04/01/2010

Scribd : 100+ active bookcollections feeds

due to the re-organisaton of scribd.com (again) I had to re-organize my RSS feeds of the people I was following

so I have decided to pull them to bloglines

only those active in 2010 are taken

already around 100 founds with already more than 500 new ebooks and documents

http://www.bloglines.com/public/ekz

more to come, once at a time

enjoy

Permalink | |  Print |  Facebook | | | | Pin it! |

03/06/2010

must have library: the prince by Machiavelli

Nicolo Machiavelli - The Prince one of the classics about power and the abuse of it

Permalink | |  Print |  Facebook | | | | Pin it! |

02/20/2009

ten ebooks a day at ebooks.skynetblogs.be

While I am collecting my own books online for personal use and without posting, I copy links to some of them at

ebooks.skynetblogs.be

No guarantee that the books will stay up for long

Permalink | |  Print |  Facebook | | | | Pin it! |

01/25/2009

Free books and courses in 2008

These are the links to free books and courses that we have published on this blog, even if most are now published in the links on furl next to this blog.

23/12/08 00:21 christmas 1500 books to download from scribd
12/11/08 10:30 Complete cheat sheet collection to download 
11/11/08 10:04 birthdaylink : where to get ebooks
11/11/08 09:46 Free courses on the web, organised 
15/10/08 14:21 Free magazine Uninformed Nr 10 
30/09/08 12:21 Attention to all report and presentation writers : get back to text please 
24/06/08 12:27 Free ebook about public and expert opinion research tools
17/08/08 16:45 The art of war : interesting read ? 
05/08/08 15:55 Some MIT open Courses for summer study
20/06/08 08:29 Cursus besturingssystemen 
20/06/08 08:27 Cursus Veilige software door Prof Naessens (Belgische EID studie)
20/06/08 08:26 developing secure software applications by Frank Piessens
03/01/08 11:01 How the US army discusses and trains about cybercrime
 
21/11/08 16:15 proceeding LISA Large Installed System Administration Congress 
26/10/08 22:36 European Report on internet traffic 
20/10/08 10:34 Cyber threats 2009 report 
16/10/08 12:38 Presentations European conference on the Internet of things (RFID) 6/7 october 08
16/10/08 12:16 SOA security : interesting working group in UK
25/09/08 16:35 PEW study about internet and work in the US, very interesting study
12/09/08 09:54 NIST publishes free guide for information security and risk categorisation
12/09/08 09:45 CIS tries to define global security metrics
12/09/08 17:11 New good document about dataprotection for ITsecurity people
11/09/08 13:35 transatlantic consumer organisations and interoperability and open software standards 
20/01/08 11:30 Interesting documents from BCIE.Be Belgian experts forensics
 

Permalink | |  Print |  Facebook | | | | Pin it! |

12/23/2008

christmas 1500 books to download from scribd

we are not sure that all the books are there but

mailforlen.googlepages.com/start   try for yourself

many many different interests and subjects

Permalink | |  Print |  Facebook | | | | Pin it! |

11/28/2008

30 IT related books on Scribd

  1. 70-297 v19 testking
  2. 70-298 testking 
  3. 70-298 ms press self paced training kit 
  4. 70-299 testking 
  5. 70-299 testking v13 
  6. 70-299 testking v13 
  7. Ten questions about human error  
  8. DBA Fundemental1
  9. Sybex - 70 291 Windows 2003 Network Infrastructure Implementation, Management and Maintenance
  10. OCP Oracle Database 10g New Features for Administrators 2004
  11. Windows Server 2003
  12. Foundations of Programming
  13. web3.0
  14. Implementation of the IPSec Protocol in Microsoft Windows 2003/XP Environment
  15. NMLWhitePaper Participatory Culture Henry Jenkins
  16. Ibm Entreprise Du Futur
  17. Mobile WiMAX : A Technical Overview
  18. facebook for business -9
  19. Disaster Management in Education
  20. DotNET Framework
  21. Software Engineering Roger Pressman
  22. Photoshop Cs3 Scripting Guide
  23. Nano Tech and Dna -SCIENTIFIC AMERICAN
  24. OES State of California - Business Resumption Planning Guidelines
  25. Web Interface & Design
  26. Online Journalism
  27. Advanced Ms Excel Manual
  28. introductin to c#
  29. 2008 State New Economy Index Kauffman
  30. IIA information controls
  31. Microsoft Portable Execution and Common Object FIle Format Specification
  32. Computer Glossary

