Network Security with OpenSSL

Cryptography for Secure Communications

DOWNLOAD NOW »

Author: John Viega,Matt Messier,Pravir Chandra

Publisher: "O'Reilly Media, Inc."

ISBN: 9780596551971

Category: Computers

Page: 386

View: 9887

Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges.As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included.OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.

Secure Programming Cookbook for C and C++

Recipes for Cryptography, Authentication, Input Validation & More

DOWNLOAD NOW »

Author: John Viega,Matt Messier

Publisher: "O'Reilly Media, Inc."

ISBN: 9780596552183

Category: Computers

Page: 792

View: 4940

Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need help figuring out how to write code that attackers won't be able to exploit. But writing such code is surprisingly difficult. Secure Programming Cookbook for C and C++ is an important new resource for developers serious about writing secure code. It contains a wealth of solutions to problems faced by those who care about the security of their applications. It covers a wide range of topics, including safe initialization, access control, input validation, symmetric and public key cryptography, cryptographic hashes and MACs, authentication and key exchange, PKI, random numbers, and anti-tampering. The rich set of code samples provided in the book's more than 200 recipes will help programmers secure the C and C++ programs they write for both Unix® (including Linux®) and Windows® environments. Readers will learn: How to avoid common programming errors, such as buffer overflows, race conditions, and format string problems How to properly SSL-enable applications How to create secure channels for client-server communication without SSL How to integrate Public Key Infrastructure (PKI) into applications Best practices for using cryptography properly Techniques and strategies for properly validating input to programs How to launch programs securely How to use file access mechanisms properly Techniques for protecting applications from reverse engineering The book's web site supplements the book by providing a place to post new recipes, including those written in additional languages like Perl, Java, and Python. Monthly prizes will reward the best recipes submitted by readers. Secure Programming Cookbook for C and C++ is destined to become an essential part of any developer's library, a code companion developers will turn to again and again as they seek to protect their systems from attackers and reduce the risks they face in today's dangerous world.

Mastering FreeBSD and OpenBSD Security

Building, Securing, and Maintaining BSD Systems

DOWNLOAD NOW »

Author: Yanek Korff,Paco Hope,Bruce Potter

Publisher: "O'Reilly Media, Inc."

ISBN: 144936957X

Category: Computers

Page: 466

View: 2026

FreeBSD and OpenBSD are increasingly gaining traction in educational institutions, non-profits, and corporations worldwide because they provide significant security advantages over Linux. Although a lot can be said for the robustness, clean organization, and stability of the BSD operating systems, security is one of the main reasons system administrators use these two platforms.There are plenty of books to help you get a FreeBSD or OpenBSD system off the ground, and all of them touch on security to some extent, usually dedicating a chapter to the subject. But, as security is commonly named as the key concern for today's system administrators, a single chapter on the subject can't provide the depth of information you need to keep your systems secure.FreeBSD and OpenBSD are rife with security "building blocks" that you can put to use, and Mastering FreeBSD and OpenBSD Security shows you how. Both operating systems have kernel options and filesystem features that go well beyond traditional Unix permissions and controls. This power and flexibility is valuable, but the colossal range of possibilities need to be tackled one step at a time. This book walks you through the installation of a hardened operating system, the installation and configuration of critical services, and ongoing maintenance of your FreeBSD and OpenBSD systems.Using an application-specific approach that builds on your existing knowledge, the book provides sound technical information on FreeBSD and Open-BSD security with plenty of real-world examples to help you configure and deploy a secure system. By imparting a solid technical foundation as well as practical know-how, it enables administrators to push their server's security to the next level. Even administrators in other environments--like Linux and Solaris--can find useful paradigms to emulate.Written by security professionals with two decades of operating system experience, Mastering FreeBSD and OpenBSD Security features broad and deep explanations of how how to secure your most critical systems. Where other books on BSD systems help you achieve functionality, this book will help you more thoroughly secure your deployments.

