sunxianbin的专栏

Prepare for the next generation of the internet with this in-depth, developer's guide to the .Net framework that utilizes XML to achieve greater flexibility of information and increased interoperability. Developing .Net Web Services with XML introduces readers to the foundation for the .Net platform. The book covers the history, applications and implementation of the Extensible Markup Language within Microsoft's .NET framework. Readers will be given a thorough introduction to .NET and its XML building blocks while acquiring a firm grasp of how those blocks can be used to build any Web site or service so that it will federate and collaborate seamlessly with others · Equips developers with the tool necessary to take advantage of the next generation of the internet · This book will provide web developers with a firm understanding of XML, the building block of the .Net framework · Includes practical, real-life applications using XML · Unrivalled web based support: Readers can receive up-to-the minute links, white papers and analysis for two years at [email protected].

Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications. This book defines Web application security, why it should be addressed earlier in the lifecycle in development and quality assurance, and how it differs from other types of Internet security. Additionally, the book examines the procedures and technologies that are essential to developing, penetration testing and releasing a secure Web application. Through a review of recent Web application breaches, the book will expose the prolific methods hackers use to execute Web attacks using common vulnerabilities such as SQL Injection, Cross-Site Scripting and Buffer Overflows in the application layer. By taking an in-depth look at the techniques hackers use to exploit Web applications, readers will be better equipped to protect confidential. * The Yankee Group estimates the market for Web application-security products and services will grow to $1.74 billion by 2007 from $140 million in 2002 * Author Matt Fisher is a highly sought after speaker who regularly delivers Web Application presentations at leading conferences including: Black Hat, TechnoSecurity, CanSec West, Shmoo Con, Information Security, RSA Conferences, and more * The Companion Web site will have downloadable code and scripts presented in the book

The wonders and advantages of modern age electronics and the World Wide Web have also, unfortunately, ushered in a new age of terrorism. The growing connectivity among secure and insecure networks has created new opportunities for unauthorized intrusions into sensitive or proprietary computer systems. Some of these vulnerabilities are waiting to be exploited, while numerous others already have. Everyday that a vulnerability or threat goes unchecked greatly increases an attack and the damage it can cause. Who knows what the prospects for a cascade of failures across US infrastructures could lead to. What type of group or individual would exploit this vulnerability, and why would they do it? "Cyber Adversary Characterization" sets the stage and cast of characters for examples and scenarios such as this, providing the security specialist a window into the enemy's mind--necessary in order to develop a well configured defense. Written by leading security and counter-terrorism experts, whose experience include first-hand exposure in working with government branches & agencies (such as the FBI, US Army, Department of Homeland Security), this book sets a standard for the fight against the cyber-terrorist. Proving, that at the heart of the very best defense is knowing and understanding your enemy.

A highly portable, easily digestible road-map to configuring, maintaining and troubleshooting essential IIS 6.0 features.The book is organized around the 15 "MMCs" (Microsoft Management Consoles) that contain the configuration menus for the essential features. The options within each menu are explained clearly, potential problems are identified up-front, and configurations are subsequently presented in the aptly named "By the Book" section for that MMC. Readers will also appreciate the "Reality Check" sidebars througout, which present valuable cost/benefit analyses of situations where there is no single "right" answer. * A checklist for network engineers and administrators to make sure they have configured you network professionally and responsibily * The information needed by networking professionals responsible for configuring, maintaining and troubleshooting Microsoft's Internet Information Server 6.0 * Cleeraly and concisly identifies those features of IIS that represent the highest risk factors for attacks

A highly portable, easily digestible road-map to configuring, maintaining and troubleshooting essential Exchange Server 2003 features. The book is organized around the 11 "MMCs" (Microsoft Management Consoles) that contain the configuration menus for the essential features. The options within each menu are explained clearly, potential problems are identified up-front, and configurations are subsequently presented in the aptly named "By the Book" section for that MMC. Readers will also appreciate the "Reality Check" sidebars throughout, which present valuable cost/benefit analyses of situations where there is no single "right" answer. * Walks the reader through step-by-step configurations to assure they have been thorough and responsible in their work * Clearly identifies those features of Exchange Server 2003 that represent the highest risk factors for attacks, performance degradation and service failures * CYA comes right out and says what most IT Professionals are already thinking

n the second edition of this best-selling Policy Governance operating manual, John Carver and Miriam Carver make this exciting approach to effective governance even more accessible and user-friendly, gleaning lessons learned in years of practice to help readers understand and use this invaluable model. Carver’s groundbreaking Policy Governance model is the best-known, respected, and talked about governance model in the world and has fundamentally influenced the way organizations are governed. Reinventing Your Board, second edition, is a hands-on, step-by-step guide that puts the model to work in the meeting-to-meeting lives of board members. It includes new policy samples and a new chapter on monitoring performance, as well as other practical “put-the-model-in-motion” advice. This popular and highly successful companion to Boards That Make a Difference contains the nuts-and-bolts materials needed for implementing Policy Governance. The authors illustrate effective board decision making, show how to craft useful policies, and offer practical advice on such matters as setting the agenda, monitoring CEO performance, defining the board role, and more. Step-by-step instructions and sample policies make this a must-have resource for boards in the public and nonprofit sectors aiming to govern their organizations with excellence.

Read the business pages or computer press and you will find a major news story involving a breech of network security. Windows NT, as the premier network platform, has many important security features but they are difficult to configure and manage. With the launch of Windows 2000 Server (the successor to NT Server 4.0), Microsoft has announced several new security features that must be quickly understood by network administrators. This book provides information about the Microsoft Windows 2000 operating system security services, including security management using the Microsoft Security Configuration Tool Set, support for IP Security, the Encrypting File System, Public Key Infrastructure, smart cards, and Kerberos. * The release of this book is targeted to correspond with the release of Windows 2000 Server * The security of an organization's data and communications is critical to its survival * Brings Clarity to topics that are notoriously difficult to grasp

SonicWALL firewalls are the number 3 in sales worldwide in the security appliance market space as of 2004. This accounts for 15% total market share in the security appliance sector. The SonicWALL firewall appliance has had the largest annual growth in the security appliance sector for the last two years. This is the first book on the market covering the #3 best-selling firewall appliances in the world from SonicWALL. This book continues Syngress' history from ISA Server to Check Point to Cisco Pix of being first to market with best-selling firewall books for security professionals. Configuring SonicWALL Firewalls is the first book to deliver an in-depth look at the SonicWALL firewall product line. It covers all of the aspects of the SonicWALL product line from the SOHO devices to the Enterprise SonicWALL firewalls. Also covered are advanced troubleshooting techniques and the SonicWALL Security Manager. This book offers novice users a complete opportunity to learn the SonicWALL firewall appliance. Advanced users will find it a rich technical resource. * First book to deliver an in-depth look at the SonicWALL firewall product line * Covers all of the aspects of the SonicWALL product line from the SOHO devices to the Enterprise SonicWALL firewalls * Includes advanced troubleshooting techniques and the SonicWALL Security Manage

The first book on the market covering the #2 best-selling firewall appliances in the world from NetScreen. This book continues Syngress' history from ISA Server to Check Point to Cisco Pix of being first to market with best-selling firewall books for security professionals. Configuring NetScreen Firewalls is the first book to deliver an in-depth look at the NetScreen firewall product line. It covers all of the aspects of the NetScreen product line from the SOHO devices to the Enterprise NetScreen firewalls. Also covered are advanced troubleshooting techniques and the NetScreen Security Manager. This book offers novice users a complete opportunity to learn the NetScreen firewall appliance. Advanced users will find it a rich technical resource. * NetScreen is the #2 best-selling firewall appliance in the world (behind only Cisco PIX) and there are no competing books. * Covers the materials found on the NetScreen NCSA 5.0 exam. * Syngress firewall books are consistent best-sellers with market-leading books on ISA Server, Cisco PIX, and Check Point Next Generation

Microsoft's flagship ISA Server delivers the Internet to your customers! As the demand for Internet connectivity reaches a fever pitch, system administrators are being challenged to connect more and more systems to the Internet without compromising security or network performance. ISA Server 2000 provides system administrators with a revolutionary management infrastructure that addresses the two greatest needs of Enterprise-wide Internet connectivity: Security and speed. Written by best-selling author of several MCSE 2000 study guides, this book will provide the system administrators with an in depth understanding of all the critiacl features of Microsoft's flag ship Internet Server. Configuring ISA Server 2000 shows network administrators how to connect a network to the Internet, maintain the connection, and troubleshoot remote users' hardware and software configuration problems. * Up-to-date coverage of new products specific to Windows 2000 * Shows network administrators how to supply e-mail whilst maintaining network security * Focuses on providing secure remote access to a network

By building IPv6 into Cisco IOS software, we are enabling continued growth of the Internet and its expansion into new applications and capabilities in a way that maintains compatibility with existing Internet services." -- Stephen Deering, Cisco Fellow and lead designer of the protocol Internetworking Protocol (IP) addresses are the unique numeric identifiers required of every device connected to the Internet. Two years ago, in response to the exponential increase in demand for new IP addresses, the Internet Engineering Task Force finalized its revision on IP addressing, called IP Version 6 and key hardware vendors such as Cisco and major Internet Service Providers like AOL announced plans to migrate to IP Version 6. That is now happening. Cisco Systems began incorporating Internet Protocol version 6 (IPv6) in its Cisco IOS Software in June, 2001. Cisco is currently the only major networking vendor to deliver IPv6 across multiple platforms. This book provides complete coverage of IPv6 strategies, configuration scenarios, and techniques to successfully deploy an IPv6 addressing and subnetting scheme on your network. It also covers: Increasing the IP address size from 32 bits to 128 bits Supporting more levels of addressing hierarchy Supporting an increased number of addressable nodes Supporting simpler auto-configuration of addresses Improving the scalability of multicast routing by adding a "scope" field to multicast addresses Use a new "anycast address" to send a packet to any one of a group of nodes

Syngress's best-selling Citrix MetaFrame author to delivers world class support for this new product As the newest member of the Citrix MetaFrame product family, Citrix MetaFrame XP and recent add-on Feature Release 1 is making a slash in the IT community. Configuring Citrix MetaFrame XP for Windows offers system administrators and network engineers an in-depth look at configuring, optimizing, implemnting and troubleshooting their Windows applications deployed using Citrix MetaFrame XP. Real-world examples and step-by-step exercises will help system administrators maxinise the capabilities of this revolutionary product from Citrix. The only book to-date to provide comprehensive coverage of the eagerly awaited Feature Release 1 add-on Citrix MetaFrame is a rapidly growing technology; as companies adopt thin-client technology, the number of Certified Citrix Administrators (CCAs) is set to skyrocket Unrivalled web based support at [email protected]

Configuring Cisco Voice Over IP, Second Edition provides network administrators with a thorough understanding of Cisco's current voice solutions. This book is organized around the configuration of all of Cisco's core VoIP products, including Cisco CallManager software, Cisco 7910 series of phones, and server-based IP PBXs. In addition, AVVID coverage has been added. An update to a bestselling title in a growth market. Continued competitive pressure on ISPs to deliver VoIP will create strong demand information on topic Voice Over IP is expected to make great inroads in 2002. Voice-over-IP got its start at the time of the first edition of the book; it is now real and more companies are adopting it since IT managers have become less skeptical of IP telephony's reliability and more aware of the potential cost savings and application benefits of a converged network. Voip wares now promise easier quality-of-service (QoS) deployment, and a multitude of new IP phones and conferencing stations for corporations. Cisco and IBM recently announced a package deal that could help businesses quickly roll out IP voice in a small or midsize office. Since getting into the IP telephony market two years ago, Cisco has seen quick success in selling its voice-over-IP products into its vast installed base of IP LAN equipment customers. The firm was the top vendor of IP phones in the first quarter of this year and second in IP PBX system shipments (behind 3Com), according to Cahners In-Stat.

In October of 2001, Microsoft will begin its most expensive market launch ever for Windows XP With the promise of a market launch twice the size of the one for Windows 95, Microsoft will undoubtedly drive enormous demand for its Windows XP desktop operating system. Many corporate and small business users have waited to upgrade from Windows 9x, and they now see WinXP as the stable, second generation of Windows 2000 Professional. Syngress's Windows 2000 books were the first out on the market when W2K was released and quickly became bestsellers. Configuring and Troubleshooting Windows XP Professional aims to be the the first book available on this new product. Designed to compete directly with books such as Mastering Windows 2000 Professional, by Mark Minasi, Configuring and Troubleshooting Windows XP Professional is comprehensive guide for system administrators and network engineers responsible for deploying Windows XP Professional across the network. The first Windows XP Professional book on the market Not 'for Dummies' - this is an essential reference guide for certified Windows 2000 administrators and engineers Edited by Tom Shinder, the best-selling author of Configuring ISA Server 2000 Unrivalled web support at [email protected]

Combating Spyware in the Enterprise is the first book published on defending enterprise networks from increasingly sophisticated and malicious spyware. Combating Spyware in the Enterprise begins by examining the various types of insidious spyware and adware currently propagating across the internet and infiltrating enterprise networks. This section closely examines Spyware's ongoing transformation from nuisance to malicious, sophisticated attack vector. Next, the book uncovers spyware's intricate economy and network of malicious hackers and criminals. Forensic investigations presented in this section of the book reveal how increasingly sophisticated spyware can compromise enterprise networks via trojans, keystroke loggers, system monitoring, distributed denial of service attacks, backdoors, viruses, and worms. After close examination of these attack vectors, the book begins to detail both manual and automated techniques for scanning your network for the presence of spyware, and customizing your IDS and IPS to detect spyware. From here, the book goes on to detail how to prevent spyware from being initially installed to mitigating the damage inflicted by spyware should your network become infected. Techniques discussed in this section include slowing the exposure rate; web filtering; using FireFox, MacOSX, or Linux; patching and updating, machine restrictions, shielding, deploying anti-spyware, and re-imaging. The book concludes with an analysis of the future of spyware and what the security community must accomplish to win the ware against spyware. * A recent survey published by Information Security Magazine stated that "combating spyare" was the #2 priority for security professionals in 2005 * Despite the high priority placed on combating spyware by security professionals, there are no other books published or announced that address this market * Author Paul Piccard is Director of Research for Webroot, which is a market leader for pure-play anti-spyware vendors

Cisco Security Specialist's Guide to PIX Firewall immerses the reader in the highly complicated subject of firewall implementation, deployment, configuration, and administration. This guide will instruct the reader on the necessary information to pass the CSPFA exam including protocols, hardware, software, troubleshooting and more. Cisco Security Specialist's Guide to PIX Firewall introduces the basic concepts of attack, explains the networking principals necessary to effectively implement and deploy a PIX firewall, covers the hardware and software components of the device, provides multiple configurations and administration examples, and fully describes the unique line syntax native to PIX firewall configuration and administration. Ø Coverage of the Latest Versions of PIX Firewalls. This book includes coverage of the latest additions to the PIX Firewall family including the CiscoSecure PIX Firewall (PIX) Software Release 6.0. Ø Must-have desk reference for the serious security professional. In addition to the foundation information and dedicated text focused on the exam objectives for the CSPFA, this book offers real-world administration and configuration support. This book will not only help readers pass the exam; it will continue to assist them with their duties on a daily basis. Ø Firewall administration guides? Syngress wrote the book. Syngress has demonstrated a proficiency to answer the market need for quality information pertaining to firewall administration guides. Configuring ISA Server 2000: Building Firewalls for Windows 2000 (ISBN: 1-928994-29-6) and Checkpoint Next Generation Security Administration (ISBN: 1-928994-74-1) are currently best sellers in the security market.

Corporate demand for AVVID solutions is rapidly increasing - engineers will need this book Cisco AVVID (Architecture for Voice, Video and Integrated Data), the latest development from Cisco Systems, is redefining the way businesses communicate. AVVID allows businesses to transmit voice, data, and video over a single integrated architecture called a "multiservice" or "converged" network. Cisco AVVID Design & Implementation is designed to be a complete desk-reference for network administrators and engineers responsible for a complicated AVVID network. Covering history, protocols, hardware, servers, switches, bridges, routers, and discussions about implementation issues, realities of cost, requirements and network limitations. Engineers will learn how to design and build a comprehensive Cisco AVVID network infrastructure. Follows on from the successful Configuring Cisco AVVID Cisco engineers and other IT professionals will find this an indispensable guide when implementing AVVID Author is Systems Engineer at Cisco Unrivalled web support at [email protected]

CD and DVD Forensics will take the reader through all facets of handling, examining, and processing CD and DVD evidence for computer forensics. At a time where data forensics is becoming a major part of law enforcement and prosecution in the public sector, and corporate and system security in the private sector, the interest in this subject has just begun to blossom. CD and DVD Forensics is a how to book that will give the reader tools to be able to open CDs and DVDs in an effort to identify evidence of a crime. These tools can be applied in both the public and private sectors. Armed with this information, law enforcement, corporate security, and private investigators will be able to be more effective in their evidence related tasks. To accomplish this the book is divided into four basic parts: (a) CD and DVD physics dealing with the history, construction and technology of CD and DVD media, (b) file systems present on CDs and DVDs and how these are different from that which is found on hard disks, floppy disks and other media, (c) considerations for handling CD and DVD evidence to both recover the maximum amount of information present on a disc and to do so without destroying or altering the disc in any way, and (d) using the InfinaDyne product CD/DVD Inspector to examine discs in detail and collect evidence. *This is the first book addressing using the CD/DVD Inspector product in a hands-on manner with a complete step-by-step guide for examining evidence discs * See how to open CD's and DVD'd and extract all the crucial evidence they may contain * Included free is a trial version of author's market leading software "CD/DVD Inspector"

Java Programmers, Preprare for Microsoft's .NET initiative while enhancing your repertoire and marketability with C# for Java Progammers! C# for Java Programmers will prepare readers for the .NET framework by building on what they already know about object-oriented languages and give them the means to maintain their flexibility and effectiveness in an un-certain marketplace. This book will compare and contrast the advantages and disadvantages of both Java and C# to allow programmers to make their own decisions regarding what each language is best used for. Whatever your feelings are about Microsoft and its .NET initiative, there can be no denying that C# is here to stay. The C# language, a close cousin to Java, is a new object-oriented programming language (OOPL) designed to work within the .NET framework. It improves upon many of the vague or ill-defined areas of C++ that frequently lead programmers into trouble. C# is a strongly-typed, object-oriented language designed to give the optimum blend of simplicity, expressiveness, and performance. Written specifically for Java programmers. C# for Java Programmers is not an introductory guide to C#, but builds on what Java programmers already know about object-oriented languages to give them an efficient means for making in-roads to the .NET framework. Compare and Contrast. This book will compare and contrast many of the advantages and drawbacks of Java and C# to allow programmers to make informed, intelligent decisions based on the unique uses of each language. Make your own in-depth analysis of C# and Java with the Syngress Wallet CD. Accompanying each book will be a wallet CD containing the HTML version of the text and in-depth code comparison to allow programmers to see for themselves the various differences between Java and C#.

Microsoft's C# ("C sharp") is a modern, object-oriented programming language built from the ground up to exploit the power of XML-based Web services on Microsoft's new .NET platform. With its Visual C++ development system heritage, C# will enable millions of C and C++ developers to use existing skills to rapidly build sophisticated XML-based .NET applications. Why Will Web Developers Switch to C#? ...Because it's the ideal solution for C and C++ programmers who need to combine rapid development with the power to access all the functionality of the Microsoft.NET platform. They want an environment that is completely in sync with emerging Web standards and one that provides easy integration with existing applications. C#.net Web Developer's Guide will enhance developer productivity and help them eliminate programming errors that can lead to increased development costs. This book teaches Web developers to quickly and easily build solutions for the Microsoft .NET platform. Web developers will learn to use C# components to build Web services and applications that are available across the Internet, from any application running on any platform. * Timely coverage of newly released product - programmers and developers are anxious to learn about the new technology * Comes with Syngress' revolutionary wallet-sized CD containing a printable HTML version of the book and all of the source code examples and demos of popular C# upgrade and programming tools

Product Description How to Cheat at Windows Systems Administrators using Command line scripts teaches system administrators hundreds of powerful, time-saving tips for automating daily system administration tasks using Windows command line scripts. With every new version of Windows, Microsoft is trying to ease the administration jobs by adding more and more layers of graphical user interface (GUI) or configuration wizards (dialog boxes). While these 'wizards' are interactive and make the administrator's job easier, they are not always the most convenient and efficient way to accomplish the everyday administration tasks. These wizards are time consuming and, at times, may seem a bit confusing. The purpose of the book is to teach administrators how to use command-line scripts to complete everyday administration jobs, solve recurring network problems and at the same time improve their efficiency. *Provides system administrators with hundreds of tips, tricks, and scripts to complete administration tasks more quickly and efficiently. *No direct competition for a core tool for Windows administrators. *Builds on success of other books in the series including How to Cheat at Managing Windows Small Business Server 2003 and How to Cheat at Managing Microsoft Operations Manager 2005.

