The Virtual Bookcase for browsing and sharing reviews of books. New to this site? Read the welcome page first.

The Virtual Bookcase Home
Recent reviews
Collected book news
Welcome to this site
Add your own book

Book details of 'Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses'

Cover of Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses
TitleCounter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses
Author(s)Ed Skoudis
PublishedJuly 2001
PublisherPrentice Hall PTR
Web links for this book
Search at
Wikipedia booksources
Shop for this book

Back to shelf Computer security info for Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses

Score: score: 3.0 ***--  Vote for this book

The Virtual Bookcase Reviews of 'Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses':

Reviewer wrote:
In defending your systems against intruders and other meddlers, a little knowledge can be used to make the bad guys--particularly the more casual among them--seek out softer targets. Counter Hack aims to provide its readers with enough knowledge to toughen their Unix and Microsoft Windows systems against attacks in general, and with specific knowledge of the more common sorts of attacks that can be carried out by relatively unskilled "script kiddies." The approach author Ed Skoudis has chosen is effective, in that his readers accumulate the knowledge they need and generally enjoy the process. The best part of this book may be two chapters, one each for Windows and Unix, that explain the essential security terms, conventions, procedures, and behaviors of each operating system. This is the sort of information that readers need--a Unix person getting into Windows administration for the first time needs an introduction to the Microsoft security scheme, and vice versa. A third chapter explains TCP/IP with focus on security. With that groundwork in place, Skoudis explains how (with emphasis on tools) attackers look for vulnerabilities in systems, gain access, and maintain their access for periods of time without being discovered. You'll probably want to search online resources for more specific information--Skoudis refers to several--but this book by itself will provide you with the vocabulary and foundation knowledge you need to get the details you want. --David Wall Topics covered: How black-hat hackers work, what tools and techniques they use, and how to assess and improve your systems' defenses. The author explains how Windows, Unix, and TCP/IP can be exploited for nefarious purposes, and details a modus operandi that's typical of the bad guys.

Reviewer Rob Slade wrote:
Chapter one, as in many texts, is an introduction to the book, but is unusually important in this case. First, Skoulis lays out the philosophy behind the work. While the text of the book does concentrate on attacks, the author points out that invaders already have other sources of information. Further, Skoulis proposes that a detailed, complete, and integrated examination of representative samples of classes of attacks will provide an outline of defensive measures that can protect against a wide variety of assaults. A second point in this introduction is a brief examination of the character of attackers. Skoulis does point out that those who attempt to penetrate computer and communications security do so from a diversity of motivations and skill levels. However, he does tend to overstress the participation of "professional hackers," proposing that industrial espionage, terrorism, and organized computer crime activities are common. Certainly such campaigns may become common, making the need for pre-planning even more important, but the vast majority of endeavors we are seeing at present are amateur efforts. Finally, the introduction recommends the establishment of a computer security test laboratory, which is an excellent idea for any large corporation, but probably is not within the financial, personnel, or educational reach of even medium sized businesses. Chapter two provides a background in TCP/IP for the purposes of discussing networking offence and defence. There are frequent forward references to later sections of the book that deal with network attacks. The material could, however, have been condensed somewhat to emphasize those aspects of the protocols that are closely related to security. UNIX and Windows (NT and 2000) are similarly covered in chapters three and four, and, again, the text could be tightened up by focusing on safety factors. Chapter five points out the ways in which people can obtain data in order to direct and mount an attack. While the content is informative, and there are a few suggestions for restricting the release of such intelligence, the defensive value of the text is limited. The information gathering process continues in chapter six with war dialling and port scanning. Defences against application and operating system attacks are covered a bit better than in most "hacking" books (there are descriptions of buffer overflow detection tools), but the protective value of chapter seven is still questionable. Chapter eight examines network sniffing, scanning, spoofing, and hijacking. Denial of service is covered well in chapter nine. Various examples of malware are described in chapter ten. Chapter eleven deals with the means used to hide an attack. A number of scenarios are created in chapter twelve. Chapter thirteen describes some resources for keeping up with the latest computer vulnerabilities. Recently there has been a flood of books to the security marketplace, all based on the premise that if you know how to attack a system, you will know how to defend it. Skoulis has done a better job than most, but the thesis is still unproven. Yes, knowledge of the details of an attack does help you fine tune your defence. Yes, providing specifics of an example of a class of attacks does help you consider a protective mechanism that might work against a whole class. Yes, Skoulis does recommend safeguards for most of the attacks listed. But taking a crowbar to a padlock still doesn't teach you locksmith skills. copyright Robert M. Slade, 2001

Add my review for Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses
Search The Virtual Bookcase

Enter a title word, author name or ISBN.

The shelves in The Virtual Bookcase

Arts and architecture (25)
Biography (24)
Business and Management (120)
Cars and driving (53)
Cartoons (45)
Children's books (180)
Computer (475)
Computer history/fun (113)
Computer networks (382)
Computer programming (215)
Computer security (272)
Cook books (89)
Fantasy (154)
Fiction (446)
Health and body (71)
History (138)
Hobby (37)
Horror (65)
Humorous books (52)
Literature (57)
Operating systems (94)
Outdoor camping (162)
Outdoors (236)
Politics (85)
Privacy (61)
Psychology (55)
Religion (17)
Science (113)
Science Fiction (156)
Self-help books (56)
Technology (14)
Travel guides (308)
War and weapons (29)
World Wide Web (213)
Zen (5)
Other books (89)

The Virtual Bookcase is created and maintained by Koos van den Hout. Contact e-mail
Site credits
Copyright © 2000-2018 Koos van den Hout / The Virtual Bookcase Copyright and privacy statement