19 Deadly Sins of Software Security

Programming Flaws and How to Fix Them

DOWNLOAD NOW »

Author: Michael Howard,David LeBlanc,John Viega

Publisher: McGraw-Hill Osborne Media

ISBN: 9780072260854

Category: Computers

Page: 304

View: 2254

This essential book for all software developers--regardless of platform, language, or type of application--outlines the “19 deadly sins” of software security and shows how to fix each one. Best-selling authors Michael Howard and David LeBlanc, who teach Microsoft employees how to secure code, have partnered with John Viega, the man who uncovered the 19 deadly programming sins to write this much-needed book. Coverage includes: Windows, UNIX, Linux, and Mac OS X C, C++, C#, Java, PHP, Perl, and Visual Basic Web, small client, and smart-client applications

The Myths of Security

What the Computer Security Industry Doesn't Want You to Know

DOWNLOAD NOW »

Author: John Viega

Publisher: "O'Reilly Media, Inc."

ISBN: 0596523025

Category: Business & Economics

Page: 238

View: 8727

If you think computer security has improved in recent years, Myths of Security will shake you out of your complacency. Longtime security professional John Viega reports on the sorry state of security, with concrete suggestions for professionals and individuals confronting the issue. Provocative, insightful, and often controversial, The Myths of Security addresses IT professionals who deal with security issues, and speaks to Mac and PC users who spend time online.

LDAP System Administration

DOWNLOAD NOW »

Author: Gerald Carter

Publisher: O'Reilly Media

ISBN: 9781565924918

Category: Computers

Page: 308

View: 9768

Be more productive and make your life easier. That's what LDAP System Administration is all about. System administrators often spend a great deal of time managing configuration information located on many different machines: usernames, passwords, printer configurations, email client configurations, and network filesystem configurations, to name a few. LDAPv3 provides tools for centralizing all of the configuration information and placing it under your control. Rather than maintaining several administrative databases (NIS, Active Directory, Samba, and NFS configuration files), you can make changes in only one place and have all your systems immediately "see" the updated information. Practically platform independent, this book uses the widely available, open source OpenLDAP 2 directory server as a premise for examples, showing you how to use it to help you manage your configuration information effectively and securely. OpenLDAP 2 ships with most Linux® distributions and Mac OS® X, and can be easily downloaded for most Unix-based systems. After introducing the workings of a directory service and the LDAP protocol, all aspects of building and installing OpenLDAP, plus key ancillary packages like SASL and OpenSSL, this book discusses: Configuration and access control Distributed directories; replication and referral Using OpenLDAP to replace NIS Using OpenLDAP to manage email configurations Using LDAP for abstraction with FTP and HTTP servers, Samba, and Radius Interoperating with different LDAP servers, including Active Directory Programming using Net::LDAP If you want to be a master of your domain, LDAP System Administration will help you get up and running quickly regardless of which LDAP version you use. After reading this book, even with no previous LDAP experience, you'll be able to integrate a directory server into essential network services such as mail, DNS, HTTP, and SMB/CIFS.

Sys Admin

The Journal for UNIX System Administrators

DOWNLOAD NOW »

Author: N.A

Publisher: N.A

ISBN: N.A

Category: UNIX (Computer file)

Page: N.A

View: 971

Network Security Assessment

Know Your Network

DOWNLOAD NOW »

Author: Chris McNab

Publisher: "O'Reilly Media, Inc."

