Showing posts with label bejtlich. Show all posts
Showing posts with label bejtlich. Show all posts

Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors Review

Posted by David Kendall on 10/17/2012 / Labels: , , , , , , , , , / Comments: (0)
Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors
Average Reviews:

(More customer reviews)Are you looking to buy Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors? Here is the right place to find the great deals. we can offer discounts of up to 90% on Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors ReviewIf you want to support a bogus author and lose your money, then by all means waste your hard-earned money and buy this book. But really, this book is a waste of paper.
This book is nothing but someone going to Wikipedia and doing a big cut and paste.
All the author does is copy from Wikipedia and put in into a digital format. You can do the same thing for free. If you look at the author, he has over 400 titles like this.
The so called author wrote 15 books alone in October 2011. That should tell you about this fraud. All they do it take current topics, go to Wikipedia, cut, paste, and then charge you for it. Any 10-year old could do the same thing.
There is an expose about this author and firm titled 'There's a sucker born every minute - and charlatans to make sure they pay for it' at [...]
The expose writes about how the company published free content and charges you for it.
Not only is this book free, the author uses a lot of filler from other Wiki articles. So you end up with non relevant text.
Do not buy this book. You will just be wasting your cash.
Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors Overview

Want to learn more information about Deep Packet Inspection (DPI): High-impact Strategies - What You Need to Know: Definitions, Adoptions, Impact, Benefits, Maturity, Vendors?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...

Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions Review

Posted by David Kendall on 5/22/2012 / Labels: , , , , , , , , , / Comments: (0)
Hacking Exposed VoIP: Voice Over IP Security Secrets and Solutions
Average Reviews:

(More customer reviews)Are you looking to buy Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions? Here is the right place to find the great deals. we can offer discounts of up to 90% on Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions ReviewHacking Exposed: VoIP (HE:V) is the sort of HE book I like. It's fashionable to think HE books are only suitable for script kiddies who run tools they don't understand against vulnerable services they don't recognize. I like HE books because the good ones explain a technology from a security standpoint, how to exploit it, and how to defend it. I thought HE:V did well in all three areas, even featuring original research and experiments to document and validate the authors' claims.
HE:V is a real eye-opener for those of us who don't perform VoIP pen testing or assessments. It's important to remember that the original HE books were written by Foundstone consultants who put their work experience in book form. HE books that continue this tradition tend to be successful, and HE:V is no exception. Good HE books also introduce a wide variety of tools and techniques to exploit weaknesses in targets, and HE:V also delivers in this respect. HE:V also extends attacks beyond what most people recognize. For example, everyone probably knows about low-level exploitation of VoIP traffic for call interception and manipulation. However, chapter 6 discusses application-level interception.
HE:V goes the extra mile by introducing tools written by the authors specifically to implement attacks. In at least one case the authors also provide a packet capture (for the Skinny protocol) which I particularly appreciate. HE:V also looks ahead to attacks that are appearing but not yet prevalent, like telephony spam and voice phishing. Taken together, all of these features result in a great book. You should already be familiar with the common enumeration and exploitation methods found in HE 5th Ed, because the HE:V authors wisely avoid repeating material in other books (thank you).
If you want to understand VoIP, how to attack it, and how to defend it, I highly recommend reading HE:V. The book is clear, thorough, and written by experts.Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions Overview

Want to learn more information about Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...

Handbook of Digital Forensics and Investigation Review

Posted by David Kendall on 4/05/2012 / Labels: , , , , , , , , , / Comments: (0)
Handbook of Digital Forensics and Investigation
Average Reviews:

