Slashdot Mirror
Book Review: Defense Against the Black Arts
brothke writes "If there ever was a book that should not be judged by its title, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It, is that book. Even if one uses the definition in The New Hackers Dictionary of 'a collection of arcane, unpublished, and (by implication) mostly ad-hoc techniques developed for a particular application or systems area', that really does not describe this book. The truth is that hacking is none of the above. If anything, it is a process that is far from mysterious, but rather aether to describe. With that, the book does a good job of providing the reader with the information needed to run a large set of hacking tools." Read below for the rest of Ben's review.
Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It
author
Jesse Varsalone, Matthew Mcfadden, Michael Schearer, Sean Morrissey
pages
412
publisher
CRC Press
rating
7/10
reviewer
Ben Rothke
ISBN
1439821194
summary
Good reference for someone experienced in the topic who wants to improve their skills
Defense against the Black Arts is another in the line of hacking overview books that started with the first edition of Hacking Exposed. Like Hacking Exposed, the book walks the reader through the process of how to use hacking tools and how to make sense of their output.
Defense against the Black Arts is written for the reader with a good technical background who is looking for a nuts and bolts approach to ethical hacking. Its 14 chapters provide a comprehensive overview of the topic, with an emphasis on Windows.
But for those looking for an introductory text, this is not the best choice out there. The book is written for the reader that needs little hand-holding. This is in part due to its somewhat rough around the edges text and the use of more advanced hacking tools and techniques.
By page 4, the author has the reader downloading BackTrack Linux. BackTrack is a Ubuntu distro which has a focus on digital forensics and penetration testing. BackTrack is currently in a 5 R1 release, based on Ubuntu 10.04 LTS and Linux kernel 2.6.39.4. BackTrack comes with a significant amount of security and hacking tools preloaded, which the authors reference throughout the book.
After showing how to install BackTrack, chapter 1 shows how to log into Windows without knowing the password. Much of that is around the Kon-Boot tool, which allows you to change the contents of the Windows kernel in order to bypass the administrator password. Tools like Kon-Boot though will only work when you have physical access to the machine.
Chapter 3 gets into the details of digital forensics and highlights a number of popular tools for forensic imaging. While the book provides a good overview of the topic, those looking for the definitive text on the topic should read Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet.
Chapter 5 deals with web application penetration testing. The authors describe a number of tools that can be used to assess the security of web sites, and offer ways to attempts to manipulate data from a web page or web application.
One is likely hard pressed to find a large web site that will be vulnerable to such web attacks, given that most of them have already checked for those errors via validation control testing. Smaller vendors may not be so proactive, and find out that those $99- items are being sold for .99 cents. With that, the chapter details a number of tools developers can use to test for SQL injection, XSS and other types of web vulnerabilities.
Chapter 8 is about capturing network traffic. There are two perspective to collecting traffic. For the attacker, it is about identifying holes and avenues for attack. For those trying to secure a network, collecting network traffic is an exercise in identifying, thwarting and defending the network against attacks.
Chapter 10 provides a brief overview of Metasploit. For those looking for a comprehensive overview of Metasploit, Metasploit: The Penetration Testers Guide is an excellent resource. This chapter like many of the others provides the reader with detailed step-by-step instructions, including screen prints, on how to use the specific tool at hand.
Chapter 11 provides a long list of attack and defense tools that can be used as a larger part of a penetration tester's toolkit.
Chapter 12 is interesting is that it details how social engineering can be used. The authors show how public domain tools like Google Maps can be used in to mount an attack.
Chapter 13 – Hack the Macs– is one of the shorter chapters in the book and should really be longer. One of the reasons pen testers are increasingly using Macs is that the newer Macs run on the Intel platform, and can run and emulate Windows and Linux. The increasing number of tools for the Mac, and significant Mac vulnerabilities, mean that the Mac will increasingly be used and abused in the future.
Just last week, Dr. Mich Kabay wrote in Macintosh Malware Erupts that malware specifically designed for Mac is on the rise. This is based on progressively more and more serious malware for the Mac since 2009 where given that Apple products have been increasing their market share for laptops and workstations but especially for tablets and phones.
The article notes that one of the reasons Mac OS X is perceived as superior to Windows is because of its appearance of having integrated security. But although the design may be sound, the operating system does not prevent people from being swayed into thinking that the malicious software they are downloading is safe. With that, Apple will have to concentrate more on security and vulnerability within their operating system.
The book ends with about 30 pages on wireless hacking. The chapter provides an overview of some of the weaknesses in Wi-Fi technology and how they can be exploited. The chapter focuses on the airmon tool, part of BackTrack that you can use to set your wireless adapter into monitor mode, to see all of the traffic traversing the wireless network.
