Order from a Major Online Bookstore
Ultimate Book Price Comparison Engine
Save Your Time And Money
| AnyBook4Less.com | Order from a Major Online Bookstore |
|
| Home | Store List | FAQ | Contact Us | | ||
| Ultimate Book Price Comparison Engine Save Your Time And Money |
||
 |
Title: Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community by The Honeynet Project, Honeynet Project, Lance Spitzner, Bruce Schneier, The Honeynet Project ISBN: 0201746131 Publisher: Addison-Wesley Pub Co Pub. Date: 31 August, 2001 Format: Paperback Volumes: 1 List Price(USD): $39.99 |
Average Customer Rating: 4.05
Rating: 5
Summary: Sophisticated methods and countermeasures
Comment: The authors extensively document their honeypot project, which was designed to deflect attackers away from real systems and data assets by using decoys. The project evolved into something much more, which is chronicled in the book.
The first part of the book deals with technical issues and how and why the project was initiated. As the chronicle of the project proceeds the authors begin adding a new dimension to information security: psychological profiling. This is where the book becomes fascinating, and where reading the book becomes tedious.
The fascination stems from the methods used to identify, classify and profile their attackers. The tedium in reading the book is that you have to carefully read through logs of chats (Chapter 11, In their Own Words). This is not the stuff of casual reading - but is worth the time, effort and pain it takes to wade through this chapter.
Part of the tedium, aside from having to read raw (but annotated) logs is that profiling attackers requires an understanding of cultural issues, psychological motivations and risks associated with each attacker profile.
The accompanying CD ROM contains tools and supporting material for each of the chapters. The tools are the ones the project uses in building, maintaining, and using a Honeynet environment, and includes source code, precompiled binaries, and documentation. The supporting material consists of source code, network captures, and other information related to specific chapters.
The sophisticated profiling methods described his book are more suited for large corporations, organizations that support unpopular social causes (commercial and non-commercial) and targets of information warfare attacks. I personally believe that the book adds a new dimension to IT security, making it an important contribution to the security body of knowledge.
Rating: 5
Summary: Fascinating and intelligent. Everyone should read this book.
Comment: Nothing could stop me from writing a review about "Know Your Enemy" and I'll tell you why: It's no secret, most of us can't turn on a television or a radio these days without hearing the United States needs better intelligence, better tools and methods for spying on enemies so America can prepare for attacks before they strike. Well, the same holds true in the information age. More intelligence must be built around network security and computer systems. Lance Spitzner's new book, "Know Your Enemy" shows us how. When I started reading this book, I couldn't believe what I was hearing. A network of computers called a honeynet, designed as an everyday corporate network used to capture, analyze and control the flow of data in and out of the network for studying the motives, tactics, and tools of the blackhat community? Wow!!
"Know Your Enemy" walks us through building and managing our own honeynet's. A CD-ROM comes with the book with tools to get us started. I speak from experience when I tell you this book helped me during my honeynet build. It showed me ways to capture critical information, log that information, and alert me via pager and e-mail in real time. The book talks about methods used for capturing keystrokes, advanced data analysis, and ways by which to capture and control the data. There are chock full of real world scenario's directed at dealing with worms. As we read through the book we get the chance to view how systems are exploited and what made them vulnerable. Lance Spitzner takes us step-by-step through real world attacks initiated by real blackhats and crackers. Reading this book is like reading someone's diary from the beginning only the information is freely shared and extremely valuable. "Know Your Enemy" took me down the path I needed to go. It will take you to the next level of security everyone might want to strongly consider. One, that's more analytical and intelligent, one that teaches us to be more proactive. My favorite chapter in this book was "In Their Own Words". That chapter was over 100 pages of captured keystrokes between the blackhats that took over the honeynet and...well...you should get the book and read it for yourself. It's a trip.
Richard La Bella, MCSE, CCSE, CCNA
Rating: 5
Summary: Lance Spitzner "Know Your Enemy"
Comment: "Know Your Enemy" from the Honeynet Project...
team (led by Lance Spitzner) is an amazing account on adventures in computer
security. This superb book provides the summary of two years of the project
operation. Aimed to gather and analyze more information about malicious
hackers, the project provided security community with unique insights into
attacks, tricks, and even personalities of hackers. The network (now a
combination of networks in several places worldwide) was deployed for the
single purpose of being penetrated by remote attackers (or blackhats, as
they are called in the book). Their actions were then recorded, studied and
presented in this book and papers on the project web site
.... Real production systems (Linux, UNIX,
Windows) were deployed within the Honeynet.
Leveraging his military background, Lance Spitzner explains why it is
crucial to get first hand information on computer underground operations.
"Information is power" and in computer security there is a serious lack of
information about the adversaries. Most of the available information comes
as 'too little, too late' such as for a company that gets first-hand
knowledge of hackers right after seeing "u r 0wned" on their web site. And
even in this case other companies cannot learn from mistakes, since the
break-in will be kept as secret as possible.
The typical Honeynet break-in produces the following information. What
reconnaissance activity was performed by an attacker before the intrusion?
Which network service was exploited? What exact exploit string or buffer
overflow was used? What attacked did after getting access to the system? How
he or she retained access to the system? How did he or she use the system?
The answers are in the book!
In some of the attacks, the logs of IRC (Internet Relay Chat) conversations
between hackers were recorded. They reveal not only the technology, but also
some of the motivations of intruders. Some stories from the book border on
impossible, such as the case where the streaming video sent by hackers was
captured by the Honeynet team.
The book also provides full details on designing, building and
maintaining the honeynet, including the risks of running a honeynet. To
be more precise, they describe a Generation I honeynet, since now the
project has moved to more sophisticated security technology. The
project uses stringent standards for data control (preventing attacker
from causing trouble to third parties), data collection (recording
everything that happens on the network) and data collection
(aggregating attack data from several honeynets).
Overall, as Bruce Schneier said in the book's foreword: "Great stuff,
and it 's all real"
Anton Chuvakin, Ph.D. is a Senior Security Analyst with a major
information security company.
 |
Title: Hacking Exposed: Network Security Secrets & Solutions, Third Edition by Stuart McClure, Joel Scambray, George Kurtz ISBN: 0072193816 Publisher: McGraw-Hill Osborne Media Pub. Date: 26 September, 2001 List Price(USD): $49.99 |
 |
Title: The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick, William L. Simon ISBN: 0471237124 Publisher: John Wiley & Sons Pub. Date: 04 October, 2002 List Price(USD): $27.50 |
 |
Title: Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses by Ed Skoudis ISBN: 0130332739 Publisher: Prentice Hall PTR Pub. Date: 23 July, 2001 List Price(USD): $49.99 |
 |
Title: Honeypots: Tracking Hackers by Lance Spitzner ISBN: 0321108957 Publisher: Addison Wesley Professional Pub. Date: 10 September, 2002 List Price(USD): $44.99 |
 |
Title: Computer Forensics : Incident Response Essentials by Warren G. Kruse II, Jay G. Heiser ISBN: 0201707195 Publisher: Addison-Wesley Pub Co Pub. Date: 26 September, 2001 List Price(USD): $44.99 |
Thank you for visiting www.AnyBook4Less.com and enjoy your savings!
Copyright� 2001-2021 Send your comments
