Today the vast majority of the world's information resides in, is derived from, and is exchanged among multiple automated systems. Critical decisions are made, and critical action is taken based on information from these systems. Therefore, the information must be accurate, correct, and timely, and be manipulated, stored, retrieved, and exchanged safely, reliably, and securely. In a time when information is considered the latest commodity, information security should be top priority. A Practical Guide to Security Engineering and Information Assurance gives you an engineering approach to information security and information assurance (IA). The book examines the impact of accidental and malicious intentional action and inaction on information security and IA. Innovative long-term vendor, technology, and application-independent strategies show you how to protect your critical systems and data from accidental and intentional action and inaction that could lead to system failure or compromise. The author presents step-by-step, in-depth processes for defining information security and assurance goals, performing vulnerability and threat analysis, implementing and verifying the effectiveness of threat control measures, and conducting accident and incident investigations. She explores real-world strategies applicable to all systems, from small systems supporting a home-based business to those of a multinational corporation, government agency, or critical infrastructure system. The information revolution has brought its share of risks. Exploring the synergy between security, safety, and reliability engineering, A Practical Guide to Security Engineering and Information Assurance consolidates andorganizes current thinking about information security/IA techniques, approaches, and best practices. As this book will show you, there is considerably more to information security/IA than firewalls, encryption, and virus protection.

System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack.

Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.

Whether you are contemplating a career in this growing field or are already an analyst in a Unix/Linux environment, this book prepares you to combat computer crime in the Windows world. Here are the tools to help you recover sabotaged files, track down the source of threatening e-mails, investigate industrial espionage, and expose computer criminals.

Computer forensics applies the same scientific principles as other forensics fields to the identification, acquisition, and analysis of digital evidence. With the advent of the Internet, both network and system forensics are becoming increasingly interrelated. The digital evidence sought by an analyst might reside on any number of devices, including personal digital assistants (PDAs), USB pen drives, digital cameras, and cell phones. Additionally, all modern operating systems are network capable, and it is rare to find standalone PCs with no external connections, providing further evidence on routers, servers, firewalls, and proxys. The field of computer forensics encompasses both system forensics and network forensics, and an understanding of both is required to conduct a thorough investigation.

An Introduction to Cryptography provides a solid mathematical treatment of cryptography for readers with little or no background in number theory. Although intended for undergraduate students, it contains enough optional, advanced material to challenge even the most informed reader and provides a solid basis for a second course on the subject. Throughout the book, the author incorporates nearly 300 problems, more than 80 examples, and over 60 diagrams, figures, and tables, as well as optional topics that go beyond the basics. An extensive index, appendices that review background material, and a list of symbols for easy reference complete this outstanding text.

This edition presents the ideas behind cryptography and the applications of the subject. The first chapter provides a thorough treatment of the mathematics necessary to understand cryptography, including number theory and complexity, while the second chapter discusses cryptographic fundamentals, such as ciphers, linear feedback shift registers, modes of operation, and attacks. The next several chapters discuss DES, AES, public-key cryptography, primality testing, and various factoring methods, from classical to elliptical curves. The final chapters are comprised of issues pertaining to the Internet, such as pretty good privacy (PGP), protocol layers, firewalls, and cookies, as well as applications, including login and network security, viruses, smart cards, and biometrics. The book concludes with appendices on mathematical data, computer arithmetic, the Rijndael S-Box, knapsack ciphers, the Silver-Pohlig-Hellman algorithm, the SHA-1 algorithm, radix-64 encoding, and quantum cryptography.

Contrary to popular belief, Ethernet switches are not inherently secure. Security vulnerabilities in Ethernet switches are multiple: from the switch implementation, to control plane protocols (Spanning Tree Protocol [STP], Cisco® Discovery Protocol [CDP], and so on) and data plane protocols, such as Address Routing Protocol (ARP) or Dynamic Host Configuration Protocol (DHCP). LAN Switch Security explains all the vulnerabilities in a network infrastructure related to Ethernet switches. Further, this book shows you how to configure a switch to prevent or to mitigate attacks based on those vulnerabilities. This book also includes a section on how to use an Ethernet switch to increase the security of a network and prevent future attacks.