Order from a Major Online Bookstore
Ultimate Book Price Comparison Engine
Save Your Time And Money
| AnyBook4Less.com | Order from a Major Online Bookstore |
|
| Home | Store List | FAQ | Contact Us | | ||
| Ultimate Book Price Comparison Engine Save Your Time And Money |
||
 |
Title: Hacking Exposed: Network Security Secrets & Solutions, Third Edition by Stuart McClure, Joel Scambray, George Kurtz ISBN: 0072193816 Publisher: McGraw-Hill Osborne Media Pub. Date: 26 September, 2001 Format: Paperback Volumes: 1 List Price(USD): $49.99 |
Average Customer Rating: 4.33
Rating: 5
Summary: This is the book to use for penetration testing and analysis
Comment: Hardly a week goes by that CNN does not report a high-profile Web site being defiled or an e-commerce site being penetrated. While most people know why these incidents occurred, Hacking Exposed explains how they occurred and, more important, how to prevent them from occurring.
The cover of Hacking Exposed announces that "Network security is Y2K without the deadline." That alarmist statement, however, is the only hype in the book. The work is packed with real-world examples and links to tools needed to assess the security of any type of client/server and Web system. As they detail the myriad vulnerabilities in different types of systems, the authors provide countermeasures for each of them.
Well organized, the book progresses in an orderly fashion. It methodically goes through the process of exploiting a target to penetrate a system--from identification and enumeration to actual penetration. The authors provide detailed instructions and explanations for many security features and flaws in Unix, Linux, Windows, NetWare, routers, firewalls, and more. Topics covered include state-of-the-art computer and network penetration, as viewed by both the attacker and the defender; remote system identification; vulnerability identification; war dialers; firewall circumvention; and denial-of-service attacks. An appendix explores the security characteristics of Windows 2000.
Some may argue that books such as this one only serve to motivate and educate hackers. The truth is that hackers are already aware of the book's contents. This book is designed for system administrators and managers who need to know their systems' risks and vulnerabilities and how to address them. When they are done with this book, system administrators and managers will be familiar with such critical topics as back channels, port redirection, banner grabbing, and buffer overflows. Hacking Exposed is a must-read for anyone who wants to know what is really happening on their network....
Rating: 5
Summary: As good as the previous HE books
Comment: "Hacking Exposed" series grew from a relative unknown to one of the most famous information security books of all times. The interesting part about it is that its reputation is largely deserved.
The fourth edition presents an incremental improvement over the previous ones. Considering that the previous books were great, it is no mean feat! Its is a pity that the book lacks "What's New" section, which would be useful for those familiar with the series.
As usual, the book offers balanced platform coverage (UNIX, Windows, Novell) and follows the same winning paradigm (from scanning to owning the system). The above is obvious since the same author crew from Foundstone is behind the book. The book is somewhat biased towards the attacker side, just as the title promises. Among new sections are wireless security, web hacking and attacking clients (such as web browsers) by malicious servers. The latter section presents some interesting tips on attacking over email, web browser (via ActiveX and other malicious technologies), IRC, etc.
Overall, if you own the 3rd edition, there is some motivation to go grab this one. However, if you haven't read "Hacking Exposed" yet, run to the store to get your copy if you are involved with network or system security in any role. For novices the book will server as a useful introduction to security and hacking, for intermediate readers the book will bring new tools and techniques and will serve as a useful refresher for experts. Companion website hackingexposed.com has the books' table of contents and some other material.
Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major information security company. His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
Rating: 4
Summary: Time to reposition the "Hacking Exposed" series?
Comment: I am a senior engineer for network security operations. I've read and reviewed every edition of the "Hacking Exposed" series since the 1999 original. "Hacking Exposed" is a winner; the authors' powerful example-driven style teaches the tools and tactics of vulnerability assessment and penetration testing. Nevertheless, I've compared this third edition to its "Hacking Linux" and "Hacking Windows 2000" cousins, and I believe the authors should rethink their goals for the "Hacking Exposed" series.
"Hacking Exposed, Third Edition" (HE:3E) describes techniques to attack and defend a wide variety of network assets: Microsoft products (9x, ME, NT, 2000, XP), UNIX variants, Novell's NOS, routers, PBXs, firewalls, and so on. Weaknesses in individual applications are explained, with attention given to remote control tools (VNC, Windows Terminal Server, PCAnywhere), Web technologies (IIS, ColdFusion, ActiveX, Java), and file sharing/chat systems (Napster, IRC). Readers are unlikely to find so many topics given fairly thorough coverage in a single volume.
Unfortunately, at 727 pages, HE:3E has gained too much weight. The 1999 first edition offered 484 pages, and the 2001 (yes, 2001) second edition gave 703 pages. While the authors should be credited for not simply copying and pasting material from their 2001 edition of "Hacking Exposed: Windows 2000," many of the same topics appear in both books. Furthermore, some subjects are redundantly described within HE:3E. For example, why rehash port redirection and rootkits in chapter 14 when they were adequately covered in earlier sections?
I strongly recommend the authors remove the UNIX- and Windows-specific material from a future fourth edition of "Hacking Exposed," directing readers to "Hacking Linux" and "Hacking Windows" when necessary. The authors should briefly describe general UNIX and Windows vulnerabilities in "HE:4E," and devote most of the book to their methodology and systems not covered in other books. This overhaul will give the authors a chance to remove some dated material from "Hacking Exposed," like a reference to ISS RealSecure v3.0 (6.0 is now in use).
I recommend readers who have not read previous "Hacking Exposed" titles buy this book. Despite my concerns, I still learned something new (wireless issues, format string vulnerabilities) and re-acquainted myself with material mentioned in earlier editions (RIP spoofing, enumeration techniques). If you've read "Hacking Exposed, Second Edition," wait for a revamped fourth edition.
(Disclaimer: I received a free review copy from the publisher.)
 |
Title: Hacking Exposed Windows 2000 by Joel Scambray, Stuart McClure ISBN: 0072192623 Publisher: McGraw-Hill Osborne Media Pub. Date: 29 August, 2001 List Price(USD): $49.99 |
 |
Title: Anti-Hacker Tool Kit by Keith J. Jones, Mike Shema, Bradley C. Johnson ISBN: 0072222824 Publisher: McGraw-Hill Osborne Media Pub. Date: 25 June, 2002 List Price(USD): $59.99 |
 |
Title: Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses by Ed Skoudis ISBN: 0130332739 Publisher: Prentice Hall PTR Pub. Date: 23 July, 2001 List Price(USD): $49.99 |
 |
Title: Hacking Exposed (TM) Web Applications by Joel Scambray, Mike Shema ISBN: 007222438X Publisher: McGraw-Hill Osborne Media Pub. Date: 19 June, 2002 List Price(USD): $49.99 |
 |
Title: Hacking Exposed Linux, 2nd Edition by Brian Hatch, James Lee ISBN: 0072225645 Publisher: McGraw-Hill Osborne Media Pub. Date: 04 December, 2002 List Price(USD): $49.99 |
Thank you for visiting www.AnyBook4Less.com and enjoy your savings!
Copyright� 2001-2021 Send your comments
