View Review Details
| Book: | Security Warrior | |
| Subject: | NLUG: Book Review - Security Warrior by Cyrus Peikari & Anton Chuvakin | |
| Date: | 2004-12-16 05:42:55 | |
| From: | James Ko, CISSP | |
|
Rating:
 
I enjoyed reading the Assembler and the reverse engineering section of the book. I didn't realize there are so many variants of x86 Assemblers. I thought it was brilliant to use the CD organizer as an analogy to program stack to explain the buffer overflow problem, The little HackMe challenge dramatizes the whole buffer overflow issue. It really sticks into reader's mind about how vulnerable our software industry stands today. However, I feel it fall short on the networking section, where the authors could have spent more time on explaining these evil hacking tools. There were no examples on how to use hping, for example. As far as I know, there are lot more evil packet injection tools out there worth mentioning, such as Nemesis, libnet, hping and packit. I was somewhat disappointed given that the authors said in the beginning (preface)this is an advanced security book that I would expect more on the networking side. However, on the positive note, the Log Analysis section is very valuable to system administrators because it provides a lot of good information. There is not a lot of literature out there spend time on explaining what log is, or what is being captured. In fact, log analysis is gaining popularity because it is used for security forensics where security professional tries to piece the evidence together. All in all, this is a very useful book for those who wants to have a survey of what is involved in the field of security incident handlers and/or intrusion detection.
|
||
