Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit, Second Edition |
|
|
|
| Title: | Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit, Second Edition |
| Author: | John Chirillo |
| Publisher: | Wiley [Website] |
| Type: | Book / Paperback |
| Publication Date: | 21 August, 2002 |
| ISBN / ISBN-13: | 0471232823 / 9780471232827 |
| List Price: | $60.00 |
| You Save: | $50.01 |
| Amazon Price: | $9.99 (via Amazon marketplace seller) |
|
| |
The HTML code below can be pasted onto your web-site, your MySpace page, or blog - or any number of similar places - to create a link to this page:
If, instead of a text link, you'd like to create a link to this page which will display the book cover, if it's available, then the code below will do exactly that:
Check for the same book at these other US book sites:
• [ Abebooks ]
• [ Alibris ]
• [ Barnes & Noble ]
• [ Half.com ]
• [ Powells ]
… or check UK bookstores
|
Editorial Review / Publisher's Information:
Product Description
The much-anticipated second edition of the bestselling book that details network security through the hacker's eye
Since the first edition of Hack Attacks Revealed was published, many new attacks have been made on all operating systems, including UNIX, Windows XP, Mac OS, and Linux, and on firewalls, proxies, and gateways. Security expert John Chirillo is ready to tackle these attacks with you again. He has packed the Second Edition of his all-in-one reference with forty percent new material.
In this fascinating new edition, you'll discover:
* The hacker's perspective on security holes in UNIX, Linux, and Windows networks
* Over 170 new vulnerabilities and exploits
* Advanced discovery techniques
* A crash course in C for compiling hacker tools and vulnerability scanners
* The top seventy-five hack attacks for UNIX and Windows
* Malicious code coverage of Myparty, Goner, Sircam, BadTrans, Nimda, Code Red I/II, and many more
* TigerSuite Professional 3.5 (full suite single license)
|
Other Items You May Enjoy:
Browse Books From These Related Subjects:
Customer Reviews:
• Doesn't Deliver What It Promises...
11 July, 2003
Reviewed: Hack Attacks Revealed, 2nd Edition, 2002I must say I am thoroughly disappointed with this book. The book's description, as well as other readers' comments led me to believe that this book would have been more than just a compilation of information that could be freely obtained at the dozens of security related web sites. Sadly, this was not the case.The bulk of the book merely describes (mostly outdated) common attacks/vulnerabilities, without getting into much detail why they exist and the underlying explanations on how they are exploited. As such the book reads like "For Vulnerability X, Install patch Y" without getting into more detail. Heck, even Microsoft's Security Bulletins give more info that this!Many of the "75 Top Hack Attacks" that the book promises can be freely found online (check CERT's site).The general impression I get from reading this book is that the author tried his best to fill up space in order to deliver an impressively thick book. Was it a requirement that he include SCREENSHOTS of various hacking tools/trojans, including step-by-step INSTALL SCREENSHOTS for the included TigerSuite software? (If you don't know how to install software then you need to develop more skills before learning about hacking!). Did he HAVE to include the useless 10 year old 'how to build a modem filter' BBS textfile (which by the way doesn't filter noise on modern modems)? Did the publisher mandate that he include 9 PAGES of Decimal-to-Hex conversion tables when you could use, say, Windows Calculator to do any needed conversions?Another thing I disliked was that Windows XP as well as Wireless networks (802.11/WEP were glossed over) were not really covered in the sort of detail that I desired.And, although I appreciate that a basic understanding of the x86 instruction set is required for better understanding low level security issues, I really don't see the point to Chapter 13's discussion on programming "How to Draw Circles in DOS mode" using the VESA bios interface. This is, in my opinion, not relevant considering the book's topic, so why include it? (A better choice would be explaining how the stack is used in high level languages (C, C++) and how buffer overrun hacks work). If you want to learn C, Assembly, or graphics programming buy a book dedicated to these topics. I think it's safe to say that the average reader will NOT become a programmer after reading the "Crash course in C" - it's an unreaslistic expectation.And to top it all off, the final insult to readers is the interruption of the author's hacking experience "Intuitive Intermission" with the phrase "... to be continued in: Hack Attacks Denied, 2nd Edition". I guess both the author and publisher want you to buy both books!My chief complaint with the book is that it doesn't seem to know who the reader is. In some areas the author gets down-and-dirty technical (x86 assembly/C programming) while in others he doesn't really explain details or just mentions things in passing (case in point: nowhere does he explain workings of a typical buffer overrun exploit, etc). Also, the author really does not give advice on how to secure or harden systems, aside from "install the update patch". For a book whose focus is security/hacking that's a pretty fatal flaw.Like I said earlier, this book really seems to me like the author just threw any material that he could find that was remotely related to hacking and presto, one hacking book ready to ship!If you are new to either the computer or security-related fields then perhaps this book may be of some value to you. If you are not an absolute beginner and know how to search the web, then I'd say that you probably don't need this book. Even if you do buy this book, it, like any security related book, will become technically obsolete as new software/exploits/patches are found.Quote: (under "Who should read this book?")"The hacking enthusiast and admirer of such films as Sneakers, The Matrix, Hackers, and Swordfish"If you still need another reason not to purchase this book, the above quote says it all!
- Amazon Customer Review
• Expert Knowledge On Hacking Techniques
10 February, 2005
John Chirillo has made a career of hacking. As a hacking consultant to Fortune 1000 companies part of his job is to break in to corporate networks to expose their holes and help his clients secure their networks. In Hack Attacks Revealed, he shares his knowledge of how hackers gain the information necessary to break into your systems.
The book begins with a basic history and understanding of computer and networking technology. Mr. Chirillo covers the the protocols used and the purpose of the various ports used. The book also provides information on the scanning and network discovery tools used by hackers.
(...)
- Amazon Customer Review
• Author Does Not Understand His Subject
22 September, 2004
This book has done nothing to dispell my theory that the information
content of a book is often inversely proportional to the number of pages
in the book. I'm 200 pages into it and that's as far as I'm
going to get. I expected some basic filler/theory in the first few
pages, but plowed on in the hopes that the author understood
the theory he was presenting and would use it later to explain security
exploits. However, I lost all confidence in the book when
I reached page 167, where the author demonstrates that he doesn't
understand ping and/or DNS. I don't bring this up to nitpick. I bring it up
because I think that anybody with pretensions to
being a security expert had better know the basics of how the
Internet works. How is anybody to make sense of, say, DNS spoofing,
without knowing how DNS works?
In case it's not obvious, the author confuses and muddles together
the actions of resolving a DNS domain name to an IP
address, and then using that IP address to send an ICMP echo
request to the destination. This may seem like a minor thing,
but its not just a typo (he makes the same mistake in three
different places on page 167), and security is a confusing
enough business without muddled descriptions like these.
On a more minor note, I do not see the point in filling page
after page with pretty pictures of the GUIs that hackers use
at their end. The publishers probably know better than I do
what sells today, but I don't understand why they and/or the
authors apparently feel that the thicker a book is, the better.
- Amazon Customer Review
|
