BKHKATDN.RVW 20031019
"Hack Attacks Denied", John Chirillo, 2003, 0-471-23283-1,
U$50.00/C$77.50/UK#37.50
%A John Chirillo
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%D 2002
%G 0-471-23283-1
%I John Wiley & Sons, Inc.
%O U$50.00/C$77.50/UK#37.50 416-236-4433 fax: 416-236-4448
%O
http://www.amazon.com/exec/obidos/ASIN/0471232831/robsladesinterne
http://www.amazon.co.uk/exec/obidos/ASIN/0471232831/robsladesinte-21
%O
http://www.amazon.ca/exec/obidos/ASIN/0471232831/robsladesin03-20
%P 689 p. + CD-ROM
%T "Hack Attacks Denied"
The introduction states that this book is a companion to "Hack Attacks
Revealed" and that the audience is everyone.
Part one is about securing ports and services. Chapter one,
describing common ports and services, recommends replacing TFTP with
Tiger FTP, which just happens to be written by the author. Eighteen
pages are helpfully devoted to reprinting the source code, just in
case you'd like to type it in for yourself. The level of security
information varies substantially: there is, for example, no mention of
the fact that TFTP has no real use in Windows, and that disabling it
is a very good idea. More detail is provided for UNIX than Windows,
and some items are helpful, but most are not. Concealed ports and
services, otherwise known as backdoors or trojans, are discussed in
chapter two. There is a fourteen page source code listing of a
crippled trojan, a catalogue of backdoor trojans, and mention of some
protective software. Chapter three is mostly about how to get other
information, although less space is devoted to the discovery of
countermeasures, and an awful lot of the content is of the "you might
be able to" variety.
Part two, which consists only of chapter four, is about intrusion
defence and safeguarding against penetration attacks, but, again, more
space is devoted to attacks than defence.
Part three is entitled "Tiger Team Secrets." Chapter five is a random
list of attacks, including various viruses. Some items, such as the
"reboot attack," make no sense as described. Seventy five attacks,
most of which have been recounted before, are in chapter six. The
countermeasures usually boil down to "protect against this," but are
short on how. Chapter seven finishes off with a guide for consultants
who want to write security policies (including an outline that bears a
striking resemblance to the CISSP CBK). Two sample "audits" are
given, along with a reprint of a twenty one page router log (with no
analysis).
This book is not very revealing, and won't do much to deny access to
attackers.
copyright Robert M. Slade, 2003 BKHKATDN.RVW 20031019
--
======================
rslade.RemoveThis@vcn.bc.ca slade.RemoveThis@victoria.tc.ca rslade.RemoveThis@sun.soci.niu.edu
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
============= for back issues:
[Base URL] site
http://victoria.tc.ca/techrev/
or mirror
http://sun.soci.niu.edu/~rslade/
CISSP refs: [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent:
http://groups.yahoo.com/group/techbooks/
Security Educ.:
http://groups.yahoo.com/group/comseced/
Review mailing list: send mail to techbooks-subscribe.RemoveThis@egroups.com
or techbooks-subscribe.RemoveThis@topica.com
FAQ
Search
Profile
Private Messages
Log in/Register/Password
