معرفی کتاب «Защита от взлома: сокеты, эксплойты, shell код: трудности конструирования эксплойтов и инструмента кодирования для профессиональной защиты» نوشتهٔ Джеймс С. Фостер при участии Майка Прайса; [пер. с англ. Слинкина А. А.]، منتشرشده توسط نشر Syngress Pub. Inc. ; Distributed by O'Reilly Media in the United States and Canada در سال 2005. این کتاب در فرمت djvu، زبان انگلیسی ارائه شده است.
Защита от взлома. Сокеты, shell-код, эксплойты Джеймс С. Фостер От издателя В своей новой книге Джеймс Фостер, автор ряда бестселлеров, впервые описывает методы, которыми пользуются хакеры для атак на операционные системы и прикладные программы. Он приводит примеры работающего кода на языках C/C++, Java, Perl и NASL, в которых иллюстрируются методы обнаружения и защиты от наиболее опасных атак. В книге подробно изложены вопросы, разбираться в которых насущно необходимо любому программисту, работающему в сфере информационной безопасности: программирование сокетов, shell-коды, переносимые приложения и принципы написания эксплойтов. Прочитав эту книгу, вы научитесь: # Самостоятельно разрабатывать shell-код; # Переносить опубликованные эксплойты на другую платформу; # Модифицировать под свои нужды COM-объекты в Windows; # Усовершенствовать Web-сканер Nikto; # Разобраться в эксплойте "судного дня"; # Писать сценарии на языке NASL; # Выявлять и атаковать уязвимости; # Программировать на уровне сокетов. Книги по теме: Головоломки для хакера Искусство защиты и взлома информации Системный администратор с 2002 по 2006 год Как защитить детей от опасностей Интернета: вирусов, программ-шпионов, спама, порносайтов, всплывающих окон. Интернет. Хитрости Джеймс К. Фостер, Винсент Лю-Разработка средств безопасности и эксплойтов The book is logically divided into 5 main categories with each category representing a major skill set required by most security professionals:1. Coding – The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL. 2. Sockets – The technology that allows programs and scripts to communicate over a network is sockets. Even though the theory remains the same – communication over TCP and UDP, sockets are implemented differently in nearly ever language. 3. Shellcode – Shellcode, commonly defined as bytecode converted from Assembly, is utilized to execute commands on remote systems via direct memory access. 4. Porting – Due to the differences between operating platforms and language implementations on those platforms, it is a common practice to modify an original body of code to work on a different platforms. This technique is known as porting and is incredible useful in the real world environments since it allows you to not “recreate the wheel.5. Coding Tools – The culmination of the previous four sections, coding tools brings all of the techniques that you have learned to the forefront. With the background technologies and techniques you will now be able to code quick utilities that will not only make you more productive, they will arm you with an extremely valuable skill that will remain with you as long as you make the proper time and effort dedications.•Contains never before seen chapters on writing and automating exploits on windows systems with all-new exploits. •Perform zero-day exploit forensics by reverse engineering malicious code. •Provides working code and scripts in all of the most common programming languages for readers to use TODAY to defend their networks. The book is logically divided into 5 main categories with each category representing a major skill set required by most security 1. Coding The ability to program and script is quickly becoming a mainstream requirement for just about everyone in the security industry. This section covers the basics in coding complemented with a slue of programming tips and tricks in C/C++, Java, Perl and NASL. 2. Sockets The technology that allows programs and scripts to communicate over a network is sockets. Even though the theory remains the same communication over TCP and UDP, sockets are implemented differently in nearly ever language. 3. Shellcode Shellcode, commonly defined as bytecode converted from Assembly, is utilized to execute commands on remote systems via direct memory access. 4. Porting Due to the differences between operating platforms and language implementations on those platforms, it is a common practice to modify an original body of code to work on a different platforms. This technique is known as porting and is incredible useful in the real world environments since it allows you to not recreate the wheel. 5. Coding Tools The culmination of the previous four sections, coding tools brings all of the techniques that you have learned to the forefront. With the background technologies and techniques you will now be able to code quick utilities that will not only make you more productive, they will arm you with an extremely valuable skill that will remain with you as long as you make the proper time and effort dedications. *Contains never before seen chapters on writing and automating exploits on windows systems with all-new exploits. *Perform zero-day exploit forensics by reverse engineering malicious code. *Provides working code and scripts in all of the most common programming languages for readers to use TODAY to defend their networks.
foster (computer Sciences Corp.) And Price (mcafee) Explain How To Code With The Nessus Attack Scripting Language (nasl), And Program Berkeley Software Distribution (bsd), Windows, And Java Sockets That Will Provide Secure Network Connections. The Book Then Addresses Applications That Will Run On Different Operating Systems, Writing Shell Code For Penetration Testing, And The Methods Hackers Use To Exploit Format String, Tcp/ip, And Buffer Overflow Vulnerabilities. Distributed In The U.s. By O'reilly. Annotation ©2005 Book News, Inc., Portland, Or
In this groundbreaking book, best-selling author James C. Foster reveals for the first time the methods hackers use to attack and exploit the core components of operating systems and their applications. He provides working code and scripts in C/C++, Java, Perl, and NASL to detect and defend against the most dangerous attacks. The book covers in detail the five most important disciplines for security professionals and software developers: Coding, Sockets, Shellcode, Porting Applications, and Coding Security Tools. Covers in detail the five most important disciplines for security professionals and software developers: coding, sockets, shellocode, porting applications, and coding security tools