RegisterLog In/Log OutView Cart
O'Reilly  security.oreilly.com
BooksSafari BookshelfConferencesO'Reilly NetworkO'Reilly Gear
 

 
O'Reilly Home
Press Room
Jobs
Perl
Java
Python
C/C++
Scripting
Web
Digital Media
Web Services
XML
Oracle
SysAdm/Networking
Security
Databases
Linux/Unix
Macintosh/OS X
Windows
.NET
Open Source
Wireless
Bioinformatics
Enterprise Development 
Hacks
Head First
Cookbooks
In a Nutshell
CD Bookshelves
Pocket References
The Missing Manuals
Developer's Notebooks
No Starch Press
Paraglyph Press
Pragmatic Bookshelf
Syngress Publishing
LinuxDevCenter.com
MacDevCenter.com
WindowsDevCenter.com
ONDotnet.com
ONJava.com
ONLamp.com
OpenP2P.com
Perl.com
WebServices.XML.com
XML.com

Developer Resources Partner

Events
Meerkat News
Ask Tim
tim.oreilly.com
From the Editors List
Letters
Beta Chapters
Newsletters
Open Books
Academic
Corporate
Government
About O'Reilly
International
Advertise with Us
Contact Us
Catalog Request
User Groups
Writing for O'Reilly
How to Order
Bookstores

Traveling to
a tech show?

Hotel Search
Hotel Discounts
Discount Hotels
Chicago Hotels
Canada Hotels
California Hotels
Hotels


   


Featured Book

Hacking the Code : ASP.NET Web Application Security Hacking the Code (Syngress) covers almost all known security issues related to coding for the web. It explains how certain code can be attacked, shows how to edit the code, and offers case studies and examples--actual code you can drop right into your applications. The book establishes policies for object input, shows how to audit existing code for potential security problems, and offers best practices for maintaining a session state, handling cookies, getting user input, and more. You don't want a course on security; you just want to fix your code. This book will be your guide.

 Free shipping.
Books

Subscribe to O'Reilly books on Safari Bookshelf.
View the archive of free PDF chapters.

bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet

Books from our Publishing Partners

bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet

Resources

Security Bibliography -- To help you find resources to protect your systems and your privacy, here are our recommendations for the best security books by O'Reilly and other publishers.

Security DevCenter -- O'Reilly Network's one-stop security resource. You'll find security alerts, articles, programming recipes, the day's news headlines, and more.


News & Articles [News Archive]

Book Review: Security Warrior -- In this UnixReview.com book review, Peter H. Salus writes, "Peikari and Chuvakin have written a valuable book that will soon find its way onto the shelf of everyone involved in network and machine security." Learn the mind of your attacker and defend yourself with Security Warrior.


SafariU: Create, Customize, and Share Teaching Material -- Looking for a way to truly customize your course textbook and offer students exactly the material you choose to teach, while saving them a good bit of money? Become a SafariU beta tester and check out the new web-based publishing platform from O'Reilly that allows you to create custom textbooks and online syllabi. To see SafariU in action, register to join SafariU's developers for a live webcast.

Sand Star Java and Security, Part 2 -- This book excerpt takes a close look at WebLogic's various security providers and their default implementations. It shows you how to authenticate using JAAS, and how to create custom Authentication and Identity Assertion Providers. Get a 360-degree view of the world of WebLogic from WebLogic: The Definitive Guide.

Your O'Reilly Account: New, Single Sign On -- O'Reilly customers and guests now have a single address and one password to access all things O'Reilly, from oreilly.com and Safari Bookshelf to all of the O'Reilly Network sites and DevCenters. When possible, we've consolidated your prior, separate accounts into one new account. Logging into the new system is quick and easy; details on how to do it have been emailed to you, and you can read more about O'Reilly's single sign on in Tony Stubblebine's weblog.

Using Penetration Testing to Identify Management Issues -- Bob Ayers discusses the most common systems-management process failures that produce vulnerabilities detected by penetration testing, in this modified foreword from Chris McNab's Network Security Assessment.

Warriors Intrusion Detection Systems -- Unlike firewalls and VPNs, which attempt to prevent attacks, intrusion detection systems (IDS's) provide an additional level of security for your network by notifying you of suspected attacks and arming you with other critical information. Read all about IDS technology in Chapter 19 of Security Warrior. And if you like this chapter, read the whole book (and up to nine others) on Safari with a free trial subscription.

Top Ten Tips to Make Attackers' Lives Hell -- Chris McNab breaks down his top ten tips all network administrators should follow to protect their networks from opportunistic threats, and to make it hard for the more determined attackers to get anywhere. Chris is the author of the recently released Network Security Assessment.

Porcupine fish The Journey from Poacher to Gamekeeper -- Chris McNab has been on both sides of the hacker fence. In this article, Chris explains how his past led him to trade his black hat for a white one, and what he hopes to achieve with his new book, Network Security Assessment.

Protect Yourself Against Kerberos Attacks -- Kerberos provides strong authentication methods for client/server applications in distributed environments by taking advantage of shared secret-key cryptography and multiple validation technologies. Learn about the components that comprise Kerberos under Windows Server 2003 in this excerpt from Security Warrior.

Keyhole The Trouble with RFID -- Radio Frequency Identification (RFID) technology is already widely used to track pharmaceuticals, meat shipments, and manufactured goods. It has the potential to save businesses billions of dollars. It also has the potential to enable a police surveillance state, further erode consumer privacy, and make identity theft even easier. Writing for The Nation, Simson Garfinkel explains the problem and a potential code of conduct that might help address it. Simson is the author of Database Nation.


Protect Against Denial-of-Service Attacks -- Perhaps the best way to defend yourself is to understand your attacker in-depth. In this O'Reilly book excerpt, the authors investigate two denial-of-service (DoS) attacks against Windows XP: the first attacks the Server Message Block protocol used by Windows machines, and the second targets the Universal Plug and Play service. Learn the many ways your Windows and Unix systems can be attacked in the recently released Security Warrior.

O'Reilly Network Safari Bookshelf Safari Gets Bigger and Better -- There are now more than 2,000 books from the industry's leading technical publishers available on Safari Bookshelf. As the library grows, so does its functionality: searches are powerfully precise and as broad or specific as you wish; and now, with a Safari Max subscription, you can download chapters to read offline. Safari will help you save time, reduce errors, keep current, and save more money than ever with up to 35% off print copies of your favorite books. If you haven't yet gone on Safari, try a free trial subscription.

O'Reilly Partners with No Starch, Paraglyph, and Syngress -- We're pleased to announce a collaboration between like-minded companies: As of January 1, 2004, O'Reilly is the North American distributor for three innovative small presses: No Starch Press, Paraglyph Press, and Syngress Publishing. O'Reilly will handle retail and direct sales, warehousing, and shipping, as well as provide direct marketing and PR support for these publishers with whom our philosophies are aligned. We invite you to give them a close look.

Gates Said Security Is Simple -- In this op-ed, O'Reilly authors Mark G. Graff and Kenneth R. van Wyk respond to Bill Gates' assertion that firewalls and up-to-date software are perfectly adequate protections against security problems, and that perfect code isn't necessary. Mark and Kenneth are the authors of Secure Coding: Principles & Practices.

Understanding Cryptography -- Using cryptography, you can transform messages and other data so they are unintelligible to anyone who does not possess a specific mathematical key necessary to unlock the message. Chapter 7 of Practical Unix & Internet Security, 3rd Edition explains the basics. Get a free trial to read this and four other O'Reilly books on Safari.


Sponsored by:


O'Reilly Home | Privacy Policy

© 2004, O'Reilly Media, Inc.

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.