from: Syngress
Regular marked price: $49.95Discount Price: $44.95
Cost Savings: $5.00 (10%)Price fluctuation possible.
How soon does it ship: Normal ship time within one day
Shipping? Absolutely FREE if you qualify for Super Saver Shipping.
Type of bind: Paperback
Dewey Decimal Number: 004
EAN num: 9781597490177
Format: Illustrated
ISBN number: 1597490172
Label: Syngress
Manufacturer: Syngress
Quantity: 1
Page Count: 650
Printing Date: November 30, 2005
Publishing house: Syngress
Release Date: May 01, 2005
Sale Popularity Level: 1273602
Studio: Syngress
Other books you might be interested in perusing:
Editor's Notes and Comments:
Product Description:
Are You Ready for the Network Equivalent of Guerrilla Warfare?
Instant Messaging (IM) and Peer-to-Peer (P2P) applications are taking over the workplace as P2P transfers now account for 70% of all Internet traffic and more than 50% of corporate workstations are running an IM application. IT professionals face the challenge of managing and securing these applications, which last year were the point of entry into corporate networks for 40% of all computer viruses and worms. This book is for system administrators and security professionals who need to bring now ubiquitous IM, P2P, and IRC applications under their control. It provides specific protection strategies for the network and application layers by identifying and blocking malicious traffic.
Grasp Instant Messaging Security Issues See how IM bypasses any gateway antivirus scanning that would normally protect a network from infection.
Bypass AIM Restrictions Learn what to do about free AIM proxies that are available throughout the Internet.
Understand the Yahoo! Messenger Architecture Find out why its ability to use any available port to authenticate and begin communication makes it so difficult to block.
Manage Skype Vulnerabilities Do you know the differences between a standard node, a super node, and a Skype server?
The Biggest P2P You've Never Heard Of Meet the network behind Kazaa, Morpheus, Grokster, and iMesh.
Explore the World of Internet Relay Chat (IRC) Find out what makes IRC so attractive to cyber-criminals and predators.
DDoS Botnets Turned Bot-Armies Bot Masters make certain each infected machine will connect silently to the IRC server at the point of infection and on startup.
Methods for Botnet Control Understanding these methods will help you locate and remove such threats before they grow and become a problem.
UPDATED TOC
Part I Instant Messaging Applications
Chapter 1 Introduction to Instant Messaging Chapter 2 AOL Instant Messenger (AIM) Chapter 3 Yahoo! Messenger Chapter 4 MSN Messenger Chapter 5 ICQ Chapter 6 Trillian, Google Talk, and Web-based Clients Chapter 7 Skype Part II Peer-to-Peer Networks Chapter 8 Introduction to P2P Chapter 9 Gnutella Architecture Chapter 10 eDonkey and eMule Chapter 11 BitTorrent Chapter 12 FastTrack
Part III Internet Relay Chat Networks
Chapter 13 Internet Relay Chat-Major Players of IRC Chapter 14 IRC Networks and Security Chapter 15 Global IRC Security Chapter 16 Common IRC Clients by OS
User popularity level:
Rated by buyers -
I had high hopes for Securing IM and P2P Applications for the Enterprise (SIAPAFTE), and thankfully this book delivers. SIAPAFTE is a modern, well-written, thorough guide to instant messaging (IM), peer-to-peer (P2P), and Internet Relay Chat (IRC) networks and related security issues. I recommend all network and security administrators read this book.
SIAPAFTE is helpful in many respects. First, the book is up-to-date. It covers events as recent as the fall of 2005. The book also takes a historical approach to describing technologies by describing when and how they were introduced. Readers learn of the evolution of various IM and P2P clients and networks, as IM network owners seek to shut out rival clients and industry groups shut down P2P infrastructure.
