick to explain some complex topics, but still a great book. I have only two complaints, which aren't making me give this book less than a 5:
1. There's a lot of errors in the content, and following such an advance book when you can't trust the code gets complicated.
2. There are a few chapters, particularly in section 3, where the style hasn't been neutralized, and you can absolutely tell that the book was written by 5 different people with almost no coordination.
Other than that, excellent book. I'm looking forward to buying Database Hacker's Handbook, by the same editor.
Koziol is great........2005-09-07
This book is absolutely excellent. One of the best, if not the best security book I have ever read.
As previously stated numerous times, it will require you have Assembly and C knowledge. If you don't know either one the book will move lightning fast and you will probably not have the ability to keep up. If you do know both, you should be able to take the book at a nice and steady speed.
Aside from difficulty, the rumors that it contains syntax errors ARE true. There are a few little errors in places like this (showing a typical off-by-one error to prove that C doesn't check boundries on arrays):
#include
int main() {
int array[5] = {1,2,3,4,5};
printf("%d",array[5];
}
While these errors ARE numerous and slightly annoying, the important thing to understand is that you get the general concepts they are trying to teach you. Anybody can fix the syntax to work correctly but if they don't know the logic behind the syntax it's no different than a car mechanic trying to fix a F-16 jet.
I am willing to overlook the syntax and lexical errors that appear in this book and give it a 5/5. I may be too light, but I think it's an absolutely essential book that everybody should read.
If you find yourself wanting to get a book, whether it be Hacking: The Art of Exploitation, Reversing: Secrets of Reverse Engineering, Rootkits: subverting the Windows kernel, or The Art of Computer Virus Research and Defense, while all excellent books (which I highly recommend you all read if this book interests you), if you have the ability to get The Shellcoders Handbook: Discovering and Exploiting Security Holes, you should.
One of the best!.......2005-02-26
This book is excellent. I highly recommend it for everyone from admins learning about what hackers are trying to do to their network to seasoned exploit writers. The best part of this book is that if gives a very solid foundation to anyone interested in the field. The only negative thing that I can say is that you can see a slight difference in writing style between some of the chapters, but I suppose that is to be expected with so many authors.
Book Description
David Litchfield has devoted years to relentlessly searching out the flaws in the Oracle database system and creating defenses against them. Now he offers you his complete arsenal to assess and defend your own Oracle systems. This in-depth guide explores every technique and tool used by black hat hackers to invade and compromise Oracle and then it shows you how to find the weak spots and defend them. Without that knowledge, you have little chance of keeping your databases truly secure.
Customer Reviews:
Interesting Reading.......2007-08-10
After reading it I thought "...well what were you expecting?, the keys to the house of Larry Ellison also?". It has interesting information for a non hacker like me, but much of the security problems are in the Oracle source code, and therefore there is not much I can do about it. Yes, now I know what not to do in the new code I program. You have to be a programmer to make sense of the code listings and have seen like dumps of snifers before. The language used by the author is clear for me.
Hope this helps
Nice to read a book with no waffle !!!.......2007-03-19
Have just read this book this week and it was a nice read, especialy after some of the c***p I have been reading lately!
Basicaly - If your systems estate has Oracle - Then you MUST read this.
I like this book, its good and the author really does know his stuff - its a light weight (easy to carry) book and good value for money
Some nice C / Java Snipets - so it helps if you know C.
This book is like a knife... you can cut the bread or you can kill with it..........2007-02-10
When I have started with this book I was amazed and afraid both. By this book all those tricks of SQL injections in Oracle has started to be a public knowledge. So this book is like a knife... you can cut the bread or you can kill with it. :) But let's be honest. It is always better to know especially when you are DBA, because of you are always far behind the attackers who probably spend their lifetime on browsing the code for security flaws. For that reason everyone how is responsible for practical Oracle security should read this book and learn how to defend. I belive that this book will grow in the future and will provide more & more examples. That is the game we use to play. New releases, new bugs, new flaws, new workarounds and finally some vendor final fixes. That is how oracle security process cycle should work. It is worth to be mentioned that in terms of quality, David Litchfield has started completly new period in cycle.
