The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site
Add your own book

Book details of 'Hackers Beware: The Ultimate Guide to Network Security'

Cover of Hackers Beware: The Ultimate Guide to Network Security
TitleHackers Beware: The Ultimate Guide to Network Security
Author(s)Eric Cole
ISBN0735710090
LanguageEnglish
PublishedAugust 2001
PublisherQue
Web links for this book
Search at Bookcrossing.com
Wikipedia booksources
Shop for this book
At Amazon.com
At Amazon.co.uk

Back to shelf Computer security
Amazon.com info for Hackers Beware: The Ultimate Guide to Network Security

Score:

Vote for this book

The Virtual Bookcase Reviews of 'Hackers Beware: The Ultimate Guide to Network Security':

Reviewer amazon.com wrote:
In Hackers Beware, Eric Cole succeeds in explaining how hackers break into computers, steal information, and deny services to machines' legitimate users. An intended side effect of his documentary efforts is a feeling for how network-connected computers should be configured for maximum resistance to attack. Cole, who works with the attack-monitoring SANS Institute as an instructor and security consultant, conveys to his readers specific knowledge of offensive and defensive weaponry as well as general familiarity with attack strategies and good security practices. Hackers Beware is a good primer and really earns its price by going into enough detail to enable readers to actually do something to make their resources safer. It also enables its readers to understand more specialized security texts, including Stephen Northcutt's fine Intrusion Signatures and Analysis. Cole's didactic style is largely conversational, embracing the fact that most computer exploits can be conveyed as stories about what hackers want and the steps they take to achieve their goals. He punctuates his prose passages with line drawings that clarify what gets passed among the machines involved in an attack, and pauses frequently to show programs' user interfaces and passages from their logs. Cole explains all the jargon he uses--a characteristic that alone distinguishes this book from many of its competitors. --David Wall Topics covered: What motivates black-hat hackers, and the technical means they use to go about satisfying their ambitions. General attack strategies--spoofing, password cracking, social engineering, and buffer overflows, among others--are explained, and the tools used to carry them out are catalogued. The same goes for defensive tools and practices.
Reviewer Rob Slade wrote:
It is difficult to maintain confidence in a book that, within six sentences of the opening of the first chapter, misspells the word "brakes." We are told that two developmental editors, two copy editors, two proofreaders, and no less than five technical reviewers had at this work. Did any of them pay attention to what they were reading? Chapter one basically states that dangers are out there, security is bad, and companies should be concentrating on prevention, detection, and education. Cole also nudges at the "hacking for protection" theory, without ever really examining it. A brief but reasonable list of security breaking activities is given in chapter two. Various steps and tools involved in gathering information about a network connected to the Internet are described in chapter three. Unfortunately, this explanation, while helpful to a potential attacker, has no utility for the defender: almost all of the data discussed must be publicly available for the network to function, and so there are no means of blocking this level of access. Spoofing, or masquerading, is dealt with in chapter four, but again, while some protective measures are provided, much more time is spent on the disease than the cure. After twenty six pages of telling you how to hijack sessions, including the best programs to use and how to operate them, chapter five gives us two pages of simplistic advice (avoid remote connections) on protection. Chapter six lists a number of common denial of service attacks and, while it does devote a lot of ink to describing the exploits, the material is reasonably balanced, and the suggested defensive measures realistic. Chapter seven requires almost forty pages to tell us that buffer overflows are not good, and you should apply software patches. Password security is very important, but the material in chapter eight is vague, disorganized, and has relatively little to say about good password choice. (Chapters nine and ten describe some NT and UNIX password cracking programs.) The examination of background fundamentals of NT, in chapter eleven, is a terse and unfocused grab bag of information. The analysis It would be of little help in explaining the specific attack programs listed in chapter twelve, a number of which rely on particular applications. The same relation is true of chapters thirteen and fourteen, relating to UNIX. A number of backdoor and remote access trojan programs are described in chapter fifteen. Chapter sixteen discusses log files, and lists some programs for generating spurious network traffic in order to hide attacks. Some random exploits are listed in chapter seventeen, and a few more in eighteen. An attempt is made to combine various attacks into scenarios, in chapter nineteen, but these do not add anything to the material already provided. Chapter twenty is the usual vague look to the future. This book takes the all-too-common approach of assuming that teaching you how to break into systems will help you to protect them. The work also amply demonstrates the fallacy of that argument. While the harried systems administrator spends several hours coming to grips with the minutiae of the attacks described, the vast majority of the exploits listed can be countered simply by ensuring that software patches are up to date. In addition, while dozens of loopholes are listed in these pages, thousands more exist that are not covered. The material contained in these pages may be entertaining, but it is of far more use to the attacker than to the defender. This would be upsetting, were it not for the fact that most of the exploits described are old and not likely to remain unpatched if administrators are keeping up to date. (Of course, many small outfits can't commit a lot of resources to keeping up to date ...) For security specialists, this volume provides nothing that can't be found elsewhere. For non-specialists, it fails to supply a security framework and strategy within which to work. copyright Robert M. Slade, 2001
Add my review for Hackers Beware: The Ultimate Guide to Network Security

Book description:

Hackers Beware starts with a roadmap of the various areas of hacking but quickly delves into the details of how specific attacks work and how to protect against them. Since most attacks we hear about either occur or are perceived to come from hackers, people are very interested "in how they do that" - the techniques hackers use to break into systems. Hackers Beware is unique in that it gives specific exploits, exactly how they work and how to protect against them. This book will help readers understand what security threats they are up against and what they need to do to protect against them. Some books cover this from a high level but do not get into the details of specific exploits and cover it in a case by case fashion. This book will cover the complete picture. It will not only describe how an exploit works but present the signature of the attack, what to look for on a network and how to protect against it.

Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (119)
Cars and driving (53)
Cartoons (45)
Children's books (179)
Computer (475)
Computer history/fun (111)
Computer networks (382)
Computer programming (215)
Computer security (269)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (70)
History (135)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (83)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (55)
Technology (12)
Travel guides (307)
War and weapons (29)
World Wide Web (211)
Zen (5)
Other books (88)
Mailing list
Subscribe to booktalk, the discussion list about books at The Virtual Bookcase.
Enter your e-mail address to subscribe (you will receive an e-mail to confirm your subscription):
The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail webmaster@virtualbookcase.com.
Site credits
Copyright © 2000-2008 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement