Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Hackers Beware", Eric Cole

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKHKRBWR.RVW 20010829 Hackers Beware , Eric Cole, 2001, 0-7357-1009-0, U$45.00/C$67.95/UK#34.99 %A Eric Cole www.securityhaven.com eric@securityhaven.com
    Message 1 of 1 , Nov 26, 2001
      BKHKRBWR.RVW 20010829

      "Hackers Beware", Eric Cole, 2001, 0-7357-1009-0,
      %A Eric Cole www.securityhaven.com eric@...
      %C 201 W. 103rd Street, Indianapolis, IN 46290
      %D 2002
      %G 0-7357-1009-0
      %I Macmillan Computer Publishing (MCP)
      %O U$45.00/C$67.95/UK#34.99 800-858-7674 317-581-3743 info@...
      %P 778 p.
      %T "Hackers Beware: Defending Your Network from the Wiley Hacker"

      It is difficult to maintain confidence in a book that, within six
      sentences of the opening of the first chapter, misspells the word
      "brakes." We are told that two developmental editors, two copy
      editors, two proofreaders, and no less than five technical reviewers
      had at this work. Did any of them pay attention to what they were

      Chapter one basically states that dangers are out there, security is
      bad, and companies should be concentrating on prevention, detection,
      and education. Cole also nudges at the "hacking for protection"
      theory, without ever really examining it. A brief but reasonable list
      of security breaking activities is given in chapter two. Various
      steps and tools involved in gathering information about a network
      connected to the Internet are described in chapter three.
      Unfortunately, this explanation, while helpful to a potential
      attacker, has no utility for the defender: almost all of the data
      discussed must be publicly available for the network to function, and
      so there are no means of blocking this level of access. Spoofing, or
      masquerading, is dealt with in chapter four, but again, while some
      protective measures are provided, much more time is spent on the
      disease than the cure. After twenty six pages of telling you how to
      hijack sessions, including the best programs to use and how to operate
      them, chapter five gives us two pages of simplistic advice (avoid
      remote connections) on protection. Chapter six lists a number of
      common denial of service attacks and, while it does devote a lot of
      ink to describing the exploits, the material is reasonably balanced,
      and the suggested defensive measures realistic. Chapter seven
      requires almost forty pages to tell us that buffer overflows are not
      good, and you should apply software patches. Password security is
      very important, but the material in chapter eight is vague,
      disorganized, and has relatively little to say about good password
      choice. (Chapters nine and ten describe some NT and UNIX password
      cracking programs.) The examination of background fundamentals of NT,
      in chapter eleven, is a terse and unfocused grab bag of information.
      The analysis It would be of little help in explaining the specific
      attack programs listed in chapter twelve, a number of which rely on
      particular applications. The same relation is true of chapters
      thirteen and fourteen, relating to UNIX. A number of backdoor and
      remote access trojan programs are described in chapter fifteen.
      Chapter sixteen discusses log files, and lists some programs for
      generating spurious network traffic in order to hide attacks. Some
      random exploits are listed in chapter seventeen, and a few more in
      eighteen. An attempt is made to combine various attacks into
      scenarios, in chapter nineteen, but these do not add anything to the
      material already provided. Chapter twenty is the usual vague look to
      the future.

      This book takes the all-too-common approach of assuming that teaching
      you how to break into systems will help you to protect them. The work
      also amply demonstrates the fallacy of that argument. While the
      harried systems administrator spends several hours coming to grips
      with the minutiae of the attacks described, the vast majority of the
      exploits listed can be countered simply by ensuring that software
      patches are up to date. In addition, while dozens of loopholes are
      listed in these pages, thousands more exist that are not covered. The
      material contained in these pages may be entertaining, but it is of
      far more use to the attacker than to the defender. This would be
      upsetting, were it not for the fact that most of the exploits
      described are old and not likely to remain unpatched if administrators
      are keeping up to date. (Of course, many small outfits can't commit a
      lot of resources to keeping up to date ...)

      For security specialists, this volume provides nothing that can't be
      found elsewhere. For non-specialists, it fails to supply a security
      framework and strategy within which to work.

      copyright Robert M. Slade, 2001 BKHKRBWR.RVW 20010829

      As usual, a draft has been sent to the author. He has requested that
      this response be included, unedited:

      First allow me to say thank you for taking the time to review the book
      as criticisms are as crucial as praise. We take your feedback
      seriously. That being said, let me see if I might speak to some of
      your discussions on "Hackers Beware".

      When you buy "Hackers Beware", you buy it for the technical content.
      While we maintain that this faction of the book is air-tight and well-
      supported, we also admit that we could and should have done a better
      job with edits on spelling and grammar. While we admit that
      shortcoming, we also ask that you look at the eleven reviews posted on
      Amazon, praising the technical content of my book and earning it FIVE-
      STAR rating.

      The book starts opens with some introductory material but does that
      for a reason. Much of the security information that companies need to
      protect their site is straightforward. Yet companies systems are still
      hacked into with a growing frequency because they fail to understand
      how to build a proper defense. So my book aims to ensure that everyone
      is well, if not over-educated on DEFENSE.

      There are many books on hacking but what makes this book different is
      its emphasis on defense. Yes, you need to understand how the enemy
      breaks into systems, so you can build better defenses. Every section
      has an area on how to defend against a certain type of attack. So I am
      not sure how a review can say that defense is not covered when that is
      the thrust of this book. There are plenty of books that show you how
      to break in. This book clearly and explicitly explains the properties
      of a strong defense.

      Thanks for letting me write a response.

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... rslade@... slade@... p1@...
      I've got a PhD and no one listens. I take off my clothes off,
      and here you all are. - Briony Penn to the media, 20010123
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.