 

 

Permalink | |  Print |  Facebook | | | | Pin it! |

11/27/2008

40 IT related books at scribd.com

  1. sql tutorial
  2. comparision of iso 9001 and cmm 
  3. concepts of Computer 
  4. Online Dating Guide 
  5. Testing Techniques 
  6. White Box Testing 
  7. MS Word 2007 Tutorial 
  8. How to Raise Money From VCs_2008 
  9. Citizen Media 2007 
  10. software testing guide book part 1 
  11. shell-scripting 
  12. DHTML.utopia.modern Web.design Using Javascript and DOM (2005) 
  13. Apress.the.Relational.dat abase.dictionary.extended .edition.jul.2008 
  14. Databases Under Linux 
  15. Practical Power System Protection 
  16. 400 Puzzles and answers for Interview 
  17. Going Digital 
  18. Professional Java Security 
  19. Testking version 22 - CCNA 640-802 
  20. CCNP Iscw Portable Command Guide 
  21. CCNA Braindump 1 
  22. CCNA Braindump 2 
  23. Tesking 70-290 v6.0 
  24. Do It Yourself Computer Repair 
  25. imp Manging & Maintaing Netwrk Infra:::2003 server 
  26. eBook.70 284.Mspress.exchange.serv er.2003.Mcsa.mcse.Trainin g 
  27. How the Internet Turned Us All Into Influencers_2008 
  28. Social Media Tracker_2008 
  29. AD Security P1v2 Final 
  30. TCPIP_2003 
  31. C# Introduction to Design Patterns Inc# JamesWCooper 
  32. oracle forms developer - form builder reference, volume 1 
  33. Digital Economy Factbook 2007 
  34. A History of Science (Volume 1) 
  35. Network Connectivity and Management 
  36. RedHat L61IG 
  37. Cisco CNA Exam Certification Study Guide 640-507 3rd 
  38. Microsoft Access Tutorial-Comprehensive 
  39. Vulnerabilities 
  40. Working With Maya Mannual 
  41. Corel Draw 10 Step-By-Step Learning eBook 
  42. Cisco IOS commands - Router Lab & Class Reference Resource 
  43. Probability and the Theory of Errors  

Permalink | |  Print |  Facebook | | | | Pin it! |

10/20/2008

SCRIBD 700 ebooks about different subjects

more books

more books

more books

more books

more books

more books

I didn't upload any of these books and I even don't know if they are still online. You just use it for educational or test purposes. For the rest it is just a linkcollection. Some french and dutch books included. All at least 50 pages.

Permalink | |  Print |  Facebook | | | | Pin it! |

07/21/2008

Security groups books on scribd - enough literature for 5 summers long

Managed Public Group

Permalink | |  Print |  Facebook | | | | Pin it! |

02/29/2008

Book review Hacking web2.0 exposed

2008  by Rich Cannings and Himanshu Dwivedi and Zane Lackey

Some remarks after clsosing down the book.

* I didn't know that Flash applications were that powerful and dangerous. And even more when you use them together with dns pinning.

* XSS just seems at the beginning of its road into the networks and the interactivity of websites. The possibilities seem endless.

* ActiveX needs to be secure or not allowed. Period.

The book gives a lot of code, it is nearly a manual for attackers. It gives also a lot of tips, but these seem a lot less ordened and structured. What I mean is a procedure of things you should have done and tested, a kind of checklist.

Another weakness of the book is that there is a lot of attention for the security firm of the writers and not too much at other initiatives, but I presume you also read other books and so this wouldn't influence you too much, won't it.  

I wouldn't read it as a first introduction, but if you have already read some stuff about hacking web2.0 applications, than this should be your following book. And if you aren't convinced yet that you need an application firewall and a more static website without flash, activeX and the lot, than you throw this book at them.