(More customer reviews)Are you looking to buy Handbook of Digital Forensics and Investigation? Here is the right place to find the great deals. we can offer discounts of up to 90% on Handbook of Digital Forensics and Investigation. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Handbook of Digital Forensics and Investigation ReviewThis book has become one of my three "go to" books when it comes to digital forensics along with Brian Carrier's File System Forensic Analysis and Harlan Carvey's Windows Forensic Analysis DVD Toolkit, Second Edition.
Don't skip Rob Lee's excellent forward to this book. Lee crafts a very concise explanation of how the digital forensics field is growing and evolving.
Eoghan Casey's introduction further expands on the theme with a very thoughtful analysis of the current state of digital forensics and how the scientific method can and should be applied to our field. In this section, Casey begins to bring out one of the primary themes of the first portion of the book which is that there are different aspects to digital forensics that can be summarized in the three main disciplines of traditional forensic analysis, electronic discovery and intrusion investigation.
The first part of the book (chapters two through four) is devoted to exploring the three disciplines by devoting a chapter to each one. These individual chapters are exemplary overviews of each of the disciplines.
Chapter two is one of the finest overviews that I've seen regarding digital forensics. Casey and Curtis Rose provide set what will be a persistent theme in the book which imparting technical information in a very approachable manner, but also in a relatively short amount of space. This chapter builds and expands on Casey's invocation of the scientific method and it's role in forensic analysis via a thorough explanation of forensic analysis that is well illustrated by a sample case scenario created by the authors to help explain their methodology.
Chapter three is a fantastic overview of e-discovery and coupled with chapter two provides an effective answer to the question of what the difference is between electronic discovery and forensic analysis. Chapter three shouldn't be dismissed as an overview, however. The authors put forth quite a bit of effort in explaining some tactical level issues such as how to properly interview an evidence custodian to determine the universe of data that might be relevant to a particular matter and how to use various tools to capture data.
Chapter four provides a detailed overview of intrusion investigations using the incident response life cycle. Similar to chapter three, this chapter not only provides an expert overview of the life cycle, but also provides the reader with tactical level advice such as the use of timeline analysis to assist a responder with an incident handling scenario. Like chapter two, the authors use investigative scenarios to illustrate their points.
The second half of the book is more tactical in nature and will have great appeal to both the experience practitioner and those who are merely curious about digital forensics. As in the first half of this book, the authors and their editor Casey, take great pains to make sometimes very technical information approachable to all audiences.

Chapter five is the section on Windows forensic analysis. Authors Ryan Pittman and David Shaver provide probably the most concise, yet effective overview of Windows forensic analysis that I've read recently especially given the fact that they have just a chapter in which to do their work. At the time the chapter was written, the authors had access to early versions of Windows 7 so the chapter spends a certain amount of time comparing and contrasting the differences between Windows XP compared to Vista\Windows 7. The authors also provide a very effective overview of traditional forensic artifacts such as $MFT artifacts and registry artifacts. While this chapter doesn't serve as a replacement for the Carrier and Carvey books, it's an examplary primer for those just starting in Windows forensic analysis and an excellent "cheat sheet" for more experienced practitioners. This is not to say that the authors are merely rehashing existing data. Far from it. Even an experienced examiner is likely to learn new information by reading their work. They, for example, put a lot of effort into explaining data destruction, file deletion and defragmentation. It's amazing how much content they managed to include in this chapter.
Chapter six continues on the theme of packing a lot of information into a short amount of space, but doing so in an approachable manner. This chapter on UNIX Forensic Analysis includes at it's beginning a very helpful explanation of the Unix and Linux worlds. Like chapter five the authors provide valuable information on the inner workings of file system forensic analysis as well as well as more application level artifacts such as Firefox browser analysis and chat analysis. A nice bonus is that this chapter also covers removable media analysis. Most work that I have seen in this area has been relative to Windows operating systems so it was good to see this content for a non-Windows operating system. The authors also spend quite a few pages on the examination of email artifacts which is also a welcome addition.
Anthony Kokocinski's Macintosh Forensic Analysis makes up Chapter seven. Given that this is a weakness in my individual skill set, I learned an incredible amount from this chapter. Kokocinski continues the overall theme of the book in that he presents his knowledge on the subject in a very approachable manner. Kokocinski also includes a detailed section on popular Mac applications such as Safari, iCal, Mail, etc.
Chapter eight is Ronald van der Knijff's amazing chapter on embedded system analysis. In a book this good, it's hard to pick a chapter that can be considered a highlight, but this chapter would be a top contender. It covers a wide area of devices from traditional technological tools such as cellphones and GPS systems to devices such as parking meters and pacemakers. The chapter provides a solid overview of the various technologies that comprise this wide range of devices, but also delves into tactical matters such as how to preserve and even repair damaged devices that might contain useful data.
Chapter nine is the excellent and extensive network investigation chapter. Like the previous chapters, this is a more tactical treatment of a subject that is introduce earlier in the book and is an excellent overview how to practically apply the themes introduced in chapter four. The chapter includes an overview of TCP/IP networking down that includes an explanation of the structure of an Ethernet frame and TCP/IP packet headers. The authors make extensive use of the Wireshark tool which makes it easy for a student of network investigations to emulate the work being done as part of their overall learning experience. The later portions of the chapter delve into the work of investigating networking technologies such as Cisco routers. The Cisco section includes an overview of how to use Cisco IOS to help facilitate a network investigation.
Chapter ten is an amazing chapter on mobile network investigations put together by Dario Forte and Andrea de Donno. As it's title suggestion, this isn't a chapter on the examination of digital communication devices such as cell phones, but how to understand and investigate the network environments in which they operate. The authors deal with such issues as determining the location of particular devices, what networking data might be available and the interception of data. As one would expect with a chapter such as this, the authors also cover legal issues with an emphasis on relevant EU legislation.
Full Disclosure: While I haven't had the privilege of meeting most of the authors of this excellent book, I'm honored to have connections with some of the authors including, but not limited to, being on a board with Rob Lee and Eoghan Casey.Handbook of Digital Forensics and Investigation Overview

