Book Review: "Halting the Hacker: A Practical Guide to Computer Security, 2/e"

[InfoSec News <isn () c4i org>]

Forwarded from: "Berislav Kucan" <berislav () globalnet hr>

Here is the review of the HP's Donald L. Pipkin book Halting The
Hacker. Next week we will have three of these books to give away and
an interview with the author, so if you are interested, browse
through the site around Tuesday/Wednesday.


============================

Halting the Hacker: A Practical Guide to Computer Security, 2/e
by Aleksandar Stancin - Monday, 13 January 2003. 
http://www.net-security.org/review.php?id=21

Author: Donald L. Pipkin
Pages: 384 
Publisher: Prentice Hall PTR 
ISBN: 0130464163

[http://www.amazon.com/exec/obidos/ASIN/0130464163/c4iorg  - WK]

Available for download is chapter 8 entitled "Limiting Access".

Again, the issue of hacking is brought to my reading attention. A lot
has been said on that subject during the years, both right and wrong,
by various authors, from experts to media journalists. For the most
part, the actual act of attack against the system, or a security
breach got minor attention, versus the dollar value of damage and the
level of publicity the attacker got, stepping into the spotlight.
Technical literature exists, and more than plenty books are there on
computer security, for various levels and instances, from guides to
complex studies. But, only a few books deal with every aspect of
hacking. I don't know about you, but I find it interesting to find
all these information and facts in one place, and possibly well
presented.

About the author

'Halting the hacker' is written by Donald L. Pipkin, CISSP, an
Information Security Architect for the Internet Security Division at
HP, with expertise in the fields of security policy, procedures and
intrusion response. His field of expertise, as long with his long
term experience in the subject should guarantee that this book is
worth your while. Let's see if that is the case.

Inside the book

Halting the hacker is made out of four major parts, each consisting
of relevant chapters, spreading on some 340 pages of printed
material. The first part of the book, aptly named 'Understanding
hackers' deals with hackers, and all terms usually associated with
them. Kind of an insight into the mind of an average hacker. The
author does not make the same mistake as many others, misusing the
term hacker/cracker. He clearly makes the distinction between them,
but also emphasizes that both terms usually involve illegal
activities, punishable by law. You'll learn what motivates an average
attacker, how they can be classified, what exactly, and more
importantly, how they do what they do. An excellent part of the book,
that actually deals with hacking from a sociological point of view,
rather than just computer security. This is very interesting reading
material for those unfamiliar with hacking. Books with this kind of
an approach can be counted on the fingers of one hand. Good work, I
must say.

Now, the following part of the book occupies a somewhat bigger part,
named 'The hacking process'. In the previous chapter you read all
about hackers, how and why they do what they do. Here, you'll dwell
much further into the matter how they do it. All topics are covered
here, from social engineering vital to the process of gathering
information, through gaining access to elevating privileges;
everything every hacker/cracker wants and has to do when accessing a
system. This is an excellent chapter for everybody into security, as
it will clearly tell them what they're up against when dealing with
hacking, and to see how it's done. The things you need to know, in
order to successfully confront the attacker, are all here. This is
necessary reading material.

The third part of the book deals more with legal issues, hence its
name 'Legal recourse'. More information is shed on terms of computer
crimes, from intellectual property to traditional offences. Some help
with legal prosecution is also deal with, as well as possible
obstacles for legal prosecution, and tips for improving prosecution.
Not much of a technical chapter, but more just legal titbits. Fair
enough.

The fourth part proudly carries the name of the book, 'Halting the
hacker'. As you can assume by now, what remains is the defense
strategy when everything else has been covered. And that is exactly
what this part is all about. From necessary preparations, in terms
what to protect, from who, and how to protect it, to the revision of
the incident. Various security testing have been mentioned and
explained, as well as the problems that occur even during the
installation, in terms of needed software/services vs. those not
necessary. To sum it up, various proactive and reactive security
measures are discussed here.

The CD-ROM

Of course, there's a convenient glossary of the terms used in the
book, as well as the index, and a nifty accompanying CD-ROM. The
CD-ROM contains several useful tools, both for Linux and HP-UX,
various information archive, an RFC archive, useful links to web
pages and Usenet forums, and various mailing lists. The contents are
neatly and simply presented in a HMTL form, accessible via any
browser you may have on the system. Clear and functional.

My 0.02 euros

Version for the impatient: excellent book, go get it and read it. 

For the rest of you that actually got this far, and are still
interested into reading my opinion, I salute you. Well, you've
probably noticed the line above, where I claim it to be an excellent
book, so let me elaborate on that one.

Why am I thrilled with the book? Well, aside it's pure technical
value as a practical guide to computer security, dealing with Linux
and HP-UX, which it does very well; I just love the sociological part
about hacking. Like I said, not many books cover a lot, or any at
all, and this one does, pretty good and satisfying. It will bring you
a bit closer to the hacker's mind and maybe explain how it functions,
therefore allowing yourself to prepare better for possible attacks
and countermeasures. It helps a lot if you fully understand what
you're up against here. 

Of course, it does not reveal anything new, unknown or anything that
you couldn't have read before on the Internet or other books, but
here is stacked on one place, and written pretty objectively and
correct. So much for that part of the book.

The technical part of the book, meaning attacks and defenses, is
written flawlessly, easy to follow. Sure, it's mostly things you
probably know to some extent, only here compiled into one place for
your convenience, providing you're on some intermediate level with
your security knowledge. If you're new to it, you'll find it pretty
much revealing and fascinating. A great start to be further expanded.
Don't let it's number of pages or it's relative thinness fool you
into thinking it does not offer much. It does. Great work. 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.