I find it in fact a depressing book. Maybe we should send these books to all the hypers and investors of web2.0. to show them that the possibilities are unlimited.... for hackers. 

Permalink | |  Print |  Facebook | | | | Pin it! |

12/08/2007

Book Vista for IT security professionals

By Syngress different authors

This book has been written with the first editions of Vista and with the new service pack coming along a lot of the book will be outdated but when you are in an environment where they still have to decide if the upgrade is going to be VISA or XP, you should absolutely read this book first.

After reading this book you will become convinced that even if the way to Vista can have many hardware problems (use the upgrade to throw out the old stuff also, give it to your personnel to work at home or so) it is the only way if you want to secure a network and its data without buying different products.

You want to encrypt harddisks ? Bitlocker does it. You want to control USB ports ? TPM does it ? You want to use smart-cards instead of different passwords ? Vista does it. You want to encrypt data streams in and outside the network ? Vista does that also and so and so on....

Is Vista perfect ? No. But even if I have an imperfect product that gives me the possibility to securize the whole datastream from end to end without buying different products with different installations and so on than even the most expensive Vista licence is still a bargain. I know the security industry doesn't like Vista but many products will lose their use and that is normal because you don't buy the car and the brakes seperately either.

Do not forget to read the warnings, the specialist advice and the tricks and tips and code.

Permalink | |  Print |  Facebook | | | | Pin it! |

11/30/2007

Book Security Metrics by Andrew Jaquith

This is one of THE BOOKS OF THE YEAR because once you have read this book you will go to your vendors and ask them for stats, you will go to your tech people and you will ask for stats and you will know which stats to ask for and what to with them or not.

No, not the stats that all the accountants and very expensive consultants are talking about. No not the numbers that mean nothing but are there because some insurance company still believes the metrics from the real world are usable in the online world. No real every day stats for your network and defenses that give you in a dashboard a good and complete overview of where you are and where you ought to go and how much you still have to do.

This book gives makes you fly like an eagle in the sky.

Permalink | |  Print |  Facebook | | | | Pin it! |

11/29/2007

Blackhat physical device security by Drew Miller

This book by Syngress (2005) is an excellent book but not because of the title but because of its very detailed and excellent explaining of the main principles of secure programming (even for embedded systems). I understand why they choose the title because the author thinks that physcial device security is most and for all the embedded software, while it may also be location and hardware change control (hack a Vista by changing parts of the hardware).

It is a very good book for programmers because it shows us in depth that you can't talk about secure programming without validation, authorisation and encryption and that for every code and every process, how small it even may be.

I presume that it would be legally too difficult to write a real book about black hat physical device security. It would however destroy so many popular premises that people would start to take notice. If people would know how insecure their wireless alarms and their credit cards were, they would be more on their guard and the industry would have to be more stringent.

Permalink | |  Print |  Facebook | | | | Pin it! |

11/28/2007

Google hacking for penetration testers by Johnny Long

This book is in its third edition I've read somewhere and it won't be its last, even as Google is trying to limit the number of malicious searches very timidly (they could do much more) and even if Googlehacking is only showing a very limited part of the online vulnerabilities. The forum by Johnny Long that started it all isn't too active anymore and every exploit has now a Google search string adapted to it. Some worms even use Google to find infectable computers.

Some parts of the book may be dated, but it stays an essential handbook for the securitypeople around here. The most important thing is not only the copying of the lists with useful searches but learning to think like a hacker that is using Google to try to do some discovery searches. There are automated tools for some of the searches but it is only the human eye and mind that will find the little snippets that have to be put together to arrive at a Google Dork that may show you the list of vulnerable sites that you were hoping for.

PS It has some very useful scripts for Google hacking that you can install for your security work.

Permalink | |  Print |  Facebook | | | | Pin it! |

11/27/2007

book botnets by Schiller et.al.

Syngress, 2007

You have to read this if you are in the first lines of defense of your network or just running around cleaning up the mess that our ISP's let go through to our networks and users. Belgium has its fair part of botnets and botnet traffic and is internationally very poor in cleaning them up according to shadowserver.org

The book gives you all the necessary information to set up some open source tools to monitor your traffic and how to analyse botnets themselves (as they are more and more tailored to a specific task or environment). Some of the information is already dated, but the fact remains that if we would chase botnets the way pedo's are chased online we would have fewer of them.

