Slashdot Mirror
Special Ops
In order to get the most out of Special Ops, I suggest that you brush up on your system administration skills, particularly Microsoft technologies. The book is aimed primarily at security and systems administrators, but several of the chapters are either aimed specifically at management (Chaps 17 & 18), or could easily be understood by them (chaps 1-3).
The authors write in a conversational, matter-of-fact style, including personal anecdotes and experiences where appropriate. The editors did a great job of "smoothing out" the styles of the different authors to give Special Ops a consistent feel.
One of the best features of Special Ops is the end-of-chapter content. These summaries include a "Security Checklist" which creates a nice list for admins to take into the field, a one-page summary of the chapter, links to relevant web pages, relevant mailing lists, other books to read for more in-depth information, a "Solutions Fast Track," and a FAQ. Some chapters list all of the freeware and commercial tools used/mentioned in that chapter. The Solutions Fast Track is a great section to hand to your slightly more technical manager explaining why you should secure a specific service. These chapter extras make Special Ops a great reference book, even if you never bother to read the rest of it.
Another great feature is the "Notes from the Underground ..." sections scattered throughout the book. All of the authors have worked in security for several years, and they share specific examples of attacks or other interesting tidbits they've seen over the years.
I had trouble giving Special Ops a rating of 9 or 10 for a few reasons. Even though the book is an easy read, it's a lot of information to digest. The subtitle makes it sound as if Microsoft, UNIX, and Oracle would receive equal treatment: not so. While there are 7 chapters on Microsoft specific technologies, UNIX and Oracle rate one chapter each. I would have preferred to see Special Ops split into 2 or 3 books, giving equal attention to all of the technologies.
The authors' bias towards certain commercial tools shows through as well. Granted, the majority of the authors are also Foundstone employees, but they should have given equal treatment to all tools. Explain the strengths and weaknesses of each tool and allow the reader to decide on the "best" tool.
All in all, Special Ops is a great book. It will definitely reside on my reference shelf for years to come.
Table of Contents- Assessing Internal Network Security
- Inventory and Exposure of Corporate Assets
- Hunting for High Severity Vulnerabilities (HSV)
- Attacking and Defending Windows XP Professional
- Attacking and Defending Windows 2000
- Securing Active Directory
- Securing Exchange and Outlook Web Access
- Attacking and Defending DNS
- Attacking and Defending Microsoft Terminal Services
- Securing IIS
- Hacking Custom Web Applications
- Attacking and Defending Microsoft SQL Server
- Attacking and Defending Oracle
- Attacking and Defending Unix
- Wireless LANs: Discovery and Defense
- Network Architecture
- Architecting the Human Factor
- Creating Effective Corporate Security Policies
You can purchase the Special Ops from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
I'd rate it somewhere around 6 or 7 out of 10, certainly no where near 9. My major complaints are similar to those of the author of the article:
- Gives no mention of its focus on Microsoft OS's, but it concentrates on them nearly entirely.
- Simple, simple, simple. If you know your basics, most of this book is redundant and a review. There's a lengthy discussion on how a traceroute works. That's a little too simple for my tastes.
- Though not required, the author seems excessively biased towards Microsoft OS's. He even goes so far to suggest (in mild language) that it's easier to track invaders using Microsoft products than using freely available tools. C'mon, I think we all know the pile of open source tools available for these applications outnumber and outwork anything out of Redmond.
It's something I think newbie MS admins should read, but it doesn't hold much new content for anyone who's been admining for a year+.
+ Donald Gunth
+ Email: dgunth@quicktek.net
"Caffeine is the greatest lubricant ever created." -ESR
If I were you, I would have bought this book with my own money if the book review is reliable.
On the other side, this book would mean quite a number of poor sysadmins facing attacks described in the book by fellow ex-employees of their company.
Compentant admins have systems that are harder to hack - a distinction that is important to make.
That is all.
Your major complaints about this book is true, yet, one point, however, is quite arguable to me, that is the microsoft point.
Microsoft products (i.e. windows 95/98/NT/2k/2k3) does have its place (and a large market share...) on corporate markets (on clients), therefore it should be considered as a large portion of corporate administration. I spend most of my time administrating windows even though i'm a linux admin. (Well, the good debian box does not require much administration, honestly.)
Maybe Windows needs 7 chapters to Linux's 1 on securing it. This would be fair coverage.
Feeling like stirring the kettle today with karma to burn.
I used to wonder what was so holy about a silent night, now I have a child.
Competant admins simply do not get hacked.
This is a ridiculous statement to say the least, and an obvious sign of ignorance. If all you're doing is patching servers and paying attention to vulnerability reports, then you wouldn't even know if you DID get hacked. Real security requires a layered approach, one of those layers being intrusion detection. This alone can be a full-time job. It is this simplistic-style thinking that continues to make the Internet such a dangerous place, and contributes to my inability to get any significant amount of funding for security-related projects. If all I have to do is patch servers and watch vuln reports, then why should I spend money on a firewall, IDS, training, a security policy, etc, etc, etc. I could write an entire book just on why that statement was dumb...but this post will have to suffice.
Social Engineering Expert: Because there is no patch for stupidity.
I strongly disagree with this sentiment. Some of the most knowledgable security gurus I know are "hackers" who started by administering systems. And many administrators I know can apply patches with the best of 'em, but are unable to recognize potential attack signatures in their logs. Simply knowing how to apply a patch does not give one the insight required to recognize attacks that aren't widely publicized. Do you want an admin who only knows he/she is being attacked because Microsoft says so? Or would you rather have one who knows what to look for because he/she has studied hacking techniques and has ethically hacked, and therefore can cut off suspicious behavior before a patch is even issued? I know which one I'd pick.
That's not always true. Sometimes patches are the problem.
Almost without fail, hacking incidents at major companies are found to be due to security holes that have been known about and fixed for months, if not years.
Tell that to the victims of the latest BugBear worm. Admins who patched for the first worm were not protected against the latest variant.
Well, there's spam egg sausage and spam, that's not got much spam in it.
I believe that
A truly secure system must be able to withstand open review at all levels (e.g. protocol, source code, etc).
The details of security vulnerabilities should be available to everyone. (source: Bugtraq)