REVIEW: "Hackers Beware", Eric Cole
- BKHKRBWR.RVW 20010829
"Hackers Beware", Eric Cole, 2001, 0-7357-1009-0,
%A Eric Cole www.securityhaven.com eric@...
%C 201 W. 103rd Street, Indianapolis, IN 46290
%I Macmillan Computer Publishing (MCP)
%O U$45.00/C$67.95/UK#34.99 800-858-7674 317-581-3743 info@...
%P 778 p.
%T "Hackers Beware: Defending Your Network from the Wiley Hacker"
It is difficult to maintain confidence in a book that, within six
sentences of the opening of the first chapter, misspells the word
"brakes." We are told that two developmental editors, two copy
editors, two proofreaders, and no less than five technical reviewers
had at this work. Did any of them pay attention to what they were
Chapter one basically states that dangers are out there, security is
bad, and companies should be concentrating on prevention, detection,
and education. Cole also nudges at the "hacking for protection"
theory, without ever really examining it. A brief but reasonable list
of security breaking activities is given in chapter two. Various
steps and tools involved in gathering information about a network
connected to the Internet are described in chapter three.
Unfortunately, this explanation, while helpful to a potential
attacker, has no utility for the defender: almost all of the data
discussed must be publicly available for the network to function, and
so there are no means of blocking this level of access. Spoofing, or
masquerading, is dealt with in chapter four, but again, while some
protective measures are provided, much more time is spent on the
disease than the cure. After twenty six pages of telling you how to
hijack sessions, including the best programs to use and how to operate
them, chapter five gives us two pages of simplistic advice (avoid
remote connections) on protection. Chapter six lists a number of
common denial of service attacks and, while it does devote a lot of
ink to describing the exploits, the material is reasonably balanced,
and the suggested defensive measures realistic. Chapter seven
requires almost forty pages to tell us that buffer overflows are not
good, and you should apply software patches. Password security is
very important, but the material in chapter eight is vague,
disorganized, and has relatively little to say about good password
choice. (Chapters nine and ten describe some NT and UNIX password
cracking programs.) The examination of background fundamentals of NT,
in chapter eleven, is a terse and unfocused grab bag of information.
The analysis It would be of little help in explaining the specific
attack programs listed in chapter twelve, a number of which rely on
particular applications. The same relation is true of chapters
thirteen and fourteen, relating to UNIX. A number of backdoor and
remote access trojan programs are described in chapter fifteen.
Chapter sixteen discusses log files, and lists some programs for
generating spurious network traffic in order to hide attacks. Some
random exploits are listed in chapter seventeen, and a few more in
eighteen. An attempt is made to combine various attacks into
scenarios, in chapter nineteen, but these do not add anything to the
material already provided. Chapter twenty is the usual vague look to
This book takes the all-too-common approach of assuming that teaching
you how to break into systems will help you to protect them. The work
also amply demonstrates the fallacy of that argument. While the
harried systems administrator spends several hours coming to grips
with the minutiae of the attacks described, the vast majority of the
exploits listed can be countered simply by ensuring that software
patches are up to date. In addition, while dozens of loopholes are
listed in these pages, thousands more exist that are not covered. The
material contained in these pages may be entertaining, but it is of
far more use to the attacker than to the defender. This would be
upsetting, were it not for the fact that most of the exploits
described are old and not likely to remain unpatched if administrators
are keeping up to date. (Of course, many small outfits can't commit a
lot of resources to keeping up to date ...)
For security specialists, this volume provides nothing that can't be
found elsewhere. For non-specialists, it fails to supply a security
framework and strategy within which to work.
copyright Robert M. Slade, 2001 BKHKRBWR.RVW 20010829
As usual, a draft has been sent to the author. He has requested that
this response be included, unedited:
First allow me to say thank you for taking the time to review the book
as criticisms are as crucial as praise. We take your feedback
seriously. That being said, let me see if I might speak to some of
your discussions on "Hackers Beware".
When you buy "Hackers Beware", you buy it for the technical content.
While we maintain that this faction of the book is air-tight and well-
supported, we also admit that we could and should have done a better
job with edits on spelling and grammar. While we admit that
shortcoming, we also ask that you look at the eleven reviews posted on
Amazon, praising the technical content of my book and earning it FIVE-
The book starts opens with some introductory material but does that
for a reason. Much of the security information that companies need to
protect their site is straightforward. Yet companies systems are still
hacked into with a growing frequency because they fail to understand
how to build a proper defense. So my book aims to ensure that everyone
is well, if not over-educated on DEFENSE.
There are many books on hacking but what makes this book different is
its emphasis on defense. Yes, you need to understand how the enemy
breaks into systems, so you can build better defenses. Every section
has an area on how to defend against a certain type of attack. So I am
not sure how a review can say that defense is not covered when that is
the thrust of this book. There are plenty of books that show you how
to break in. This book clearly and explicitly explains the properties
of a strong defense.
Thanks for letting me write a response.
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... rslade@... slade@... p1@...
I've got a PhD and no one listens. I take off my clothes off,
and here you all are. - Briony Penn to the media, 20010123
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade