Security and Usability -- Destined to be the classic reference in this emerging field, Security & Usability collects 34 groundbreaking essays from leading security and human-computer interaction (HCI) researchers on authentication, privacy and anonymity, secure systems, commercialization, and much more. This book is expected to start an avalanche of discussion, new ideas, and further advances in this important field. Sample Chapter 23, Privacy Analysis for the Casual User with Bugnosis (PDF), is available free online.

The Next 50 Years of Computer Security: An Interview with Alan Cox -- Alan Cox is well known for his long-standing work on the Linux kernel, but at O'Reilly's EuroOSCON in Amsterdam this October, he will speak about computer security. According to Alan, we're just at the beginning of a long journey into getting security right. Eager for directions and a glimpse of the future, O'Reilly Network interviewed him about his upcoming keynote. For more information, check out EuroOSCON and Alan's scheduled keynote.

Security Myths: 392 Steps to a Hardened Server -- There are plenty of security guides out there to offer advice, but which ones should you trust? Mitch Tulloch tells you about the best, and clues you in to other extras you need to know about security. Mitch is the author of author of Windows Server Hacks.

Internet Security Annoyances -- Spyware, Trojans, worms, viruses, phishing, and now pharming are all security issues that can lead to a disenchanting internet experience. In this excerpt, Preston Gralla helps you prevent these kinds of security breaches with tips on configuring your home router for maximum security, constructing your own personal firewall, and more. Preston is the author of Internet Annoyances.

Jump Start Your Career in Programming with the O'Reilly Learning Lab -- Learn programming, systems, and networking skills through the O'Reilly Learning Lab. All Learning Lab courses are online, self-paced, and provide the technology environments needed to develop and practice new skills. In addition, every student is assigned a personal O'Reilly instructor for coaching and feedback throughout each course. Completion of selected course sequences earns students a Certificate from the University of Illinois at Urbana-Champaign. Enroll and start today!

Computer Privacy Annoyances: Privacy at Home -- Like charity, privacy begins at home. Today, privacy annoyances abound thanks to your telephone, mailbox, fax machine, cellphone, and so on. Perhaps worst of all, poor privacy practices could lead to the theft of your personal identity—-and a world of hurt for your reputation and credit rating. Feeling paranoid yet? Reading Chapter 2 of Computer Privacy Annoyances proves that knowledge is power. If you like this chapter, read the whole book (and up to nine others) on Safari with a free trial subscription.

Is This Security Alert Really from Microsoft? -- An excellent way to get information about Windows updates is via email with Microsoft Technical Security Notification Services. But how can you tell if a security bulletin in your inbox is really from Microsoft and not from someone with malicious intent? Mitch Tulloch points you in the right direction with these important tips. Mitch is the author of Windows Server Hacks.

Microsoft Receives $7M in Spam Settlement -- Noted as a significant victory in the fight against spam, Microsoft was awarded 7 million dollars in settlement from Scott Richter, one of the world's most prolific spammers. Richter, as well as a host of other spammers, are covered in Brian McWilliams' comprehensive investigation of the world of spam, Spam Kings.

Safe from the Spam Flood? -- Rumored to be capable of deluging your inbox with spam, ProxyLock, a new feature in a popular spamware program, appears to have a fatal flaw. Researchers have discovered that the dreaded ProxyLock feature lacks a smart way to find the SMTP server affiliated with a spam proxy. As a result, it presents no big threat to existing blacklist systems. Brian McWilliams, author of Spam Kings, explains why.

Network Security Tools: Writing Network Sniffers -- An important function of many security tools is to capture network traffic and then either reassemble it or extract information from the packets flowing across the network. Chapter 10 of Network Security Tools provides a quick and practical introduction to packet capture using the commonly available libpcap library on wired and wireless networks. If you like this chapter, read the whole book (and up to nine others) on Safari with a free trial subscription.

Opting in to Privacy Problems -- Brian McWilliams looks at yet another way internet users may be putting their privacy at risk. With list brokers now cutting deals with e-commerce sites and internet marketing firms for data that includes home addresses, phone numbers, and corresponding IP addresses, you may be opting in for more than you bargained for when you shop online. Brian is the author of Spam Kings.

Sources of Network Vulnerability Information -- To maintain security, it's vital to be aware of the latest threats posed to your network and its components. You should regularly check the latest public information about vulnerabilities and exploit scripts. Here are some lists of web sites and mailing lists that security consultants and hackers use on a daily basis, from Appendix B of Network Security Assessment. If you like this chapter, read the whole book (and up to nine others) on Safari with a free trial subscription.

Anatomy of an Attack: The Five Ps -- The five Ps--Probe, Penetrate, Persist, Propagate, and Paralyze--represent a model of how a security attack progresses. In this excerpt, Kerry Cox and Christopher Gerg discuss an attack's progression through these five steps, whether the attack is sourced from a person or an automated worm or script. Kerry and Christopher are the authors of Managing Security with Snort & IDS Tools.

Hijacked by Spammers -- If you're thinking spammers couldn't hijack your internet account and use it to send junk email, think again. Brian McWilliams writes about how one spammer did just that when he cracked BellSouth's ISP and hijacked dozens of user accounts. Brian is the author of Spam Kings.

Fear and Loathing in Information Security -- "Society has always treated innovators and whistle blowers with ambivalence," writes author Michael D. Bauer in reference to hackers. In this article, Michael defines and analyzes hacking. He then discusses why information security professionals demonize hackers and why that tendency is both irrational and counterproductive. Michael is the author of Linux Server Security, 2nd Edition.

DHCP and DNS Security -- In this excerpt, Mike Danseglio explores the core network services of DHCP and DNS. These services are essential to most IP networks today in that they respectively provide automatic addressing and name resolution. However, their security considerations and safe operations are often neglected. Mike shows you how these services work, how they're vulnerable to attack, and how to protect them against attacks when possible. Mike is the author of Securing Windows Server 2003.