Domain: hackingexposed.com
Stories and comments across the archive that link to hackingexposed.com.
Comments · 7
-
Re:Yet, something like that is needed in CS
I have not been taking classes for a very long time... On the other hand, reading books helps. "Hacking exposed", for example, contains most of the content of the "hacker high school", and then some...
-
Based on previous editions, skip it
If this is at all like the previous editions of the same title, then I recommend you Skip this Computer Book.
Get a decent book about computer abuse/misuse:
Hacking Exposed, 4th edition
Hackers Beware, by Eric Cole
Counterhack, by Ed Skoudis
These books are written by computer security professionals who may their living both doing computer security and teaching computer security (SANS and Foundstone).
Steal This Computer Book seems to be aimed at too young to know they are getting ripped off kids and computer novices. So don't buy this book if you are over 10.
-
Mindset, Language, and Procedure
IMHO any information security professional needs to develop a professional paranoia, being thoughtful of potential risks and failures, and understand what might go wrong.
Reading Bruce Schneier's Secrets and Lies is a really good start in this area. It is a not very technical book, written at the level suitable for an IT manager. This is also useful to help explains risks, vulnerabilities, and failures to IT Management.
The ever so ugly covered Hacking Exposed, which explains the basics of what criminals (or attackers) do commonly to gain unauthorized access to (networked) computer systems. This is so you a) know how easy it is, and b) are familiar with an overview of the basic steps and techniques to gain illicit access.
For online resources, RISKS digest (not focused on malicious activities, but how systems fail - very insightful and low volume), and Bugtraq a full disclosure mailing list will show you recent exploits, and vuln notices, but it is fairly lacking in actual educational content, and there are several other mailing lists at SecurityFocus that could also be useful to developing professional paranoia.
Next you need the language and basics of information/computer security. For this textbooks like Computer Security by Dieter Gollmann, Information Security Management Handbook by Tipton and Krause, Practical Unix & Internet Security by Simson Garfinkel, Gene Spafford, Alan Schwartz, and Security in Computing by Pfleeger and Pfleeger.
For procedures look at CISSP study material, BS 7799 / ISO 17799, and security auditing and incident handling materials. Some knowledge of risk management can also be useful.
From these basics, of the right mindset, the common language of infosec, and procedures and policy you can get into the low-level details of firewalls, VPNs, IDS, and network design. For this you should have a good network/internetworking basics, a very detailed understanding of TCP/IP, and understand firewalls, VPNs, and IPsec.
Firewalls and Internet Security: Repelling the Wily Hacker, 2nd ed. by William R. Cheswick, Steven M. Bellovin, and Aviel D. Rubin is a great place to start, and Building Internet Firewalls by Elizabeth D. Zwicky, Simon Cooper, D. Brent Chapman is a great follow-up. An alternative book on firewalls and VPNs is Inside Network Perimeter Security: The Definitive Guide to Firewalls, VPNs, Routers, and Intrusion Detection Systems by Stephen Northcutt, Karen Frederick, Scott Winters, Lenny Zeltser, Ronald W. Ritchey (crowd from SANS).
For networking basics, a Cisco certification like CCNA could useful in providing knowledge about internetworking and Cisco router's IOS. For the gory details of TCP/IP either TCP/IP Illustrated: Volume 1: The Protocols by Richard Stevens or Internetworking With TCP/IP Volume 1: Principles Protocols, and Architecture, 4th edition by Douglas Comer.
For IDS - Network Intrusion Detection: An Analyst's Handbook by Stephen Northcutt and Intrusion Signatures and Analysis by Matt Fearnow, Stephen Northcutt, Karen Frederick, Mark Cooper are the best IMHO.
I am not sure what to recommend for VPNs, other than you need to know about IPsec.
-
Good books you could use instead.I purchased all of the Hack Attacks books when they were in the first edition, and was extreemly dissapointed. The second edition promised to be better and fix all the errors and dependencies on pages of code listings, so I got Hack Attacks Revealed only. This time HAR promised all the Windows and Unix hacks you could shake a stick at.
Well, the windows stuff is pretty lame. It has lots of pages dedicated to it, but mostly describes things that were old before they started compiling (not writing) the book.
The linux part is laughable. Lists of cracks that are worthless on any machine that was installed in the last five years. Does anyone run WU-FTPD from before 1995 now? I don't think so. Why waste the space? Besides, we want to understand how to hack/crack systems, not how to run an outdated exploit. If he took time to teach how an exploit worked, that'd be one thing, but as is this book is really really lame on the unix side. THe windows readers probably don't care, since they'd best be able to be script kiddies anyway.
My recomendations are as follows:
Hacking Linux Exposed second edition for all thing Linux/Unix. Can't be beat.
Hacking Windows 2000 Exposed. Do not get Hacking exposed, it tries to cover everything, and does them all poorly. The Windows 2000 edition is the only one you should get if you need windows information. (Applies to older and XP also in many cases.)
Hack Proofing your Network, edited by Blue Boar. Covers many of the same topics of the two books above, but by different experts. Multiple voices is good...
Any of the SANS books put out by NewRiders, most of which are written in part by Steven Northcutt. Lots of IDS and security titles by that publisher.
And you can't go wrong with Building Internet Firewalls, now out in a second edition.
I'd recommend any of the books above - they are accurate, informaaive, and either up to date or timeless. Any of these is worth 500 copies of Hack Attacks Revealed.
-
Good Challenges/Case StudiesI've read this book too, and it's really good. The problem is that they don't have enough space to really misdirect you, they really only provide the information that is relevant. In a real world environment, you'd need to sift through everything (irrelivant logs, user history files, timestamps) to see what is and is not helpful. But HC does a good job with what they can offer.
I was first intrigued by case studies when I read hacking linux exposde, which has excellent real-world case studies. Turn them on their heads and they are useful as challenges too. Since HLE was based on Hacking Exposed I thought I'd get it for those case studies, but they are lame 1-2 page things.
You can get the case studies for HEL online now, which is cool.
Does anyone else have good case studies / challenge pointers that are available online?
-
Hype
I think that this is probably an overblown hype piece, like so many others. What the article is talking about is simply a way to download information on the car's systems (much like what is already done in
,a href="http://www.formula1.com/news/home.html">F ormula One racing. This would not allow a hacker to gain control of your car in any way. Of course the threat of crashing the system is always there... The easiest solution to all these problems is to have manual backup systems. I don't like trusting my life to a computer, anyway. -
From one beginner to another...
I was fortunate enough to attend the "Hacking Exposed:Live!" tutorial at Usenix2000 in San Diego, Ca. 3 weeks ago and can recommend "Hacking Exposed:"(McClure,Cambray & Kurtz,Osborne/Mcgraw-Hill, $39.99 ). My prior network security experience consisted of copying IPCHAINS scripts to rc.firewall, yet I had no problem understanding the material or applying the suggested counter measures. I have since purchased the book and found it even more informative and thorough.
You may also find SecurityFocus.com useful.