Oracle Hacker's Handbook review.......2007-01-25
The Oracle Hacker's Handbook (OHH) is a collection of techniques that could be used by an attacker to gain unauthorised access to an Oracle database server upto and including 10gR2. Most of these techniques are currently not public, so OHH is both new knowledge for an attacker and vital warning to those responsible for securing Oracle servers.
In a nutshell the new attacks include how to gain the version number remotely, brute force usernames, gain passwords/hashes from the OS, attack the listener, escalate privilege internally through PLSQL Packages and Triggers both directly and indirectly as well as defeating VPD. These attacks are illustrated both directly and through application server. By using these techniques and by accessing the Oracle files directly through the OS an attacker would be able to gain DBA privileges on most secured servers. Additionally using the code examples included an attacker could gain password hashes and then the actual DBA clear text password from the network using the password decryption code included. This will work even with complex quoted passwords.
This is the most effective public analysis of security vulnerabilities in Oracle products so far.
OHH is a technical book and not really an introduction to the subject though it could be picked up reasonably quickly as the text avoids unnecessary jargon.
The book could be enhanced by including more on defense strategies, such as, how to prepare and respond to an attack where the attacker has gained the clear text DBA password.
OHH has a free download site for pre-written proof of concept code which will helps avoid unnecessary typing. From a general readability point of view the book is concise and to the point. The sections are logically laid out and the examples have worked when tested. I would recommend those involved in Oracle security to read this book as soon as they can.
Book Description
Analyze your company’s vulnerability to hacks with expert guidance from Gray Hat Hacking: The Ethical Hacker’s Handbook. Discover advanced security tools and techniques such as fuzzing, reverse engineering, and binary scanning. Test systems using both passive and active vulnerability analysis. Learn to benefit from your role as a gray hat. Review ethical and legal issues and case studies. This unique resource provides leading-edge technical information being utilized by the top network engineers, security auditors, programmers, and vulnerability assessors. Plus, the book offers in-depth coverage of ethical disclosure and provides a practical course of action for those who find themselves in a "disclosure decision" position.
Customer Reviews:
this book is a waste of good paper.......2007-09-13
I have been condicting ethical hacking for 3 years and this book was such a let down, it falls well short in providing and good detailed content. Basically its the kind of stuff you learn on day 1 and shows no evidence of experience from an author who can hack into systems. My advise is save your money as this book covers nothing you wouldnt find on Google in 5 minutes. You know it is so bad I think I will write my own book.
My advise google, wireshark, nmap and netcat the content you get it 5 minutes will be as good as this book.
Another revolutionary book from a revolutionary author!.......2007-08-18
Now Listen...
I know some of you look at these books as if it's a world of training people to be hackers. Now, maybe these books might create a few bad seeds, but they usually create a lot of good ones..
This book is astounding, I bought this book because I love researching all about hacking, security, and protection. My major is computer science and I am hoping to be a professional white hat security professional, a hacker that is hired to show the flaws in sites.
Now,when people see these books and say...this is madness!! books about hacking?!
I think these books are great.They help you protect yourself, your computer, your company, your website, your server.
This book shows a lot what hackers use...and the more you know about it, the better you can protect yourself.If you think that this trains bad hackers, well we cant change how some people use information.What I can tell you is that a lot of people will be better off with the information in this book for the companies and servers.
This author is excellent!
Great book!
A good guide for the beginner ethical hacker........2006-11-30
There is alot of good knowledge to be learned in this book, but it is very cutthroat and dry. There are almost no "real world" examples of what they talk about, and alot of it talks about using programs that were created for linux.. Otherwise it is a good book, but I have read better.
i love GHH.......2006-04-14
i have read tonnes of books on this subject.starting from secrets of a super hacker by knightmare(published way back in 94, trust me dat was a great read n even 2day i find myself glued to da back as the first time i read it.now coming back 2 gray hat hacking.this is wat i would like 2 call the hacking reference book for the next generation.every one concerned about security should consider picking up this book.u might as well save some money n picking up more knowledge than any of the hacking exposed books in the market.no this book is not for button clicking script kiddies who play around wid trojans n claim to be hackers or web defacers(lamers).if u belong to da breed of script kiddies pick up this disgustin book by ankit fadia (oh by the way ive reviewed it).i wouuld liek to congradulate the authors for the outstanding work put into this book.howeever it would be great to see expanded materials on various topics and a little more detail in tool description.its not bad but it could still be better.so as i said before get dis book u wont regret it.so kiddies grow up keep those hacking exposed n ankit fadias books apart throw em in da firplace burn em do anythin .but go get dis one
laterzzzzzz
Covers more than the typical hacking book.......2006-02-12
"Gray Hat Hacking - The Ethical Hacker's Handbook" is not your normal hacking book. This book should not be lumped in with the "Hacking Exposed" series nor the likes of "Counter Hack". What differentiates Gray Hat Hacking (GHH) from other books is the amount of code the book offers. This book is not for script kiddies, but instead shows how to advance to the next level of hacking (and, more importantly, prevention) by devoting over 100 pages to developing programming skills for both Linux and Window exploits. I had not encountered a book that dedicated this much space to scripting.
