Stealing the Network

Blaine Hilton writes "Stealing the Network is a refreshing change from more traditional computer books. The authors have created fictional stories based on non-fictional concepts that could really happen to our computer systems today. The realistic fiction approach makes the book much lighter to read and actually entertaining. I also believe this approach makes the true methods behind the fictional stores much more memorable then memorizing thousand page textbooks." Read on for his overview of the book. Stealing the Network: How to Own the Box author Ryan Russell, Tim Mullen (Thor), FX, Dan Kaminsky, Joe Grand, Ken Pfeil, Ido Dubrawsky, Mark Burnett, and Paul Craig pages 328 publisher Syngress rating 8 reviewer Blaine Hilton ISBN 1931836876 summary An interesting fictionalized approach to hacking and other aspects of information security.

I'm leery of books that are written by multiple authors because the writing style always seems to keep me off beat from jumping around, however in this book it works out well since the book is organized as a series of short stories. Each story describes somebody involved in information security -- either somebody trying to access a system, or a person trying to keep the bad guys out.

If you are looking for a step-by-step guide to locking down your computer and network, this is not the book for you. Instead, this book is more to help people who already have at least a basic understanding of information security to see from another perspective. Stealing the Network looks at other reasons why people can break in: everything from being told to go to industry conferences to not collecting access cards when an employee leaves the company. What this book left deepest in my mind is to trust nothing, and assume even less.

After the ten short stories of how hacking is really done, there is a nicely done appendix along with Ryan Russel's "Laws of Security," which finishes this fictionalized book in a very non-fictional way. The laws cover most of the problems with current IT infrastructure, but do not go in-depth with what I believe is the biggest security hole, the user. Many of the stories touch on this fact but that's about the extent of it. I believe this may be because there are not any easy solutions to human behavior. This book says it best with "people are lazy."

At 328 pages (in pretty large text), this is a great easy read, though the book would be better with a lower price tag. However if you work with or around computers and the Internet, this book is very enlightening, if not completely informative.

Table of Contents

• Acknowledgements
• Contributors
• Forward
• Chapters:
  1. Hide and Sneak
  2. The Worm Turns
  3. Just Another Day at the Office
  4. h3X's Adventures in Networkland
  5. The Thief No One Saw
  6. Flying the Friendly Skies
  7. dis-card
  8. Social (In)Security
  9. BabelNet
  10. The Art of Tracking
• Appendix - The Laws of Security

Most of the book's authors have websites you can hit for more information; follow these links to find more from Ryan Russell, Tim Mullen (Thor), FX, Dan Kaminsky, Joe Grand, Ken Pfeil, Ido Dubrawsky and Mark Burnett, as well as Jeff Moss (who wrote the forward).

You can purchase Stealing the Network from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Re:Stealing the network

[fussman]

Oh, come on. That was funny!

Re:Your Website

[ryanr]

Yes, well.... Look over there! A shiny thing!

Seriously, yes my website is pathetic. At the time, I had planned to spend some free time doing some research, and post the results there. Instead, I started the vuln-dev mailing list, and my time went there. One of these days, I'll pull thievco.com onto my home network (it's on a $20/mo hosting service) and make a blog thing out of it.

I think this is Thor�s best work�

...since Mjollnir for Dummies.