REVIEW: "Hack Attacks Denied", John Chirillo
- BKHKATDN.RVW 20031019
"Hack Attacks Denied", John Chirillo, 2003, 0-471-23283-1,
%A John Chirillo
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%I John Wiley & Sons, Inc.
%O U$50.00/C$77.50/UK#37.50 416-236-4433 fax: 416-236-4448
%P 689 p. + CD-ROM
%T "Hack Attacks Denied"
The introduction states that this book is a companion to "Hack Attacks
Revealed" and that the audience is everyone.
Part one is about securing ports and services. Chapter one,
describing common ports and services, recommends replacing TFTP with
Tiger FTP, which just happens to be written by the author. Eighteen
pages are helpfully devoted to reprinting the source code, just in
case you'd like to type it in for yourself. The level of security
information varies substantially: there is, for example, no mention of
the fact that TFTP has no real use in Windows, and that disabling it
is a very good idea. More detail is provided for UNIX than Windows,
and some items are helpful, but most are not. Concealed ports and
services, otherwise known as backdoors or trojans, are discussed in
chapter two. There is a fourteen page source code listing of a
crippled trojan, a catalogue of backdoor trojans, and mention of some
protective software. Chapter three is mostly about how to get other
information, although less space is devoted to the discovery of
countermeasures, and an awful lot of the content is of the "you might
be able to" variety.
Part two, which consists only of chapter four, is about intrusion
defence and safeguarding against penetration attacks, but, again, more
space is devoted to attacks than defence.
Part three is entitled "Tiger Team Secrets." Chapter five is a random
list of attacks, including various viruses. Some items, such as the
"reboot attack," make no sense as described. Seventy five attacks,
most of which have been recounted before, are in chapter six. The
countermeasures usually boil down to "protect against this," but are
short on how. Chapter seven finishes off with a guide for consultants
who want to write security policies (including an outline that bears a
striking resemblance to the CISSP CBK). Two sample "audits" are
given, along with a reprint of a twenty one page router log (with no
This book is not very revealing, and won't do much to deny access to
copyright Robert M. Slade, 2003 BKHKATDN.RVW 20031019
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
Strange game. The only winning move is not to play. - WOPR, Wargames
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade