How to Cheat at Configuring Open Source Security Tools

The Perfect Reference for the Multitasked SysAdmin

This is the perfect guide if network security tools is not your specialty. It is the perfect introduction to managing an infrastructure with freely available, and powerful, Open Source tools. Learn how to test and audit your systems using products like Snort and Wireshark and some of the add-ons available for both. In addition, learn handy techniques for network troubleshooting and protecting the perimeter.

* Take Inventory
See how taking an inventory of the devices on your network must be repeated regularly to ensure that the inventory remains accurate.
* Use Nmap
Learn how Nmap has more features and options than any other free scanner.
* Implement Firewalls
Use netfilter to perform firewall logic and see how SmoothWall can turn a PC into a dedicated firewall appliance that is completely configurable.
* Perform Basic Hardening
Put an IT security policy in place so that you have a concrete set of standards against which to measure.
* Install and Configure Snort and Wireshark
Explore the feature set of these powerful tools, as well as their pitfalls and other security considerations.
* Explore Snort Add-Ons
Use tools like Oinkmaster to automatically keep Snort signature files current.
* Troubleshoot Network Problems
See how to reporting on bandwidth usage and other metrics and to use data collection methods like sniffing, NetFlow, and SNMP.
* Learn Defensive Monitoring Considerations
See how to define your wireless network boundaries, and monitor to know if theyre being exceeded and watch for unauthorized traffic on your network.

*Covers the top 10 most popular open source security tools including Snort, Nessus, Wireshark, Nmap, and Kismet
*Companion Web site contains dozens of working scripts and tools for readers
*Follows Syngress' proven "How to Cheat" pedagogy providing readers with everything they need and nothing they don't

About the Author

Michael Gregg is the President of Superior Solutions, Inc. and has more than 20 years experience in the IT field. He holds two associates degrees, a bachelors degree, and a masters degree and is certified as: CISSP, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA. Eric Seagren, CISSP, CISA, ISSAP, JPMorganChase has 10 years experience in IT Security and has spent the last 7 years at, one of the largest financial institutions in the world. Eric has contributed to several computer security books including: Hacking Exposed: Cisco Networks (McGraw-Hill, ISBN: 0072259175), Configuring Checkpoint NGX (Syngress, ISBN: 1597490318), and Hardening Network Security (McGraw-Hill, ISBN: 00725557032). Angela Orebaugh (, GCIA, GCFW, GCIH, GSEC, CCNA) is a Senior Scientist in the Advanced Technology Research Center of Sytex, Inc. where she works with a specialized team to advance the state of the art in information systems security. She has over 10 years experience in information technology, with a focus on perimeter defense, secure network design, vulnerability discovery, penetration testing, and intrusion detection systems. She has a Masters in Computer Science, and is currently pursuing her Ph.D. with a concentration in Information Security at George Mason University. Matt Jonkman has been involved in Information Technology since the late 1980s. He has a strong background in banking and network security, network engineering, incident response, and Intrusion Detection. Matt is founder of Bleeding Edge Threats (www.bleedingedgethreats.net), formerly Bleeding Snort. Bleeding Edge Threats is an open-source research community for Intrusion Detection Signatures and much more. Matt spent 5 years serving abroad in the Army before attending Indiana State University and the Rose-Hulman Institute. Raffael Marty (GCIA, CISSP) is the manager of ArcSight's Strategic Application Solution Team

Click here to Download this E Book

Professional ASP.NET 2.0 Server Control and Component Development (Wrox Professional Guides)

The ASP.NET 2.0 Framework introduced web developers to dozens of new server controls and components, and a greatly expanded and easier structure for writing their own server controls and components. Professional ASP.NET 2.0 Server Control and Component Development covers the breadth of server control functionality as well as the rest of the membership, role management, SchemaImporterExtension, and so on – the functionality referred to as components. Written for the experienced ASP.NET developer, Professional ASP.NET 2.0 Server Control and Component Development will show you how to write your first sever control or custom component.

The step-by-step coverage drills down to the details of the extensible part of the ASP.NET 2.0 Framework that you need to extend to write the specified type of custom control or component. Rather than present the extensible part as a black box, it presents a detailed step-by-step approach to implement functional replica of the extensible part, discusses the replica’s code in detail, and provides an in-depth coverage of the techniques, tools, and technologies used in the code. From there you get a detailed practical recipe for developing the specified type of custom control or component and book then uses the recipe to implement one or more real-world custom controls or components of the specified type that you can use in your own Web applications.

Some of the many types of controls and components you'll learn to build are:

• Ajax-enabled controls and components: four chapters on Ajax discuss and use Ajax patterns, ASP.NET 2.0 client callback mechanism, CSS, DOM, XML, and JavaScript to implement a number of Ajax-enabled controls and components.
• Web Parts: four chapters on Web Parts in ASP.NET 2.0 develop a number of custom WebPart, EditorPart, CatalogPart, WebPartZone, WebPartChrome, WebPartVerb, WebPartManager, and data-bound WebPart controls.
• 5 chapters on ASP.NET 2.0 security, membership, and role management components
• 5 chapters on ASP.NET 2.0 tabular and hierarchical data source controls and custom Parameter components
• 4 chapters on ASP.NET 2.0 tabular data-bound controls and data control fields
• Developing controls and components that can access any type of data store and automate all their data operations such as Delete, Update, Insert, and Sort.
• XML Web service, WSDL, Google XML Web service API, SchemaImporterExtension, ISerializable, and CodeDom
• XmlReader, XmlWriter, XPathNavigator, DOM, and XmlResolver
• Provider-Based Services including how to implement a RSS service provider that can feed RSS from any type of data store such as SQL Server, file system, Web services, and so on
• HTTP modules, HTTP handler factories, HTTP handlers, and control builders including developing an HTTP module and an HTTP handler factory that perform URL rewriting and an HTTP handler that generates RSS feeds
• User controls and composite and templated custom controls
• State management and custom type converters.
• Events, IPostBackEventHandler, IPostBackDataHandler, and Page lifecycle

About the Author
Shahram Khosravi started working as a software engineer while still in college. After completing his Ph.D., he continued working on cutting-edge software development projects. Shahram is a senior software engineer, consultant, author, and instructor specializing in ASP.NET, Web services, .NET technologies, XML technologies, ADO.NET, C#, 3D computer graphics, Human Interface (HI) usability, and design patterns. He has more than 10 years of experience in object-oriented analysis, design, and programming. Shahram has written articles on the .NET Framework, ADO.NET, ASP.NET, and XML technologies for industry leading magazines such as Dr. Dobb’s Journal, asp.netPRO magazine, and Microsoft MSDN Online. He is a great enthusiast for using, teaching, and writing about the latest Microsoft technologies, and provides consulting and training services to help others use them in their own software products.

Click here to Download this E Book