The authors take a delicate balance at discussing tools that are well documented in other publications (ettercap, xploit2 & p0f), and mentioning some lesser known tools (sharefuzz, RATS and valgrind). While I believe there is no doubt that the authors know their material, I do agree with other reviewers in wishing GHH was simply expanded. I also like that GHH offers many referrences. Page for page, this book probably received more highlights than any other hacking book I own.
I give this book 4 pings out of 5:
!!!.!
Book Description
The Hacker's Handbook: The Strategy Behind Breaking Into and Defending Networks, moves ahead of the pack of books about digital security by revealing the technical aspects of hacking that are least understood by network administrators. This is accomplished by analyzing subjects through a hacking/security dichotomy that details hacking maneuvers and defenses in the same context. Chapters are organized around specific technical components and administrative tasks, providing theoretical background that prepares network defenders for the always-changing and creative tools and techniques of intruders. This book is divided into three parts. Part I introduces programming, protocol, and attack concepts. Part II addresses subject areas (protocols, services, technologies, etc.) that may be vulnerable. Part III details consolidation activities that hackers may use following penetration. Each section provides a "path" to hacking/security Web sites and other resources that augment existing content. Referencing these supplemental and constantly-updated resources ensures that this volume remains timely and enduring. By informing IT professionals how to think like hackers, this book serves as a valuable weapon in the fight to protect digital assets.
Customer Reviews:
It wasn't what I expected........2005-07-19
I found they print of the book isn't practical, pages too closed to each other. It speaks about Windows2000 exploits and tools used to hack into it, while Windows2003 is out from a while; but no one can deny the book had usefull things in it.
The Definitive Guide to Computer Security.......2004-09-04
Susan has presented a thorough guide to computer security and how to guard against internal and external vulnerabilities. She allows the reader to get inside the mind of both the nefarious hacker and the seasoned defender.
Recommended for the beginner through the advanced security consultant.....
Make sure you have a copy of this handbook close at hand!.......2004-04-15
...This book covers a wide array of topics, focusing on three aspects of each topic: technical background, hacking, and security. The coverage is both comprehensive and practical. The book explains the technical and conceptual foundations of computer security. Its information is organized in a way that makes it easy to find material relevant to any questions you may have regarding hacking and security. And every chapter points to additional materials if you want to investigate further.
You'll learn all about the anatomy of various types of attacks, including the five elements of attack strategy: reconnaissance, mapping targets, system or network penetration, denial-of-service, and consolidation. You'll also learn about the tools you'll need to defend your network, how they all work within a security framework, and the strengths and weaknesses of each. Included are tools for the purposes of access control, authentication, auditing, privacy, intrusion detection, data integrity, and more.
If you are a network or security administrator, protecting your network's integrity is one of your most important tasks. Before you begin your chess match with the world's hackers, make sure you know the rules, the tools, and the possibilities of the game. Make sure you understand the strategies that will be used against you and that you can use against your opponents. Make sure you have a copy of The Hacker's Handbook close at hand. Hey, I do! - Raffiudeen Illahideen, IL, USA
Good solid work.......2004-02-26
"The Hacker's Handbook" is a comprehensive and entertaining volume on security. It has most of the defining traits of a great book, such as clearly stated goal (authors realize that lots of security books are out there and one needs to differentiate) as well as some unique content on application attacks.
The book is a technically sound volume, I found very few factual mistakes. I found some interesting content on central auth servers such as radius, which I haven't seen described well elsewhere. Defensive tool info is a bit jumbled and not new. For example, IDS coverage is too non-specific to be useful. I also found a couple of other chapters a bit weak on interesting content.
