Slashdot Mirror

← Back to Stories (view on slashdot.org)

Special Ops

Posted by timothy on from the rat-patrol dept.

If maintaining the security of networked machines running Microsoft Windows is part of your job (but you need a touch of Oracle and UNIX advice, too), take heart. elwing writes "Don't let the cover title and camo look turn you away -- Special Ops is a no-nonsense guide to securing your network from inside attackers. This is one of the first books I've seen which covers this topic in detail. It doesn't skimp on external threats, but the majority of the book deals with host based security." Read on for the rest of elwing's review. Special Ops: Host and Network Security for Microsoft, UNIX, and Oracle author Erik Pace Birkholz, et al. pages 1040 publisher Syngress rating 8 - Worth Reading reviewer elwing ISBN 1931836698 summary Taking a look at securing your network from the inside.

In order to get the most out of Special Ops, I suggest that you brush up on your system administration skills, particularly Microsoft technologies. The book is aimed primarily at security and systems administrators, but several of the chapters are either aimed specifically at management (Chaps 17 & 18), or could easily be understood by them (chaps 1-3).

The authors write in a conversational, matter-of-fact style, including personal anecdotes and experiences where appropriate. The editors did a great job of "smoothing out" the styles of the different authors to give Special Ops a consistent feel.

One of the best features of Special Ops is the end-of-chapter content. These summaries include a "Security Checklist" which creates a nice list for admins to take into the field, a one-page summary of the chapter, links to relevant web pages, relevant mailing lists, other books to read for more in-depth information, a "Solutions Fast Track," and a FAQ. Some chapters list all of the freeware and commercial tools used/mentioned in that chapter. The Solutions Fast Track is a great section to hand to your slightly more technical manager explaining why you should secure a specific service. These chapter extras make Special Ops a great reference book, even if you never bother to read the rest of it.

Another great feature is the "Notes from the Underground ..." sections scattered throughout the book. All of the authors have worked in security for several years, and they share specific examples of attacks or other interesting tidbits they've seen over the years.

I had trouble giving Special Ops a rating of 9 or 10 for a few reasons. Even though the book is an easy read, it's a lot of information to digest. The subtitle makes it sound as if Microsoft, UNIX, and Oracle would receive equal treatment: not so. While there are 7 chapters on Microsoft specific technologies, UNIX and Oracle rate one chapter each. I would have preferred to see Special Ops split into 2 or 3 books, giving equal attention to all of the technologies.

The authors' bias towards certain commercial tools shows through as well. Granted, the majority of the authors are also Foundstone employees, but they should have given equal treatment to all tools. Explain the strengths and weaknesses of each tool and allow the reader to decide on the "best" tool.

All in all, Special Ops is a great book. It will definitely reside on my reference shelf for years to come.

Table of Contents
  1. Assessing Internal Network Security
  2. Inventory and Exposure of Corporate Assets
  3. Hunting for High Severity Vulnerabilities (HSV)
  4. Attacking and Defending Windows XP Professional
  5. Attacking and Defending Windows 2000
  6. Securing Active Directory
  7. Securing Exchange and Outlook Web Access
  8. Attacking and Defending DNS
  9. Attacking and Defending Microsoft Terminal Services
  10. Securing IIS
  11. Hacking Custom Web Applications
  12. Attacking and Defending Microsoft SQL Server
  13. Attacking and Defending Oracle
  14. Attacking and Defending Unix
  15. Wireless LANs: Discovery and Defense
  16. Network Architecture
  17. Architecting the Human Factor
  18. Creating Effective Corporate Security Policies

You can purchase the Special Ops from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

22 of 95 comments (clear)

  1. first post! by Anonymous Coward · · Score: -1, Offtopic

    for the second time in a day I got a fist post!

    1. Re:first post! by Anonymous Coward · · Score: -1, Offtopic

      go get a damn job...

    2. Re:first post! by chip · · Score: -1, Offtopic

      Careful. Fist posts are illegal in most US states.

    3. Re:first post! by Anonymous Coward · · Score: -1, Offtopic

      In Arkansas, you can first post with your cousin, but not your sister.