Overall, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It is a really good reference for someone experienced in the topic who wants to improve their expertise.
Ben Rothkei s the author of Computer Security: 20 Things Every Employee Should Know.
You can purchase Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Defense against the Black Arts is written for the reader with a good technical background who is looking for a nuts and bolts approach to ethical hacking. Its 14 chapters provide a comprehensive overview of the topic, with an emphasis on Windows.
But for those looking for an introductory text, this is not the best choice out there. The book is written for the reader that needs little hand-holding. This is in part due to its somewhat rough around the edges text and the use of more advanced hacking tools and techniques.
By page 4, the author has the reader downloading BackTrack Linux. BackTrack is a Ubuntu distro which has a focus on digital forensics and penetration testing. BackTrack is currently in a 5 R1 release, based on Ubuntu 10.04 LTS and Linux kernel 2.6.39.4. BackTrack comes with a significant amount of security and hacking tools preloaded, which the authors reference throughout the book.
After showing how to install BackTrack, chapter 1 shows how to log into Windows without knowing the password. Much of that is around the Kon-Boot tool, which allows you to change the contents of the Windows kernel in order to bypass the administrator password. Tools like Kon-Boot though will only work when you have physical access to the machine.
Chapter 3 gets into the details of digital forensics and highlights a number of popular tools for forensic imaging. While the book provides a good overview of the topic, those looking for the definitive text on the topic should read Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet.
Chapter 5 deals with web application penetration testing. The authors describe a number of tools that can be used to assess the security of web sites, and offer ways to attempts to manipulate data from a web page or web application.
One is likely hard pressed to find a large web site that will be vulnerable to such web attacks, given that most of them have already checked for those errors via validation control testing. Smaller vendors may not be so proactive, and find out that those $99- items are being sold for .99 cents. With that, the chapter details a number of tools developers can use to test for SQL injection, XSS and other types of web vulnerabilities.
Chapter 8 is about capturing network traffic. There are two perspective to collecting traffic. For the attacker, it is about identifying holes and avenues for attack. For those trying to secure a network, collecting network traffic is an exercise in identifying, thwarting and defending the network against attacks.
Chapter 10 provides a brief overview of Metasploit. For those looking for a comprehensive overview of Metasploit, Metasploit: The Penetration Testers Guide is an excellent resource. This chapter like many of the others provides the reader with detailed step-by-step instructions, including screen prints, on how to use the specific tool at hand.
Chapter 11 provides a long list of attack and defense tools that can be used as a larger part of a penetration tester's toolkit.
Chapter 12 is interesting is that it details how social engineering can be used. The authors show how public domain tools like Google Maps can be used in to mount an attack.
Chapter 13 – Hack the Macs– is one of the shorter chapters in the book and should really be longer. One of the reasons pen testers are increasingly using Macs is that the newer Macs run on the Intel platform, and can run and emulate Windows and Linux. The increasing number of tools for the Mac, and significant Mac vulnerabilities, mean that the Mac will increasingly be used and abused in the future.
Just last week, Dr. Mich Kabay wrote in Macintosh Malware Erupts that malware specifically designed for Mac is on the rise. This is based on progressively more and more serious malware for the Mac since 2009 where given that Apple products have been increasing their market share for laptops and workstations but especially for tablets and phones.
The article notes that one of the reasons Mac OS X is perceived as superior to Windows is because of its appearance of having integrated security. But although the design may be sound, the operating system does not prevent people from being swayed into thinking that the malicious software they are downloading is safe. With that, Apple will have to concentrate more on security and vulnerability within their operating system.
The book ends with about 30 pages on wireless hacking. The chapter provides an overview of some of the weaknesses in Wi-Fi technology and how they can be exploited. The chapter focuses on the airmon tool, part of BackTrack that you can use to set your wireless adapter into monitor mode, to see all of the traffic traversing the wireless network.
Overall, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It is a really good reference for someone experienced in the topic who wants to improve their expertise.
Ben Rothkei s the author of Computer Security: 20 Things Every Employee Should Know.
You can purchase Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Avoid using computers and mobile phones!
But, who writes the operating system then?
but then I saw the author wasn't Snape...
I work for the Department of Redundancy Department.
Google Maps and public domain? Incompetent the reviewer is.
I was disappointed that this book wasn't published by Packt.
That's what most crackers imagine they look like. Rather than the pale, pudgy, neck beards they are in reality.
nothing will protect you against ... so they can survive
too much anti-biotics / growth hormones
in pig, chicken cow.