The book covers the security field on many levels - from concepts to scripts - and can be successfully used by entry-level people as well as experts. The book is better suited for technologists rather than managers. Security analysts/admins, hands-on security managers, security savvy system and network admins, students of computer security can benefuit from a book.
Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
Great Book.......2003-12-25
I am a computer security consultant and I think this book is great. I found it complete and through. I would highly recommend it. It is like 800 plus pages. I wonder how many keyboards got worn out authoring this outstanding work.
Book Description
Never before have there been so many laws designed to keep corporations honest. New laws and regulations force companies to develop stronger ethics policies and the shareholders themselves are holding publicly traded companies accountable for their practices. Consumers are also concerned over the privacy of their personal information and current and emerging legislation is reflecting this trend. Under these conditions, it can be difficult to know where to turn for reliable, applicable advice. The sixth edition of the Information Security Management Handbook addresses up-to-date issues in this increasingly important area. It balances contemporary articles with relevant articles from past editions to bring you a well grounded view of the subject. The contributions cover questions important to those tasked with securing information assets including the appropriate deployment of valuable resources as well as dealing with legal compliance, investigations, and ethics. Promoting the view that the management ethics and values of an organization leads directly to its information security program and the technical, physical, and administrative controls to be implemented, the book explores topics such as risk assessments; metrics; security governance, architecture, and design; emerging threats; standards; and business continuity and disaster recovery. The text also discusses physical security including access control and cryptography, and a plethora of technology issues such as application controls, network security, virus controls, and hacking. US federal and state legislators continue to make certain that information security is a board-level conversation and the Information Security Management Handbook, Sixth Edition continues to ensure that there you have a clear understanding of the rules and regulations and an effective method for their implementation.
Customer Reviews:
Excellent Security book.......2007-01-05
Excellent very extensive security book. A very good reminder for the preparation of the CISSP exam. (is one of the official recommended books).
I passed my CISSP exam, because of this book.
Jako Boonekamp
CISSP #97956
The Netherlands
A multiple vision of IT Security.......2006-03-23
This book is an excellent example of compilation of dozens of good works on IT Security. The quality of articles and the different points of view whereupon are treated turn to it an essential work. It only has a failure: such amount of information has been packed in only a volume that has forced the publisher to reduce both the font and the thickness of the paper to the maximum. Very bad for that no longer we have twenty years and in addition we were used to mark the most interesting paragraphs with a pencil.
Book content is excellent, but paper quality is worst ever.......2005-12-16
I am reading the fifth edition of this book. In the earlier editions the book was published in three or four volumes. The fifth edition is a combination of all volumes. So that is good.
The book is a dense read. But the content is excellent. There are 163 chapters in this book. Each chapter written by different authors - experts in respective areas. So the book provides a best of breed treatment to various assorted topics. However, not all chapters are good (but most are). I'd say about 20 or so are of filler kind of chapters. Nothing really special in them. But the book is worth for the rest of the matter.
The chapters are also written to provoke further thought into each area. Kind of "first principles" approach - which I like compared to the CISSP guide approach of "here is the information, now devour it for the exam". However this book is not an exam guide (and I knew that before hand). I bought this book for the matter in it and I am very satisfied.
If you are the kind of person who want to quickly assimilate and regurgitate the matter for CISSP, then dont even bother. I am kind of person who loves to read things from the basics slowly, getting the concepts and ideas all clear in my mind and hence I plan to finish this book before reading CISSP exam guide (which by the way is also sitting on my bookshelf).
However I have a major complaint againg the publishers. Having charged One hundred thirty dollars for a 2000 page book, I'd expect the quality of paper is decent. The paper is so thin, I invariably turn two pages when I am thiking it is one page. It is so thin, even turning the page carefully damages the paper. I agree that the content is specialized and most authors hold at least two or more certifications (CISSP, CISA, SSCP etc.), but that does not warrant printing the book on really wafer thin transparent paper. Sure, the publishers need to make money, but not by compromising the quality of the paper SO MUCH.
