Introduction to Intrusion Protection and Network Security By Jennifer Vesperman

Introduction to Intrusion Protection and Network Security

By Jennifer Vesperman

If your computer is not connected to any other computers and doesn't have a modem, the only way anyone can access your computer's information is by physically coming to the computer and sitting at it. So securing the room it's in will secure the computer. As soon as your computer is connected to another computer you add the possibility that someone using the other computer can access your computer's information.

If your network (your connected computers) consists only of other computers in the same building you can still secure the network by securing the rooms the computers are in. An example of this would be two computers sharing the same files and printer, but not having a modem and not being connected to any other computers.

However, it's wise to learn about other ways to secure a network of connected computers, in case you add something later. Networks have a tendency to grow. If you have a network, an intruder who gains access to one computer has at least some access to all of them.

Note: Note that once someone has physical access to your computer, there are a number of ways that they can access your information. Most systems have some sort of emergency feature that allows someone with physical access to get in and change the superuser password, or access the data. Even if your system doesn't have that, or it's disabled, they can always just pick up the computer or remove the hard drive and carry it out. More on this in the physical security article.

Click to Read More

Introduction to Securing Data in Transit By Jennifer Vesperman

Introduction to Securing Data in Transit

By Jennifer Vesperman

The secure transmission of data in transit relies on both encryption and authentication - on both the hiding or concealment of the data itself, and on ensuring that the computers at each end are the computers they say they are.

Authentication
Authentication is a difficult task - computers have no way of knowing that they are 'the computer that sits next to the printer on the third floor' or 'the computer that runs the sales for www.dotcom.com'. And those are the matters which are important to humans - humans don't care if the computer is '10.10.10.10', which is what the computers know.

However, if the computer can trust the human to tell it which computer address to look for - either in the numeric or the name form - the computers can then verify that each other is, in fact, the computer at that address. It's similar to using the post office - we want to know if 100 Somewhere Street is where our friend Sally is, but the post office just wants to know where to send the parcel.

The simplest form of authentication is to exchange secret information the first time the two computers communicate and check it on each subsequent connection. Most exchanges between computers take place over a long period of time, in computer terms, so they tend to do this in a small way for the duration of each connection - as if you were checking, each time you spoke in a phone call, that the person you were talking to was still that person. (Sally, is that you? Yeah. Good, now I was telling you about the kids .. is that still you?)

It may sound paranoid, but this sort of verification system can inhibit what is called a 'man in the middle' attack - where a third party tries to 'catch' the connection and insert their own information. Of course, this relies on the first communication not being intercepted.

Public key encryption (see below) is the other common means of authentication. It doesn't authenticate the sender, but it does authenticate the receiver - and if both parties exchange public keys, and verify by some independant means that the key they have is the key of the party they wish to send to, it authenticates both.

Click to Read More

Maximum Security: Hacker's Guide to Protecting Your Internet Site and Network

Maximum Security: Hacker's Guide to Protecting Your Internet Site and Network

Hacking and cracking are activities that generate intense public interest. Stories of hacked servers and downed Internet providers appear regularly in national news. Consequently, publishers are in a race to deliver books on these subjects. To its credit, the publishing community has not failed in this resolve. Security books appear on shelves in ever-increasing numbers. However, the public remains wary. Consumers recognize driving commercialism when they see it, and are understandably suspicious of books such as this one. They need only browse the shelves of their local bookstore to accurately assess the situation.

Books about Internet security are common (firewall technology seems to dominate the subject list). In such books, the information is often sparse, confined to a narrow range of products. Authors typically include full-text reproductions of stale, dated documents that are readily available on the Net. This poses a problem, mainly because such texts are impractical. Experienced readers are already aware of these reference sources, and inexperienced ones are poorly served by them. Hence, consumers know that they might get little bang for their buck. Because of this trend, Internet security books have sold poorly at America's neighborhood bookstores.

Another reason that such books sell poorly is this: The public erroneously believes that to hack or crack, you must first be a genius or a UNIX guru. Neither is true, though admittedly, certain exploits require advanced knowledge of the target's operating system. However, these exploits can now be simplified through utilities that are available for a wide range of platforms. Despite the availability of such programs, however, the public remains mystified by hacking and cracking, and therefore, reticent to spend forty dollars for a hacking book.

