Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Securing the Network from Malicious Code", Douglas Schweitzer

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKSTNFMC.RVW 20030727 Securing the Network from Malicious Code , Douglas Schweitzer, 2002, 0-7645-4958-8, U$40.00/C$60.99/UK#29.95 %A Douglas Schweitzer
    Message 1 of 1 , Sep 3 9:12 AM
    • 0 Attachment
      BKSTNFMC.RVW 20030727

      "Securing the Network from Malicious Code", Douglas Schweitzer, 2002,
      0-7645-4958-8, U$40.00/C$60.99/UK#29.95
      %A Douglas Schweitzer
      %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
      %D 2002
      %G 0-7645-4958-8
      %I John Wiley & Sons, Inc.
      %O U$40.00/C$60.99/UK#29.95 416-236-4433 fax: 416-236-4448
      %O http://www.amazon.com/exec/obidos/ASIN/0764549588/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/0764549588/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/0764549588/robsladesin03-20
      %P 338 p.
      %T "Securing the Network from Malicious Code"

      While there is some basic information about viruses and trojans in
      this work, it isn't clear, good, particularly helpful, or easy to
      extract from the surrounding verbiage. What content is related to
      networks has very little to do with securing or protecting them from
      malware.

      Part one looks at threat analysis. Chapter one lists various types of
      problems that might possibly arise from the presence of malware.
      Generic statements about virus writers, with little judgment or
      backing, are made in chapter two. Programs related to malware are
      described in chapter three, although the examples and explanation are
      limited. Chapter four is a poorly structured and disorganized list of
      viruses, rife with artificial distinctions. (Two of the
      classifications are said to be "UNIX viruses" and "Linux viruses").
      There are some examples, but with poor analysis and interpretation.

      Part two talks about defence. "Fundamentals Needed for Digital
      Security," as chapter five is entitled, contains a random assortment
      of semi-technical topics which does not have enough detail or
      definition to be of much use in establishing protection. Haphazard
      net topics are reviewed in chapter six. Chapter seven lists various
      network applications, threats (such as stalking) that are not related
      to malware, and a list of ports used by trojans--but the directions on
      how to determine whether those ports are in use on your machine do not
      appear until the following chapter, along with some generic advice on
      policies and awareness training. Firewalls, antivirus software, and
      backups are outlined in chapter nine, but with terse and poor
      explanations. Server and application vulnerabilities are briefly
      discussed in chapter ten.

      Part three is supposed to look ahead. Chapter eleven has an
      unfocussed and sensationalist commentary on cyberterrorism. A grab
      bag of security topics is in chapter twelve.

      The text has numerous errors, but they are neither excessively
      abundant (in comparison to some of the other horrible examples extent)
      nor especially egregious. Saying that this work is "less bad" than
      the worst, though, is hardly a recommendation. The book is
      indifferent and slipshod (many of the entries in the glossary are very
      careless) and does not contribute to the body of malware literature.

      copyright Robert M. Slade, 2003 BKSTNFMC.RVW 20030727


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Nobody is talking about you behind your back. In fact, we are
      pretty much all agreed that you are starting to obsess about it.
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.