And you'd expect this kind of book to live on your shelf for a long long time than "Teach yourself crap in 24 hours" books, but the quality of paper will make that unlikely. Hence I am giving 4 stars to a book which otherwise would deserve 6 stars
Volumes vs editions.......2005-04-19
Some of the reviewers are confusing 'volumes' with editions. Each edition of this book contains several volumes. Each volume contains new papers, adding them to the current edition of the ISMH.
The current edition of the Information Security Management Handbook is the 5th. At present, it has only 2 volumes. This CD-ROM only contains the 1st volume of the 5th edition. There is a new CD-ROM of the ISMH with a 2005 date (ISBN 0849339422) which I *think* contains the new volume 2 of the 5th edition (ISBN 0849332109)
What makes this CD-ROM valuable over the 5thED-V1 book is that it contains the contents of the 3rd and the 4th editions! I know the 4th edition contained four volumes.
Excellent reference!.......2003-09-04
Excellent reference!
This is an excellent security reference!
If you are looking for a pure CISSP prep book, this is not the best. But for general info sec, this is an awesome book.
Average customer rating:
- PRIVACY CRISIS is an exceptional privacy reference tool. A must read for 2007.
- PRIVACY CRISIS provides information on banking secrecy in the U.S.A.
- Worth a Hundred Times the Price
- A timely guide to preventing stalking and identity theft
- A Must-read for Privacy-conscious Americans!
|
Privacy Crisis: Identity Theft Prevention Plan and Guide to Anonymous Living
Grant Hall
Manufacturer: James Clark King, LLC
ProductGroup: Book
Binding: Hardcover
 General
| Personal Finance
| Business & Investing
| Subjects
| Books
General
| Law
| Subjects
| Books
Consumer Guides
| Reference
| Subjects
| Books
General
| Reference
| Subjects
| Books
General
| Health, Mind & Body
| Subjects
| Books
Security
| How-to & Home Improvements
| Home & Garden
| Subjects
| Books
Similar Items:
-
How to Be Invisible: The Essential Guide to Protecting Your Personal Privacy, Your Assets, and Your Life (Revised Edition)
-
Protect Your Privacy: How to Protect Your Identity as well as Your Financial, Personal, and Computer Records in an Age of Constant Surveillance (Outwitting)
-
50 Ways to Protect Your Identity and Your Credit: Everything You Need to Know About Identity Theft, Credit Cards, Credit Repair, and Credit Reports
-
Stealing Your Life: The Ultimate Identity Theft Prevention Plan
-
Bulletproof Privacy: How to Live Hidden, Happy and Free!
ASIN: 0978657306
Release Date: 2006-12-01 |
Product Description
Privacy Crisis? Easy to believe if you ve ever had your identity stolen (America s fastest-growing crime). Or if you ve ever had snoops rifling through your credit files, hackers stealing your most personal computer information, or investigators trying to track you down for something you never did. To say nothing of being hunted by an obsessive stalker, discovering your phones are subject to government wiretaps, that your e-mail is being monitored, or that you re the target of scam and con artists. Your identity, your personal life, is your business and no one should be invading it without your permission. If you want to protect your personal privacy and freedom, this book can tell you exactly how to do it. Threats to privacy are growing rapidly. In the name of security, government intrusions into personal privacy are unprecedented and will only increase. Meanwhile, common criminals are finding, in identity theft, their own personal gold mine. Banks and merchants pry ever more deeply into your personal affairs before they will do business with you. Don t be a victim. Don t be a doormat. Protect yourself. Take back your personal freedom. This book is your guide.
Customer Reviews:
PRIVACY CRISIS is an exceptional privacy reference tool. A must read for 2007........2007-04-12
PRIVACY CRISIS was written by an author who has proved that through diligence, effort and a working knowledge of the system, one can have privacy in their life.
Grant Hall has opened new doors for those of us who previously believed that the road to financial privacy must be traveled by transferring assets to offshore 'havens' in an attempt to control our assets. In fact, Hall uses business resources that cater to the privacy seeker combined with knowledge of the financial system and negotiating skills to keep bank and brokerage funds hidden from those who may want to find them. Hall recommends using a company that rents safe deposit boxes without identification, tax i.d. or Social Security numbers-not even a name for those who want total secrecy. There's examples of cashing checks that leave no trail to the payee. Hold assets and property in total secrecy. These methods were eye openers for me.
