[ISN] REVIEW: "Enterprise Security", David Leon Clark

From: InfoSec News (isnat_private)
Date: Thu Jan 02 2003 - 22:28:48 PST

  • Next message: InfoSec News: "[ISN] Hackers prompt Nebo District to upgrade software security"

    Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rsladeat_private>
    BKESTMDG.RVW   20020916
    "Enterprise Security", David Leon Clark, 2003, 0-201-71972-X,
    %A   David Leon Clark
    %C   P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario  M3C 2T8
    %D   2003
    %G   0-201-71972-X
    %I   Addison-Wesley Publishing Co.
    %O   U$39.99/C$62.99 416-447-5101 fax: 416-443-0948
    %O  http://www.amazon.com/exec/obidos/ASIN/020171972X/robsladesinterne
    %P   264 p.
    %T   "Enterprise Security: The Manager's Defense Guide"
    The preface is heavy on buzzwords (and a few spelling errors) with
    little attention paid to concepts and structure.  Part one would like
    us to think of the forging of a new economy.  Chapter one asks "what
    is e-business," and, with a little re-interpretation of history (the
    Internet had been in existence for twenty two years and had five
    million users, a significant number private and commercial, before it
    "became available to the public" according to this book) and ignoring
    of inconvenient facts (the hyperinflation of dot com IPO stocks is
    stated to prove the success of e-business just before we are told that
    the dot com failure was inevitable because of stock hyperinflation)
    tells us that e-business uses the net and makes money.  Some security
    jargon is introduced in chapter two.  A confused recycling of trade
    press myths about blackhats, in chapter three, seems to state that
    these are the only malicious opponents of e-business: there is no
    mention of insider attacks.
    Part two looks at protecting information assets in an open society. 
    Chapter four demonstrates an amazingly consistent failure to
    understand the technologies supposedly being explained: a
    De-Militarized Zone (DMZ) is, by definition, not abandoned outside the
    firewall, and Simple Key Management for IP (SKIP) is not a virtual
    private network (VPN) product.  There are more buzzwords,
    miscellaneous security concerns, and more mistakes (ActiveX is *not*
    multi-environment) in chapter five.
    Part three talks about waging war for control of cyberspace.  Chapter
    six looks at attacks by syntax, and demonstrates more TCP/IP errors. 
    (Packet filtering is not exactly built into IP: the ability to handle
    a packet based on destination is central to the idea of networking. 
    The ping-of-death has nothing to do with fragmentation offsets since
    it is a single packet, and it is not too small, but too large.)  There
    is a confusion of attack scripts and script viruses (and cookies, too,
    for good measure) in chapter seven.  Countermeasures and attack
    prevention, in chapter eight, actually looks (tersely) at incident
    response.  The material isn't too bad, but has very little detail. 
    Having talked about DDoS (Distributed Denial of Service) in chapter
    six, the attack now gets more pages, but little more detail.  Chapter
    ten is a grab bag of random safeguards and countermeasures, as is
    Part four deals with active defense mechanisms and risk management. 
    Chapter twelve, entitled vulnerability management, suggests collecting
    alerts.  Given what we've seen so far, it is strange that chapter
    thirteen *does* address the nominal subject of risk management, albeit
    not very well.
    This confused collection of random concepts adds nothing of value to
    the security literature.
    copyright Robert M. Slade, 2002   BKESTMDG.RVW   20020916
    rsladeat_private  rsladeat_private  sladeat_private p1at_private
    Find book info victoria.tc.ca/techrev/ or sun.soci.niu.edu/~rslade/
    Upcoming (ISC)^2 CISSP CBK review seminars (+1-888-333-4458):
        February 10, 2003   February 14, 2003   St. Louis, MO
        March 31, 2003      April 4, 2003       Indianapolis, IN
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Fri Jan 03 2003 - 09:13:08 PST