Product Description The perfect book for multi-tasked IT managers responsible for securing the latest version of SQL Server 2005. SQL Server is the perfect product for the How to Cheat series. It is an ambitious product that, for the average SysAdmin, will present a difficult migration path from earlier versions and a vexing number of new features. How to Cheat promises help in order to get SQL Server secured as quickly and safely as possible. * Provides the multi-tasked Sys Admin with the essential information needed to perform the daily tasks * Covers SQL Server 2005, which is a massive product with significant challenges for IT managers * Emphasizes best-practice security measures About the Author Mark Horninger , A+, Net+, Security+, MCSE+I, MCSD, MCAD,MCDBA, MCTS, MCITP, MCPD is President and founder of Haverford Consultants Inc.( http://www.haverford-consultants.com/ ), located in the suburbs of Philadelphia, PA. He develops custom applications and system engineering solutions, specializing primarily in Microsoft operating systems and Microsoft BackOffice products. He is also an adjunct professor at Kaplan University in the Web department. He has over 15 years of computer consulting experience and has passed 50+ Microsoft Certified Exams. During his career Mark has worked on many extensive and diverse projects including database development, application development, training, embedded systems development and Windows NT and 200x project rollout planning and implementations. Mark lives with his wife Debbie and two children in Havertown, PA. He is the author of Configuring and Troubleshooting Windows XP Professional MCSE Windows 2000 Professional Study Guide and Designing SQL Server 2000 Databases for .NET Enterprise Servers.

Product Description Wireless connectivity is now a reality in most businesses. Yet by its nature, wireless networks are the most difficult to secure and are often the favorite target of intruders. This book provides the busy network administrator with best-practice solutions to securing the wireless network With the increased demand for mobile connectivity and the decrease in cost and in the time required for installation, wireless network connections will make up 20% of all corporate network connections by the end of 2006. With this increase in usage comes a commensurate increase in the network's vulnerability to intrusion. This book provides the typical network administrator with the basic tools and instruction they need to maintain a secure network while allowing acceptable access to users. · A practical product and technology specific guideline to securing a wireless networks for the busy System Administrator · Takes a simplified multi-layered approach into easily deployed plans for a straight forward understanding · Does not bog you down with history, but offers practical useful information for today About the Author Chris Hurley is a Senior Penetration Tester in the Washington, DC area. He has more than 10 years of experience performing penetration testing, vulnerability assessments, and general INFOSEC grunt work. He is the founder of the WorldWide WarDrive, a four-year project to assess the security posture of wireless networks deployed throughout the world. Chris was also the original organizer of the DEF CON WarDriving contest. He is the lead author of WarDriving: Drive, Detect, Defend (Syngress Publishing, ISBN: 19318360305). He has contributed to several other Syngress publications, including Penetration Tester's Open Source Toolkit (ISBN: 1-5974490210), Stealing the Network: How to Own an Identity (ISBN: 1597490067), InfoSec Career Hacking (ISBN: 1597490113), and OS X for Hackers at Heart (ISBN: 1597490407). He has a BS from Angelo State University in Computer Science and a whole bunch of certifications to make himself feel important.

Product Description How to Cheat at Managing Windows Small Business Server 2003 deals only with the vital, and will be a huge relief to the hundreds of thousands of managers who probably never imagined they would be managing the operating system equivalent of the Space Shuttle. * The "80/20" Rule applied to managing a Windows Small Business Server 2003 network. Concise coverage, with ready-to-use solutions, of the most commonly encountered W2K3 Server tasks and problems. * Written for the non-MCSE, with little technical training, who is responsible for running a small to medium sized network. * Microsoft has announced it will no longer support Windows NT 4 products, effective Dec. 31, 2004. Millions of small businesses that did not upgrade to Windows Server 2000 will choose to upgrade directly to Windows Server 2003, and this will be a timely book. About the Author Susan Snedaker, Principal Consultant and founder of Virtual Team Consulting, LLC has over 20 years' experience working in IT in both technical and executive positions including with Microsoft, Honeywell, and Logical Solutions. Her experience in executive roles at both Keane, Inc. and Apta Software, Inc. provided extensive strategic and operational experience in managing hardware, software and other IT projects involving both small and large teams. As a consultant, she and her team work with companies of all sizes to improve operations, which often entails auditing IT functions and building stronger project management skills, both in the IT department and company-wide. She has developed customized project management training for a number of clients and has taught project management in a variety of settings. Ms. Snedaker holds a Master's degree in Business Administration (MBA) and a Bachelor's degree in Management. She is a Microsoft Certified Systems Engineer (MCSE), a Microsoft Certified Trainer (MCT), and has a certificate in Advanced Project Management from Stanford University.

Product Description Over 95% of computers around the world are running at least one Microsoft product. Microsoft Windows Software Update Service is designed to provide patches and updates to every one of these computers. The book will begin by describing the feature set of WSUS, and the benefits it provides to system administrators. Next, the reader will learn the steps that must be taken to configure their servers and workstations to make the compatible with WSUS. A special section then follows to help readers migrate from Microsoft's earlier update service, Software Update Service (SUS) to WSUS. The next chapters will then address the particular needs and complexities of managing WSUS on an enterprise network. Although WSUS is designed to streamline the update process, this service can still be a challenge for administrators to use effectively. To address these issues, the next chapters deal specifically with common problems that occur and the reader is provides with invaluable troubleshooting information. One of the other primary objectives of WSUS is to improve the overall security of Windows networks by ensuring that all systems have the most recent security updates and patches. To help achieve this goal, the next sections cover securing WSUS itself, so that critical security patches are always applied and cannot be compromised by malicious hackers. * Only book available on Microsoft's brand new, Windows Server Update Services * Employs Syngress' proven "How to Cheat" methodology providing readers with everything they need and nothing they don't * WSUS works with every Microsoft product, meaning any system administrator running a Windows-based network is a potential customer for this book

