Review By: Jon Duncan Hagar
07/09/2010

This is a one-stop book for people working on network and computer systems that are subject to security concerns. The authors start with basic approaches like footprinting and scanning. The book covers system, network, and software hacking. All major computing platforms are discussed with specific threats, styles of hacking, and solutions to prevent being hacked. Operating systems covered include Windows/NT (all flavors up to 2000), Unix, and Novell. Network systems addressed include PBX, Network devices (generalized), and firewalls.

Software attack approaches covered include denial of service attacks, remote control security vulnerabilities, Web hacking, hacking Internet users, and so-called advanced techniques. The book includes extensive appendices and pointers to online references. This is important, since hacking and computer systems are such dynamic environments that information must be constantly updated to remain current. Each of the above areas are major sections of the book.

Detailed topics are presented in each major section. The book's readability and usefulness as a reference are increased by the use of modularity and graphic margin symbols. An "attack icon" is used to highlight where the reader should focus. Attack icons are followed by countermeasure icons, notes, tips, and caution flags.

This highlighting saves time and "yellow markers" in the book. Each major attack strategy includes a numeric rating system detailing each of the following: popularity, simplicity, impacts, and risk ratings. The authors have obviously spent a great deal of time thinking about how to make the book useful, including extensive use of reviews and updates from the first edition. Finally, code snippets, graphics, screen shots, and examples are used to help readers understand topics.

The book should be used as a reference guide. For testers looking to establish security checklists or testing approaches, this book will provide the information you need. It is not directly written to be used by testers or quality people. But it gives an engineer the information and references needed to design security tests. Reading the book allows you to understand the enemy, so that you can establish both a good defense and offense.

While much of the information will always be valid, there is the issue that the topic is in the ever-changing landscape of cyberspace. The authors solve this by providing a Web site and online references.

According to the liner notes, this book is significantly updated from the first edition, with more than 200 new pages. The book is not a lightweight, totaling more than 700 pages, and it is written for people doing security work and programming. The book is not aimed at areas like government security concerns or security rating systems, though people working with government, telecom, Internet, or like systems will benefit from the book. It might have been nice if the authors had included information more directly about security testing and test implementation.