I liken this book to an information enemy to the powers that want to control freedom loving Americans. Those who choose to become invisible to identity thieves, stalkers, private eyes can do it by practicing Hall's principles in PRIVACY CRISIS.
This is the best book on the subject I have read and I highly recommend it to those who desire personal privacy.
PRIVACY CRISIS provides information on banking secrecy in the U.S.A........2007-03-22
I have completed Privacy Crisis and this book answered many questions about privacy and the challenges we face today.
Grant Hall has covered all of the important money privacy issues and it is possible to make your assets and money disappear through the application of the principles outlined in the book. And this can be done in the U.S.A. What a break from the other authors who guide readers toward offshore banks and advise giving control to others.
I appreciate the attention to detail. Obviously, Hall has walked where other privacy writers have never gone. I would highly recommend this book to those who fear their bank accounts will be stolen or seized by government agencies or others. Thorough, complete and worth the money many times over, Privacy Crisis will become a big deal in the arena of Privacy Reference books.
This book may be the greatest investment a person could make to escape the threats of stalkers, identity thieves or others who wish you harm.
Buy this book.
Worth a Hundred Times the Price.......2007-03-02
Personal privacy is under siege these days. Mine was first invaded when cyber-crooks drained my checking account in a single day. If you don't take steps to protect yours, it too will go up in smoke. For you, maybe it's when an obsessed former spouse or fan starts stalking you. Or the government--claiming "national security"--begins wiretapping your phone. Maybe it's when your employer snoops on all your emails, a gumshoe rifles through your credit files, or you have to supply your most personal information just to open a checking account or buy a home.
You don't have to give up your God-given privacy. Believe me, this book will tell you everything you'll ever need to know about how to protect it--whether in just one area, or an entirely anonymous lifestyle. This author knows his stuff. He's practiced everything he writes about. So his book is far in advance of other privacy books that just recycle armchair theories or even worse, suggest you do things that are outright illegal.
Protect your identity. Protect the privacy of your home and business transactions--your computer, phone, mail, travel, bank account, stored items, credit files, hard assets, and investments. One invasion of your privacy will cost you ten or a hundred times the price of this one-of-a-kind book.
I wish I'd known about it before they emptied my bank account.
A timely guide to preventing stalking and identity theft.......2007-01-26
During this era of skyrocketing identity theft crimes, violence and death to innocent victims by stalkers, and government's tracking and monitoring of citizens' business, money and communication, Americans are seeking privacy for personal security and survival. Grant Hall writes on how to live an anonymous lifestyle in his new book, Privacy Crisis: Identity Theft Prevention Plan and Guide to Anonymous Living. And he should know. He used a non-traditional 'defense' to avoid a civil court case by disappearing for four years. A number of privacy tactics outlined in Privacy Crisis belong to Hall. I have never seen these in print-and I began reading privacy books prior to the publication of W.G. Hill's first PT book. Privacy Crisis may be the best book of its kind ever written.
According to Hall, privacy living is the answer to preventing identity theft. One can escape from a stalker or disappear-for any reason by using the information in Privacy Crisis. Alternate identification, renting and owning a home in secrecy, driving and working under the radar and establishing a clandestine communication and computer system are covered in detail. This book is thorough and complete and cites case histories and challenges the author of 'How to be Invisible' on the use of nominees.
Hall provides insight on anonymous banking, cashing checks privately, alternate name debit cards and provides a resource for obtaining a safe deposit box requiring no name or Social Security number. There's information on how to keep investments, property and businesses a secret. All of this can be accomplished in the U.S.A. of all places-a welcome change from the many books offering unrealistic, inconvenient, expensive, offshore remedies for domestic privacy problems.
A Must-read for Privacy-conscious Americans!.......2007-01-14
It goes without saying that personal privacy is a rare commodity in America today. Identity theft has become the country's fastest growing crime. Con artists relentlessly target us while greedy lawyers and vengeful ex-spouses threaten to drain our bank accounts and assets. Our personal computers have become open doors into the most discreet corners of our lives. And that doesn't begin to address threats to our privacy from the government, eavesdropping employers, nosey snoops with hidden agendas, eavesdropping employers, and increasingly intrusive marketing-crazed companies.