Product Description RFID is a method of remotely storing and receiving data using devices called RFID tags. RFID tags can be small adhesive stickers containing antennas that receive and respond to transmissions from RFID transmitters. RFID tags are used to identify and track everything from Exxon EZ pass to dogs to beer kegs to library books. For security professionals needing to get up and running fast with the topic of RFID, this How to Cheat approach to the topic is the perfect "just what you need to know" book! * For most business organizations, adopting RFID is a matter of when * The RFID services market is expected to reach $4 billion by 2008 About the Author Frank Thornton runs his own technology consulting firm, Blackthorn Systems, which specializes in information security and wireless networks. His specialties include wireless network architecture, design, and implementation, as well as network troubleshooting and optimization. An interest in amateur radio helped him bridge the gap between computers and wireless networks. Having learned at a young age which end of the soldering iron was hot, he has even been known to repair hardware on occasion. In addition to his computer and wireless interests, Frank was a law enforcement officer for many years. As a detective and forensics expert he has investigated approximately one hundred homicides and thousands of other crime scenes. Combining both professional interests, he was a member of the workgroup that established ANSI Standard "ANSI/NIST-CSL 1-1993 Data Format for the Interchange of Fingerprint Information." An expert in multiple fields including computer networks and physics (the parent fields of RFID), Dr. Paul Sanghera is an educator, technologist, and an entrepreneur living in Silicon Valley, California. With a Master degree in Computer Science from Cornell University and a Ph.D. in Physics from Carleton University, he has authored and co-authored more than 100 technical papers published in well reputed European and American research journals. He has earned several industry certifications including CompTIA Network+, CompTIA Project+, CompTIA Linux+, Sun Certified Java Programmer, and Sun Certified Business Component Developer. Dr. Sanghera has contributed to building the world class technologies such as Netscape Communicator, and Novell's NDS. He has taught technology courses at various institutes including San Jose Sate University and Brooks College. As an engineering manager, he has been at the ground floor of several startups. He is the author of the following four books: SCJP Exam for J2SE 5: A Concise and Comprehensive Study Guide for The Sun Certified Java Programmer Exam; In Depth: Project Management Professional Study Guide for PMP and CAPM Exams; Sun Certified System Administrator for Solaris 10 Study Guide; SCBCD Exam Study Kit: Java Business Component Developer Certification For EJB.

Product Description The Perfect Reference for the Multitasked SysAdmin This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter. * Take Inventory See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate. * Use Nmap Learn how Nmap has more features and options than any other free scanner. * Implement Firewalls Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable. * Perform Basic Hardening Put an IT security policy in place so that you have a concrete set of standards against which to measure. * Install and Configure Snort and Wireshark Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations. * Explore Snort Add-Ons Use tools like Oinkmaster to automatically keep Snort signature files current. * Troubleshoot Network Problems See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP. * Learn Defensive Monitoring Considerations See how to define your wireless network boundaries, and monitor to know if they're being exceeded and watch for unauthorized traffic on your network. *Covers the top 10 most popular open source security tools including Snort, Nessus, Wireshark, Nmap, and Kismet *Companion Web site contains dozens of working scripts and tools for readers *Follows Syngress' proven "How to Cheat" pedagogy providing readers with everything they need and nothing they don't About the Author Michael Gregg is the President of Superior Solutions, Inc. and has more than 20 years experience in the IT field. He holds two associate's degrees, a bachelor's degree, and a master's degree and is certified as: CISSP, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA. Eric Seagren, CISSP, CISA, ISSAP, JPMorganChase has 10 years experience in IT Security and has spent the last 7 years at, one of the largest financial institutions in the world. Eric has contributed to several computer security books including: Hacking Exposed: Cisco Networks (McGraw-Hill, ISBN: 0072259175), Configuring Checkpoint NGX (Syngress, ISBN: 1597490318), and Hardening Network Security (McGraw-Hill, ISBN: 00725557032). Angela Orebaugh (, GCIA, GCFW, GCIH, GSEC, CCNA) is a Senior Scientist in the Advanced Technology Research Center of Sytex, Inc. where she works with a specialized team to advance the state of the art in information systems security. She has over 10 years experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. She has a Masters in Computer Science, and is currently pursuing her Ph.D. with a concentration in Information Security at George Mason University. Matt Jonkman has been involved in Information Technology since the late 1980s. He has a strong background in banking and network security, network engineering, incident response, and Intrusion Detection. Matt is founder of Bleeding Edge Threats (www.bleedingedgethreats.net), formerly Bleeding Snort. Bleeding Edge Threats is an open-source research community for Intrusion Detection Signatures and much more. Matt spent 5 years serving abroad in the Army before attending Indiana State University and the Rose-Hulman Institute. Raffael Marty (GCIA, CISSP) is the manager of ArcSight's Strategic Application Solution Team, where he is responsible for delivering industry solutions that address the security needs of Fortune 500 companies, ranging from regulatory compliance to insider threat. Raffael initiated ArcSight's Content Team, which holds responsibility for all of the product's content, ranging from correlation rules, dashboards and visualizations, to vulnerability mappings and categorization of security events. Before joining ArcSight, Raffael worked as an IT security consultant for PriceWaterhouse Coopers and previously was a member of the Global Security Analysis Lab at IBM Research. There, he participated in various intrusion detection related projects. His main project, Thor, was the first approach to testing intrusion detection systems by means of correlation tables.

Product Description The Perfect Reference for the Multitasked System Administrators The new version of Exchange is an ambitious overhaul that tries to balance the growing needs for performance, cost effectiveness, and security. For the average system administrator, it will present a difficult migration path from earlier versions and a vexing number of new features. How to Cheat will help you get Exchange Server 2007 up and running as quickly and safely as possible. . Understand Exchange 2007 Prerequisites Review hardware and software requirements, Active Directory requirements, and more. . Manage Recipient Filtering Create a custom MMC that contains the Exchange 2007 Recipients work center, which can be used, for example, by the helpdesk staff in your organization. . Manage Outlook Anywhere Outlook Anywhere makes it possible for your end users to remotely access their mailboxes from the Internet using their full Outlook clients. . Manage Outlook Web Access 2007 See how Outlook Web Access 2007 was completely rewritten in managed code to make it scale even better. . Use the Exchange 2007 Queue Viewer You can now view information about queues and examine the messages held within them. . Master Powerful Out-of-the-Box Spam Protection The Edge Transport server supports SMTP, provides several antispam filtering agents, and supports antivirus extensibility. . Manage a Single-Copy Cluster-Based Setup SCC-based cluster provides service failover and still has a single point of failure when it comes to the databases. . Recover Mailbox Databases Use the improved database portability feature to port and recover a Mailbox database to any server in the Exchange 2007 organization. * Essential information for the multi-tasked System Administrator charged perform everyday tasks * Includes the latest coverage of the major new release of Exchange Server * Emphasizes best-practice security measures for all areas and in particular the area of remote access via Outlook About the Author Henrik Walther is a Senior Microsoft Server Consultant working for an IT outsourcing services company in Copenhagen, Denmark. Henrik has over 10 years of experience in the industry. He specializes in migrating, implementing, and supporting Microsoft Windows Active Directory and Microsoft Exchange environments. Henrik is a Microsoft Exchange MVP (Most Valuable Professional). He runs thewww.exchange-faq.dk website and writes Exchange-related articles for both www.msexchange.org and www.outlookexchange.com. He also spends time helping his peers in the Exchange community via forums, newsgroups, and mailing lists.

