How to Use the Amazon Kindle for Email & Over 100 Pages of Other Cool Tips (The Complete User's Guide to the Amazing Amazon Kindle)
by Stephen Windwalker
from Harvard Perspectives Press (indieKindle.blogspot.com)
These bestselling 22,000-word excerpts from Stephen Windwalker's forthcoming book are a Kindle owner's dream, newly packed with great tips such as Using Google Reader to Read Blogs on the Kindle, How to Use the Kindle for Email, Optimizing Your Use of Kindle Search, Projecting a Kindle Future, Writing and Note Taking on Your Kindle, Games, Photo Albums, Screen Saver, Skip a Song, Justify Your Text, Slideshow, Refresh Revised Content At No Charge, Kindle Accessories, Resetting and Rebooting, Care and Feeding of Your Kindle Battery, and Links to Great Guides and References. Readers may update this content at any time through Amazon's "Your Media Library" feature. The forthcoming book will be available **at no additional charge** as an upgrade to readers who have already purchased these excerpts when published in its entirety later in 2008.
The Best of 2600: A Hacker Odyssey
by Emmanuel Goldstein
from Wiley
Since its introduction in January of 1984, 2600 has been a unique source of information for readers with a strong sense of curiosity and an affinity for technology. The articles in 2600 have been consistently fascinating and frequently controversial. Over the past couple of decades the magazine has evolved from three sheets of loose-leaf paper stuffed into an envelope (readers "subscribed" by responding to a notice on a popular BBS frequented by hackers and sending in a SASE) to a professionally produced quarterly magazine. At the same time, the creators' anticipated audience of "a few dozen people tied together in a closely knit circle of conspiracy and mischief" grew to a global audience of tens of thousands of subscribers.
In The Best of 2600, Emmanuel Goldstein collects some of the strongest, most interesting, and often controversial articles, chronicling milestone events and technology changes that have occurred during the last 24 years - all from the hacker perspective. Examples:
- The creation of the infamous tone dialer "red box" that drove Radio Shack and the phone companies crazy. It was in the pages of 2600 that this simple conversion was first brought to light. By modifying an inexpensive Radio Shack touch tone dialer with a readily available crystal, free phone calls could easily be made from all of the nation’s payphones.
- An historical chronology of events in the hacker world that led to the founding of the Electronic Frontier Foundation.
- A close looks at the insecurity of modern locks through an article entitled "An Illusion of Security" that debunked the value of Simplex pushbutton locks, used on everything from schools to homes to FedEx boxes.
- The stories of famed hackers Kevin Mitnick, Bernie S., and Phiber Optik as they unfolded. Through 2600, the world heard these controversial tales despite the efforts of authorities and the mass media.
Hackers invariably find the one hole in an otherwise perfect system or will spend inordinate amounts of time to get around a barrier previously thought to be impenetrable. But the one thing hackers do more than anything else is share information with those who are interested. This book is a gateway into this mysterious yet familiar world of endless technology and security experimenting.
Hacking: The Art of Exploitation, 2nd Edition
by Jon Erickson
from No Starch Press
Hacking is the art of creative problem solving, whether that means finding an unconventional solution to a difficult problem or exploiting holes in sloppy programming. Many people call themselves hackers, but few have the strong technical foundation needed to really push the envelope.
Rather than merely showing how to run existing exploits, author Jon Erickson explains how arcane hacking techniques actually work. To share the art and science of hacking in a way that is accessible to everyone, Hacking: The Art of Exploitation, 2nd Edition introduces the fundamentals of C programming from a hacker's perspective.
The included LiveCD provides a complete Linux programming and debugging environment-all without modifying your current operating system. Use it to follow along with the book's examples as you fill gaps in your knowledge and explore hacking techniques on your own. Get your hands dirty debugging code, overflowing buffers, hijacking network communications, bypassing protections, exploiting cryptographic weaknesses, and perhaps even inventing new exploits. This book will teach you how to:
- Program computers using C, assembly language, and shell scripts
- Corrupt system memory to run arbitrary code using buffer overflows and format strings
- Inspect processor registers and system memory with a debugger to gain a real understanding of what is happening
- Outsmart common security measures like nonexecutable stacks and intrusion detection systems
- Gain access to a remote server using port-binding or connect-back shellcode, and alter a server's logging behavior to hide your presence
- Redirect network traffic, conceal open ports, and hijack TCP connections
- Crack encrypted wireless traffic using the FMS attack, and speed up brute-force attacks using a password probability matrix
Hackers are always pushing the boundaries, investigating the unknown, and evolving their art. Even if you don't already know how to program, Hacking: The Art of Exploitation, 2nd Edition will give you a complete picture of programming, machine architecture, network communications, and existing hacking techniques. Combine this knowledge with the included Linux environment, and all you need is your own creativity.
