Customer Rating: 
Summary: Very good, very technical
Comment: This is a very, very good book by two excellent authors.
But if it also very technical. If you are not a deep expert, you may not get 75% of the book. But even so, the other 25% are surely worth it.
Customer Rating:
Summary: New and Different !
Comment: Most books written on computer security seem to follow the same predicable pattern of describing various computer programs that can detect security issues on networks/computers, and then go through the process of exploiting them (which is prefaced by the usual warnings). Although there is some of it in this book, the main topic in Security Warrior that I have never seen explained in an easily understandable format is that of "Reverse Code Engineering (RCE)" - or simply stated, the techniques used for discovering or geting a pretty good idea of how the source code of a compiled executable is actually working.
I had always been of the opinion that RCE was impossible or extremely difficult at best; and although it is actually pretty labor intensive and time consuming in practice, this book does offer some real strategies for accomplishing it and mentions the tools to do so. I would say this book is a MUST HAVE for anyone in the anti-virus, anti-trojan horse, etc., business, or anyone that needs to figure out how non-competitor products work in order to build interfaces or other integrating components.
Good luck and hope this review helps you.
Customer Rating: 
Summary: Great Book! Recommended for true security professionals
Comment: This book rocks! If you are a neophyte to host/LAN/internet security, I suggest starting out with Hacking Exposed. But if you are ready for something more, this is it. I especially liked the step-by-step on how to compromise a WEP-secured wireless network.I would have rated this 4.5 stars, but half stars were not offered. My one minor complaint is the weak discussion of hacking PKI on pp. 359-360. I suspect this is most likely due to the fact that the DoD, Microsoft and anal-retentive small companies like mine have bothered to deploy PKI. Little if any exploits are known at this point. I suspect by the second edition of this book the authors will have many more PKI exploits to discuss.
Customer Rating:
Summary: Security Warrior: A must.
Comment: This has to be one of the best books I've read in quite some time. Security Warrior was easy to read and an attractive feature is the ability to skip between chapters without any problems. References to subjects covered in previous or in preceding chapters are noted. This book not only contains methods used by hackers but also details on how to protect yourself against attacks. It also includes programs (Bastille, IPtables, etc) with overviews of the important aspects. Anothere feature to note are the reference listings at the end of each chapter which include links to various useful sources.This book is a must get for those who wish to get an idea of what can be done to secure systems as well as showing you things that might be overviewed initially.
Customer Rating:
Summary: Know Your Enemy
Comment: In today's interconnected word, it is a race between those who wish to exploit a system, and those who are working to defend it. Security Warrior presents a unique approach in that it not only explains the traps, but also goes in depth on how these traps and exploits actually work. The author presents each chapter with information about specific exploits, then goes into the actual exploits themselves. The book is geared towards the security professional, and novice users could find the amount of information that is presented overwhelming and confusing. At the end of each chapter is a resource section that invites the read to continue learning about a particular pitfall by providing more books and online sources for information. One of the caveats of this book is the fact that in the wrong hands it can actually be used against the very systems the author wanted to defend. The amount of technical detail is so great, that a skilled hacker or cracker could take this book and use it as a resource in his toolkit. It is the classic situation of you can't fix the problem without knowing what the problem is. Don't pick up this book if you want an overview of general computer security; you will be lost in the information overload. Do pick this book up if you are a security administrator or systems administrator and want to take a proactive approach in securing your systems against attack.
|
|