Want to learn more information about Handbook of Digital Forensics and Investigation?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...

Windows Forensic Analysis DVD Toolkit, Second Edition Review

Posted by David Kendall on 3/08/2012 / Labels: , , , , , , , / Comments: (0)
Windows Forensic Analysis DVD Toolkit, Second Edition
Average Reviews:

(More customer reviews)Are you looking to buy Windows Forensic Analysis DVD Toolkit, Second Edition? Here is the right place to find the great deals. we can offer discounts of up to 90% on Windows Forensic Analysis DVD Toolkit, Second Edition. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Windows Forensic Analysis DVD Toolkit, Second Edition ReviewThe second edition of Harlan's book nicely complements the first and is essential reading for practitioners at all levels. For those of us who primarily engage in exams of acquired images, the chapters on Registry Analysis, File Analysis, Executable Analysis, and Rootkit Detection provide and build upon basic concepts that go beyond what is taught in beginning and intermediate computer forensics courses.
The registry analysis chapter is particularly valuable and one that I draw on repeatedly. The accompanying DVD, with its scripts, not only provides tools to gather the data that Harlan describes, but provides a means to learn while you read by taking a hands on approach to registry analysis.
The chapter on file analysis teaches fundamentals of system files and logs that can provide key evidence in an exam. It explains not only what may be found, but how to get it and why it got there. These are the types of issues that can aid immeasurably when it comes to report writing and courtroom testimony. Similarly, the discussions on malware, rootkits, and executables provide guidance and solutions to considerations of whether an uninvited influence played a role in data arriving on, or departing from, a system.
For those who don't engage in incident or live response at the moment, the time is fast approaching when that aspect forensics is going to be vital to us all. Harlan explains what information is available, and he describes the methods and tools with which we can acquire volatile data and access information that's gone once the plug is pulled. Harlan brings together this area of his book with a discussion of analyzing the data.
In sum, this is a great work that is suited to those who have had basic computer forensics training as well as examiners who have been practicing for a long time. Things change every day, and WFA II provides a means to keep pace.
Windows Forensic Analysis DVD Toolkit, Second Edition Overview