So, at the outset, Sams.net embarked on a rather unusual journey in publishing this book. The Sams.net imprint occupies a place of authority within the field. Better than two thirds of all information professionals I know have purchased at least one Sams.net product. For that reason, this book represented to them a special situation.

Hacking, cracking, and Internet security are all explosive subjects. There is a sharp difference between publishing a primer about C++ and publishing a hacking guide. A book such as this one harbors certain dangers, including

• The possibility that readers will use the information maliciously
• The possibility of angering the often-secretive Internet-security community
• 
  
  The possibility of angering vendors that have yet to close security holes within their software

Click to Read More

SSH: The Secure Shell - The Definitive Guide by Daniel J. Barrett and Richard E. Silverman

SSH: The Secure Shell - The Definitive Guide

by Daniel J. Barrett and Richard E. Silverman

Privacy is a basic human right, but on today's computer networks, privacy isn't guaranteed. Much of the data that travels on the Internet or local networks is transmitted as plain text, and may be captured and viewed by anybody with a little technical know-how. The email you send, the files you transmit between computers, even the passwords you type may be readable by others. Imagine the damage that can be done if an untrusted third party -- a competitor, the CIA, your in-laws -- intercepted your most sensitive communications in transit.

Network security is big business as companies scramble to protect their information assets behind firewalls, establish virtual private networks (VPNs), and encrypt files and transmissions. But hidden away from all the bustle, there is a small, unassuming, yet robust solution many big companies have missed. It's reliable, reasonably easy to use, cheap, and available for most of today's operating systems.

It's SSH, the Secure Shell.

Click to Read More

A Beginner’s Guide to Network Security

A Beginner’s Guide to Network Security

An Introduction to the Key Security Issues for the E-Business Economy
With the explosion of the public Internet and e-commerce, private computers, and computer networks, if not adequately secured, are increasingly vulnerable to damaging attacks. Hackers, viruses, vindictive employees and even human error all represent clear and present dangers to networks. And all computer users, from the most casual Internet surfers to large enterprises, could be affected by network security breaches. However, security breaches can often be easily prevented. How? This guide provides you with a general overview of the most common network security threats and the steps you and your organization can take to protect yourselves from threats and ensure that the data traveling across your networks is safe.

Importance of Security
The Internet has undoubtedly become the largest public data network, enabling and facilitating both personal and business communications worldwide. The volume of traffic moving over the Internet, as well as corporate networks, is expanding exponentially every day. More and more communication is taking place via e-mail; mobile workers, telecommuters, and branch offices are using the Internet to remotely connect to their corporate networks; and commercial transactions completed over the Internet, via the World Wide Web, now account for large portions of corporate revenue.

Click to Download

Traffic Management For High-Speed Networks

Traffic Management For High-Speed Networks

Traffic Management For High-Speed Networks is written by H.T. Kung, Gordon McKay - Professor of Electrical Engineering & Comuputer Science and Harvard University. This network management book is published by National Academies Press.

Abstract
Network congestion will increase as network speed increases. New control methods are needed, especially for handling "bursty" traffic expected in very high speed networks such as asynchronous transfer mode (ATM) networks. Users should have instant access to all available network bandwidth when they need it, while being assured that the chance of losing data in the presence of congestion will be negligible. At the same time, high network utilization must be achieved, and services requiting guaranteed performance must be accommodated. This paper discusses these issues and describes congestion control solutions under study at Harvard University and elsewhere. Motivations, theory, and experimental results are presented.

Following are the topics covered in this network management book.

1. Why New Control Methods Are Needed
2. Rapid Increase in Network Speeds
3. Network Congestion Problem
4. Inadequacy of Brute-Force Approach to Providing Large Buffers
5. Use of Flow Control
6. Control of Congestion for ATM Networks
7. Technical Goals of Flow Control for Supporting ATM ABR Services
8. Two Traffic Models
9. A Flood Control Principle
10. Credit-based Flow Control
11. Credit Update Protocol
12. Static vs. Adaptive Credit Control
13. Adaptive Buffer Allocation
14. Receiver-oriented Adaptive Buffer Allocation
15. Rationale for Credit-based Flow Control
16. Overallocation of Resources to Achieve High Efficiency
17. Link-by-Link Flow Control to Increase Quality of Control
18. Per-VC Queueing to Achieve a High Degree of Fairness
19. Rate-based Flow Control
20. CreditNet ATM Switch
21. Experimental Network Configurations
22. Measured Performance on CreditNet Experimental Switches
23. Summary and Concluding Remarks
24. Acknowledgments
25. References

You can download or read this book from the following link.

