O'Reilly  security.oreilly.com
BooksSafari BookshelfConferencesO'Reilly NetworkO'Reilly Gear

 
Bioinformatics
C/C++
Databases
Digital Media
Enterprise Development
Game Development
Java
Linux/Unix
Macintosh/OS X
.NET
Open Source
Oracle
Perl
Python
Scripting
Security
SysAdmin/Networking
Web
Web Services
Windows
Wireless
XML
CD Bookshelves
Cookbooks
Developer's Notebooks
Hacks
Head First
In A Nutshell
Missing Manuals
Pocket References
Technology & Society
No Starch Press
Paraglyph Press
Pragmatic Bookshelf
SitePoint
Syngress Publishing
LinuxDevCenter.com
MacDevCenter.com
ONDotnet.com
ONJava.com
ONLamp.com
OpenP2P.com
Perl.com
WebServices.XML.com
WindowsDevCenter.com
XML.com

Developer Resources Partner

Ask Tim
Beta Chapters
Events
From the Editors List
Letters
Open Books
tim.oreilly.com
Academic
Corporate Services
Government
About O'Reilly
Bookstores
Catalog Request
Contact Us
International
User Groups
Writing for O'Reilly
Traveling to
a tech show?

Zermatt Hotels
Tempe Hotels
Sarasota Hotels
Harrisburg Hotels PA
Toronto Hotels
Pensacola Hotels
Saint Petersburg Hotels
South Lake Tahoe Hotels


\"Safari


Featured Book

Managing Security with Snort & IDS Tools Managing Security with Snort & IDS Tools -- This practical guide to managing network security covers reliable methods for detecting network intruders, from using simple packet sniffers to more sophisticated IDS (Intrusion Detection Systems) applications and the GUI interfaces for managing them. The book provides step-by-step instructions on getting up and running with Snort 2.1, and it covers how to shut down and secure workstations, servers, firewalls, routers, sensors, and other network devices. This is your comprehensive resource for monitoring illegal entry attempts. Sample Chapter 6, Deploying Snort, is available free online.

 Free shipping.
Books

Subscribe to O'Reilly books on Safari Bookshelf.
View the archive of free PDF chapters.

bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
SpamAssassin -- New!
bullet
bullet
bullet
bullet

Books from our Publishing Partners

bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet

Resources

Security Bibliography -- To help you find resources to protect your systems and your privacy, here are our recommendations for the best security books by O'Reilly and other publishers.

Security DevCenter -- O'Reilly Network's one-stop security resource. You'll find security alerts, articles, programming recipes, the day's news headlines, and more.


News & Articles [News Archive]

Point-and-Click Phishing -- Brian McWilliams examines a recent phishing attack and talks to the hacker, an eighteen-year-old software whiz, who wrote the powerful spamware program that made it possible. Brian is the author of O'Reilly's upcoming Spam Kings.

trojan horse Google Your Site for Security Vulnerabilities -- The fact that Google indexes pages you might never have known were public is both good and bad. It's good when you're searching for specialized or esoteric information. It's bad when Google indexes potential security vulnerabilities on your site. Nitesh Dhanjani demonstrates how to use the Google API to help identify your inadvertently shared secrets.

O'Reilly Learning Lab: $200 Instant Rebate -- Learning programming languages and development techniques has never been easier. Using your web browser and Useractive's Learning Sandbox technology, the Learning Lab gives you hands-on, online training in a Unix environment. This month, receive a $200 instant rebate (and a Certificate from the University of Illinois upon course completion) when you enroll in any Certificate Series.

SPF Not Poisonous to Phish -- The statistics on "phishing," email scams that trick victims into divulging account numbers and other sensitive information, are grim. With these forgery scams on the rise, why aren't banks rushing to support Sender Policy Framework (SPF)? Brian McWilliams investigates. He's the author of O'Reilly's upcoming Spam Kings.

Horseshoe Bat Wireless Security and the Open1X Project -- Open1X is an open source project focusing on network security. The wireless adoption of this technology is referred to as 802.1X. Matthew Gast went to the University of Utah to talk about it with Chris Hessing and Terry Simmons, who are intent on bringing standards-based wireless security to Linux, Mac OS X, and Windows clients. Matthew is the author of 802.11 Wireless Networks: The Definitive Guide.

VPNs and Public Key Infrastructure -- Security and convenience often conflict with each other. It'd be nice to have access to your office network from anywhere, but you can't trust the Internet. Virtual private networks are one solution, but how do they keep your data safe? Scott Brumbaugh explains the basics of Public Key Infrastructure, the cryptographic basis for secure VPNs. For 100 ways to make your network secure, see Network Security Hacks.

Creasted Porcupine Open Source Security: Still a Myth -- Open source may have many benefits over closed systems, but don't count security among them--yet. This article by John Viega looks at why open source software may currently be less secure than its commercial counterparts. John is a coauthor of Secure Programming Cookbook for C and C++.

Behind the Scenes at The Mezonic Agenda: An Electronic Voting Primer -- Although electronic voting and touch-screen systems have been in use since the 1970s, the recent controversy that has surrounded the design and implementation of Direct Recording Electronic (DRE) systems, as well as the companies that make them, has brought the risks of electronic voting under spotlight. This article by Spyros Nomikos offers a snapshot of where we are and how we got here. Spyros is a coauthor of The Mezonic Agenda: Hacking the Presidency.

safe Stealing the Network: A Prequel -- Ryan Russell has written this tale of a '70s-era security hack, set at a tech company on the East Coast. What real-world company he used as a backdrop is up to you to guess. This short bit of fiction provides a real sense of the concept behind the book he's coauthored, Stealing the Network: How to Own a Continent (from Syngress).

Book Review: Security Warrior -- In this UnixReview.com book review, Peter H. Salus writes, "Peikari and Chuvakin have written a valuable book that will soon find its way onto the shelf of everyone involved in network and machine security." Learn the mind of your attacker and defend yourself with Security Warrior.

King Vulture What's New in SpamAssassin 3.0 -- Based on his testing of beta versions of the upcoming SpamAssassin 3.0 release, Alan Schwartz presents an overview of some of SA 3's newest, coolest features. Find out why he thinks mail administrators should strongly consider upgrading to SA 3 when it releases. Alan is the author of SpamAssassin.

Top Ten Ethereal Tips and Tricks -- Ethereal rivals commercial sniffers with its abundance of features and hundreds of protocol dissectors. And best of all, it's free. Here's a top ten list of Ethereal tips and tricks from Angela D. Orebaugh, a coauthor of Syngress' Ethereal Packet Sniffing.

Sand Star Java and Security, Part 2 -- This book excerpt takes a close look at WebLogic's various security providers and their default implementations. It shows you how to authenticate using JAAS, and how to create custom Authentication and Identity Assertion Providers. Get a 360-degree view of the world of WebLogic from WebLogic: The Definitive Guide.

Your O'Reilly Account: New, Single Sign On -- O'Reilly customers and guests now have a single address and one password to access all things O'Reilly, from oreilly.com and Safari Bookshelf to all of the O'Reilly Network sites and DevCenters. When possible, we've consolidated your prior, separate accounts into one new account. Logging into the new system is quick and easy; details on how to do it have been emailed to you, and you can read more about O'Reilly's single sign on in Tony Stubblebine's weblog.

Using Penetration Testing to Identify Management Issues -- Bob Ayers discusses the most common systems-management process failures that produce vulnerabilities detected by penetration testing, in this modified foreword from Chris McNab's Network Security Assessment.


Sponsored by:


O'Reilly Home | Privacy Policy

© 2004, O'Reilly Media, Inc.

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.