Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Internet Denial of Service", Jelena Mirkovic et al

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Han
    BKNTRDOS.RVW 20080420 Internet Denial of Service , Jelena Mirkovic et al, 2005, 0-13-147573-8, U$39.99/C$57.99 %A Jelena Mirkovic %A Sven Dietrich %A
    Message 1 of 1 , Jul 31, 2008
      BKNTRDOS.RVW 20080420

      "Internet Denial of Service", Jelena Mirkovic et al, 2005,
      0-13-147573-8, U$39.99/C$57.99
      %A Jelena Mirkovic
      %A Sven Dietrich
      %A David Dittrich dittrich@...
      %A Peter Reiher
      %C One Lake St., Upper Saddle River, NJ 07458
      %D 2005
      %G 0-13-147573-8
      %I Prentice Hall
      %O U$39.99/C$57.99 800-576-3800 416-293-3621 201-236-7139
      %O http://www.amazon.com/exec/obidos/ASIN/0131475738/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0131475738/robsladesin03-20
      %O Audience i+ Tech 2 Writing 2 (see revfaq.htm for explanation)
      %P 372 p.
      %T "Internet Denial of Service: Attack and Defense Mechanisms"

      Chapter one is an introduction to the book itself, rather than the
      topic, asserting that the work is intended for an audience of system
      administrators, corporate managers, and those dealing with public
      policy. The topic is defined in chapter two, which notes that denial
      of service (DoS) is not like other security risks where intrusion or
      use (or misuse) of resources is the aim, but prevention of the
      legitimate use of a system. Much of the material concentrates on
      distributed denial of service (DDoS), and the text mentions the
      inherent risk of DoS where a service is being provided. The structure
      and logical flow of the content is not always obvious, but the
      information is reasonably clear and readable. The history of DoS
      attacks, starting with the early, simple assaults intended to gain
      status and notoriety and progressing through to the recent complex and
      financially motivated offensives, is covered in chapter three. There
      is discussion of the fact that the structure of the Internet works
      against many protective measures and hinders efforts to collect
      digital forensic evidence. Chapter four examines the process,
      technology, and tools of DDoS attacks.

      Defence is contemplated in chapter five, along with the intrinsic
      difficulty presented by the need for availability, the possibility of
      attacking either the computer-based service or the network-based
      communications, and a poor authentication and tracking infrastructure.
      The deliberation does note that defence can be attempted in many
      layers, from secure application development to overt reaction. A
      detailed analysis of some defensive approaches is provided in chapter
      six, which assessment is also valuable in terms of business continuity
      planning. Chapter seven has a listing and review of various research
      projects on defence. Legal issues are catalogued in chapter eight:
      most of the content is general, but there is a fair amount that is
      specific to the United States. Chapter nine summarizes major points,
      and speculates on future trends.

      This is a thorough overview of a topic that is covered poorly, if at
      all, in most of the security literature. Availability has come very
      late to add depth to the C-I-A (Confidentiality, Integrity,
      Availability) triad, and therefore DoS attacks are still misunderstood
      as mere nuisance. The problem is growing, and this material should be
      of greater interest to those charged with protecting both corporate
      assets and the public infrastructure.

      copyright Robert M. Slade, 2008 BKNTRDOS.RVW 20080420

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      Attempt the end, and never stand to doubt; Nothing's so hard, but
      search will find it out. - Robert Herrick
      victoria.tc.ca/techrev/rms.htm blogs.securiteam.com/index.php/archives/author/p1/
    Your message has been successfully submitted and would be delivered to recipients shortly.