Security Warrior

Security Warrior

4.5 2
by Cyrus Peikari, Anton Chuvakin
     
 

View All Available Formats & Editions

When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way

Overview

When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.

Editorial Reviews

bn.com
The Barnes & Noble Review
The “black hats” have taken their game to the next level. Experienced security professionals need to do likewise. That’s where Security Warrior comes in. Here’s the stuff everyone else will be scrambling to learn a year from now.

For example, Cyrus Peikari and Anton Chuvakin focus heavily on reverse code engineering for leading OS platforms and embedded devices. How do crackers identify potential software vulnerabilities? How can you beat them to the punch?

You’ll find systematic coverage of network stalking -- including the newest anti-forensics and IDS evasion techniques. There’s a full section on platform attacks: Linux, Windows, and mobile (including today’s newest “airborne viruses”). The authors wrap up with state-of-the-art defense -- from audit trail analysis to effective IDS placement. Bill Camarda

Bill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2003 and Upgrading & Fixing Networks for Dummies, Second Edition.

Library Journal
Network security assessment (see also Computer Media, LJ 8/03) involves identifying vulnerabilities so that they can be minimized, and these guides address the topic from varying perspectives. Case Studies delves into implementing the framework of network security standards (IAM, or Information Assurance Methodology) defined by the U.S. National Security Agency (NSA), while Network Security Assessment focuses partially on NSA IAM and partially on the UK's Government Communication Headquarters (GCHQ) security framework, CESG (Communications and Electronics Security Group) CHECK. Case Studies' checklists, case studies, and sample templates create a practical and useful guide for firms that provide security assessments, individuals who have taken an IAM class, and organizations conducting security audits. A nice overview of an often-confusing topic, moving from the security contract stage through final reporting and follow-up. Network Security Assessment's broader coverage-as well as its step-by-step discussion of security risks and how to combat or minimize them-makes it a good choice for those addressing security issues in general. Its take on multiple services and operating systems, and its real-world examples create a comprehensive, useful guide. Both are appropriate for larger libraries; buy McNab's if you can afford only one. For advanced administrators and security experts, Warrior addresses security assessment in general. It focuses most heavily, however, on the topic of reverse engineering, or of disassembling applications to see what is going on at their lowest levels. This allows administrators to dissect malware and spyware in order to disinfect and secure their systems more effectively. Its coverage of multiple environments and tools and the overview of attacks from a cracker's perspective make this an appropriate purchase for larger libraries. Copyright 2004 Reed Business Information.

Product Details

ISBN-13:
9780596552398
Publisher:
O'Reilly Media, Incorporated
Publication date:
01/12/2004
Sold by:
Barnes & Noble
Format:
NOOK Book
Pages:
556
File size:
6 MB

Related Subjects

Meet the Author

Dr. Cyrus Peikari is currently the Chief Technical Officer of Airscanner Corporation, a leading mobile security software company. He personally holds several patents in the anti-virus and infosec fields. In addition to numerous radio and television appearances, he is a popular speaker at technology and network security conferences. He has co-authored four bestselling security books, two of them as lead author, including Maximum Wireless Security, Windows .Net Server Security Handbook, and Windows Internet Security.

Dr. Cyrus Peikari is currently the Chief Technical Officer of Airscanner Corporation, a leading mobile security software company. He personally holds several patents in the anti-virus and infosec fields. In addition to numerous radio and television appearances, he is a popular speaker at technology and network security conferences. He has co-authored four bestselling security books, two of them as lead author, including Maximum Wireless Security, Windows .Net Server Security Handbook, and Windows Internet Security.

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >

Security Warrior 4.5 out of 5 based on 0 ratings. 2 reviews.
Guest More than 1 year ago
The whole concept of this book is: know your enemy. If you are a software developer or systems administrator, something you touch is bound to be attacked. Software developers need to understand this when writing programs. Likewise, systems administrators must protect their system from outside attack. This book proceeds from the premise that attack is inevitable, but we are more effective in dealing with it if we know the tactics of hackers. As we understand how they think and act, it helps us write and maintain a higher level of security within applications or network infrastructure. This book is very interesting to read and amazing to see how easy it is to ¿hack¿ various kinds of applications with just a few tools. The book discusses the basics of reverse engineering on Windows, Linux, and Pocket PC. Additionally, the authors step through a couple of examples, to show just how easy it is to bypass entering a serial number in a software install. Other ¿hacks¿ shows include buffer overflow, TCP/IP, SQL injection attacks, and even social engineering. I would recommend this book to anyone interested in any kind of software or network security. It is very eye-opening to see just how easy it is to compromise a system. Once you know how your enemy attacks, you can proceed with ways to combat them.
Guest More than 1 year ago
This book shows a different perspective on computer security, the perspective of the cracker trying to attack or invade your computer system or network. And why not? The best offense sometimes is a good defense. Among the topics this book talks about? It describes how you can 'reverse engineer' your own programs (In Windows 9X, XP, etc. UNIX and Linux) and also shows in some cases how easy it is for hackers and crackers to invade your computers and networks. And speaking of UNIX, this book also how easily UNIX boxes can be compromised, or how easily Windows machines can be (which given the recent news about another XP security hole, seems almost redundant for the book's authors to mention). It shows that even Linux can be quite insecure, proving that no OS is completely safe just that it may be safer than Unix or Windows. Just on these points alone, the book is an eye-opener. The chapters about 'reverse engineering' also made me think about how handheld devices like Palm Pilots can also be attacked and/or infected with virii or worms, once they are connected to the Internet. No computer device is truly immune. Among other chapters with good information? Ones about social engineering, attacks on various platforms (Unix, Windows Client & Windows Server, SQL and Wireless) and methods of defense against them. This book has a ton of outstanding information that may scare the heck out of security professionals, but is designed truly to inform. It offers security professionals new ways of defending against attacks and viruses.