Hack Attacks Revealed, Second Edition

Reader Bill Camarda reviewed Wiley & Sons' Hack Attacks Revealed in June, 2001. Now Tom Brays has examined the book's second edition, and concludes that it's well worth the read. Read on below for his review of the second edition (and the the linked review of the first edition) to get an idea of how the new version stacks up. Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit, Second Edition author John Chirillo pages 960 publisher John Wiley & Sons rating 9/10 reviewer Tom Brays ISBN 0471232823 summary All things considered, Wiley should have waited and released this first; this book pans out to be more of an original than a second edition and well worth the read.

The first edition instigated quite a bit of controversy with some glaring errata and misconstrued statements, and the author claims to have alleviated them as well as accommodating critiques:

The primary difference between this second edition and the original Hack Attacks Revealed, aside from some rectified errata, is approximately 300 pages of over 170 new exploits, advanced discovery techniques, malicious code coverage of Myparty, Goner, Sircam, BadTrans, Nimda, Code Red I/II and more, current vulnerabilities, advisories, and hacking labs with additional illustrations, and techniques for routers, operating systems (including Windows 2000/Pro and XP, Solaris, LINUX), and server software daemons. You'll also find a special chapter dedicated to the Top 75 Hack Attacks.

To accommodate the new material, most of the extraneous information, lists, and most source code was moved from the book to the CD-ROM. In addition to the new material, you'll find a special single license release of the internetworking security toolkit, TigerSuite Pro 3.5. This kit contains modules to discover, scan, penetrate, expose, control, spy, flood, spoof, sniff, infect, report, monitor, and more, plus a special 60-page usage and user guide.'

This book promises quite a bit in a new edition; let's see what's really in here ...

Okay, there are 914 pages (only about 15 or so with source code this time) and the chapter layout is completely different as the book starts with a Technology section, followed by Discovery, then Penetration, Vulnerabilities, and finally the Toolbox.

The technology section is nicely abridged to about 87 pages. The Discovery part differs greatly in that the source code has been moved to the CD and the author has added more coverage and examples, plus some stealthier techniques and more recent SNMP, file sharing, DNS, NetBIOS, and CGI stuff. The ports and services sections are still there but I found them to be pretty handy references at any rate. Also, the Penetration section now contains updated material; it's nice to see IDS stuff added in here too.

In addition, the Vulnerabilities section is promising. There's an excellent chapter in which Chirillo identifies what he considers the top 75 exploits -- examples that have certainly proven to be persistent examples of security weaknesses -- and the newer material especially makes this chapter significant. It contains thorough coverage as well as countermeasures for the listed exploits.

The CD contains some of the same plus full licensed software, an updated repository and all of the source code moved from the original text.

All things considered, Wiley should have waited and released this first; this book pans out to be more of an original than a second edition and well worth the read.

You can purchase Hack Attacks Revealed, 2nd Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Nope

[(1337)+God]

The first edition was reviewed before, but this article is about the second edition.

Now, time to see how much has actually changed between the two releases :-]

This was a *review*?

[(1337)+God]

I'm not sure how a few two-sentence factual paragraphs is considered a book review, but I'll have to let my English teacher know that the the definition of "review" may have changed.

Anyway, that flamebait aside, I'd like to offer up an actual book review that will help you decide whether to buy the book at all. I mean, that's the *point* of a review, isn't it?

Computer security made simpler......, October 15, 2002
Reviewer: Kelly Larsen from Augusta Georgia

I have been teaching Windows 2000 and Unix security for the U.S. Army for 3 years. I am constantly searching for a book that will provide true insight into the hacker mindset and methods. Most books dawdle in the routine and well known hacks and still leave you wanting. "Hack Attacks Revealed, 2nd edition", takes you to the next level. It is the single best security reference book that I've seen.

You rarely find a book that provides indepth coverage of Windows, Unix, and Linux security. Hack Attacks Revealed's information, tutorials, and tools provide you with everything you would need to test and secure a computer system or network. As a bonus, the fully licensed TigerSuite Professional (version 3.5) is included on the accompanying CD. This is an amazing grouping of tools to analyze and test the security of a computer network. In class, I routinely use TigerSuite to demonstrate security shortfalls. My students are so impressed that they immediately ask me where I got it and how can they get it.

"Hack Attacks Revealed" has something for every skill level, whether it is teaching you how to subnet, compile a security tool or walking you through a buffer overflow. The First edition was great and John Chirillo found a way to go it one better.

For WRITING programs, see http://www.dwheeler.com

[dwheeler]

If you're writing programs that are supposed to be secure, take a peek at my freely-available book: Secure Programming for Linux and Unix HOWTO.