Bulletproof TLS and PKI, Second Edition: Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications

Author: Ivan Ristic
Publisher: Feisty Duck
ISBN: 9781907117091
Category : Computers
Languages : en
Pages : 512

Book Description
Bulletproof TLS and PKI is a complete guide to using TLS encryption and PKI to deploy secure servers and web applications. Written by Ivan Ristic, author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks. In this book, you'll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done: Comprehensive coverage of the ever-changing ﬁeld of SSL/TLS and Internet PKI, with updates to the digital version For IT professionals, help to understand security risks For system administrators, help to deploy systems securely For developers, help to secure web applications Practical and concise, with added depth as needed Introduction to cryptography and the Internet threat model Coverage of TLS 1.3 as well as earlier protocol versions Discussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilities Coverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and Heartbleed Thorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinning Guide to using OpenSSL to generate keys and certificates and to create and run a private certification authority Guide to using OpenSSL to test servers for vulnerabilities This book is also available in a variety of digital formats directly from the publisher. Visit us at www.feistyduck.com.

Bulletproof SSL and TLS

Author: Ivan Ristic
Publisher: Feisty Duck
ISBN: 1907117040
Category : Computers
Languages : en
Pages : 528

Book Description
Bulletproof SSL and TLS is a complete guide to using SSL and TLS encryption to deploy secure servers and web applications. Written by Ivan Ristic, the author of the popular SSL Labs web site, this book will teach you everything you need to know to protect your systems from eavesdropping and impersonation attacks. In this book, you’ll find just the right mix of theory, protocol detail, vulnerability and weakness information, and deployment advice to get your job done: - Comprehensive coverage of the ever-changing field of SSL/TLS and Internet PKI, with updates to the digital version - For IT security professionals, help to understand the risks - For system administrators, help to deploy systems securely - For developers, help to design and implement secure web applications - Practical and concise, with added depth when details are relevant - Introduction to cryptography and the latest TLS protocol version - Discussion of weaknesses at every level, covering implementation issues, HTTP and browser problems, and protocol vulnerabilities - Coverage of the latest attacks, such as BEAST, CRIME, BREACH, Lucky 13, RC4 biases, Triple Handshake Attack, and Heartbleed - Thorough deployment advice, including advanced technologies, such as Strict Transport Security, Content Security Policy, and pinning - Guide to using OpenSSL to generate keys and certificates and to create and run a private certification authority - Guide to using OpenSSL to test servers for vulnerabilities - Practical advice for secure server configuration using Apache httpd, IIS, Java, Nginx, Microsoft Windows, and Tomcat This book is available in paperback and a variety of digital formats without DRM.

OpenSSL Cookbook

Author: Ivan Ristic
Publisher: Feisty Duck
ISBN: 1907117059
Category : Computers
Languages : en
Pages : 62

Book Description
A guide to the most frequently used OpenSSL features and commands, written by Ivan Ristic. Comprehensive coverage of OpenSSL installation, configuration, and key and certificate management Includes SSL/TLS Deployment Best Practices, a design and deployment guide Written by a well-known practitioner in the field and the author of SSL Labs and the SSL/TLS configuration assessment tool Available in a variety of digital formats (PDF, EPUB, Mobi/Kindle); no DRM Continuously updated OpenSSL Cookbook is built around one chapter from Bulletproof SSL/TLS and PKI, a larger work that provides complete coverage of SSL/TLS and PKI topics. To download your free copy in various formats, visit feistyduck.com/books/openssl-cookbook/

Network Security with OpenSSL

Author: John Viega
Publisher: "O'Reilly Media, Inc."
ISBN: 0596551975
Category : Computers
Languages : en
Pages : 387

Book Description
Most applications these days are at least somewhat network aware, but how do you protect those applications against common network security threats? Many developers are turning to OpenSSL, an open source version of SSL/TLS, which is the most widely used protocol for secure network communications.The OpenSSL library is seeing widespread adoption for web sites that require cryptographic functions to protect a broad range of sensitive information, such as credit card numbers and other financial transactions. The library is the only free, full-featured SSL implementation for C and C++, and it can be used programmatically or from the command line to secure most TCP-based network protocols.Network Security with OpenSSL enables developers to use this protocol much more effectively. Traditionally, getting something simple done in OpenSSL could easily take weeks. This concise book gives you the guidance you need to avoid pitfalls, while allowing you to take advantage of the library?s advanced features. And, instead of bogging you down in the technical details of how SSL works under the hood, this book provides only the information that is necessary to use OpenSSL safely and effectively. In step-by-step fashion, the book details the challenges in securing network communications, and shows you how to use OpenSSL tools to best meet those challenges.As a system or network administrator, you will benefit from the thorough treatment of the OpenSSL command-line interface, as well as from step-by-step directions for obtaining certificates and setting up your own certification authority. As a developer, you will further benefit from the in-depth discussions and examples of how to use OpenSSL in your own programs. Although OpenSSL is written in C, information on how to use OpenSSL with Perl, Python and PHP is also included.OpenSSL may well answer your need to protect sensitive data. If that?s the case, Network Security with OpenSSL is the only guide available on the subject.

Modsecurity Handbook

Author: Ivan Ristic
Publisher: Feisty Duck
ISBN: 1907117024
Category : Computers
Languages : en
Pages : 365

Book Description
"ModSecurity Handbook is the definitive guide to ModSecurity, a popular open source web application firewall. Written by Ivan Ristić, who designed and wrote much of ModSecurity, this book will teach you everything you need to know to monitor the activity on your web sites and protect them from attack. ... The official ModSecurity Reference Manual is included in the second part of the book."--Back cover.

Planning for PKI

Author: Russ Housley
Publisher: John Wiley & Sons
ISBN:
Category : Computers
Languages : en
Pages : 360

Book Description
An in-depth technical guide on the security technology driving Internet e-commerce expansion. "Planning for PKI" examines the number-one Internet security technology that will be widely adopted in the next two years. Written by two of the architects of the Internet PKI standards, this book provides authoritative technical guidance for network engineers, architects, and managers who need to implement the right PKI architecture for their organization. The authors discuss results and lessons learned from early PKI pilots, helping readers evaluate PKI deployment impact on current network architecture while avoiding the pitfalls of early technical mistakes. Four technical case studies detail the do's and don'ts of PKI implementation, illustrating both successes and failures of different deployments. Readers will also learn how to leverage future PKI-related technologies for additional benefits.

Apache Security

Author: Ivan Ristic
Publisher:
ISBN:
Category : Computers
Languages : en
Pages : 440

Book Description
"The complete guide to securing your Apache web server"--Cover.

Hack the Stack

Author: Stephen Watkins
Publisher: Elsevier
ISBN: 0080507743
Category : Computers
Languages : en
Pages : 481

Book Description
This book looks at network security in a new and refreshing way. It guides readers step-by-step through the "stack" -- the seven layers of a network. Each chapter focuses on one layer of the stack along with the attacks, vulnerabilities, and exploits that can be found at that layer. The book even includes a chapter on the mythical eighth layer: The people layer. This book is designed to offer readers a deeper understanding of many common vulnerabilities and the ways in which attacker’s exploit, manipulate, misuse, and abuse protocols and applications. The authors guide the readers through this process by using tools such as Ethereal (sniffer) and Snort (IDS). The sniffer is used to help readers understand how the protocols should work and what the various attacks are doing to break them. IDS is used to demonstrate the format of specific signatures and provide the reader with the skills needed to recognize and detect attacks when they occur. What makes this book unique is that it presents the material in a layer by layer approach which offers the readers a way to learn about exploits in a manner similar to which they most likely originally learned networking. This methodology makes this book a useful tool to not only security professionals but also for networking professionals, application programmers, and others. All of the primary protocols such as IP, ICMP, TCP are discussed but each from a security perspective. The authors convey the mindset of the attacker by examining how seemingly small flaws are often the catalyst of potential threats. The book considers the general kinds of things that may be monitored that would have alerted users of an attack. * Remember being a child and wanting to take something apart, like a phone, to see how it worked? This book is for you then as it details how specific hacker tools and techniques accomplish the things they do. * This book will not only give you knowledge of security tools but will provide you the ability to design more robust security solutions * Anyone can tell you what a tool does but this book shows you how the tool works

Foundations of Security

Author: Christoph Kern
Publisher: Apress
ISBN: 1430203773
Category : Computers
Languages : en
Pages : 305

Book Description
Software developers need to worry about security as never before. They need clear guidance on safe coding practices, and that’s exactly what this book delivers. The book does not delve deep into theory, or rant about the politics of security. Instead, it clearly and simply lays out the most common threats that programmers need to defend against. It then shows programmers how to make their defense. The book takes a broad focus, ranging over SQL injection, worms and buffer overflows, password security, and more. It sets programmers on the path towards successfully defending against the entire gamut of security threats that they might face.

CISA Certified Information Systems Auditor Study Guide

Author: David L. Cannon
Publisher: John Wiley & Sons
ISBN: 1119056241
Category : Computers
Languages : en
Pages : 696

Book Description
The ultimate CISA prep guide, with practice exams Sybex's CISA: Certified Information Systems Auditor Study Guide, Fourth Edition is the newest edition of industry-leading study guide for the Certified Information System Auditor exam, fully updated to align with the latest ISACA standards and changes in IS auditing. This new edition provides complete guidance toward all content areas, tasks, and knowledge areas of the exam and is illustrated with real-world examples. All CISA terminology has been revised to reflect the most recent interpretations, including 73 definition and nomenclature changes. Each chapter summary highlights the most important topics on which you'll be tested, and review questions help you gauge your understanding of the material. You also get access to electronic flashcards, practice exams, and the Sybex test engine for comprehensively thorough preparation. For those who audit, control, monitor, and assess enterprise IT and business systems, the CISA certification signals knowledge, skills, experience, and credibility that delivers value to a business. This study guide gives you the advantage of detailed explanations from a real-world perspective, so you can go into the exam fully prepared. Discover how much you already know by beginning with an assessment test Understand all content, knowledge, and tasks covered by the CISA exam Get more in-depths explanation and demonstrations with an all-new training video Test your knowledge with the electronic test engine, flashcards, review questions, and more The CISA certification has been a globally accepted standard of achievement among information systems audit, control, and security professionals since 1978. If you're looking to acquire one of the top IS security credentials, CISA is the comprehensive study guide you need.