Hack Attacks Revealed, Second Edition

Reader Bill Camarda reviewed Wiley & Sons' Hack Attacks Revealed in June, 2001. Now Tom Brays has examined the book's second edition, and concludes that it's well worth the read. Read on below for his review of the second edition (and the the linked review of the first edition) to get an idea of how the new version stacks up. Hack Attacks Revealed: A Complete Reference for UNIX, Windows, and Linux with Custom Security Toolkit, Second Edition author John Chirillo pages 960 publisher John Wiley & Sons rating 9/10 reviewer Tom Brays ISBN 0471232823 summary All things considered, Wiley should have waited and released this first; this book pans out to be more of an original than a second edition and well worth the read.

The first edition instigated quite a bit of controversy with some glaring errata and misconstrued statements, and the author claims to have alleviated them as well as accommodating critiques:

The primary difference between this second edition and the original Hack Attacks Revealed, aside from some rectified errata, is approximately 300 pages of over 170 new exploits, advanced discovery techniques, malicious code coverage of Myparty, Goner, Sircam, BadTrans, Nimda, Code Red I/II and more, current vulnerabilities, advisories, and hacking labs with additional illustrations, and techniques for routers, operating systems (including Windows 2000/Pro and XP, Solaris, LINUX), and server software daemons. You'll also find a special chapter dedicated to the Top 75 Hack Attacks.

To accommodate the new material, most of the extraneous information, lists, and most source code was moved from the book to the CD-ROM. In addition to the new material, you'll find a special single license release of the internetworking security toolkit, TigerSuite Pro 3.5. This kit contains modules to discover, scan, penetrate, expose, control, spy, flood, spoof, sniff, infect, report, monitor, and more, plus a special 60-page usage and user guide.'

This book promises quite a bit in a new edition; let's see what's really in here ...

Okay, there are 914 pages (only about 15 or so with source code this time) and the chapter layout is completely different as the book starts with a Technology section, followed by Discovery, then Penetration, Vulnerabilities, and finally the Toolbox.

The technology section is nicely abridged to about 87 pages. The Discovery part differs greatly in that the source code has been moved to the CD and the author has added more coverage and examples, plus some stealthier techniques and more recent SNMP, file sharing, DNS, NetBIOS, and CGI stuff. The ports and services sections are still there but I found them to be pretty handy references at any rate. Also, the Penetration section now contains updated material; it's nice to see IDS stuff added in here too.

In addition, the Vulnerabilities section is promising. There's an excellent chapter in which Chirillo identifies what he considers the top 75 exploits -- examples that have certainly proven to be persistent examples of security weaknesses -- and the newer material especially makes this chapter significant. It contains thorough coverage as well as countermeasures for the listed exploits.

The CD contains some of the same plus full licensed software, an updated repository and all of the source code moved from the original text.

All things considered, Wiley should have waited and released this first; this book pans out to be more of an original than a second edition and well worth the read.

You can purchase Hack Attacks Revealed, 2nd Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Re:Discovery, then Penetration ....

[$$$$$exyGal]

The CD contains some of the same plus full licensed software, an updated repository

*giggle* He said repository. That is such an unfortunate word. I once created a repository, and every time I mentioned using it, someone would inevitably make a wise-crack. I later changed the name to just 'vault'.