Security Warrior Book Review
Security Warrior
Book Review
 By
Dale Farris, Vice PresidentGolden Triangle PC Club May 2004 General Overview In this significant era of high concern for computer security, the bookshelves teem with titles related to this important topic. Many computer users and computer network administrators are overwhelmed with the prolific amount of titles about security, while the sophistication of attacks against computer systems increases with each exploit. This marvelous addition to the always dependable titles from O'Reilly addresses the worst an attacker can do to a computer. Authors Peikari and Chuvakin have assembled one of the most important computer books of the year, if not all time. Based on the principle that the only way to defend yourself is to understand your attacker in depth, this essential title reveals how your systems can be threatened. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and advanced attacks against Unix and Windows systems, this book helps you know your enemy and prepare to do battle. Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator who must be aware of all kinds of malware that can be installed on machines, including Trojaned binaries, "spyware" that looks innocuous while sending private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability. Security Warrior is the most comprehensive, up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you are on the front lines of computer network defense, defending your site against attackers, you need this book. Special Features These authors have produced a significant contribution to the rapidly growing number of titles in the specialized genre of computer security. Even though there are many other similar titles, this O'Reilly title is superior to most and I strongly recommend all network administrators get a copy of this powerful title, and to also consider multiple copies for loaning to other computer network support staff. Table of Contents The twenty-two (22) chapters are organized into five parts, and include the following: Part One: Software Cracking 1) Assembly Language 2) Windows Reverse Engineering 3) Linux Reverse Engineering 4) Windows CD Reverse Engineering 5) Overflow Attacks Part Two: Network Stalking 6) TCP / IP Analysis 7) Social Engineering 8) Reconnaissance 9) OS Fingerprinting 10) Hiding the Tracks Part Three: Platform Attacks 11) Unix Defense 12) Unix Attacks 13) Windows Client Attacks 14) Windows Server Attacks 15) SOAP XML Web Services Security 16) SQL Injection 17) Wireless Security Part Four: Advanced Defense 18) Audit Trail Analysis 19) Intrusion Detection Systems 20) Honeypots 21) Incident Response 22) Forensics and Antiforensics Part Five: Appendix Useful SoftICE Commands and Breakpoints Target Readers The audience for this book includes Network analysts and administrators, and those who are capable in programming Those interested in information security Those interested in an advanced approach to computer network security Network administrators already familiar with basic network attacks, such as sniffing, spoofing, and denial-of-service Those interested in a single volume that will broaden their knowledge of network security Those wishing to delve deeper into underlying concepts such as packet fragmentation, overflow attacks, and operating system fingerprinting Those who want more on forensics, honeypots, and the psychological basis of social engineering Folks interested in implementing Bayesian intrusion detection and defending against wireless airborne viruses Folks interested in delving deeper into Windows XP attacks and Windows Server weaknesses Book Contents 552 pages; preface; acknowledgments; tons of figures and screen-shots; script examples; tips; index; cover colophon Authors Cyrus Peikari and Anton Chuvakin About the Authors Dr. Cyrus Peikari is the founder of Dallas-based Airscanner, a developer of wireless security tools and a wireless software research and development team. Dr. Peikari finished his undergraduate training with honors in electrical engineering from Southern Methodist University in 1991. He also worked as a telecommunications software engineer for Alcatel before receiving his Doctor of Medicine degree from Southwestern. Dr. Peikari has since developed several award-winning security software programs. He has co-authored five technical books on information security, three of them as lead author. His book, "Maximum Wireless Security," from SAMS, has remained the #1 bestseller in its category on Amazon.com since it was published. Dr. Peikari is also a frequent speaker at technical information security conferences, including Defcon, NetSec, and CSI. He has helped several universities start new infosec degree programs, and he is also the site host for security at Pearson Education's InformIT.com division. Dr. Anton Chuvakin, Ph.D., GCIA, GCIH, is a senior security analyst with netForensics, specializing in network security, intrusion detection, system hardening, and vulnerability analysis. He has written numerous articles and book reviews on computer and network security published by "SecurityFocus," "Linux Journal," ";login," "ISSA Password," "SC Magazine Online," LinuxSecurity.com, and others. In his spare time, he maintains his security portal www.info-secure.org and writes security book reviews. His active professional affiliations include ISSA, InfraGard, USENIX, HTCIA, Honeynet Research Alliance, etc. He has contributed to "SANS Top 20 Vulnerabilities" (1002, 2003), and is an active member of SANS GCIA Certification Advisory Board. ISBN January 2004 - First Edition 0-596-00545-8 List Price $44.95 $65.95 CAN About O'Reilly & Associates, Inc. O'Reilly & Associates is the premier information source for leading-edge computer technologies. O'Reilly communicates the knowledge of experts through their books, conferences, and web sites. Their books, known for their animals on the covers, occupy a treasured place on the shelves of developers building the next generation of software, and their conferences and summits bring innovators together to shape the revolutionary ideas that spark new industries. From the Internet to the web, Linux, Open Source, and now Peer-to-Peer Networking, O'Reilly puts technologies on the map. Anyone involved in information technology can always depend on O'Reilly for high quality books, as well as the most authoritative works on the market. The company's commitment to technical expertise in their books is matched by their commitment to quality production, now famously recognized by their "lay flat" binding that makes reading an O'Reilly book very convenient. Among the sea of computer titles that now fill the shelves, professionals in information technology have for many years realized the super value that is always present in any O'Reilly title. Publisher Contact Marsee Henon marsee@oreilly.com O'Reilly & Associates, Inc. 1005 Gravenstein Highway North Sebastopol, California 95472 707-827-7000 800-998-9938 FAX 707-829-0104 www.oreilly.com |