Order from a Major Online Bookstore
Ultimate Book Price Comparison Engine
Save Your Time And Money
| AnyBook4Less.com | Order from a Major Online Bookstore |
|
| Home | Store List | FAQ | Contact Us | | ||
| Ultimate Book Price Comparison Engine Save Your Time And Money |
||
 |
Title: Defend I.T.: Security by Example by Ajay Gupta, Scott Laliberte, Addison-Wesley ISBN: 0-321-19767-4 Publisher: Addison-Wesley Professional Pub. Date: 19 May, 2004 Format: Paperback Volumes: 1 List Price(USD): $34.99 |
Average Customer Rating: 4 (2 reviews)
Rating: 4
Summary: Fun and enlightening security read
Comment: Defend IT book review
I was not a major fan of the author's previous book "Hack I.T.', thus I was a bit skeptical about this one. However, this book delivers! It reminded me of "Hackers Challenge" 1 & 2 books (which I loved it), because the information in the book is structure around the realistic (or maybe even real) cases, illustrating various security aspects.
The stories in the book cover a wide range of issues: from building a secure network from small business all the way to social engineering. Worm/virus infections, wireless security assessments, web applications, forensic investigation, security policy issues, DR and BCP, picking the right NIDS all find their place in the book. Especially, I loved the way they approached a usually boring subject of creating and implementing a security policy and DR planning. The policy case describes everything from 'why you need a policy' to security awareness and compliance verification. Executive fraud case was also lots of fun to read.
Also, this is the first security book I've seen that explicitly mentions regulations and compliance issues. I liked their take on 'HIPAA in plain English.' Another great item were various response flowcharts for virus infection, attacks, etc.
On the downside, the book does contain some technical errors. I would have discounted them as typos, but they look like the actual hands-on skills of the authors are getting rusty in some areas ('tcpdump', 'nmap', etc).
In any case, the book's value lies more in the approach to explaining security, rather than in teaching all the 'nmap's command line options. The cases are detailed enough to engross the reader and I was sometimes wondering 'how it will end', like I would with a good fiction book. This book is both fun and enlightening.
To conclude, while there is no substitute for actually experiencing the things covered in the book, reading about it will help aspiring and actual infosec pros.
Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
Rating: 4
Summary: Ideal for the security technician
Comment: This is not a book for the technically feint of heart. It starts out with almost no introduction at all into mapping target networks with nmap and never stops for a breath. There is a reasonable amount of explanation, but the heart of the book is in demonstrating hacking techniques at the system and command line level. Graphics are used well to smooth over some of the more difficult topics, which is why I gave the book four stars.
The majority of the book, the first four parts, is dedicated to a command level explanation of various types of exploits, largely in the Unix environment. The last part of the book covers the social and legal aspects of hacking and the security response to hacking.
This is reasonably short (~300 pages) book that gets to the point quickly and doesn't spend a lot of time on exposition. I would recommend it for Unix systems administrators and security professionals looking to round out their understanding of both the threat and strategies to cope with those threats.
Thank you for visiting www.AnyBook4Less.com and enjoy your savings!
Copyright� 2001-2021 Send your comments