You would still need some books about patchmanagement, IDS, network sniffing, logmanagement firewall management and forensics to have a detailed view before attacking your internal and external botnets.

Permalink | |  Print |  Facebook | | | | Pin it! |

11/26/2007

book Network security assessment by Steve Manzuik

Network Security Assessment by Steve Manzuik, Ken Pfeil, Andre Gold by Syngress (2007) is a book that more or less does what its undertitle says, its gives you a kind of rogue methodology - procedure to go from vulnerability to patch. The undertitle should therefore be the title because a software vulnerability assessment is not a network security assessment. A network can be insecure for hundreds of reasons and software vulnerabilities are only one of them and are not always the most important ones.

I have also somehow the feeling that the book could be much less pages and that at the end they were just repeating themselves or giving information that should have been gone online (index of software distributors). The same problem with the description of the software tools that they have selected for vulnerability or patch management. You can't describe in a book in detail how it works because at the time the book is published the software has changed or isn't even available anymore. There should have been more information about how to set up scans and rescans and methodologic tracking of the situation on the net, on the firewall and on your network.

It is a good book to start with if you don't have a clue how to set up an inventory, start a vulnerability scan and plan your patch management, but you will have to buy a few more books to have a network security assessment.

belsec is not linked to any publisher or online bookseller

Permalink | |  Print |  Facebook | | | | Pin it! |

11/23/2007

ITsecurity project management by snedaker and rogers

This book by Susan Snedaker and Russ Rogers was published in 2006 and is quite thick.

After having read the book twice I still have mixed feelings about the book. At one side it has given a lot of practical information and guidelines that weren't as concise or were too detailed in other books but at the other side I am still not sure I have a good complete book about IT security project management. I presume it is not easy to write a book about IT security project management without losing half the book at explanations and guidelines to secure your network but at the other side a book about IT security project management should have gone deeper in the project management part of its title.

The book is a very good book for those that are more or less new to the field or are looking for an eagle-view book instead of those hyperpractical and limited books that are being published like bread. It is not a good book for someone who wants a handbook from a to z if he wants to go through ITsecurity management without consultants and more reading. As an introduction to it, it is quite a nice read.

The other limitation of this book - and that is a bit silly in these networked times is that there is not one chapter that takes into account the European laws and guidelines. Maybe it is for the future but changing a few chapters depending on your continent or country wouldn't be too much to ask. But I have to say, the American laws are quite interesting - not to say fascinating - for us Europeans that have nothing comparable yet.

Belsec is not affliated with any bookshop or publisher.

Permalink | |  Print |  Facebook | | | | Pin it! |

11/22/2007

where to find more free IT books

You can find Free IT and other books here - but as long as the links work off course - there is no warez or rapidshare kind of stuff. It is all on sites that claim they control the copyrights o the uploaded stuff

http://ebooks.skynetblogs.be

it has an rss feed

Permalink | |  Print |  Facebook | | | | Pin it! |

11/21/2007

a massive free library of belgian security and encryption research

I want to thank the professors and students first and all to make this research available for download and reading. Many other universities and researchers try to get money out of it and sell their publicly financed research as if it belongs only to their pockets. Respect for that. (my personal opinion - remember belsec has no official belsec opinions - belsec is a platform)

You will find a list of publications organised by year here and than you choose the year.

http://www.cosic.esat.kuleuven.be/publications/static/ 

As a reminder belsec is available to distribute and announce free research and publications as long as it aren't advertorials (the so called white papers section).

Permalink | |  Print |  Facebook | | | | Pin it! |

11/12/2007

Thesis online over Belgische cybercrime wetgeving

nederlandstalige thesis over cybercrime 2002

en vooral de Belgische cybercrime wetgeving

http://www.ethesis.net/cybercrime/cybercrime_inhoud.htm

Permalink | |  Print |  Facebook | | | | Pin it! |

1 2 Next