[ISN] Book Review: "Halting the Hacker: A Practical Guide to Computer Security, 2/e"

From: InfoSec News (isnat_private)
Date: Mon Jan 20 2003 - 22:54:04 PST

  • Next message: InfoSec News: "[ISN] How to Foil Data Thieves, Hackers"

    Forwarded from: "Berislav Kucan" <berislavat_private>
    
    Here is the review of the HP's Donald L. Pipkin book Halting The
    Hacker. Next week we will have three of these books to give away and
    an interview with the author, so if you are interested, browse
    through the site around Tuesday/Wednesday.
    
    
    ============================
    
    Halting the Hacker: A Practical Guide to Computer Security, 2/e
    by Aleksandar Stancin - Monday, 13 January 2003. 
    http://www.net-security.org/review.php?id=21
    
    Author: Donald L. Pipkin
    Pages: 384 
    Publisher: Prentice Hall PTR 
    ISBN: 0130464163
    
    [http://www.amazon.com/exec/obidos/ASIN/0130464163/c4iorg  - WK]
    
    Available for download is chapter 8 entitled "Limiting Access".
    
    Again, the issue of hacking is brought to my reading attention. A lot
    has been said on that subject during the years, both right and wrong,
    by various authors, from experts to media journalists. For the most
    part, the actual act of attack against the system, or a security
    breach got minor attention, versus the dollar value of damage and the
    level of publicity the attacker got, stepping into the spotlight.
    Technical literature exists, and more than plenty books are there on
    computer security, for various levels and instances, from guides to
    complex studies. But, only a few books deal with every aspect of
    hacking. I don't know about you, but I find it interesting to find
    all these information and facts in one place, and possibly well
    presented.
    
    About the author
    
    'Halting the hacker' is written by Donald L. Pipkin, CISSP, an
    Information Security Architect for the Internet Security Division at
    HP, with expertise in the fields of security policy, procedures and
    intrusion response. His field of expertise, as long with his long
    term experience in the subject should guarantee that this book is
    worth your while. Let's see if that is the case.
    
    Inside the book
    
    Halting the hacker is made out of four major parts, each consisting
    of relevant chapters, spreading on some 340 pages of printed
    material. The first part of the book, aptly named 'Understanding
    hackers' deals with hackers, and all terms usually associated with
    them. Kind of an insight into the mind of an average hacker. The
    author does not make the same mistake as many others, misusing the
    term hacker/cracker. He clearly makes the distinction between them,
    but also emphasizes that both terms usually involve illegal
    activities, punishable by law. You'll learn what motivates an average
    attacker, how they can be classified, what exactly, and more
    importantly, how they do what they do. An excellent part of the book,
    that actually deals with hacking from a sociological point of view,
    rather than just computer security. This is very interesting reading
    material for those unfamiliar with hacking. Books with this kind of
    an approach can be counted on the fingers of one hand. Good work, I
    must say.
    
    Now, the following part of the book occupies a somewhat bigger part,
    named 'The hacking process'. In the previous chapter you read all
    about hackers, how and why they do what they do. Here, you'll dwell
    much further into the matter how they do it. All topics are covered
    here, from social engineering vital to the process of gathering
    information, through gaining access to elevating privileges;
    everything every hacker/cracker wants and has to do when accessing a
    system. This is an excellent chapter for everybody into security, as
    it will clearly tell them what they're up against when dealing with
    hacking, and to see how it's done. The things you need to know, in
    order to successfully confront the attacker, are all here. This is
    necessary reading material.
    
    The third part of the book deals more with legal issues, hence its
    name 'Legal recourse'. More information is shed on terms of computer
    crimes, from intellectual property to traditional offences. Some help
    with legal prosecution is also deal with, as well as possible
    obstacles for legal prosecution, and tips for improving prosecution.
    Not much of a technical chapter, but more just legal titbits. Fair
    enough.
    
    The fourth part proudly carries the name of the book, 'Halting the
    hacker'. As you can assume by now, what remains is the defense
    strategy when everything else has been covered. And that is exactly
    what this part is all about. From necessary preparations, in terms
    what to protect, from who, and how to protect it, to the revision of
    the incident. Various security testing have been mentioned and
    explained, as well as the problems that occur even during the
    installation, in terms of needed software/services vs. those not
    necessary. To sum it up, various proactive and reactive security
    measures are discussed here.
    
    The CD-ROM
    
    Of course, there's a convenient glossary of the terms used in the
    book, as well as the index, and a nifty accompanying CD-ROM. The
    CD-ROM contains several useful tools, both for Linux and HP-UX,
    various information archive, an RFC archive, useful links to web
    pages and Usenet forums, and various mailing lists. The contents are
    neatly and simply presented in a HMTL form, accessible via any
    browser you may have on the system. Clear and functional.
    
    My 0.02 euros
    
    Version for the impatient: excellent book, go get it and read it. 
    
    For the rest of you that actually got this far, and are still
    interested into reading my opinion, I salute you. Well, you've
    probably noticed the line above, where I claim it to be an excellent
    book, so let me elaborate on that one.
    
    Why am I thrilled with the book? Well, aside it's pure technical
    value as a practical guide to computer security, dealing with Linux
    and HP-UX, which it does very well; I just love the sociological part
    about hacking. Like I said, not many books cover a lot, or any at
    all, and this one does, pretty good and satisfying. It will bring you
    a bit closer to the hacker's mind and maybe explain how it functions,
    therefore allowing yourself to prepare better for possible attacks
    and countermeasures. It helps a lot if you fully understand what
    you're up against here. 
    
    Of course, it does not reveal anything new, unknown or anything that
    you couldn't have read before on the Internet or other books, but
    here is stacked on one place, and written pretty objectively and
    correct. So much for that part of the book.
    
    The technical part of the book, meaning attacks and defenses, is
    written flawlessly, easy to follow. Sure, it's mostly things you
    probably know to some extent, only here compiled into one place for
    your convenience, providing you're on some intermediate level with
    your security knowledge. If you're new to it, you'll find it pretty
    much revealing and fascinating. A great start to be further expanded.
    Don't let it's number of pages or it's relative thinness fool you
    into thinking it does not offer much. It does. Great work. 
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Tue Jan 21 2003 - 03:14:13 PST