Want to learn more information about Windows Forensic Analysis DVD Toolkit, Second Edition?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code Review

Posted by David Kendall on 2/14/2012 / Labels: , , , , , , , , , / Comments: (0)
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Average Reviews:

(More customer reviews)Are you looking to buy Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code? Here is the right place to find the great deals. we can offer discounts of up to 90% on Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code ReviewI have just received this book and have not yet worked my way through all the chapters, but I have reviewed the contents and tool DVD. I teach college classes on Network and Computer forensics from a survey level through a hard-core programming level. I have likely purchased or been sent most of the books in this area, and this book does stand out for the following reasons.
1. The material is up-to-date. Tools and malware resources change on an almost daily basis and you need to get books that reflect current resources and best practices. This book does a very good job covering the current tools and resources. It provides the web addresses for the various tools and resources discussed in each chapter. It also refers to current research, articles, and conference material in the areas covered in the chapters.
2. The topics covered are comprehensive. The book includes topics on anonymizing (the first chapter), classifying malware, shellcode, DLL code injection, debugging, how to safely run malware in a virtual environment, dumping memory and memory forensics, debugging kernel code, etc. The topics are collected into 18 chapters and are very complete.
3. The focus of this book is performing analysis of malware (which includes a wide variety of exploit types) and creating/using the tools to perform this analysis. Numerous examples are given showing how the analysis can be done, and some background information is presented as needed.
4. The book assumes the reader has brains. Too many "Computer Forensics" books are a waste of time for someone that already has a background in programming, networking, etc. They (the other Forensics books) often start their discussion of Network Forensics with a definition of what a network is ("A network sends packets between computers..."). Give me a break. This book assumes the reader already has a level of knowledge that is appropriate to anyone really working in this field. However, the authors do a good job explaining what needs to be explained in the course of presenting the topics. They don't talk down to the reader.
5. The book has a wealth of examples. Each chapter presents the topics by showing examples as well as showing how to get and install the necessary tools.
6. The book balances using pre-written tools with create-your-own tools. The latter include scripts in Python and programs in C/C++. The authors indicate where to get various relevant libraries which can be used to create or customize tools. This book is not just a collection of tools, but shows how to use the tools, analysis techniques, etc.
7. The book is very reasonably priced for the quality of content and the extra DVD. The price from Amazon is under $40 and the retail price is about $60. However, even at $60 this book is a bargain. Even if you just used the web addresses for the lists of tools presented in each chapter, the amount of time would take to locate and document the huge number of forensics/hacking tools presented in this book, is worth more than the book's price.
8. The book presents a huge amount of material. Almost every page is crammed with information and examples. Frankly, this book presents more information in one chapter than most other books do in their entirety, and this book has 18 chapters. The chapters are written so they are independent of each other and you can select the chapter you want to work through without reading previous chapters.
9. The tool focus is open-source and platform independent. The authors stay with open-source tools and try to reference tools that can run on both Linux and Windows. However, they also use the best tools available for a specific task, even if the tool only runs under Linux or only under Windows.
Reader Background:
There are enough varied topics in this book that readers with different levels of knowledge can benefit. The authors assume the reader has a background in basic networking, understands operating systems (both Windows and Unix), understands programming (Python, C/C++, Assembly), and understand processor basics (registers, the stack, etc). However, these assumptions are not barriers to getting something out of this book. Beginners will find the book too difficult, but would profit by just downloading the various tools referenced in the chapters.
Bottom line:
* If you are doing forensic analysis on Malware you should purchase this book (for the chapters on debugging, memory forensics, and malware forensics)
* If you are working in the network/computer security area you should purchase this book (for the chapters on setting up a malware lab, classifying malware, and setting up a malware sandbox)
* If you are interested in the programming aspects of malware you should purchase this book (for the chapters on DLLs and debugging malware code and on code injection)
* If (and I hesitate to include this) you want to be a hacker you should purchase this book and read the entire thing.
Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code Overview

Want to learn more information about Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...