Customer Rating:  
Summary: SANS 504 GCIH
Comment: If you are interested in the SANS 504 GCIH certification, this is a great primer text if not better than their class. At the very least this will prepare you for the hands on aspect of that environment. This is pure network based hacking from my point of view and although these exploits can be used via the web, they deal mainly with vulnerabilities not of the web application layer. Something that I would really like to see in a text such as this is a complete exploit, which is known and patched, exploited step by step. Even in the SANS world this was not facilitated and if we are to ever truly educate security professionals on the "black arts" of hacking, then we must teach them by example. People don't learn calculus without a step by step explanation on how to arrive at the solution, so why would we expect security professionals to learn an exploit method using partial code snippets or theories? Get with the program and use disclosure as the powerful tool it represents.
Customer Rating:
Summary: A student's perspective
Comment: More important than anything else I can say about this book is that it was a good read! Being subject to often boring books on algorithms, and operating systems, this book kept me captivated with its straight forward presentation, and even more remarkable stories. Even if you never plan to start editting a registry, this book is worth reading.What I got most from this book though was a perpective on dealing with virus (etc) problems overall. Identifying what area of a system needs examining, what precautions should be taken, and even classifying symptoms, was very enlightning. That it was also a major source in a paper I received an A on, doesn't hurt either. I am sure it will come in as a handy reference for some time yet.
Customer Rating:
Summary: A great security overview
Comment: Keeping up with computer security is a full time job. Grimes has given a clear, precise primer of one aspect of computer security - viruses, trojans, worms - collectively known as malicious mobile code. The book is DOS/Windows centric, but this focus helps you see a) where the threats for the most part, and b) allows you to extend the types of threats into other operating systems. You are taken step by step through the development of malicious code and how and why they can work on some systems, but less effectively on others. The constant refrain of the book shows the author's philosophy: Use an up to date anti-virus product. But if somethign slips by, Grimes shows you ways to react, and lessen the impact if not to this once computer, but to the rest on the network. It is easily one of the most readable books I have encountered on the subject.This book is an essential reference for any computer manager's toolkit. We can't stop the code writers from producing thier output, but we can work to lessen the impact they can have on us.
Customer Rating:
Summary: Well written book!
Comment: I confess to some bias - I was one of the tech reviewers on this book. I work with network security all of the time, but one area I'm not an expert on is viruses. Reviewing Roger's book was a real education - I learned quite a bit. I also known from experience that writing about technical subjects can be difficult and dry - this book was an easy read all the way through. If you're interested in learning more about viruses, this is a must-have.
Customer Rating:
Summary: Highly Informative Look at Viruses, Worms, etc
Comment: This book offers one of the best and most complete look at viruses, worms, Trojans, and any other type of program designed to "infect" a computer. It describes not only the various types of "malicious programs" out there, but also the environments in which they run. The book's second chapter discusses DOS based viruses, and even if DOS is not that popular anymore, it is good for a historical reference. The book goes on to discuss Windows-related viruses, macro viruses, as well as Trojans and worms. Each chapter gives examples of what to look for if you suspect you have been infected, and the early chapters give summaries of "famous viruses of the past." Also discussed are attacks involving IRC and other instant messaging programs, browser technologies, malicious Java applets, and what types of attacks can occur with Active X. There's also a chapter devoted to email attacks. The book finishes off with chapters on hoax viruses, which can be just as dangerous sometimes as real viruses, when people assume the hoaxes are true, how to defend against malicious code, and finally what the future entails. Malicious code unfortunately is a way of life and this book offers lots of information on how to avoid them and also what to do if your computer does get infected.
|
|
