Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Security Warrior", Cyrus Peikari/Anton Chuvakin

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKSECWRR.RVW 20040509 Security Warrior , Cyrus Peikari/Anton Chuvakin, 2004, 0-596-00545-8, U$44.95/C$65.95 %A Cyrus Peikari %A Anton Chuvakin %C 103
    Message 1 of 1 , Jun 24, 2004
    • 0 Attachment
      BKSECWRR.RVW 20040509

      "Security Warrior", Cyrus Peikari/Anton Chuvakin, 2004, 0-596-00545-8,
      %A Cyrus Peikari
      %A Anton Chuvakin
      %C 103 Morris Street, Suite A, Sebastopol, CA 95472
      %D 2004
      %G 0-596-00545-8
      %I O'Reilly & Associates, Inc.
      %O U$44.95/C$65.95 800-998-9938 fax: 707-829-0104 nuts@...
      %O http://www.amazon.com/exec/obidos/ASIN/0596005458/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0596005458/robsladesin03-20
      %P 531 p.
      %T "Security Warrior"

      The preface isn't a really clear piece of writing, but does,
      eventually, get around to stating that the book focuses on security
      from an attack, rather than defence, perspective. I have, in numerous
      other reviews, pointed out the errors and limitations in this

      Part one deals with cracking software, primarily involved with
      breaking copy protection. Chapter one explains a few concepts about
      assembly language quite well, and then ends abruptly. Some Windows
      tools for reverse engineering are listed in chapter two, plus a couple
      of poorly explained examples. The material on reverse engineering in
      Linux is longer and more detailed, but still has very limited tutorial
      value, and is padded with extensive code listings of dubious worth.
      Chapter four is supposed to deal with reverse engineering for
      Windows CE, but contains an odd mix of CE operating system
      architecture, a partial list of ARM CPU opcodes, and a description of
      how to crack the registration code check in a program written solely
      to allow you to crack the registration code check embedded within it.
      Overflow attacks, in chapter five, explains buffer and other overflow
      conditions, and gives an example of a buffer overflow as a crack in
      another fake program.

      Part two presents information about networks. Chapter six is a rather
      unstructured overview of TCP/IP and a listing of some sniffing tools.
      (TCP is explained before IP itself, and the relationship of the
      various protocols in the suite is not discussed. A section on "covert
      channels" emphasizes a strange misuse of header fields, and then
      drifts into something like session hijacking.) Social engineering can
      be used in a variety of ways, so it is strange that chapter seven
      should be here rather than in the "Advanced Defence" of part four.
      The random content provided has little organization and a fair number
      of errors: the authors insist that social engineering attacks can be
      divided into active and passive types, but, by its nature, social
      engineering is almost entirely active. (The book does seem to tacitly
      admit this: there is a list of example "active" attacks, but no
      corresponding "passive" list.) Chapter eight mentions a few methods
      of reconnaissance with differing levels of detail. Some more advanced
      techniques for identifying the operating systems in chapter nine, but
      the particulars are similarly inconsistent.

      Part three lists attacks against specific platforms. The authors
      betray their lack of study once again in chapter eleven: UNIX is *not*
      "reborn from" MULTICS (although it was heavily influenced), and TCSEC
      (the Trusted Computer System Evaluation Criteria) is definitely *not*
      the Common Criteria. The various security related aspects, tools, and
      hardening of UNIX are not bad, but lack definition. The UNIX attacks
      listed in chapter twelve are good: ironically, because of the generic
      nature of the descriptions the examples are probably useful as a guide
      to defensive measures, rather than being outdated tricks. The Windows
      client attacks listed in chapter thirteen, because they are specific,
      have limited the material both in scope and utility. Chapter
      fourteen, listing Windows server attacks, notes some interesting
      security bugs in Server 2003 and other programs (and one bit on
      smartcards.) "SOAP XML Web Services Security," in chapter fifteen, is
      a long title for a short piece on XML digital signatures. "SQL
      Injection," in chapter sixteen, has some examples of malformed data
      attacks, and also points out the dangers of adding programming
      functionality to applications. As with social engineering, the tie to
      networks is thin, seemingly limited to the PHPNuke program. Some
      aspects of wireless antennae, sniffing, and a brief review of the
      weaknesses in WEP (Wired Equivalent Privacy) are in chapter seventeen.

      Part four looks at more advanced defence. Miscellaneous thoughts on
      logging are in chapter eighteen. Chapter nineteen has a confused
      explanation of intrusion detection systems (IDS). There is no mention
      of rule (or activity monitoring) based engines, signature based
      engines are said to be restricted to net-based IDS, different terms
      are used for anomaly detection engines on hosts versus networks, and
      there is a muddled attempt to tie Bayesian analysis to odd
      mathematical ratios of false positive (false rejection) and false
      negative (false acceptance) errors. The installation of a simple
      honeypot is described in chapter twenty (which probably *should* be in
      part two). There is a good initial outline of incident response in
      chapter twenty one, but it breaks down when getting into specifics.
      Forensics and antiforensics, in chapter twenty two, gives some
      background and tools for data recovery and obfuscation.

      It is ironic that the book starts out with a quotation from "The Code
      of the Samurai," stating that "[a]ll samurai ought certainly to apply
      themselves to the study of military science. But a bad use can be
      made of this study to puff oneself up and disparage one's colleagues
      by a lot of high-flown but incorrect arguments that only mislead the
      young ..." This assessment fits Peikari and Chuvakin's work almost
      perfectly. There is a lot of interesting information in this volume:
      if you have limited technical background in the fields examined, you
      will find that a quick perusal will provide you with some superficial
      familiarity with the topics. However, the uneven coverage ensures
      that the information is spectacular, rather than tutorial. The
      disjointed jumps from one subject to the next prove the technical
      erudition of the authors, but do not help the reader very much.

      copyright Robert M. Slade, 2004 BKSECWRR.RVW 20040509

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      My interest is in the future because I am going to spend the rest
      of my life there. - Charles F. Kettering (1876 - 1958)
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.