Read More/Download

Thinking Networks - the Large and Small of it By Kieran Greer

Thinking Networks - the Large and Small of it

By Kieran Greer

The book is titled 'Thinking Networks - the Large and Small of it'. The topics covered span from large global networks to small local neural-like networks, hence the title. The book is mainly a research monograph, but it also contains blue sky research suggestions and also some informative or teaching sections. This book tries to cover research areas that look at adding autonomous or reasoning capabilities to information networks. It would be of interest to both academic or industrial researchers looking to build intelligent networks. For example, the telecommunications sector might want to add intelligent services to the Internet or a mobile environment. The book however could be used to build networks that range in size from large Internet-based networks to small local neural network-like structures, and ultimately suggests an architecture on which to build a network that might even begin to 'think'. Some of the research has been proven, while the more ambitious claims or suggestions are for future research.

The book covers areas such as the Internet/p2p/ mobile networks, SOA, Semantic Networks (Semantic Web, Ontologies, Web Services, Grid), AI (including Autonomous systems, Intelligent, Cognitive or Neural Network-like systems, and Bio-inspired networks), XML-based languages and query processes. It is available from different online stores and is also listed on the ACM portal. The technologies that are described in this book are also strongly related to the new 'Cloud Computing' architecture that is being talked about for the Internet.

Read More/Try It

Network Coding Theory By Raymond W. Yeung, Shuo-Yen Robert Li, Ning Cai and Zhen Zhang

Network Coding Theory

By Raymond W. Yeung, Shuo-Yen Robert Li, Ning Cai and Zhen Zhang

Consider a network consisting of point-to-point communication channels. Each channel transmits information noiselessly subject to the channel capacity. Data is to be transmitted from the source node to a prescribed set of destination nodes. Given the transmission requirements, a natural question is whether the network can fulfill these requirements and how it can be done efficiently.

In existing computer networks, information is transmitted from the source node to each destination node through a chain of intermediate nodes by a method known as store-and-forward. In this method, data packets received from an input link of an intermediate node are stored and a copy is forwarded to the next node via an output link. In the case when an intermediate node is on the transmission paths toward multiple destinations, it sends one copy of the data packets onto each output link that leads to at least one of the destinations. It has been a folklore in data networking that there is no need for data processing at the intermediate nodes except for data replication.

This text aims to be a tutorial on the basics of the theory of network coding. The intent is a transparent presentation without necessarily presenting all results in their full generality. Part I is devoted to network coding for the transmission from a single source node to other nodes in the network. It starts with describing examples on network coding in the next section. Part II deals with the problem under the more general circumstances when there are multiple source nodes each intending to transmit to a different set of destination nodes.

Following are the few topics covered in this Network coding book.

• Linear coding
• Nonlinear coding
• Random coding
• Static codes
• Convolutional codes
• Group codes
• Alphabet size
• Code construction
• Algorithms/protocols
• Cyclic networks
• Undirected networks
• Link failure/Network management
• Separation theorem
• Error correction/detection
• Cryptography
• Multiple sources
• Multiple unicasts
• Cost criteria
• Non-uniform demand
• Correlated sources
• Max-flow/cutset/edge-cut bound
• Superposition coding
• Networking
• Routing
• Wireless/satellite networks
• Ad hoc/sensor networks
• Data storage/distribution
• Implementation issues
• Matrix theory
• Complexity theory
• Graph theory
• Random graph
• Tree packing
• Multicommodity flow
• Game theory
• Matriod theory
• Information inequalities
• Noisy channels
• Queueing analysis
• Rate-distortion
• Multiple descriptions
• Latin squares
• Reversible networks
• Multiuser channels
• Joint network-channel coding

Read More/Try It

Network Programming for MS Windows

                                                                   
                   Download it-                  
                                       Download