Second, SIAPAFTE takes a comprehensive look at IM, P2P, and IRC technologies. I believe the authors picked the right networks and clients to discuss. IM is fairly simple to understand, since the clients are closely tied to the networks. P2P is less clear, since people often refer to clients like KaZaA (or Kazaa) without understanding that FastTrack is the underlying network. I learned of many technologies for the very first time reading this book. Distributed Hash Table (DHT) and Kademlia are two examples.
Third, SIAPAFTE is well-written. The text is clear and the authors communicate their points in an organized and coherent manner. This does not mean the book is without flaws. Although Zeveck's one-star review (after reading just 40 pages -- please) is ridiculous, he is correct about a bad figure reference on p 27. The bottom of p 235 features a similar problem, and some pages have large chunks of inexplicable white space. I also thought the large lists of IM threats was not needed, especially when some of them ran several pages.
I liked the protocol analysis of various networks, particularly those for P2P. It seemed some protocols got more attention than others, however. The inclusion of IPTables and Snort rules was a nice touch. I would have liked to see that for the IM and IRC parts too. The IRC section could have used an IRC command reference. Since this is a book about IM and such in the enterprise, it would have been helpful to learn how to set up a secure internal IM system like Jabber or even a local IRC server.
For those keeping track of Syngress' recent tendency to reprint chapters from other books, SIAPAFTE is no exception. The last 20 pages in Ch 7 are Ch 13 from Skype Me! Oddly, no credit is given in SIAPAFTE for that other book's material.
Overall, I think anyone involved with networks or security will find SIAPAFTE a great resource. I found the book to be highly informative, and I recommend you read it. Addressing the issues in this review would merit a five star review for a second edition.
Rated by buyers 
-
Now, I only read about forty pages, but I *really* didn't like what I read. The book is obviously rushed, and not very informative.
I have been doing research on securing public instant messaging protocols and thought this would be a great resource. It isn't. At least for AOLIM, it told me much less than I was able to find on the Internet with less than an hour of searching.
Here are some spot examples of problems:
"...as previously discussed, utilities such as dsniff can be used to decrypt these passwords while they are bring transmitted over a network."
But I cannot find a previous discussion. In fact, this is mention pretty much in isolation...there is no explanation of *how* one would use dsniff to decrypt the passwords. And, aside from mentioning that the passwords are encrypted using XOR encryption, there are no further details on what is going on - such as what is being XORed with what.
Later on the same page it says:
"Figure 2.1 shows the main screen for signing into the AIM service, while figure 2.xxx shows dsniff revealing AIM passwords."
What is with that 2.xxx? It looks like that figure never got included, and the 2.xxx was a place-holder that never got filled in! In fact, I cannot find a figure ANYWHERE in the book depicting dsniff uncovering the password.
The discusion of the AIM protocol takes up just under TWO PAGES. WHAT!? AOLIM is incredibly complex, involving either the OSCAR or TOC protocol, both of which are rather complex. Searching Wikipedia (http://en.wikipedia.org/wiki/OSCAR_protocol) provides MUCH more information than is included in the text.
Finally, the discusion of encryption is A PARAGRAPH. It pretty much says that AIM includes encryption. It gives no indication as to how the encryption works other than that it involves certificates. It doesn't even say WHAT KIND of certificates.
I am returning the book post-haste. If the abysmal quality of the coverage of AOLIM is any indication, this book is not definitely not worth acquiring.
Rated by buyers 
-
This book is a great source for information on the dangers of instant messaging and p2p networks. Although this material can apply to personal use, it is geared more towards system administrators and networked environments.
The structure of the book is very well laid out, giving you the ability to jump from product to product or area of interest (such as AIM, eDonkey, or IRC as a whole). This approach makes it easy to locate the information you are looking for quickly, making it an excellent reference. The author has done a great job in being realistic is the approach to these systems. Rather than totally restricting their use, this book helps you to live with these systems, recognizing that they are often used or required for businesses.
If you are running a network, you almost definitely have this type of traffic on it. This book is definitely an excellent resource with large amounts of information on multiple types of systems
Rated by buyers -
There are not a lot of books that cover IM and P2P security - when I found this I was skepitcal at first, but quickly found it to be a great reference, and the definitive source of information on SEcuring IM and P2P.