Product Description A virtual evolution in IT shops large and small has begun. VMware's ESX Server is the enterprise tool to free your infrastructure from its physical limitations providing the great transformation into a virtual environment--this book shows you how. Use Syngress' proven "How to Cheat" methodology to configure and build VMware's ESX Server version 3. This clear, concise guide provides all the information you need to become a virtual whiz! This book will detail the default and custom installation of VMware's ESX server as well as basic and advanced virtual machine configurations. It will then walk the reader through post installation configurations including installation and configuration of VirtualCenter. From here, readers will learn to efficiently create and deploy virtual machine templates. Best practices for securing and backing up your virtual environment are also provided. The book concludes with a series of handy, time-saving command and configuration for: bash shell keystrokes, Linux commands, configuration files, common/proc files, VMware ESX commands, and troubleshooting. . Reap the Benefits of Server Virtualization Realize improved ROI, ensure efficient mergers and acquisitions, and reduce compliance risk exposure through server virtualization and consolidation. . Build a Virtual Machine Create a Gold Master and use your VMlibrary to leverage the power and flexibility of VMware. . Manage Your Virtual Infrastructure Use VMware tools to partition physical servers and manage virtual machines. . Set Up Scripted Installation See how a scripted installation method can be a fast and efficient way to provision ESX hosts. . Master ESX Native Tools Use tools like Esxtop to diagnose performance issues and vmkfstools to import and export . Install and Use VMware Scripting APIs Develop programs to help automate and ease administration-even with a limited background in scripting or programming. . Learn the Fundamentals of a VM Backup VMware ESX ships with three scripts that work together to create a backup and restore system: vmsnap.pl, vmsnap_all.pl, and vmres.pl. . Extend a Cloned Windows VM's Root Partition Use Microsoft's Sysprep utility to extend a newly deployed virtual machine's root partition from the original clone size to a larger size. About the Author David Rule Jr. (VMware VCP, VAC, MCP, Citrix CCEA, CCA) is a Senior Consultant for Choice Solutions LLC, an Overland Park, KS-based systems integrator that provides IT design, project management, and support for enterprise computing systems. David's primary role is in developing virtualization strategies for Choice Solutions' clients.

Product Description Written by a certified Arabic linguist from the Defense Language Institute with extensive background in decoding encrypted communications, this cyber-thriller uses a fictional narrative to provide a fascinating and realistic "insider's look" into technically sophisticated covert terrorist communications over the Internet. The accompanying CD-ROM allows readers to "hack along" with the story line, by viewing the same Web sites described in the book containing encrypted, covert communications. Hacking a Terror NETWORK addresses the technical possibilities of Covert Channels in combination with a very real concern: Terrorism. The fictional story follows the planning of a terrorist plot against the United States where the terrorists use various means of Covert Channels to communicate and hide their trail. Loyal US agents must locate and decode these terrorist plots before innocent American citizens are harmed. The technology covered in the book is both real and thought provoking. Readers can realize the threat posed by these technologies by using the information included in the CD-ROM. The fictional websites, transfer logs, and other technical information are given exactly as they would be found in the real world, leaving the reader to test their own ability to decode the terrorist plot. Cyber-Thriller focusing on increasing threat of terrorism throughout the world. Provides a fascinating look at covert forms of communications used by terrorists over the Internet. Accompanying CD-ROM allows users to "hack along" with the fictional narrative within the book to decrypyt. About the Author Russ is a co-founder, CEO, CTO and Principal Security Consultant for Security Horizon, Inc. Russ is a United States Air Force Veteran and has served in military and contract support for the National Security Agency and the Defense Information Systems Agency. Russ is also the editor-in-chief of "The Security Journal." He also serves as the Professor of Network Security at the University of Advancing Technology (uat.edu) in Tempe, AZ. Russ is the author of Hacking a Terror Network: The Silent Threat of Covert Channels (Syngress, ISBN 1-928994-98-9). He has contributed to many books including Stealing the Network: How to Own a Continent (Syngress, ISBN: 1-931836-05-1), Security Assessment: Case Studies for Implementing the NSA IAM (Syngress, ISBN 1-932266-96-8), WarDriving, Drive, Detect, Defend: A Guide to Wireless Security (Syngress, ISBN: 1-931836-03-5) and SSCP Study Guide and DVD Training System (Syngress, ISBN: 1-931846-80-9). He is also a co-founder of the Security Tribe information security research web site at www.securitytribe.com.

Product Description This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack" -- the seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer: The people layer. This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attacker's exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur. What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack. * Remember being a child and wanting to take something apart, like a phone, to see how it worked? This book is for you then as it details how specific hacker tools and techniques accomplish the things they do. * This book will not only give you knowledge of security tools but will provide you the ability to design more robust security solutions * Anyone can tell you what a tool does but this book shows you how the tool works About the Author Michael Gregg is the President of Superior Solutions, Inc. and has more than 20 years experience in the IT field. He holds two associate's degrees, a bachelor's degree, and a master's degree and is certified as: CISSP, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA.

Review Essential reading for your IT security organization." -Deena Joyce, Director of Information Technology and Network Security, Casino Magic Product Description A new edition the most popular Hack Proofing book around! IT professionals who want to run secure networks, or build secure software, need to know about the methods of hackers. The second edition of the best seller Hack Proofing Your Network, teaches about those topics, including: · The Politics, Laws of Security, Classes of Attack, Methodology, Diffing, Decrypting, Brute Force, Unexpected Input, Buffer Overrun, Sniffing, Session Hijacking, Spoofing, Server Holes, Client Holes, Trojans and Viruses, Reporting Security Problems, Choosing Secure Systems The central idea of this book is that it's better for you to find the holes in your network than it is for someone else to find them, someone that would use them against you. The complete, authoritative guide to protecting your Windows 2000 Network. Updated coverage of an international bestseller and series flagship Covers more methods of attack and hacker secrets Interest in topic continues to grow - network architects, engineers and administrators continue to scramble for security books Written by the former security manager for Sybase and an expert witness in the Kevin Mitnick trials · A great addition to the bestselling "Hack Proofing..." series · Windows 2000 sales have surpassed those of Windows NT · Critical topic. The security of an organization's data and communications is crucial to its survival and these topics are notoriously difficult to grasp · Unrivalled web support at [email protected]