Privacy Crisis is easily one of the best books on privacy ever written. Through his eye-opening inside perspective, as someone who evaded private investigators and attorneys for four years by living "below the radar," Grant Hall has brought us an authoritative how-to guide for the average American who wants to protect his or her privacy on an practical level. Far superior to the many theory-laden books on privacy, Privacy Crisis is a revealing step-by-step manual written by someone who has walked the walk. This book is required reading for anyone concerned about their personal and financial privacy in an ever-threatening society.
Phillip Townsend
International Consultant and Privacy Expert
Average customer rating:
|
Disaster Recovery: Principles and Practices (Prentice Hall Security Series)
April Wells ,
Charlyne Walker ,
Timothy Walker , and
David Abarca
Manufacturer: Prentice Hall
ProductGroup: Book
Binding: Paperback
Privacy
| Business & Culture
| Computers & Internet
| Subjects
| Books
Network Security
| Networking
| Computers & Internet
| Subjects
| Books
Internet
| Home Computing
| Computers & Internet
| Subjects
| Books
| Internet & Education
| Online Searching
| Web Browsers
| Web for Kids
General
| Computers & Internet
| Subjects
| Books
General
| Databases
| Computers & Internet
| Subjects
| Books
General
| Software
| Computers & Internet
| Subjects
| Books
General
| E-commerce
| Industries & Professions
| Business & Investing
| Subjects
| Books
Look Inside Computer Books
| Trip
| Specialty Stores
| Books
All Titles
| Qualifying Textbooks - Fall 2007
| Stores
| Books
ASIN: 013171127X |
Book Description
For advanced information security courses on disaster recovery
With real world examples, this text provides an extensive introduction to disaster recovery focusing on planning the team, planning for the disaster and practicing the plan to make sure that, if ever needed, it will work.
Average customer rating:
- Advanced Crypto for the college mind.
- Fantastic traditional reference
- A very detailed book, but not for everyone.
- Complete and satisfying
- Very depthful yet readable
|
Handbook of Applied Cryptography (Crc Press Series on Discrete Mathematics and Its Applications)
Alfred J. Menezes ,
Paul C. van Oorschot , and
Scott A. Vanstone
Manufacturer: CRC
ProductGroup: Book
Binding: Hardcover
Encryption
| Security & Encryption
| Web Development
| Computers & Internet
| Subjects
| Books
Cryptography
| Algorithms
| Programming
| Computers & Internet
| Subjects
| Books
General
| Algorithms
| Programming
| Computers & Internet
| Subjects
| Books
General
| Programming
| Computers & Internet
| Subjects
| Books
General
| Computers & Internet
| Subjects
| Books
Combinatorics
| Pure Mathematics
| Mathematics
| Science
| Subjects
| Books
Discrete Mathematics
| Pure Mathematics
| Mathematics
| Science
| Subjects
| Books
Applied
| Mathematics
| Science
| Subjects
| Books
| Biomathematics
| Computer Mathematics
| Differential Equations
| Engineering
| Game Theory
| General
| Graph Theory
| Linear Programming
| Probability & Statistics
| Vector Analysis
Combinatorics
| Pure Mathematics
| Mathematics
| Professional Science
| Professional & Technical
| Subjects
| Books
Discrete Mathematics
| Pure Mathematics
| Mathematics
| Professional Science
| Professional & Technical
| Subjects
| Books
General
| Reference
| Subjects
| Books
Look Inside Computer Books
| Trip
| Specialty Stores
| Books
Look Inside Reference Books
| Trip
| Specialty Stores
| Books
Look Inside Science Books
| Trip
| Specialty Stores
| Books
All Titles
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Computers & Internet
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Professional
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Reference
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Science
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Similar Items:
-
Applied Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition
-
Practical Cryptography
-
Cryptography: Theory and Practice, Third Edition (Discrete Mathematics and Its Applications)
-
Modern Cryptography: Theory and Practice
-
Cryptography in C and C++, Second Edition
ASIN: 0849385237 |
Book Description
Cryptography, in particular public-key cryptography, has emerged in the last 20 years as an important discipline that is not only the subject of an enormous amount of research, but provides the foundation for information security in many applications. Standards are emerging to meet the demands for cryptographic protection in most areas of data communications. Public-key cryptographic techniques are now in widespread use, especially in the financial services industry, in the public sector, and by individuals for their personal privacy, such as in electronic mail. This Handbook will serve as a valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography. It is a necessary and timely guide for professionals who practice the art of cryptography. The Handbook of Applied Cryptography provides a treatment that is multifunctional: · It serves as an introduction to the more practical aspects of both conventional and public-key cryptography · It is a valuable source of the latest techniques and algorithms for the serious practitioner · It provides an integrated treatment of the field, while still presenting each major topic as a self-contained unit · It provides a mathematical treatment to accompany practical discussions · It contains enough abstraction to be a valuable reference for theoreticians while containing enough detail to actually allow implementation of the algorithms discussed Now in its third printing, this is the definitive cryptography reference that the novice as well as experienced developers, designers, researchers, engineers, computer scientists, and mathematicians alike will use.
