Spotlight customer reviews:
|
Customer Rating:  
Summary: To know the enemy
Comment: Security Warrior comes with the subject "Know Your Enemy" written across the top of the cover. In those three words, Peikari and Chuvakin give you the reason to read the book. O'Reilly's books are usually of the highest caliber, and happy to say this is shown in Security Warrior. The book is aimed at the security administrator, or the hard core computer person. While much of the book, and of security writing in general, is directed at UNIX systems there is a decent coverage of the Windows environment, which given its track record is in much more need of security warriors.
What the authors do is to give you the why and how of attacks and various threats, showing you some of the tools that can be used in these actions against you. The reader can then take these tools and turn them against the attackers, finding vulnerabilities first, and using other tools to counteract attacks and minimize damage. The first part looks at attacks at software, showing how reverse engineering can find out a lot more than might be planned as to how the program works. Things can get rather technical here but it's a great introduction to the mechanics of reverse engineering software and shows how someone could go looking for vulnerabilities, and finding out maybe not all the hows of the program, at least potential entry points in the software's operation.
Then it is on to OS and network security, with the focus on UNIX and some Windows Systems. The authors give some practical examples to explain what goes into attacks you commonly hear about - SQL Injection and Overflow attacks - but may not have seen demonstrated with examples. Many of the chapters and sections that are written about could and do fill whole books, but the authors do a very good job of balancing going beyond the surface of the topic without going too deeply down the technical details and examples to overwhelm or bore the reader. This is not a light, breeze through book, but a technical reference guide. It's one that I can see returning to again and again to help brush up understanding of certain topics as they are needed. This book is a very good starting point for overviewing the ideas as well as the mechanics of security attacks and to help you learn how to repulse them and become the security warrior. Know thy enemy is the necessity of the modern world.
Customer Rating:
Summary: Excellent security reference
Comment: As is the case in the physical world, when providing computer security the optimal approach is to be proactive. Security Warrior is about taking such a preventive approach to computer predators.
Attackers are often highly skilled, and the authors have adopted the premise that the only way to defend a network is to understand the motives of a hacker. With its peek into hacker psychology, this book isn't for the fainthearted.
Nor is it for novices. Chapters one through five mine the nitty-gritty of assembly language and software engineering of Windows and Linux systems. These chapters and much of the rest of the book delve deeply into the "C" programming language, so basic familiarity with that language is highly recommended.
Ensuing chapters go from the network layer to various software platforms, detailing the precise steps that an attacker will take to enter a network or software application. The vulnerabilities are clearly defined, but the book really shines when it provides detailed instructions on how systems can be protected.
Security Warrior is written for advanced system administrators charged with network or system security. Corporate security professionals may be intimidated by the book, but they would do well to get a copy to the appropriate person in their organization. That would be the proactive thing to do.
Customer Rating:
Summary: excellent breadth with substantial depth
Comment: The difficulty with writing a book like this--a comprehensive look at security of applications, systems, and networks from the perspective of attacker and defender--is that it covers such a wide territory that it is impossible to touch on everything, let alone go into great detail, and is almost instantly out-of-date.
Peikari and Chuvakin have done quite well at presenting a book that offers something for beginner and expert alike, though it of course suffers from these flaws. The book is already out-of-date in a number of respects. The biggest such deficiency that I noticed was in its coverage of denial of service attack tools, which seemed to date circa 2001 (Trinoo, Tribal Flood Network, Stacheldraht), leaving out mention of the current scourge of bots and botnets.
The book is unusual in its coverage of an issue that has not received the attention it deserves--application security--though it focuses only on reverse engineering and the writing of exploits such as buffer overflows. To be fair, the book's section of five chapters on software are under the heading "Software Cracking," and aren't intended to be coverage of software flaws or secure coding (see Graff and van Wyk's book for an overview of that subject).
The second section of the book is on "network stalking"--reconnaissance, scanning, fingerprinting, and includes a thin and light chapter on social engineering (citing Cialdini's classic and highly recommended book Influence as well as Kevin Mitnick's The Art of Deception, though the latter work is not properly referenced).
Part three is on "Platform Attacks" and covers Unix, Windows, SOAP XML, SQL Injection, and Wireless Security. This material isn't much different than what you'd find in the Hacking Exposed series.
The final part is on "Advanced Defense" and includes chapters on analyzing logs, using IDS and honeypots, incident response, and forensics and anti-forensics. In some ways it seems like the authors were trying to do too much, and some of the chapters seem rather thin compared to more in-depth works on those particular subjects. The breadth, however, is quite impressive and unmatched by any other book on these subjects I'm aware of, while the depth is also greater than many security books. I recommend it as a good introduction and overview, to be supplemented by other works for further depth.
Customer Rating:
Summary: Excellent Coverage
Comment: This book is definitely an excellent resource for a very broad range of security related issues. In spite of its large coverage, it is very technical. The authors take you from assembly level reverse engineering to much higher level SQL code injection; the book is a must in every geek's bookshelf.
Customer Rating:
Summary: How Does One Identify Threats to The IS Environment
Comment: One of the early steps in conducting a risk assessment for an information technology environment is to do an analysis of the threats facing your enterprise and the vulnerabilities to these threats. But how does one really get a handle on the threats in an ever changing environment? How do you get inside a hacker's head? In their book Security Warrior (506 pages, O'Reilly Media, 2004, ISBN 0-596-00545-8), Cyrus Piekari and Anton Chuvakin attempt to take the reader inside the mind of the hacker, to find out what they already know about our systems, tools they use to analyze and attack our systems, and how they then cover their tracks.
This book will satisfy people from system administrators to CIOs from different levels. For the hard core 'techno-geek', the first part of the book goes into extensive discussion of reverse engineering, including many, many pages of code showing how it is done. Of course, this is done with a legal disclaimer that basically says "do not do this at home, but if you do it is at your own risk". As this book was released just this year, there are great overviews of how attacks are launched on Windows, Linux, UNIX, and Windows CE. If your focus is on wireless, they have you covered. SOAP, XML, & Web services Security? Not a large amount of material, but enough to get you started.
The only major fault I find with this book is that social engineering only gets 11 pages of coverage, even though Piekari and Chuvakin state up front that social engineering is one of the most threatening forms of hacking attacks. Granted, it is a very complex issue that could (and often does) fill a volume by itself. While people outside of the system administration arena may glisten key points from this book, it really is a tool that should sit on the bookshelf of every system administrator. It provides a very broad overview, while providing extra references for each chapter if you want to dig into more detail. You will learn things from the darkside you may not have known about, but in the end this is a good thing. And if you want to skip over the lines of detailed code, you can do this safely as long as you know reverse engineering is a problem and that you have a detailed reference to go back to.
The Business Control Caddy Scorecard: Birdie on a long par 5.
Christopher Byrne
The Business Controls Caddy
http://www.controlscaddy.com/
|
|
|