Product Description The only way to stop a hacker is to think like one! The World Wide Web Consortium's Extensible Markup Language (XML) is quickly becoming the new standard for data formatting and Internet development. XML is expected to be as important to the future of the Web as HTML has been to the foundation of the Web, and has proven itself to be the most common tool for all data manipulation and data transmission. Hack Proofing XML provides readers with hands-on instruction for how to secure the Web transmission and access of their XML data. This book will also introduce database administrators, web developers and web masters to ways they can use XML to secure other applications and processes. The first book to incorporate standards from both the Security Services Markup Language (S2ML) and the Organization for the Advancement of Structured Information Standards (OASIS) in one comprehensive book Covers the four primary security objectives: Confidentiality, Integrity, Authentication and Non-repudiation Not only shows readers how to secure their XML data, but describes how to provide enhanced security for a broader range of applications and processes About the Author Curtis Franklin, Jr. is President and Editorial Director of CF2 Group. CF2 Group is a technology assessment and communications firm headquartered in Gainesville, FL. Curtis is the Founder of two major industry testing labs, the BYTE Testing Lab and Client/Server Labs. He has published over 1,400 articles in his career, and has led performance and technology assessment projects for clients including IBM, Intel, Microsoft, and H-P. Dr. Everett F. (Skip) Carter, Jr. is President of Taygeta Network Security Services (a division of Taygeta Scientific Inc.). He is also CEO/CTO of CaphNet, Inc. Skip holds both a Ph.D. and master’s in Applied Physics from Harvard University. Skip has authored several articles for Dr. Dobb’s Journal, and Computer Language magazines as well a numerous scientific articles and is a past columnist for Forth Dimensions magazine. 'ken'@FTU has helped suppliers to conduct B2B XML transactions with large e-commerce portals including Ariba, as well! as others. He is also credited with discovering security vulnerabilities in software products by major vendors such as Microsoft and IBM. Currently he works at a bank doing technical auditing and penetrating testing of their networks, systems and applications. Jeremy Faircloth (CCNA, MCSE, MCP+I, A+) is a Systems Analyst for Gateway, Inc. where he develops and maintains enterprise-wide client/server and Web-based technologies. He also acts as a technical resource for other IT professionals, using his expertise to help others expand their knowledge.He is a co-author of ASP .NET Developer’s Guide (Syngress Publishing, ISBN: 1-928994-51-2) and C# for Java Programmers (Syngress, ISBN: 1-931836-54-X).

Two of Sun Solaris's prime attractions are its reliability and the high availability of servers running it. These advantages can be, however, negated by carelessness. Forget to apply a patch, or neglect to synchronize your servers' system clocks, and someone who's paying more attention will exploit the holes you've left in your system. The authors of Hack Proofing Sun Solaris 8 teach you how to run Solaris with flair. They show you how to implement wise security rules and implement popular services--like Common Gateway Interface (CGI) scripts--with a focus on improving security without reducing function. Most of the advice here has to do with Solaris boxes as Web servers, mail servers, and firewalls. A lot of the authors' advice will be familiar to readers who have done security work before--their advice to disable all nonessential services, for example, falls into this category. Other information, such as the particular syntax of Solaris's native security utilities and third-party programs that are designed for Solaris, is very handy. It'll prove especially nice for people coming to Solaris from security administration on other operating systems. The organizational approach balances quick reference--the ability to quickly locate some detail via the index--with informative background that will help you head off emerging, undocumented attacks. There aren't many earth-shaking revelations in this book, but it contains good documentation of Solaris security tools and procedures. --David Wall Topics covered: Sun Solaris 8 defensive policies and procedures. Native Solaris tools (like audit log) are documented, as are outside tools like Snort. There's advice on setting user and file permissions, and hints on how to configure network services like HTTP, SMTP, DHCP, and network address translation (NAT) in a secure way. Caching with Squid gets attention, too. Product Description The only way to stop a hacker is to think like one! Sun Microsystem's venerable and well-respected operating system Solaris is currently in version 8, and runs on both Intel and Sun Hardware. Solaris is one of the most comprehensive and popular UNIX operating systems available. Hundreds of thousands of business enterprises, both small and large, depend on Sun Solaris to keep their business alive - but have they protected themselves against hackers? Hack Proofing Sun Solaris 8 is the latest addition to the popular Hack Proofing series from Syngress Publishing. Providing hands-on information written by both security professionals and self-proclaimed hackers, this book will give system administrators the edge they need to fortify their Sun Solaris operating system against the never-ending threat of hackers. The fifth title in the popular series that brought us the bestseller Hack Proofing Your Network Teaches strategy and techniques using forensic-based analysis Up to the minute Web-based support with [email protected]

Review "... I like this book. It would be a good textbook to use with a one-week Linux security workshop" -- Information Security Bulletin Product Description From the authors of the bestselling E-Mail Virus Protection Handbook! The Linux operating system continues to gain market share based largely on its reputation as being the most secure operating system available. The challenge faced by system administrators installing Linux is that it is secure only if installed and configured properly, constantly and meticulously updated, and carefully integrated with a wide variety of Open Source security tools. The fact that Linux source code is readily available to every hacker means that system administrators must continually learn security and anti-hacker techniques. Hack Proofing Linux will provide system administrators with all of the techniques necessary to properly configure and maintain Linux systems and counter malicious attacks. * Linux operating systems and Open Source security tools are incredibly powerful, complex, and notoriously under-documented - this book addresses a real need * CD-Rom contains Red Hat/Mandrake Linux RPMs as well as tarballs for other Linux distributions and the BSD community * Uses forensics-based analysis to give the reader an insight to the mind of a hacker

Product Description A self-respecting Google hacker spends hours trolling the Internet for juicy stuff. Firing off search after search, they thrive on the thrill of finding clean, mean, streamlined queries and get a real rush from sharing those queries and trading screenshots of their findings. I know because I've seen it with my own eyes. As the founder of the Google Hacking Database (GHDB) and the Search engine hacking forums at http://johnny.ihackstuff.com, I am constantly amazed at what the Google hacking community comes up with. It turns out the rumors are true-creative Google searches can reveal medical, financial, proprietary and even classified information. Despite government edicts, regulation and protection acts like HIPPA and the constant barking of security watchdogs, this problem still persists. Stuff still makes it out onto the web, and Google hackers snatch it right up. Protect yourself from Google hackers with this new volume of information. -Johnny Long . Learn Google Searching Basics Explore Google's Web-based Interface, build Google queries, and work with Google URLs. . Use Advanced Operators to Perform Advanced Queries Combine advanced operators and learn about colliding operators and bad search-fu. . Learn the Ways of the Google Hacker See how to use caches for anonymity and review directory listings and traversal techniques. . Review Document Grinding and Database Digging See the ways to use Google to locate documents and then search within the documents to locate information. . Understand Google's Part in an Information Collection Framework Learn the principles of automating searches and the applications of data mining. . Locate Exploits and Finding Targets Locate exploit code and then vulnerable targets. . See Ten Simple Security Searches Learn a few searches that give good results just about every time and are good for a security assessment. . Track Down Web Servers Locate and profile web servers, login portals, network hardware and utilities. . See How Bad Guys Troll for Data Find ways to search for usernames, passwords, credit card numbers, social security numbers, and other juicy information. . Hack Google Services Learn more about the AJAX Search API, Calendar, Blogger, Blog Search, and more. About the Author Johnny Long is a "clean-living" family guy who just so happens to like hacking stuff. Over the past two years, Johnny's most visible focus has been on this Google hacking "thing" which has served as yet another diversion to a serious (and bill-paying) job as a professional hacker and security researcher for Computer Sciences Corporation. In his spare time, Johnny enjoys making random pirate noises ("Yarrrrr!"), spending time with his wife and kids, convincing others that acting like a kid is part of his job as a parent, feigning artistic ability with programs like Bryce and Photoshop, pushing all the pretty shiny buttons on them new-fangled Mac computers, and making much-too-serious security types either look at him funny or start laughing uncontrollably. Johnny has written or contributed to several books, including "Google Hacking for Penetration Testers" from Syngress Publishing, which has secured rave reviews and has lots of pictures.

Product Description The worldwide video game console market surpassed $10 billion in 2003. Current sales of new consoles is consolidated around 3 major companies and their proprietary platforms: Nintendo, Sony and Microsoft. In addition, there is an enormous installed "retro gaming" base of Ataria and Sega console enthusiasts. This book, written by a team led by Joe Grand, author of "Hardware Hacking: Have Fun While Voiding Your Warranty", provides hard-core gamers with they keys to the kingdom: specific instructions on how to crack into their console and make it do things it was never designed to do. By definition, video console game players like to have fun. Most of them are addicted to the adrenaline rush associated with "winning", and even more so when the "winning" involves beating the system by discovering the multitude of "cheats" built into most video games. Now, they can have the ultimate adrenaline rush---actually messing around with the soul of the machine and configuring it to behave exactly as the command. This book builds on the motto of "Have Fun While Voiding Your Warranty" and will appeal to the community of hardware geeks who associate unscrewing the back of their video console with para-jumping into the perfect storm. * Providing a reliable, field-tested guide to hacking all of the most popular video gaming consoles. * Written by some of the most knowledgeable and recognizable names in the hardware hacking community. * Game Console Hacking is the first book on the market to show game enthusiasts (self described hardware geeks) how to disassemble, reconfigure, customize and re-purpose their Atari, Sega, Nintendo, Playstation and Xbox systems. About the Author oe Grand is the President and CEO of Grand Idea Studio, Inc., a product design and development firm that brings unique inventions to market. An electrical engineer, many of Joe's creations, including consumer devices, medical products, video games and toys, are sold worldwide. A recognized name in computer security and former member of the legendary hacker think-tank, The L0pht, Joe's pioneering research on product design and analysis, mobile devices, and digital forensics is published in various industry journals. He is a co-author of Hack Proofing Your Network, Second Edition (Syngress Publishing, ISBN 1-928994-70-9) and Stealing the Network: How to Own the Box (Syngress Publishing 1-931836-87-6). Joe has testified before the United States Senate Governmental Affairs Committee on the state of government and homeland computer security. He has presented his work at the United States Naval Post Graduate School Center for INFOSEC Studies and Research, the United States Air Force Office of Special Investigations, the USENIX Security Symposium, and the IBM Thomas J. Watson Research Center. Joe is a sought after personality who has spoken at numerous universities and industry forums. Frank Thornton runs his own consulting firm, Blackthorn Systems and as a detective and forensics expert has investigated over 100 homicides and thousands of other crime scenes.

Product Description Essential Computer Security provides the vast home user and small office computer market with the information they must know in order to understand the risks of computing on the Internet and what they can do to protect themselves. Tony Bradley is the Guide for the About.com site for Internet Network Security. In his role managing the content for a site that has over 600,000 page views per month and a weekly newsletter with 25,000 subscribers, Tony has learned how to talk to people, everyday people, about computer security. Intended for the security illiterate, Essential Computer Security is a source of jargon-less advice everyone needs to operate their computer securely. * Written in easy to understand non-technical language that novices can comprehend * Provides detailed coverage of the essential security subjects that everyone needs to know * Covers just enough information to educate without being overwhelming About the Author Tony Bradley, CISSP-ISSAP, is the Guide for the About.com site for Internet / Network Security. He has written for a variety of other web sites and publications including SearchSecurity.com, WindowsNetworking.com, Smart Computing Magazine and Information Security Magazine. Currently a security architect and consultant for a Fortune 100 company, Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies and he has been network administrator and technical support for smaller companies. He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. He has on average over 600,000 page views per month and 25,000 subscribers to his weekly newsletter. He created a 10-part Computer Security 101 Class which has had thousands of participants since its creation and continues to gain in popularity through word of mouth.

Product Description Dr. Tom Shinder's ISA Server 2006 Migration Guide provides a clear, concise, and thorough path to migrate from previous versions of ISA Server to ISA Server 2006. ISA Server 2006 is an incremental upgrade from ISA Server 2004, this book provides all of the tips and tricks to perform a successful migration, rather than rehash all of the features which were rolled out in ISA Server 2004. Also, learn to publish Exchange Server 2007 with ISA 2006 and to build a DMZ. * Highlights key issues for migrating from previous versions of ISA Server to ISA Server 2006. * Learn to Publish Exchange Server 2007 Using ISA Server 2006. * Create a DMZ using ISA Server 2006. * Dr. Tom Shinder's previous two books on configuring ISA Server have sold more than 50,000 units worldwide. * Dr. Tom Shinder is a Microsoft Most Valuable Professional (MVP) for ISA Server and a member of the ISA Server beta testing team. * This book will be the "Featured Product" on the Internet's most popular ISA Server site www.isaserver.org. About the Author Thomas W. Shinder, MD is an MCSE and has been awarded the Microsoft Most Valuable Professional (MVP) award for his work with ISA Server and is recognized in the firewall community as one of the foremost experts on ISA Server. His first two books on ISA Server have sold more than 50,000 units worldwide. Tom has consulted with major companies and organizations such as Microsoft Corp., Xerox, Lucent Technologies, FINA Oil, Hewlett-Packard, and the U.S. Department of Energy. Tom is the primary contributor on ISAserver.org (www.isaserver.org), where he answers hundreds of questions per week on the discussion boards and is the leading content contributor.

Product Description The Holy War between Microsoft Corporation and Sun Microsystems is heating up as Sun unveils JAX Pack to compete with Microsoft's .NET initiative JAX Pack is an all-in-one development kit that utilizes XML to build cross platform Web services. For companies that are developing Web services to collaborate with business partners, JAX Pack offers a faster way to develop applications while maintaining independence from any particular vendor's XML technologies. Developing Web Services with Java APIs for XML (JAX Pack) provides exhaustive coverage of Sun's recently released JAX Pack. The book assumes that readers are experienced Java developers with a solid understanding of XML. As such, the book contains five parts covering each component of JAX Pack. JAX Pack is a major product release for the most popular Web development environment First book out covering all five components of JAX Pack (JAXP, JAXR, JAXM, JAXB, and JAX-RPC) Unrivalled Web-based support with [email protected]; up-to-the minute links, white papers and analysis for one year About the Author Jay Foster has been an IT professional since 1989. His areas of expertise include object-oriented design and modeling, software engineering, Web based application design/development, extranet/intranet security, and N-tier application development. Jay has been developing object-oriented systems in Java since 1996 and is a Sun Certified Java Programmer. Mick Porter (SSJCP, MCP) is a Senior Technical Architect for Logica, a global systems integrator. Mick specializes in the design and implementation of wireless and mobile commerce systems. Mick holds a bachelor’s degree in Computer Science, and became a Sun Certified Java Programmer five years ago, as well as having passed eight Microsoft Certified Professional exams. Bob Hablutzel (Technical Editor) is a Senior Consultant with 20 years experience in enterprise-scale software systems. Bob's Web Services experience includes being a founding member of the XAML (XML-based business transactions) working group and implementing high-availability and clustering for the Bowstreet XML-based application server. His Java experience includes implementation of Java bytecode compilers and contributing to the book Sun Certified Programmer for Java 2.