From: Erik Birkholz (erik@foundstone.com)
Date: Tue Feb 17 2004 - 22:02:23 EST
<Blatant_Bias_Warning> I am the lead author on the Special Ops book. </Blatant_Bias_Warning>
In Special Ops (www.SpecialOpsSecurity.com) we have a minimum of one case study per chapter. That should help you along. Additionally, the Incident Response books by Osborne are a great read if you are focused on the response part.
The problem I see with your post is that it is VERY broad. Give us some more specifics and I think you will get a better response. For example, who is your audience? Then move into, what is your goal for this data given the audience you selected. Then we should be able to chime in effectively. Otherwise, you can probably expect emails that plug this or that book... Wait! Ummm. Err. Too late. ;)
-----Original Message-----
From: Technoboy [mailto:technoboy@packetswar.org]
Sent: Monday, February 16, 2004 9:56 AM
To: pen-test@securityfocus.com
Subject: RE: Penetration Whitepapers
For 'real life example' I would also recommand the following books:
Addison Wesley - Web Hacking Attacks and Defence [ISBM:0201761769] Prentice Hall PTR - IT Security: Risking the Corporation [ISBN:013101112]
The Prentice book might be exactly what you are looking for.
Hope it help,
-
Anon
-----Original Message-----
From: Ricardo AbrahamAréchiga Cervantes [mailto:raac@academ01.gda.itesm.mx]
Sent: Friday, February 13, 2004 6:21 PM
To: pen-test@securityfocus.com
Cc: Rob Havelt
Subject: Re: Penetration Whitepapers
Hi,
Too much fiction, but this books can help you:
- Hacker's Challenge 2: Test Your Network Security & Forensic Skills
- Stealing the Network: How to Own the Box
Ricardo Abraham
Rob Havelt wrote:
> I'm looking for either white papers or case studies or some such
> detailing actual real world attacks (more like real-world computer
> crime, computer fraud, internal attacks, etc. and less on the damage
> from worms or virus, DDoS, or the like) on companies who either didn't
> know that they had a bad security posture, couldn't keep on top of
> infosec issues, or ones who knew (either as the result of a pen test,
> health check, or some other VA) and simply didn't take any steps
> toward remediation.
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.
Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.
Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:48 EDT