Forwarded from: "Berislav Kucan" <berislavat_private> Here is the review of the HP's Donald L. Pipkin book Halting The Hacker. Next week we will have three of these books to give away and an interview with the author, so if you are interested, browse through the site around Tuesday/Wednesday. ============================ Halting the Hacker: A Practical Guide to Computer Security, 2/e by Aleksandar Stancin - Monday, 13 January 2003. http://www.net-security.org/review.php?id=21 Author: Donald L. Pipkin Pages: 384 Publisher: Prentice Hall PTR ISBN: 0130464163 [http://www.amazon.com/exec/obidos/ASIN/0130464163/c4iorg - WK] Available for download is chapter 8 entitled "Limiting Access". Again, the issue of hacking is brought to my reading attention. A lot has been said on that subject during the years, both right and wrong, by various authors, from experts to media journalists. For the most part, the actual act of attack against the system, or a security breach got minor attention, versus the dollar value of damage and the level of publicity the attacker got, stepping into the spotlight. Technical literature exists, and more than plenty books are there on computer security, for various levels and instances, from guides to complex studies. But, only a few books deal with every aspect of hacking. I don't know about you, but I find it interesting to find all these information and facts in one place, and possibly well presented. About the author 'Halting the hacker' is written by Donald L. Pipkin, CISSP, an Information Security Architect for the Internet Security Division at HP, with expertise in the fields of security policy, procedures and intrusion response. His field of expertise, as long with his long term experience in the subject should guarantee that this book is worth your while. Let's see if that is the case. Inside the book Halting the hacker is made out of four major parts, each consisting of relevant chapters, spreading on some 340 pages of printed material. The first part of the book, aptly named 'Understanding hackers' deals with hackers, and all terms usually associated with them. Kind of an insight into the mind of an average hacker. The author does not make the same mistake as many others, misusing the term hacker/cracker. He clearly makes the distinction between them, but also emphasizes that both terms usually involve illegal activities, punishable by law. You'll learn what motivates an average attacker, how they can be classified, what exactly, and more importantly, how they do what they do. An excellent part of the book, that actually deals with hacking from a sociological point of view, rather than just computer security. This is very interesting reading material for those unfamiliar with hacking. Books with this kind of an approach can be counted on the fingers of one hand. Good work, I must say. Now, the following part of the book occupies a somewhat bigger part, named 'The hacking process'. In the previous chapter you read all about hackers, how and why they do what they do. Here, you'll dwell much further into the matter how they do it. All topics are covered here, from social engineering vital to the process of gathering information, through gaining access to elevating privileges; everything every hacker/cracker wants and has to do when accessing a system. This is an excellent chapter for everybody into security, as it will clearly tell them what they're up against when dealing with hacking, and to see how it's done. The things you need to know, in order to successfully confront the attacker, are all here. This is necessary reading material. The third part of the book deals more with legal issues, hence its name 'Legal recourse'. More information is shed on terms of computer crimes, from intellectual property to traditional offences. Some help with legal prosecution is also deal with, as well as possible obstacles for legal prosecution, and tips for improving prosecution. Not much of a technical chapter, but more just legal titbits. Fair enough. The fourth part proudly carries the name of the book, 'Halting the hacker'. As you can assume by now, what remains is the defense strategy when everything else has been covered. And that is exactly what this part is all about. From necessary preparations, in terms what to protect, from who, and how to protect it, to the revision of the incident. Various security testing have been mentioned and explained, as well as the problems that occur even during the installation, in terms of needed software/services vs. those not necessary. To sum it up, various proactive and reactive security measures are discussed here. The CD-ROM Of course, there's a convenient glossary of the terms used in the book, as well as the index, and a nifty accompanying CD-ROM. The CD-ROM contains several useful tools, both for Linux and HP-UX, various information archive, an RFC archive, useful links to web pages and Usenet forums, and various mailing lists. The contents are neatly and simply presented in a HMTL form, accessible via any browser you may have on the system. Clear and functional. My 0.02 euros Version for the impatient: excellent book, go get it and read it. For the rest of you that actually got this far, and are still interested into reading my opinion, I salute you. Well, you've probably noticed the line above, where I claim it to be an excellent book, so let me elaborate on that one. Why am I thrilled with the book? Well, aside it's pure technical value as a practical guide to computer security, dealing with Linux and HP-UX, which it does very well; I just love the sociological part about hacking. Like I said, not many books cover a lot, or any at all, and this one does, pretty good and satisfying. It will bring you a bit closer to the hacker's mind and maybe explain how it functions, therefore allowing yourself to prepare better for possible attacks and countermeasures. It helps a lot if you fully understand what you're up against here. Of course, it does not reveal anything new, unknown or anything that you couldn't have read before on the Internet or other books, but here is stacked on one place, and written pretty objectively and correct. So much for that part of the book. The technical part of the book, meaning attacks and defenses, is written flawlessly, easy to follow. Sure, it's mostly things you probably know to some extent, only here compiled into one place for your convenience, providing you're on some intermediate level with your security knowledge. If you're new to it, you'll find it pretty much revealing and fascinating. A great start to be further expanded. Don't let it's number of pages or it's relative thinness fool you into thinking it does not offer much. It does. Great work. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Jan 21 2003 - 03:14:13 PST