  2. That's what some IRC channels have by Anonymous Coward · · Score: -1, Offtopic

    "Special" Ops.

  3. Attacking and Defending Microsoft Terminal Service by Anonymous Coward · · Score: -1, Offtopic

    You could design a complete FPS game around this concept I think.

  4. third by Anonymous Coward · · Score: -1, Offtopic

    post

  5. Someone post Chapter 3! by Anonymous Coward · · Score: -1, Offtopic

    sO I c@|\| b3c0|\/|3 t3h 1337 h4>0r!

  6. Special Ops... by Anonymous Coward · · Score: -1, Offtopic

    ...Come and try to snatch my crops

    These pigs want to blow my house down...

  7. Step One... by Anonymous Coward · · Score: -1, Offtopic

    ... insert Linux CD into CD-R drive of PC running Windows...

  8. A cute animal story for you: by Anonymous Coward · · Score: -1, Offtopic
    Zoo keeper mauled to death 'after defecating on tiger'

    A young Chinese tiger keeper has been mauled to death after apparently trying to defecate on one of his big cats.

    The 19-year-old appears to have climbed the railings of the Bengal tiger cage and pulled his trousers down.

    Evidence at the scene of the death at the Jinan animal park included toilet paper, excrement and a trouser belt.

    Zoo officials think Xu Xiaodong either slipped into the cage or was pulled in by one of the four angry tigers.

    According to the South China Morning Post, the man told a co-worker he needed to go to the toilet but police were called when he failed to return.

    They found his body lying on the ground surrounded by tigers. The teenager had reportedly been bitten in the neck and was covered in blood. Police believe Xu climbed the wall of a partially constructed building used to raise the tigers to relieve himself. They said the smell probably caused the tigers to pounce.

    You can see more stories about tigers and zoos on Ananova, or read our Animal attacks file.

  9. Re:Attacking and Defending Microsoft Terminal Serv by SkArcher · · Score: 0, Offtopic

    Nah, it'd be waaay too hard a difficulty curve, and the power ups would always be buggy :P

    --

    An infinite number of monkeys will eventually come up with the complete works of /.
  10. best unix/linux books for intermediate linux user by wolf_m16 · · Score: -1, Offtopic

    from beginning to end what would be the most usefull network administration guides for an intermediate linux user who wants to learn how to server web pages, databases, run an all linux network, etc... any recomendations

  11. Hume Cronyn, 91,dies of cancer by Anonymous Coward · · Score: -1, Offtopic

    CRONYN DIED OF prostate cancer Sunday at his home in Fairfield, Conn., even if you didn't blah blah blah american actor icon blah blah blah....

  12. For the record by Anonymous Coward · · Score: -1, Offtopic

    Boromir wasn't the son of Faramir, they were gay lovers.

  13. OT- Playstation 1 Game Question by Anonymous Coward · · Score: -1, Offtopic

    Anybody know where I could get a Threads of Fate ISO? It's a bitch trying to find it on Kazaa. Links to FTP sites would be great.

    1. Re:OT- Playstation 1 Game Question by Anonymous Coward · · Score: -1, Offtopic

      Join our msn warez community We have private FTP

  14. Wrong by hummassa · · Score: 0, Offtopic

    Arathorn is the father of Aragorn

    --
    It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
  15. For the record by Anonymous Coward · · Score: -1, Offtopic

    American icon, indeed. Born in London, Ontario and educated at McGill.

  16. Re:Your name is wrong by Anonymous Coward · · Score: -1, Offtopic

    I've read the books twice in my life, nearly ten years apart on both accounts and I knew that too.

    Knowing this does not make you special.

    However, it still doesn't excuse retardation on his part.

    -A

  17. Re:Your name is wrong by Anonymous Coward · · Score: -1, Offtopic

    Nowhere does he mention that he got those names from that piece of paedo gay pr0n.

    He may be talking about a different family altogether.

  18. Re:Your name is wrong by Doom+Ihl'+Varia · · Score: 0, Offtopic

    It is also important to point out that Boromir's father is NOT the king of Gondor. He is merely the steward put in place while they await the return of the true king. Thus the title of the third book and movie, Return Of The King.