-or-
lead in paint
-or-
L-left and R-right version of
a molecule used as medicine
(http://en.wikipedia.org/wiki/Thalidomide)
-or-
V-8 powered wars in a dessert
-or-
short term benefit of radioactive decay produced
electricity
-or-
overall "crappy" code
-or-
hopeful home buyers retro-active financing the
banks that gave them money
to claim the outstanding loans back
-or
[insert your hack here]
is /. so busy today? I can't keep up with all these stories!
The books is co-authored by Quirinus Quirrell, Gilderoy Lockhart, Remus Lupin, Alastor Moody, Dolores Umbridge, and Severus Snape.
http://alternatives.rzero.com/
I read the title to see some crazy harry potter fan writing a book on defense of dark arts. Oh man i've been on the rss feed too long.
...against my work, which consists of hacking to some extent - figuring out the arcane properties of software components to debug them and make them work?
thegodmovie.com - watch it
"By page 4, the author has the reader downloading BackTrack Linux. BackTrack is a *Ubuntu* distro..."
and no need to take this seriously, or, in fact, read any further.
Luckily it's not Ankit Fadia either. Whenever I see a book about "hacking" I think of him. Don't ever buy his books, because you can learn more about "hacking" by watching Swordfish. But if you want a good laugh, do borrow one. The only thing his books are missing is an MST3K commentary.
Apparently I'm the only one who doesn't get the aethereal metaphor here, but what does
rather aether to describe
mean to convey?
...you can buy at some common bookstore, the info is common knowledge, out of date, and useless.
From the review, it really sounds like this book is only demonstrating how to use specific tools/programs. Is that just what the reviewer is highlighting? Or is this book really lacking in the theories/principals of vulnerabilities and their exploits? I know very little about "hacking," but the last way I'd want to learn about it is through something that amounts to little more than a script kiddy's field guide. To me it feels like a very immature and impractical approach to a very serious/important problem of how to protect yourself and your network.
Is there a well regarded hacking book out there?
Most comments suggest there is not and I get the feeling hackers are primarily self taught so if you're grabbing Backtrack and using youtube tutorials you most likely are not a "hacker" (cracker?)
"If any question why we died, Tell them because our fathers lied."
I guess its not going to do any good AT ALL to bring up (yet again) how wrongly the term "hacking" is applied to script kiddies, hijackers, and black hat ops. The classic MIT (and correct) def of "hacker" is just a distant memory now.
Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
Am I the only one who misread that as a title of Harry Potter fan books?
Info about him is at : http://attrition.org/errata/charlatan/ankit_fadia/fadia09.html
that actually made me and my wife laugh. good job
"Ubuntu" -- an African word, meaning "Slackware is too hard for me". - stolen from Dan C alt.os.linux.slackware
Bummer. Guess I'll have to wait....
Look at the cover and then do an image search for "Jew Süß"
oops...
The only "tools" I use besides the ones I make are GCC and a text editor.
How to protect against me? You don't; I'm a good guy. If I were a cracker you could protect yourself by promptly installing OS updates. Installing software from only trusted sources. Using secure passwords, and not telling them to anyone.
This or:
Don't own a computer.
Don't turn on a computer.
Certainly, don't use a computer.
Do these three things and you'll be safe... In otherwords, stay backed up. This whole place is a house of matches, and everyone's carrying torches; You can lose everything in a heartbeat. Hell, hardware failures are more worrisome to me than hackers!
My favorite OS for penetration testing and back-tracking those pesky shell attackers and phishers. If you really want to learn the "dark arts" go through some of their online/manuals and courses, like the Metaspoit one. BT5 has some awesome tools. Ones that Anonymous themselves would be proud of. Things like zenmap, openvas, maltego, msf, siege, etc. That is what gets installed in every laptop I own.
Lets see, using that I back-track every single shell attacker. The commonalities are HTTP TRACE, lots of open ports, usually mail servers. At least three attack vectors running in the wild. Fast single IP attacks, multiple-domain attacks, and these new Hail Mary's that are round robbing through numerous countries with a cycle time of 15 minutes to hours. These are trying to bypass tools like fail2ban.
So far I've knocked out the database on one, it hasn't bothered me again. Left a calling card on another, it hasn't bothered me again. I've fixed a few sites in the US via phone that the users where available on, and fixed a few via email. The rest, I log data and post the most interesting on my business website's BackHacker Blog. One can't fix all the compromised servers in the world, but we fix the ones we can, LOL!
Viva la wetware!
With a name like that, I expected this book to tell me how to defend myself from an evil voodoo priestess, or how to protect my body against necromancy, or warding against Magic Missile. Maybe I've just been playing too much Skyrim.
Dude, from personal experience a book that calls itself "unofficial {directive}" is never serious!
-- no sig today
No ebook on Amazon and the paperback is 59.35! Who is he trying to sell to?
I think that will be in volume 2 :)