Network Security Assessment -- Using the same steps professional security analysts have adopted to identify and assess risks, this book offers an efficient testing model you can adopt, refine, and reuse to create defensive strategies to protect your systems from current threats, as well as those still being developed. This thorough guide covers offensive technologies by grouping and analyzing them at a higher level--from both an offensive and defensive standpoint--helping administrators design and deploy networks that are immune to exploits, tools, and scripts. Sample Chapter 4, IP Network Scanning, is available free online.

Intrusion Detection Systems -- Unlike firewalls and VPNs, which attempt to prevent attacks, intrusion detection systems (IDS's) provide an additional level of security for your network by notifying you of suspected attacks and arming you with other critical information. Read all about IDS technology in Chapter 19 of Security Warrior. And if you like this chapter, read the whole book (and up to nine others) on Safari with a free trial subscription.

Top Ten Tips to Make Attackers' Lives Hell -- Chris McNab breaks down his top ten tips all network administrators should follow to protect their networks from opportunistic threats, and to make it hard for the more determined attackers to get anywhere. Chris is the author of the recently released Network Security Assessment.

The Journey from Poacher to Gamekeeper -- Chris McNab has been on both sides of the hacker fence. In this article, Chris explains how his past led him to trade his black hat for a white one, and what he hopes to achieve with his new book, Network Security Assessment.

Protect Yourself Against Kerberos Attacks -- Kerberos provides strong authentication methods for client/server applications in distributed environments by taking advantage of shared secret-key cryptography and multiple validation technologies. Learn about the components that comprise Kerberos under Windows Server 2003 in this excerpt from Security Warrior.

The Trouble with RFID -- Radio Frequency Identification (RFID) technology is already widely used to track pharmaceuticals, meat shipments, and manufactured goods. It has the potential to save businesses billions of dollars. It also has the potential to enable a police surveillance state, further erode consumer privacy, and make identity theft even easier. Writing for The Nation, Simson Garfinkel explains the problem and a potential code of conduct that might help address it. Simson is the author of Database Nation.

Protect Against Denial-of-Service Attacks -- Perhaps the best way to defend yourself is to understand your attacker in-depth. In this O'Reilly book excerpt, the authors investigate two denial-of-service (DoS) attacks against Windows XP: the first attacks the Server Message Block protocol used by Windows machines, and the second targets the Universal Plug and Play service. Learn the many ways your Windows and Unix systems can be attacked in the recently released Security Warrior.

Safari Gets Bigger and Better -- There are now more than 2,000 books from the industry's leading technical publishers available on Safari Bookshelf. As the library grows, so does its functionality: searches are powerfully precise and as broad or specific as you wish; and now, with a Safari Max subscription, you can download chapters to read offline. Safari will help you save time, reduce errors, keep current, and save more money than ever with up to 35% off print copies of your favorite books. If you haven't yet gone on Safari, try a free trial subscription.

O'Reilly Partners with No Starch, Paraglyph, and Syngress -- We're pleased to announce a collaboration between like-minded companies: As of January 1, 2004, O'Reilly is the North American distributor for three innovative small presses: No Starch Press, Paraglyph Press, and Syngress Publishing. O'Reilly will handle retail and direct sales, warehousing, and shipping, as well as provide direct marketing and PR support for these publishers with whom our philosophies are aligned. We invite you to give them a close look.

Understanding Cryptography -- Using cryptography, you can transform messages and other data so they are unintelligible to anyone who does not possess a specific mathematical key necessary to unlock the message. Chapter 7 of Practical Unix & Internet Security, 3rd Edition explains the basics. Get a free trial to read this and four other O'Reilly books on Safari.

Gates Said Security Is Simple -- In this op-ed, O'Reilly authors Mark G. Graff and Kenneth R. van Wyk respond to Bill Gates' assertion that firewalls and up-to-date software are perfectly adequate protections against security problems, and that perfect code isn't necessary. Mark and Kenneth are the authors of Secure Coding: Principles & Practices.

Gastronomy for Geeks -- Pizza, Twinkies, and Jolt are geek haute cuisine for a stereotypical few. Many of you know the difference between au jus and baba ghanoush, and that Thai shish kabob isn't called sauté. So, you Geek Gourmets, come share your favorite recipes, and see what your peers are cooking.

securecoding.org: Vulnerability Analysis -- Mark G. Graff and Kenneth R. van Wyk are providing ongoing analysis of the root causes of some recent vulnerabilities (often it is in the development process that flaws are introduced), and they offer ways of preventing similar mistakes in the future. Mark and Kenneth are the authors of Secure Coding: Principles & Practices.

Secure Cooking with Linux, Part 3 -- Learn how to use PAM to restrict authentication on Linux systems and how to use SMTP to accept connections from arbitrary clients securely in these latest sample recipes from Linux Security Cookbook.

Secure Cooking with Linux -- Learn how to authenticate by public key, encrypt backups, and combine log files in this first of three sets of recipes selected by the authors of Linux Security Cookbook.

Security Vulnerability Reporting -- Recently, the Organization for Internet Safety (OIS) released a draft proposal on a protocol for discovering and responsibly disclosing software vulnerabilities in products. Mark Graff and Kenneth R. van Wyk offer their concerns in this op-ed piece. They're the authors of O'Reilly's new Secure Coding: Principles & Practices.

Saving Our Bacon: Snort Security Holes and Strategies for Safe Network Monitoring -- Bob Byrnes reviews past attacks and recently discovered buffer-overflow vulnerabilities in Snort, a popular security-monitoring tool used for detecting suspicious network activities. He also discusses strategies you can use to minimize risks. Bob is a coauthor of Linux Security Cookbook.

Secure Programming Techniques, Part 2 -- Here is advice both on what to do and what not to do when you are coding a new network program, excerpted from O'Reilly's Practical Unix & Internet Security, 3rd Edition.