• Hacker’s Challenge 3

    by  • July 29, 2009 • G-I

    Rating

    The Bottom Line

    I always thought of computer security as a necessary but boring subject but the authors of this book have managed to make it both informative and entertaining. If you are a security specialist looking to take the “hacker’s Challenge” and test how much you know or if you are just someone wanting to learn more about some of the latest security threats then this book will provide you with many hours of interesting reading and investigating.
    Pros
    • Real World situations described in an entertaining way
    • Variety of different types of attack are covered
    • Ratings both on how hard it is to both carry out the attack and to defend against it
    • Challenges experienced security staff while also educating those less experienced
    Cons
    • Some technical terms that may not be familiar to security novices
    • Solutions don’t directly follow the challenges making their use as tutorials less convenient

    Description

    • First Edition: Copyright 2006
    • 370 page paperback
    • Published by Osborne / McGraw Hill
    • ISBN 0-07-226304-0
    • Authors David Pollino, Bill Pennington, Tony Bradley and Himanshu Dwivedi

    Review

    This is a book that can serve two different purposes. For the security expert the book provides 20 real world security issues along with the appropriate logs and challenges them to work out what type of attack is being performed, how it is being performed, and what needs to be done to fix it and prevent it happening again. For those with an interest in security but who are not experts the book provides an entertaining series of tutorials that introduce several types of security breach, what they are, how to detect them, and what to do to stop them or at leasdt mitigate the effects.The ‘challenges’ that are described in the book cover a range of different methods that have been used to breach the security of various computer networks. Each challenge provides a all of the essential pieces of information that would be available to be examined by security experts dealing with the problem (trimmed of much of the irrelevant logs). Sufficient information is actually provided to enable someone with a sufficient knowledge of security to work out both what type of attack has taken place and how the attack was done. They should then have no trouble in answering the series of questions about the particular attack that appear at the end of each challenge before turning to the solutions section to check their answers.

    The challenges also provide excellent tutorials for novice security staff to find out how to extract and interpret information in order to determine what has happened.

    About

    Tony has driven security policies and technologies for antivirus and incident response for Fortune 500 companies, and he has been network administrator and technical support for smaller companies. He has written for a variety of other Web sites and publications, including BizTech Magazine, PC World, SearchSecurity.com, WindowsNetworking.com, Smart Computing magazine, and Information Security magazine. Tony is a CISSP (Certified Information Systems Security Professional) and ISSAP (Information Systems Security Architecture Professional). He is Microsoft Certified as an MCSE (Microsoft Certified Systems Engineer) and MCSA (Microsoft Certified Systems Administrator) in Windows 2000 and an MCP (Microsoft Certified Professional) in Windows NT. Tony has been recognized by Microsoft as an MVP (Most Valuable Professional) in Windows security since 2006. In addition to his Web site and magazine contributions, Tony was also tech editor of PCI Compliance (ISBN: 1597491659 ) and author of Essential Computer Security: Everyone’s Guide to E-mail, Internet, and Wireless Security (ISBN: 1597491144), coauthor of Hacker’s Challenge 3 (ISBN: 0072263040) and a contributing author to Winternals: Defragmentation, Recovery, and Administration Field Guide (ISBN: 1597490792), Combating Spyware in the Enterprise (ISBN: 1597490644) Syngress Force 2006 Emerging Threat Analysis: From Mischief to Malicious (ISBN: 1597490563), Botnets: The Killer Web Applications (ISBN: 1597491357), and AVIEN Malware Defense Guide for the Enterprise (ISBN: 1597491640).

    http://www.tonybradley.com