[ISN] REVIEW: "Maximum Security", Anonymous

From: mea culpa (jerichoat_private)
Date: Wed Jan 13 1999 - 17:50:44 PST

  • Next message: mea culpa: "RE: [ISN] HERT formed as alternative to CERT"

    Forwarded From: seceduat_private
    Originally From: "Rob Slade" <rsladeat_private>
    BKMAXSEC.RVW   981025
    "Maximum Security", Anonymous, 1998, 0-672-31341-3,
    %A   Anonymous
    %C   201 W. 103rd Street, Indianapolis, IN   46290
    %D   1998
    %E   Mark Taber newtech_mgrat_private
    %G   0-672-31341-3
    %I   Macmillan Computer Publishing (MCP)
    %O   U$49.99/C$70.95/UK#46.95 800-858-7674 http://www.mcp.com
    %P   829 p. + CD-ROM
    %T   "Maximum Security, second edition"
    Rather loudly promoted on the net these days, the major selling point of
    this book is that it was written "by an experienced hacker." Supposedly
    one who spent some time as a guest of Uncle Sam for fiddling bank
    machines.  (Some of what we are told about the author does not fit with
    the contents of the book, but then, as an old professional paranoid, I may
    be unduly suspicious.)  Leaving aside questions of morality and
    definitions of the term "hacker," let us merely observe that these people
    are the gnostics.  They are the devotees of the hidden, esoteric, and
    arcane knowledge.  Such knowledge, of course, is cheapened and weakened by
    being revealed. Which may explain a certain reticence on a number of
    points in the first edition of the book.  The introduction to that edition
    made it fairly clear: Anonymous assumed that if you did not work
    diligently at his direction you did not deserve to secure your system. 
    One could almost feel his glee at the expectation that thousands of
    sysadmins around the world were wracking their brains and flooding Usenet
    with discussions of the significance of his clues to the vital encrypted
    message he had hidden on the CD-ROM. 
    The riddle, and that attitude, seem to have been removed from this second
    edition.  The author tacitly admits that the first was a bit of a kludge:
    he says that it was written in haste.  He also states that the second
    edition is more "solution oriented."  It could hardly have been less.  Be
    that as it may, the book is, as the author states, essentially completely
    rewritten.  It has been much improved in the process, moving up from truly
    awful to merely mediocre.  The new version provides a good deal of
    reference information, although assessing the quality of that information
    is left as an exercise to the reader. 
    The section on viruses is an overview of the book in miniature.  The hype
    has been toned down, and the explanation of how viruses work is much more
    reasonable.  However, it still insists that "destruction" is the major
    characteristic of a virus.  (There is, later, an admission that "[m]ost
    viruses do not actually destroy data.")  We are treated to the old myth
    that virus researchers write viruses as a kind of job security.  While a
    general background to viruses is provided, there is no discussion of
    protection options.  However, there are more listings of antiviral
    programs and resource sites than there are for virus creation programs. 
    Many topics within the text have lists of books and Web sites for further
    study, and there is one for viruses that includes three of the four tomes
    recommended by the VIRUS-L FAQ. Unfortunately, it also contains some
    lesser works, and there are no annotations to the bibliography. 
    Part one is simply two chapters of introduction to the book.  A somewhat
    limited overview to security concepts is given in part two, concentrating
    on the Internet.  Chapters look at the Internet, TCP/IP basics, hackers
    and crackers, targets, possibilities of fights over the net, and very
    brief data security primer.  Various types of security and attack software
    are outlined in part three.  There is consideration of malicious software,
    security weakness scanners, password crackers, trojans, network packet
    sniffers, firewalls, and audit software.  Part four looks at specific
    operating systems:  Windows, UNIX, Novell, VMS, and Macintosh.  Two
    chapters look at very basic security requirements in part five.  Network
    based attacks are discussed in part six, reviewing levels of attack,
    spoofing, telnet, scripting languages and extensions, and hiding of
    identity.  Different types of resources and references are contained in
    appendices.  (I was disappointed in the loss of a chapter on laws in
    various countries until I found it had been moved back here.) 
    If you don't know security, this book is probably not going to teach it to
    you.  On the other hand, if you work with security, you may find that some
    of the resources listed here are things that you want to explore.  For the
    novice it isn't altogether reliable, but for the professional it is at
    least worth looking at. 
    copyright Robert M. Slade, 1998 BKMAXSEC.RVW 981025
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:15:44 PDT