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
by Dafydd Stuttard
from Wiley
This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications.
The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.
The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools.
The Art of Deception: Controlling the Human Element of Security
by Kevin D. Mitnick
from Wiley
The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit. Hackers use the euphemism "social engineering" and hacker-guru Kevin Mitnick examines many example scenarios.
After Mitnick's first dozen examples anyone responsible for organizational security is going to lose the will to live. It's been said before, but people and security are antithetical. Organizations exist to provide a good or service and want helpful, friendly employees to promote the good or service. People are social animals who want to be liked. Controlling the human aspects of security means denying someone something. This circle can't be squared.
Considering Mitnick's reputation as a hacker guru, it's ironic that the last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organizations and were probably known to the Phoenicians; technology simply makes it all easier. Phones are faster than letters, after all, and having large organizations means dealing with lots of strangers.
Much of Mitnick's security advice sounds practical until you think about implementation, when you realize that more effective security means reducing organizational efficiency--an impossible trade in competitive business. And anyway, who wants to work in an organization where the rule is "Trust no one"? Mitnick shows how easily security is breached by trust, but without trust people can't live and work together. In the real world, effective organizations have to acknowledge that total security is a chimera--and carry more insurance. --Steve Patient, amazon.co.uk
The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.
Big Book of Apple Hacks: Tips & Tools for unlocking the power of your Apple devices (Hacks)
by Chris Seibold
from O'Reilly Media, Inc.
Bigger in size, longer in length, broader in scope, and even more useful than our original Mac OS X Hacks, the new Big Book of Apple Hacks offers a grab bag of tips, tricks and hacks to get the most out of Mac OS X Leopard, as well as the new line of iPods, iPhone, and Apple TV.
With 125 entirely new hacks presented in step-by-step fashion, this practical book is for serious Apple computer and gadget users who really want to take control of these systems. Many of the hacks take you under the hood and show you how to tweak system preferences, alter or add keyboard shortcuts, mount drives and devices, and generally do things with your operating system and gadgets that Apple doesn't expect you to do. The Big Book of Apple Hacks gives you:
- Hacks for both Mac OS X Leopard and Tiger, their related applications, and the hardware they run on or connect to
- Expanded tutorials and lots of background material, including informative sidebars
- "Quick Hacks" for tweaking system and gadget settings in minutes
- Full-blown hacks for adjusting Mac OS X applications such as Mail, Safari, iCal, Front Row, or the iLife suite
- Plenty of hacks and tips for the Mac mini, the MacBook laptops, and new Intel desktops
- Tricks for running Windows on the Mac, under emulation in Parallels or as a standalone OS with Bootcamp
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers
by Kevin D. Mitnick
from Wiley
Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception
Kevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling The Art of Deception, Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use "social engineering" to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair-raising stories of real-life computer break-ins-and showing how the victims could have prevented them. Mitnick's reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him-and whose exploits Mitnick now reveals in detail for the first time, including:
- A group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines
- Two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems
- Two convicts who joined forces to become hackers inside a Texas prison
- A "Robin Hood" hacker who penetrated the computer systems of many prominent companies-andthen told them how he gained access
Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception Kevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling The Art of Deception, Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use "social engineering" to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair-raising stories of real-life computer break-ins-and showing how the victims could have prevented them. Mitnick's reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him-and whose exploits Mitnick now reveals in detail for the first time, including: * A group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines * Two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems * Two convicts who joined forces to become hackers inside a Texas prison * A "Robin Hood" hacker who penetrated the computer systems of many prominent companies-andthen told them how he gained access With riveting "you are there" descriptions of real computer break-ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick's own acerbic commentary on the crimes he describes, this book is sure to reach a wide audience-and attract the attention of both law enforcement agencies and the media.
