Slashdot Mirror
Special Ops
In order to get the most out of Special Ops, I suggest that you brush up on your system administration skills, particularly Microsoft technologies. The book is aimed primarily at security and systems administrators, but several of the chapters are either aimed specifically at management (Chaps 17 & 18), or could easily be understood by them (chaps 1-3).
The authors write in a conversational, matter-of-fact style, including personal anecdotes and experiences where appropriate. The editors did a great job of "smoothing out" the styles of the different authors to give Special Ops a consistent feel.
One of the best features of Special Ops is the end-of-chapter content. These summaries include a "Security Checklist" which creates a nice list for admins to take into the field, a one-page summary of the chapter, links to relevant web pages, relevant mailing lists, other books to read for more in-depth information, a "Solutions Fast Track," and a FAQ. Some chapters list all of the freeware and commercial tools used/mentioned in that chapter. The Solutions Fast Track is a great section to hand to your slightly more technical manager explaining why you should secure a specific service. These chapter extras make Special Ops a great reference book, even if you never bother to read the rest of it.
Another great feature is the "Notes from the Underground ..." sections scattered throughout the book. All of the authors have worked in security for several years, and they share specific examples of attacks or other interesting tidbits they've seen over the years.
I had trouble giving Special Ops a rating of 9 or 10 for a few reasons. Even though the book is an easy read, it's a lot of information to digest. The subtitle makes it sound as if Microsoft, UNIX, and Oracle would receive equal treatment: not so. While there are 7 chapters on Microsoft specific technologies, UNIX and Oracle rate one chapter each. I would have preferred to see Special Ops split into 2 or 3 books, giving equal attention to all of the technologies.
The authors' bias towards certain commercial tools shows through as well. Granted, the majority of the authors are also Foundstone employees, but they should have given equal treatment to all tools. Explain the strengths and weaknesses of each tool and allow the reader to decide on the "best" tool.
All in all, Special Ops is a great book. It will definitely reside on my reference shelf for years to come.
Table of Contents- Assessing Internal Network Security
- Inventory and Exposure of Corporate Assets
- Hunting for High Severity Vulnerabilities (HSV)
- Attacking and Defending Windows XP Professional
- Attacking and Defending Windows 2000
- Securing Active Directory
- Securing Exchange and Outlook Web Access
- Attacking and Defending DNS
- Attacking and Defending Microsoft Terminal Services
- Securing IIS
- Hacking Custom Web Applications
- Attacking and Defending Microsoft SQL Server
- Attacking and Defending Oracle
- Attacking and Defending Unix
- Wireless LANs: Discovery and Defense
- Network Architecture
- Architecting the Human Factor
- Creating Effective Corporate Security Policies
You can purchase the Special Ops from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Nah, it'd be waaay too hard a difficulty curve, and the power ups would always be buggy :P
An infinite number of monkeys will eventually come up with the complete works of
Arathorn is the father of Aragorn
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
It is also important to point out that Boromir's father is NOT the king of Gondor. He is merely the steward put in place while they await the return of the true king. Thus the title of the third book and movie, Return Of The King.