• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Book Review - Security Warrior

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles

View previous topic :: View next topic  
Author Message
alt.don
SF Boss
SF Boss


Joined: 04 Mar 2003
Posts: 16777079


Offline

PostPosted: Wed Mar 10, 2004 3:31 pm    Post subject: Book Review - Security Warrior Reply with quote

Security Warrior

Author(s): Cyrus Peikari & Anton Chuvakin
Publisher: O’Reilly
Book Specifications: Soft-Cover, 531 pages
Category: Computer Security
User Level: Intermediate
Suggested Publisher Price: $44.95 USA/ $65.95 CAN/ 29.77 Net UK (inc of VAT)
ISBN: 0-596-00545-8
Amazon.co.uk: Security Warrior
Amazon.com: Security Warrior



Info from Back: "It’s easy to find books on computer security. Many users and administrators are becoming overwhelmed , and justifiably so. The sophistication of attacks against computer systems increases with each exploit in the wild. What’s the worst an attacker can do to you? That’s what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand you attacker in depth, Security Warrior reveals how your systems can be threatened. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and advanced attacks against Unix and Windows systems, this book leaves you knowing your enemy and prepared to do battle.”

Introduction

Each and every computer network out there today is running services of one kind or another. Whether that be the company web server, for it’s web presence, to it’s dns server for the mapping services it provides. With all these services listening for inbound connections, this is very much like a honey pot for a bear, invariably these services will be probed; and enumerated by people with less then honorable intentions. Unless your IT staff is paying close attention to maintaining these services you will be compromised sooner or later.

This books intent is to show you how the person who wants to gain entry into your network will go about doing it. Stated by the authors is that to know how to secure your network you will need to know how to break into it. To use my favorite phrase “to defend you must learn how to attack”. With that in mind this book is an excellent resource for those who are in charge of securing network services for their company, and or home network for that matter.

Content & Overview

Covered in the first part of the book is the world of reverse engineering. This is as it should be for all exploits of consequence are as a result of code which has been successfully reverse engineered. It is from this tactic that talented exploit developers create the buffer overflows that cause vendors to issue fixes, and patches for their software. The most popular operating systems are looked at such as Windows, and Linux plus Windows CE in terms of reverse engineering.

Second part of the book deals with TCP/IP itself. A very brief look at some of the protocols that make up TCP/IP are shown. Shown briefly as well is IPV6, ethereal, packet analysis, and packet fragmentation. Social engineering, and online reconnaissance are also covered here. Operating system identification aka o/s fingerprinting is given a good treatment. Specific tools are shown which are used to identify various stacks, and also what metrics are used to measure them. Rounding out this part of the book is coverage of how one hides their tracks on a system, and maintain access on a computer as well as several other related topics.

Next part in the book deals with specific platform attacks. Unix attacks and defenses are shown with a good level of detail. Following this are Windows client and server attacks covering things such as DoS attacks to PKI hacking. SOAP XML, SQL injection, and wireless security also receive attention in this portion. Of special interest to the normal home user may be the wireless security portion, which of course deals with how your home wireless access may be in peril.

Finishing off the book is advanced defense, which encompasses several key areas. Topics like audit trail analysis, intrusion detection systems, honeypots, incident response, and forensics/anti-forensics flesh out the remainder of book. The incident response section I found to be of particular interest and well written. For a detailed listing of the books contents click here.

Style and Detail

For a book based on hacking in its various forms it was able to achieve a nice balance between the written word, the use of screenshots, code snippets, and theoretical explanations. None of the topics covered here go in great detail really, but the authors supply enough information upon which you can further your studies of a specific area of interest to you. My only quibble really is the quality of the screenshots used in the book. They are grainy, and difficult to focus on. Should a second edition of this book be printed then better quality screenshots are a must. Other then that this is a typical O’Reilly book with an excellently detailed chapter breakdown and introductory pages. The books feel and quality are of excellent quality as well.

Conclusion

As an overall introduction to the world of hacking in its various guises this book is quite good. The coverage given to reverse engineering code was excellent as well. Detailed, yet not overly so; and covers more then just win32. I would recommend this book to any system administrator, and home network user who is not up to speed on the various threats facing networked computers today.

