[ISN] REVIEW: "Degunking Your Email, Spam, and Viruses", Jeff Duntemann

From: InfoSec News (isn@private)
Date: Wed Dec 28 2005 - 23:43:14 PST


Forwarded from: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rslade@private>

BKDYESAV.RVW   20041205

"Degunking Your Email, Spam, and Viruses", Jeff Duntemann, 2004,
1-932111-93-X, U$24.99/C$37.99
%A   Jeff Duntemann feedback@private
%C   Suite 115 4015 North 78th Street, Scottsdale AZ   85251
%D   2004
%G   1-932111-93-X
%I   Paraglyph Press
%O   U$24.99/C$37.99 602-749-8787 ssayre@private
%O  http://www.amazon.com/exec/obidos/ASIN/193211193X/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/193211193X/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/193211193X/robsladesin03-20
%O   tl i rl 3 tc 3 ta 4 tv 4 wq 3
%P   334 p.
%T   "Degunking Your Email, Spam, and Viruses"

Lots of books have "quick tips" at the front these days.  Usually
these are nothing more than promotional fluff, designed to convince
you that the author Knows Important Stuff.  However, when I perused
the suggestions for what to do about email and viruses if you had
limited amounts of time, I was quite impressed that Duntemann had, in
fact, carefully selected those tasks that would give the most
protective value for the temporal coin.  I could cavil at a few, but
generally this list is very well chosen for those readers who do need
to get started right away.

Chapter one is an introduction, defining the various problems, and
outlining the "12-step" program that structures most of the rest of
the book.  Although chapter two is supposed to be about creating an
email strategy it doesn't go quite that far.  But Duntemann does
provide guidance on the type of email user you are, and notes the
importance (which varies) of having alternative email addresses. 
Various email clients, and important features, are reviewed in chapter
three.  The advice is good (although I don't know why he is dissing
Pegasus  :-)  Chapter four outlines good email habits, and effective
practices for using and managing email.  The advice on maintaining
contact and synchronization on the road, given in chapter five, is
helpful to travelers although I am not sure that it a) applies to
everyone, and b) is a "gunky" problem.  Chapter six provides valuable
advice for managing stored or saved messages.

Chapter seven describes the situation with regard to spam, and
suggests the standard actions to avoid it.  The concepts and tools for
spam filtering are outlined in chapter eight.  Chapter nine walks the
reader through the installation and "training" of POPfile, while ten
lists arguments against non-Bayesian spam prevention filters and
systems.

Chapter eleven is a good introduction to the broad categories of
malware.  The choice and evaluation of antiviral programs, given in
chapter twelve, is quite decent, although the space and precedence
given to the "three sisters" seems to be excessive: companies like
Sophos, F-Prot, and Avast turn out technically superior products and
are hardly "obscure."  Spyware and adware, as well as suggestions to
limit them and products to deal with them, are covered in chapter
thirteen.  Chapter fourteen has good advice about dealing with worms
(although I'm surprised that Duntemann did not mention turning off
DCOM, which would probably have saved his friend some grief).  Chain
letters and scams are discussed in chapter fifteen.  (I was teaching
in Nigeria when I read this book, so I found the coverage of the 419
scam ironic.  Nigeria isn't in chaos: it just seems that way.) 
Chapter sixteen finishes off with advice on what to do if you *have*
been hit with something nasty.

The book has a lot of very practical and useful information.  It is
written at a level that any intermediate user, and many intelligent
novices can use directly without further experimentation.  (A few
items could use more detail: how do you turn an .iso file into a
bootable CD?)  I would recommend this as an excellent reference to
have to hand for pretty much any computer user.

copyright Robert M. Slade, 2004   BKDYESAV.RVW   20041205


======================  (quote inserted randomly by Pegasus Mailer)
rslade@private      slade@private      rslade@private
                   Post hoc, ergo propter hoc
                After it, therefore because of it
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade



_________________________________________
Earn your Master's degree in Information Security ONLINE
www.msia.norwich.edu/csi
Study IA management practices and the latest infosec issues.
Norwich University is an NSA Center of Excellence.



This archive was generated by hypermail 2.1.3 : Fri Dec 30 2005 - 19:29:35 PST