Customer Reviews:
Advanced Crypto for the college mind........2004-04-26
This very detailed work is not for the light hearted. It's an in depth look at the mathmatics behind cryptography. If you're looking for a book to help you program then look for Applied Cryptography by Bruce the crypto king instead. If you're looking for something to help you learn cryptoanalysis and how to break codes then this is the first step.
Fantastic traditional reference.......2004-01-03
The Chapter 14 - Efficient Implementation - shows several multiple precision algorithms. They are very easy to understand and implement under any microprocessor. It is a very good complement to the book set written by Donald Knuth (The Art of Computer Programming, Volumes 1-3 Boxed Set), another fantastic traditional reference.
A very detailed book, but not for everyone........2003-10-13
This is a fairly strong book on crypto, with heavy detail on the math involved. The upside is that the second chapter is devoted to most of the important mathematical theory you'll need to understand for the rest of the book. The downside? That chapter tries to cover just about the same breadth of information as a semester long course in Number Theory.
If you don't have a ton of mathematical background and are scared of having to take a crash course in number theory, or are looking for a higher level view of things, I'd suggest something more along the lines of Bruce Schneier's 'Applied Cryptography' (ASIN 0471117099). If you have some mathematical background, but want to get into things in detail, this is probably for you.
If you're not sure whether you'll like the book, you should definitely take a look at it. While Amazon currently doesn't have sample pages, if you do a Web Search on "Handbook of Applied Cryptography", you can find Sample Chapters hosted online to give you a good feel for the book's style.
Complete and satisfying.......2003-07-06
This book is a deep detailed analysis of
modern cryptography. It is light on
cryptanalysis.
The mathematical background information
and explanations are complete and clear.
It is very satisfying to be able to read
the prose and implement the ideas in
a computer program with ease.
Very depthful yet readable.......2003-02-22
I read 4 other books before picking this one. It is the most detailed and readable book. Covers all aspect of the Cryptography. Worth the money.
Books:
- CMMI(R): Guidelines for Process Integration and Product Improvement (2nd Edition) (The SEI Series in Software Engineering)
- Commercial Banking: The Management of Risk
- Competing on Analytics: The New Science of Winning
- Competing on Analytics: The New Science of Winning
- Computational Collective Intelligence
- Computer Confluence Complete (7th Edition)
- Concepts in Enterprise Resource Planning, Second Edition
- Construction Scheduling: Principles and Practices
- Country Risk Assessment: A Guide to Global Investment Strategy (The Wiley Finance Series)
- Crypto: How the Code Rebels Beat the Government--Saving Privacy in the Digital Age
Books Index
Books Home
Recommended Books
- Intellectual Trespassing as a Way of Life
- Beatrix Potter Complete Tales R/I
- Taking Care of Your Corporation: Key Corporate Decisions Made Easy
- Species Diversity in Ecological Communities
- The Natural Soap Book: Making Herbal and Vegetable-Based Soaps
- Alice's Adventures in Wonderland
- Wild Minds: What Animals Really Think
- Surviving an Auto Accident: A Guide to Your Physical, Economic and Emotional Recovery
- Spreadsheet Modeling in the Fundamentals of Investments Book and CD-ROM
- The Time of Indifference: A Novel
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance (Networking Technology)
The Complete Cisco VPN Configuration Guide (Networking Technology)
Securing Your Business with Cisco ASA and PIX Firewalls (Networking Technology)
Cisco Field Manual: Catalyst Switch Configuration
Cisco Field Manual: Router Configuration
