number of web developers applying P3P is steadily
growing. P3P support is built-in the latest
browsers, including Microsoft IE, Netscape
Navigator, and Mozilla.
P3P gives users more control over the
information they disclose as they browse the
Web. It allows web sites to declare what sort
of information they may request of users.
Web Privacy with P3P explains how P3P works
and shows web site developers how to configure
sites for P3P compliance.
Network Intrusion Detection enables you to learn from others'
mistakes as you endeavor to protect your networks from intrusion.
Authors Stephen Northcutt and Judy Novak document real attacks
on systems, and highlight characteristics that you can look
for on your own machines.
authors mince no words, and advise you on the detection tools
to use and how to use them. This second edition of the book
includes more about the latest in attacks, countermeasures,
and white-hat hackers who share information to keep systems
are many books out that claim to be about information security.
About 90 percent of them are outdated and on useless topics.
Hackers Beware is a rare treat.
The information that Mr. Cole explained is not only up to
date, but is relevant. to the security engineer. His no holds
barred approach gives a real insight into how hackers think
book is written in a way that allows administrators and security
professionals to utilize the information provided.
the typical Windows NT/2000 installation makes a Windows server
an easy target for attacks, and configuring Windows for secure
Internet use is a complex task. Securing Windows NT/2000 Servers
for the Internet suggests a two-part strategy to accomplish
any Windows server that could potentially be exposed to attacks
from the Internet, so the exposed system (known as a "bastion
host") is as secure as it can be.
extra security protection for exposed systems by installing
an additional network (known as a "perimeter network") that
separates the Internet from an organization's internal networks.
Northcutt and his coauthors note in the superb Intrusion Signatures
and Analysis that there's really no such thing as an attack
that's never been seen before. The book documents scores of
attacks on systems of all kinds, showing exactly what security
administrators should look for in their logs and commenting
on attackers' every significant command.
It's a great resource for security experts who want to earn
their Certified Intrusion Analyst ratings from the Global
Incident Analysis Center (GIAC)--it's organized, in part,
around that objective.
Network Security shows how to implement security measures--including
logging, encryption, and packet filtering--on your existing
network infrastructure. (He provides specifics for Unix, Windows
NT, Cisco IOS, and NetWare).
author also writes at length about supplementary security
measures such as firewalls (especially Firewall-1), intrusion
detection systems (focusing on RealSecure), and RAID data
redundancy (with emphasis on OctopusHA+).