Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Defend I.T.", Ajay Gupta/Scott Laliberte

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKDFNDIT.RVW 20040623 Defend I.T. , Ajay Gupta/Scott Laliberte, 2004, 0-321-19767-4, U$34.99/C$49.99 %A Ajay Gupta %A Scott Laliberte %C P.O. Box 520,
    Message 1 of 1 , Jul 22, 2004
    • 0 Attachment
      BKDFNDIT.RVW 20040623

      "Defend I.T.", Ajay Gupta/Scott Laliberte, 2004, 0-321-19767-4,
      U$34.99/C$49.99
      %A Ajay Gupta
      %A Scott Laliberte
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 2004
      %G 0-321-19767-4
      %I Addison-Wesley Publishing Co.
      %O U$34.99/C$49.99 800-822-6339 Fax: 617-944-7273 bkexpress@...
      %O http://www.amazon.com/exec/obidos/ASIN/0321197674/robsladesinterne
      http://www.amazon.co.uk/exec/obidos/ASIN/0321197674/robsladesinte-21
      %O http://www.amazon.ca/exec/obidos/ASIN/0321197674/robsladesin03-20
      %P 349 p.
      %T "Defend I.T.: Security by Example"

      The preface states that this collection of (sixteen) "case studies" is
      intended to explain the security profession. This seems to be a bit
      of a challenge since not all security work involves "cases."

      Part one is entitled "Basic Hacking." Chapter one describes the
      process of enumerating a network with nmap and other tools. There is
      lots of information about blackhat activity in this regard, but
      nothing on defending IT and nothing on what security professionals do.
      Chapter two, however, actually does deal with security work in
      describing forensics and the importance of logs and auditing when
      dealing with intrusions and attacks over trusted links. Unlike the
      conceptual discussion in chapter two, chapter three's packet dump
      listings are not explained in terms of the evidence that would
      indicate a DDoS (Distributed Denial of Service) attack.

      Part two's emphasis seems to be on how "current methods" of security
      are insufficient for most companies. Chapter four follows the
      security assessment of a new wireless network, although not quite the
      system design process promised at the beginning. A virus infection
      (except that Sadmind is a worm) is used to demonstrate the need for
      patching and scanning, in chapter five. A worm infection is used, in
      chapter six, to prove the need for incident response. (There is
      significant misleading information: the user actions described would
      not start a worm, and virus scanning of email would not prevent it.)
      Chapter seven looks at a web defacement indicating the need for clear
      contracts and understandings in penetration tests.

      Part three reviews additional items. Chapter eight deals with the
      selection of an IDS (Intrusion Detection System), but could be a
      general model for any security acquisition. While a company's ad hoc
      recovery from disaster is exciting, chapter nine does not clearly make
      the case for business continuity planning. Policy is vital to
      security, but chapter ten does not effectively demonstrate either the
      centrality or the process. Chapter eleven could have had the
      requirements of HIPAA (Health Insurance Portability and Accountability
      Act) point out the need for re-assessment under changing legislation,
      but didn't.

      Part four nominally reviews old stuff. Unfortunately, it returns to
      the pattern of chapter one, concentrating on the attack aspects and
      limiting the discussion of defence. Chapter twelve looks at war
      dialling and says very little about the countermeasures: thirteen is
      even worse in dealing with social engineering.

      Part four covers aspects of computer forensics. Supposedly about
      industrial espionage, fraud, and a really clumsy attempt at extortion,
      chapters fourteen to sixteen actually just recycle the usual material
      on data recovery and chain of custody.

      A "conclusion" attempts to fill in the holes that this book leaves in
      dealing with other areas of security.

      The division of the book into parts seems quite arbitrary and
      artificial. The groups of chapters do seem to have vague themes, but
      they are tenuous at best.

      Overall, the book must be said to have gone some ways towards
      fulfilling its goal of explaining what the security profession is
      about. Not the whole way: there are serious gaps in the coverage, and
      someone getting a picture of a security career from this book alone
      would receive a fairly skewed image. But the book does present some
      interesting aspects of the field in a (mostly) readable form. There
      are any number of books that present a more misleading image.

      copyright Robert M. Slade, 2004 BKDFNDIT.RVW 20040623


      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      A man is called a good fellow for doing things which, if done by
      a woman, would land her in a lunatic asylum. - H.L. Mencken
      http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
    Your message has been successfully submitted and would be delivered to recipients shortly.