CEH: Official Certified Ethical Hacker Review Guide: Exam 312-50
by Kimberly Graves
from Sybex
Prepare for the CEH certification exam with this official review guide and learn how to identify security risks to networks and computers. This easy-to-use guide is organized by exam objectives for quick review so you’ll be able to get the serious preparation you need for the challenging Certified Ethical Hacker certification exam 312-50. As the only review guide officially endorsed by EC-Council, this concise book covers all of the exam objectives and includes a CD with a host of additional study tools.
Hacking Exposed 5th Edition (Hacking Exposed)
by Stuart McClure
from McGraw-Hill Osborne Media
A lot of computer-security textbooks approach the subject from a defensive point of view. "Do this, and probably you'll survive a particular kind of attack," they say. In refreshing contrast, Hacking Exposed, Second Edition talks about security from an offensive angle. A Jane's-like catalog of the weaponry that black-hat hackers use is laid out in full. Readers see what programs are out there, get a rundown on what the programs can do, and benefit from detailed explanations of concepts (such as wardialing and rootkits) that most system administrators kind of understand, but perhaps not in detail. The book also walks through how to use the more powerful and popular hacker software, including L0phtCrack. This new edition has been updated extensively, largely with the results of "honeypot" exercises (in which attacks on sacrificial machines are monitored) and Windows 2000 public security trials. There's a lot of new stuff on e-mail worms, distributed denial-of-service (DDoS) attacks, and attacks that involve routing protocols.
The result of all of this familiarity with bad-guy tools is a leg up on defending against them. Hacking Exposed wastes no time in explaining how to implement the countermeasures--where they exist--that will render known attacks ineffective. Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what Unix configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare. They spare no criticism of products with which they aren't impressed, and don't hesitate to point out inherent, uncorrectable security weaknesses where they find them. This book is no mere rehashing of generally accepted security practices. It and its companion Web site are the best way for all of you network administrators to know thine enemies. --David Wall
Topics covered:
- Security vulnerabilities of operating systems, applications, and network devices
- Administrative procedures that will help defeat them
- Techniques for hacking Windows 95, Windows 98, Windows Me, Windows NT 4.0, Windows 2000, Novell NetWare, and Unix
- Strategies for breaking into (or bringing down) telephony devices, routers, and firewalls
“The seminal book on white-hat hacking and countermeasures... Should be required reading for anyone with a server or a network to secure.” --Bill Machrone, PC Magazine
"The definitive compendium of intruder practices and tools." --Steve Steinke, Network Magazine
"For almost any computer book, you can find a clone. But not this one... A one-of-a-kind study of the art of breaking in." --UNIX Review
Here is the latest edition of international best-seller, Hacking Exposed. Using real-world case studies, renowned security experts Stuart McClure, Joel Scambray, and George Kurtz show IT professionals how to protect computers and networks against the most recent security vulnerabilities. You'll find detailed examples of the latest devious break-ins and will learn how to think like a hacker in order to thwart attacks. Coverage includes:
- Code hacking methods and countermeasures
- New exploits for Windows 2003 Server, UNIX/Linux, Cisco, Apache, and Web and wireless applications
- Latest DDoS techniques--zombies, Blaster, MyDoom
- All new class of vulnerabilities--HTTP Response Splitting
- and much more
Windows Forensic Analysis Including DVD Toolkit
by Harlan Carvey
from Syngress
The only book available on the market that addresses and discusses in-depth forensic analysis of Windows systems. Windows Forensic Analysis DVD Toolkit takes the reader to a whole new, undiscovered level of forensic analysis for Windows systems, providing unique information and resources not available anywhere else. This book covers both live and post-mortem response collection and analysis methodologies, addressing material that is applicable to law enforcement, the federal government, students, and consultants. This book also brings this material to the doorstep of system administrators, who are often the front line troops when an incident occurs, but due to staffing and budgets do not have the necessary knowledge to effectively respond. The companion DVD for the book contains significant, unique materials (movies, spreadsheet, code, etc.) not available any place else, as they were created by the author.
+++