This book gets an SFDC 8/10 from me



Keywords for this post: Security Warrior

This review is copyright 2004 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.
Back to top
View user's profile Send private message Visit poster's website
badfinger
Just Arrived
Just Arrived


Joined: 29 Oct 2004
Posts: 6
Location: Augsburg, Germany

Offline

PostPosted: Tue Nov 02, 2004 4:23 pm    Post subject: Reply with quote

Great, I'm very much interested in this book. I'm still new to security and wanna get the hand of it. YOur review confirmed my decisssion to get my hands on this book Wink Thank you for this great review.

An idea to expand this review, would be recommandations for further reading, or books you loved, covering this topic. Anyway, I just can say, your reviews are very well done and will be considered for my next book buys.

Best,
badfinger
Back to top
View user's profile Send private message Visit poster's website
alt.don
SF Boss
SF Boss


Joined: 04 Mar 2003
Posts: 16777079


Offline

PostPosted: Tue Nov 02, 2004 4:42 pm    Post subject: Reply with quote

Thanks for the compliment. I would base your recommended reading on whatever specific area of interest that you have. We have reviewed a good deal of books on the site.

Cheers
Back to top
View user's profile Send private message Visit poster's website
Cass
Lurker
Lurker


Joined: 14 Aug 2003
Posts: 14
Location: Scotland

Offline

PostPosted: Tue Nov 02, 2004 4:44 pm    Post subject: Reply with quote

This book is hard going imho, i would consider myself fairly techinal on matters such as this but the section on reverse engineering as informative as it is made my head spin, i find the assemby and debugger stuff to be a black art that i have not yet mastered, the rest of the book for me though is a good read .....
Back to top
View user's profile Send private message
Tom Bair
SF Boss
SF Boss


Joined: 10 Aug 2002
Posts: 16776955
Location: Portland, Oregon USA

Offline

PostPosted: Tue Nov 02, 2004 4:48 pm    Post subject: Reply with quote

badfinger wrote:
An idea to expand this review, would be recommandations for further reading, or books you loved, covering this topic.


In a way, our Reviewers already have done this.

Just click on the Amazon link to be taken to the book's page. On it you will find "Customers who bought this book also bought:" section, which is just what you wanted Smile

PCWriter
Back to top
View user's profile Send private message Visit poster's website
bawigga
Just Arrived
Just Arrived


Joined: 20 Mar 2005
Posts: 1
Location: Fort Worth, Tx - USA

Offline

PostPosted: Tue Jul 05, 2005 4:18 pm    Post subject: Reply with quote

This book is terrific! The main thing that caught my attention was the Table of Contents. This book covers so many topics! There are 5 parts that make up Security Warrior.

[Grabbed from Amazon.com]

Part 1 - Software Cracking - Assembly Language; Windows Reverse Engineering; Linux Reverse Engineering; Windows CE Reverse Engineering; Overflow Attacks

Part 2 - Network Stalking - TCP/IP Analysis; Social Engineering; Reconnaissance; OS Fingerprinting; Hiding The Tracks

Part 3 - Platform Attacks - Unix Defense; Unix Attacks; Windows Client Attacks; Windows Server Attacks; SOAP XML Web Services Security; SQL Injection; Wireless Security

Part 4 - Advanced Defenses - Audit Trail Analysis; Intrusion Detection Systems; Honeypots; Incident Response; Forensics and Antiforensics

Part 5 - Appendix

I highly recommend this book to anyone interested in Computer Security.
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
AdamV
SF Mod
SF Mod


Joined: 06 Oct 2004
Posts: 24
Location: Leeds, UK

Offline

PostPosted: Tue Jul 05, 2005 6:22 pm    Post subject: Reply with quote

I'm really glad this got bumped by the last post - I must have slept the week Don posted this originally (I hadn't joined very long beforehand). Looks like a really good read, just the sort of thing I am now getting my head round. Off to the bookshop I go....
Back to top
View user's profile Send private message Visit poster's website
DCLXVI
Just Arrived
Just Arrived


Joined: 27 Mar 2005
Posts: 4


Offline

PostPosted: Tue Jul 05, 2005 8:35 pm    Post subject: Reply with quote

I just this book in the mail along with seven others, amazon.com is an addiction.

It seems promising from the little I've seen by flipping through it and most reviewers seem to agree on it's excellence. I'll be sure to add my comments on it when I finally find the time to actually read it.
Back to top
View user's profile Send private message
neobloodline
Lurker
Lurker


Joined: 28 Feb 2005
Posts: 11


Offline

PostPosted: Sat Jul 09, 2005 7:18 am    Post subject: Reply with quote

Thanks for the review alt.don ..lets see my budget now..
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register