ISBN: 9780596551575

Category: Computers

Page: 508

View: 5736

How secure is your network? The best way to find out is to attack it. Network Security Assessment provides you with the tricks and tools professional security consultants use to identify and assess risks in Internet-based networks-the same penetration testing model they use to secure government, military, and commercial networks. With this book, you can adopt, refine, and reuse this testing model to design and deploy networks that are hardened and immune from attack. Network Security Assessment demonstrates how a determined attacker scours Internet-based networks in search of vulnerable components, from the network to the application level. This new edition is up-to-date on the latest hacking techniques, but rather than focus on individual issues, it looks at the bigger picture by grouping and analyzing threats at a high-level. By grouping threats in this way, you learn to create defensive strategies against entire attack categories, providing protection now and into the future. Network Security Assessment helps you assess: Web services, including Microsoft IIS, Apache, Tomcat, and subsystems such as OpenSSL, Microsoft FrontPage, and Outlook Web Access (OWA) Web application technologies, including ASP, JSP, PHP, middleware, and backend databases such as MySQL, Oracle, and Microsoft SQL Server Microsoft Windows networking components, including RPC, NetBIOS, and CIFS services SMTP, POP3, and IMAP email services IP services that provide secure inbound network access, including IPsec, Microsoft PPTP, and SSL VPNs Unix RPC services on Linux, Solaris, IRIX, and other platforms Various types of application-level vulnerabilities that hacker tools and scripts exploit Assessment is the first step any organization should take to start managing information risks correctly. With techniques to identify and assess risks in line with CESG CHECK and NSA IAM government standards, Network Security Assessment gives you a precise method to do just that.

Implementing SSL / TLS Using Cryptography and PKI

DOWNLOAD NOW »

Author: Joshua Davies

Publisher: John Wiley and Sons

ISBN: 9781118038772

Category: Computers

Page: 704

View: 8083

Hands-on, practical guide to implementing SSL and TLS protocols for Internet security If you are a network professional who knows C programming, this practical book is for you. Focused on how to implement Secure Socket Layer (SSL) and Transport Layer Security (TLS), this book guides you through all necessary steps, whether or not you have a working knowledge of cryptography. The book covers SSLv2, TLS 1.0, and TLS 1.2, including implementations of the relevant cryptographic protocols, secure hashing, certificate parsing, certificate generation, and more. Coverage includes: Understanding Internet Security Protecting against Eavesdroppers with Symmetric Cryptography Secure Key Exchange over an Insecure Medium with Public Key Cryptography Authenticating Communications Using Digital Signatures Creating a Network of Trust Using X.509 Certificates A Usable, Secure Communications Protocol: Client-Side TLS Adding Server-Side TLS 1.0 Support Advanced SSL Topics Adding TLS 1.2 Support to Your TLS Library Other Applications of SSL A Binary Representation of Integers: A Primer Installing TCPDump and OpenSSL Understanding the Pitfalls of SSLv2 Set up and launch a working implementation of SSL with this practical guide.

Cryptology and Network Security

7th International Conference, CANS 2008, Hong-Kong, China, December 2-4, 2008. Proceedings

DOWNLOAD NOW »

Author: Matthew Franklin,Lucas Chi-Kwong Hui

Publisher: Springer Science & Business Media

ISBN: 3540896406

Category: Business & Economics

Page: 394

View: 1863

TheseventhinternationalconferenceonCryptologyandNetworkSecurity(CANS 2008)washeld at HKU Town Center, Hong Kong,China, during December 2–4, 2008. The conference was organized by the Department of Computer Science, theUniversityofHongKong,andwasfullysupportedbytheCenterforInfor- tion Security and Cryptography at the University of Hong Kong, the Cyberport Institute of Hong Kong at the University of Hong Kong and the Department of Computer Science at the City University of Hong Kong. The goal of CANS is to promote research on all aspects of network security, as well as to build a bridge between research on cryptography and network security. Previous CANS conferences have been held in Taipei, Taiwan (2001), SanFrancisco,USA (2002),Miami,USA (2003),Xiamen, China (2005),Suzhou, China (2006), and Singapore (2007). The conference proceedings of recent years were published by Springer in the Lecture Notes in Computer Science series. The Program Committee received 73 submissions, and accepted 27 papers for presentation. The ?nal versions of the accepted papers, which the authors ?nalized on the basis of comments from the reviewers, were included in the proceedings. The reviewing process took nine weeks; each paper was carefully evaluated by at least three members from the Program Committee. The in- vidual reviewing phase was followed by a Web-based discussion. Based on the comments and scores given by reviewers, the ?nal decisions on acceptance were made. We appreciate the hard work of the members of the Program Committee and the external referees who gave many hours of their valuable time.