The book is very well organized with Chapters dedicated to each major program, making it easy to educate yourself on the common pitfalls of having IM and P2P in your environment.
Rated by buyers -
Noted security veteran Bruce Schneier has observed that for those organizations that have incorrectly deployed cryptography, it is akin to putting a big flagpole in front of your facility and hoping that it will stop any attackers from breaking in. Of course, any attacker with intelligence will simply go around the flagpole rather than running into it."
Similarly, many organizations have deployed myriad security hardware and software products in their infrastructure. But when it comes to instant messaging and peer to peer applications, these applications often execute below the radar of many security products. This is due to the fact that the security infrastructure in many organizations was not architected to deal with such applications. These applications often have so much functionality that it obviates much of the security afforded by the security hardware and software products.
Using file transfer as an example, many organizations have policies and controls in place to stop the use of protocols such as ftp and tftp. This is fine, but that will only work for the ftp protocol. File transfer can still be carried out by most instant messaging clients, and that can pose serious security risks.
With that, Securing IM and P2P Applications for the Enterprise provides an excellent overview on how to handle, manage and secure IM, P2P, and IRC applications. This book is written for security and system administrators that need specific details on how to control and secure IM, P2P and IRC applications in their organization.
The need to get a handle on IM and P2P is crucial given that IM has turned into a global communications medium with most organizations yesterday reported that they allow it for business usage. Many marketing and technical support calls are now handled via IM and this translates in to well over 250 million IM users worldwide. P2P is great for downloading music and movies, but that that poses serious security and legal liability risks when done on most corporate networks.
But with all the benefits that IM provides, it introduces many security and privacy risks. IM viruses, identity theft issues, phishing, spyware and SPIM (SPAM over IM) are just a few of the many risks. These risks can turn into intellectual property losses and legal liability issues especially when they are combined with targeted attacks on corporate IM users. Companies that don't have an effective way in which to deal with IM and P2P are in serious danger as most IM and P2P threats fly under the radar of many traditional security solutions.
The book has a fairly straightforward approach. Chapter 1 provides an introduction to IM and the most common security issues that IM brings into an organization. The bulk of the remainder of the book details various different IM applications in Part 1 (AIM, Yahoo, MSN, ICQ, Google, Skype), P2P applications in Part 2 (Gnutella, eDonkey/eMule, BitTorrent, FastTrack) and IRC networks and applications in Part 3.
Each chapter details the specific architecture of each application, its protocols, security issues, and solutions in which to secure the application. System administrators can use many of the checklists to quickly perform the initial steps necessary to secure their organization from unauthorized IM, P2P, and IRC applications.
Each chapter also provides significant details about the internals on how each application operates. In addition, various 3rd-party tools that can be used to secure and limit the various applications are listed.
Many companies are finding that a significant amount of their bandwidth is being used by P2P applications and Part 2 describes how to secure networks from the use of P2P applications. This is not always an easy thing to carry out given that many P2P applications, such as Gnutella are designed to easily bypass many of the security control mechanisms placed against it. Administrators will find that in this case, simply blocking Gnutella ports will not block all Gnutella traffic and the application still will be able to run. What is required in this case is the use of a firewall that supports deep packet inspection. Chapter 9 helpfully lists the commands to use when using iptables to block Gnutella traffic.
Chapter 12 provides an interesting look at FastTrack, which is the P2P protocol and network used by clients such as Grokster, Morpheus and other file sharing programs. The chapter also uses Ethereal to detail the internals of FastTrack.
Part 3 deals with IRC and is the sparsest part of the book. This is due to the fact the P2P and IM are much more heavily used on enterprise networks, which this book is geared to.
The only negatives about the book are its price, and some of its formatting. At $49.95, it is on the higher-end of computer security books, with the majority of such titles being in the $25.99 - $39.99 ... Read More
Find other books like this one:
