Mercedes_B writes "It`s very natural (necessary is a better word), for all of those interested in programming, (and who does program already), to be familiare and know what algorithms are, what kind of algorithms there are, and why are they important. First, it`s impossible to program, even if you know the programming language/es, without something that we call algorithms."

Christopher Alberts, Audrey Dorofee

0321118863
512 pp, Cloth
JUL 09, 2002

Information security requires far more than the latest tool or technology. Organizations must understand exactly what they are trying to protect--and why--before selecting specific solutions. Security issues are complex and often are rooted in organizational and business concerns. A careful evaluation of security needs and risks in this broader context must precede any security implementation to insure that all the relevant, underlying problems are first uncovered.

The OCTAVE approach for self-directed security evaluations was developed at the influential CERT(R) Coordination Center. This approach is designed to help you:

• Identify and rank key information assets
• Weigh threats to those assets
• Analyze vulnerabilities involving both technology and practices

OCTAVE(SM) enables any organization to develop security priorities based on the organization's particular business concerns. The approach provides a coherent framework for aligning security actions with overall objectives.

In reference to our first article about security book reviews and contests, here is some official information.

About Addison-Wesley

Addison-Wesley is the leading publisher of high-quality and timely information for programmers, developers, and system administrators. The Company’s mission is to provide educational materials concerning new technologies and new approaches to current technologies written by leading authorities. [more...]

Computer Cops and Addison-Wesley will be working together to bring you book reviews of literature in the security industry. In addition, this will also bring to the site book contests where folks can sign up to win these same books for free.

Active Directory, 2nd Edition

By Robbie Allen, Alistair G. Lowe-Norris
2nd Edition April 2003 
0-596-00466-4, Order Number: 4664
686 pages, $44.95 US, $69.95 CA, £31.95 UK

Read Chapter 14
Upgrading to Windows Server 2003



Active Directory, 2nd Edition, provides system and network administrators, IT professionals, technical project managers, and programmers with a clear, detailed look at Active Directory for both Windows 2000 and Windows Server 2003. Active Directory, 2nd Edition will guide you through the maze of concepts, design issues and scripting options enabling you to get the most out of your deployment. [Full Description]

By Simson Garfinkel, Gene Spafford, Alan Schwartz
3rd Edition February 2003 (est.)
0-596-00323-4, Order Number: 3234
992 pages, $54.95 US, $85.95 CA, £38.95 UK

This new edition of Practical UNIX and Internet Security provides detailed coverage of today's security and networking issues. In addition to covering the four most popular Unix variants today: Solaris, Linux, FreeBSD, and Mac OS X, the authors have added far more information about Linux, security policy, and cryptography, and have added new sections on embedded systems, biometrics, additional Internet protocols, new authentication systems such as LDAP and PAM, and anti-theft technologies.

Practical Unix Security was first published more than a decade ago, it became an instant classic. Crammed with information about host security, it saved many a Unix system administrator from disaster. The second edition added much-needed Internet security coverage and doubled the size of the original volume. The third edition is a comprehensive update of this very popular book - a companion for the Unix/Linux system administrator who needs to secure his or her organization's system, networks, and web presence in an increasingly hostile world.

cj writes "
Authors: Rich Bowen, Daniel Lopez and Allan Liska
Pages: 448
Publisher: Sams
ISBN: 0672322749

As you probably know, the Apache Web server is the most popular web server around. According to the latest NetCraft survey it has statistical advantages over other web servers (totals for top servers, market share for top servers, totals for active servers and market share for active servers across all domains etc). From the security perspective it always had and still has better reputation then its main rival Microsoft's IIS, although some of the latest vulnerabilities have shaken Apache a bit. "

Recently, major news outlets reported that a coordinated attack designed to disable several of the Internet's root name servers had taken place. The attack, described as sophisticated and complex, is known as a distributed denial of service (DDoS). Although no serious outages occurred, it was a hot topic in the security world - again. Again? Similar attacks first made headlines in February 2000. Although discussed in security circles for some time before that, this was the first prolonged example of a DDoS, and prevented legitimate traffic from reaching major sites for several hours. Yahoo, eBay, Buy.com, and CNN were but a few mjor sites who were inaccessible to their customers for extended periods of time. Now, almost three years later, can it be that we're still vulnerable? Unfortunately the answer is yes. This article will explain the concept of DDoS attacks, how they work, how to react if you become a target, and how the security community can work together to prevent them.

haiku writes "[ http://www.amazon.com/exec/obidos/ASIN/0072191813/c4iorg - WK ]
VPNs: A Beginner's Guide, John Mairs, 2002, 0-07-219181-3, U$39.99
%A John Mairs
%C 300 Water Street, Whitby, Ontario L1N 9B6
%D 2002
%G 0-07-219181-3
%I McGraw-Hill Ryerson/Osborne
%O U$39.99 +1-800-565-5758 +1-905-430-5134 fax: 905-430-5020
%P 584 p.
%T VPNs: A Beginner's Guide

Part one deals with networks and security. The material is not bad; in fact, it is very good; but it is, possibly, too much information on topics which are not, really, relevant to virtual private networks (VPNs). On the other hand, anyone who is a rank beginner to networking as well will certainly have a thorough introduction."

EAGAN, Minn., Nov. 21 /PRNewswire/ -- The 1999 launch and resulting shockwave caused by the "Melissa Virus" -- the first major e-mail-based virus -- crippled electronic communications worldwide and caused $1.2 billion in damage. It set the tone for the security and privacy breaches that business, industry and personal communications would soon face.

Three years later, damage caused by hacking and malicious software has risen dramatically. A growing focus for hackers now appears to be the corporate community. Are you ready?

Co-authors and attorneys Ronald Weikers and Kevin Cronin recently released a ground-breaking reference book titled, Data Security and Privacy Law: Combating Cyberthreats. Published by West, a Thomson business (NYSE: TOC; TSX: TOC) and the foremost provider of integrated information solutions to the U.S. legal market, the book discusses in clear detail what attorneys -- as well as chief information officers, chief technology officers and chief privacy officers -- need to know about data security and privacy laws and technical countermeasures.