21
Security Warrior
Filed Under (Network Security) by Abdul Jaleel Malik on 21-08-2008
Tagged Under : Network Security
By Cyrus Peikari, Anton Chuvakin
January 2004
Pages: 552
ISBN 10: 0-596-00545-8 | ISBN 13: 9780596005450
Book description
What’s the worst an attacker can do to you? You’d better find out, right? That’s what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.
When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm. What’s the worst an attacker can do to you? You’d better find out, right? That’s what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle. Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines — trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It’s also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability. Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It’s often scary, and never comforting. If you’re on the front lines, defending your site against attackers, you need this book. On your shelf–and in your hands.
This book offers unique methods for honing your information security (infosec) technique. The typical reader is an intermediate- to advanced-level practitioner. But who among us is typical? Each of us approaches infosec with distinctive training and skill. Still, before you spend your hard-earned money on this book, we will try to describe the target reader.
As an example, you might enjoy this book if you already have experience with networking and are able to program in one or more languages. Although your interest in infosec might be new, you have already read at least a few technical books on the subject, such as Practical UNIX & Internet Security from O’Reilly. You found those books to be informative, and you would like to read more of the same, but hopefully covering newer topics and at a more advanced level. Rather than an introductory survey of security from the defensive side, you would like to see through an attacker’s eyes.
You are already familiar with basic network attacks such as sniffing, spoofing, and denial-of-service. You read security articles and vulnerability mailing lists online, and you know this is the best way to broaden your education. However, you now want a single volume that can quickly ratchet your knowledge level upward by a few notches.
Instead of reading a simple catalog of software tools, you would like to delve deeper into underlying concepts such as packet fragmentation, overflow attacks, and operating system fingerprinting. You likewise want more on forensics, honeypots, and the psychological basis of social engineering. You also enjoy novel challenges such as implementing Bayesian intrusion detection and defending against wireless "airborne" viruses. Before buying into Microsoft’s Trustworthy Computing initiative, you would like to delve deeper into Windows XP attacks and Windows Server weaknesses.
These are some of the topics we cover. Although some parts will necessarily be review for more advanced users, we also cover unique topics that might gratify even seasoned veterans. To give one example, we cover reverse code engineering (RCE), including the esoteric subjects of Linux and embedded RCE. RCE is indispensable for dissecting malicious code, unveiling corporate spyware, and extracting application vulnerabilities, but until this book it has received sparse coverage in the printed literature.
This book is not married to a particular operating system, since many of you are responsible for protecting mixed networks. We have chosen to focus on security from the attacking side, rather than from the defending side. A good way to build an effective defense is to understand and anticipate potential attacks.
Throughout the text we have tried to avoid giving our personal opinions too often. However, to some extent we must, or this would be nothing more than a dry catalog of facts. We ask your forgiveness for editorializing, and we make no claim that our opinions are authoritative, or even correct. Human opinion is diverse and inherently flawed. At the very least, we hope to provide a counterpoint to your own views on a controversial subject. We also provide many anecdotal examples to help enliven some of the heavier subjects.
We have made a special effort to provide you with helpful references at the end of each chapter. These references allow us to credit some of the classic infosec sources and allow you to further explore the areas that interest you the most. This is by no means a comprehensive introduction to network security. Rather, it is a guide for rapidly advancing your skill in several key areas. We hope you enjoy reading it as much as we enjoyed writing it.
Good introductory security book, June 06 2008
Rating: 
Submitted by Jason
This is one of my favorite security books from O’Reilly, primarily for the first four chapters which are dedicated to reverse engineering software. While there are a few texts out there that are dedicated to the subject and go into almost painful detail, this book is great for someone who is new to the skill. The other chapter that I was happy to see was chapter twenty-two which covers forensics and anti-forensics. While the coverage on anti-forensics was a bit light, it was great to actually see it included. I would e very interested to see (perhaps write?) a full book on this from O’Reilly sometime in the future, particularly given some of the attack methods on full disk encryption coming out of Princeton as of late.
Overall, a great tome on security with a good body of solid and applicable information. I’m hoping to see an updated edition.
NLUG: Book Review - Security Warrior by Cyrus Peikari & Anton Chuvakin, December 16 2004
Rating:
Submitted by James Ko, CISSP
I enjoyed reading the Assembler and the reverse engineering section of the book. I didn’t realize there are so many variants of x86 Assemblers. I thought it was brilliant to use the CD organizer as an analogy to program stack to explain the buffer overflow problem, The little HackMe challenge dramatizes the whole buffer overflow issue. It really sticks into reader’s mind about how vulnerable our software industry stands today. However, I feel it fall short on the networking section, where the authors could have spent more time on explaining these evil hacking tools. There were no examples on how to use hping, for example. As far as I know, there are lot more evil packet injection tools out there worth mentioning, such as Nemesis, libnet, hping and packit. I was somewhat disappointed given that the authors said in the beginning (preface)this is an advanced security book that I would expect more on the networking side. However, on the positive note, the Log Analysis section is very valuable to system administrators because it provides a lot of good information. There is not a lot of literature out there spend time on explaining what log is, or what is being captured. In fact, log analysis is gaining popularity because it is used for security forensics where security professional tries to piece the evidence together. All in all, this is a very useful book for those who wants to have a survey of what is involved in the field of security incident handlers and/or intrusion detection.
Covers the spectrum well. Good reference., April 26 2004
Rating:
Submitted by Alex Belt from the Columbia Java Users Group
This excellent, well-written book can be an enigma at times. The authors indicate that the material is for someone who has read on the subject before, although there is quite a bit of material geared more towards novices like myself. In other places I was defintely out of my depth, not having enough of a C/*Nix background to fully comprehend the material. The authors cover reverse engineering, network attacks, platform attacks, and defense/intrusion detection methods.
I very much liked the samples and references to existing tools, although they clearly indicate the possible criminal repercussions of using some of these tools/techniques. The samples provide invaluable insight and experience into learning the techniques, and how to thwart them, if it’s possible at this time. The intrusion detection/defense material is split between information that would benefit everyone, including home pc users, and techniques more suited to professionals, such as advanced intrusion detection and network defense. This would be a very good second book on the subject, and barring any sudden changes in the security landscape, this book should hold it’s value for some time to come.
Security Warrior Review, February 24 2004
Rating:
Submitted by Ali Rahbar
This is one of the first book that talk about the fundamentals of reverse
engennering.It is true that you can find can all the books subjects on the net but for finding and understanding them you should waste a lot of time and effort (to seek different messageboard and reversers site). This book
has done the hard works for you and you can read everything classified and in great details. I recomend it for everyone interested in security and if you already know all the topic in this book I still recommend you to read this book
for a fast and well organized review.
Media reviews "A very well written, comprehensive text that contains useful references, and details of software tools (and where they can be found). An essential resource for those responsible for information security."
–Major Keary, "PC Update," October 2004
"As in the case in the physical world, when providing computer security the optimal approach is to be proactive. Security Warrior is about taking such a preventive approach to computer predators…The vulnerabilities are clearly defined, but the book really shines when it provides detailed instructions on how systems can be protected. Security Warrior is written for advanced system administrators charged with network or system security. Corporate security professionals may be intimidated by the book, but they would do well to get a copy to the appropriate person in their organizations. That would be the proactive thing to do."
–Ben Rothke, Security Management, January 2005
"Overall, Security Warrior was quite an interesting read. I fully plan to take many concepts I have learned here and incorporate them into both current and future plans. If you want a detailed look at network security concepts, this book is a very solid starting point, before branching out into other works."
–Sean Smith, Dalhousie Student Chapter ACM, July 2005
Download
RapidShare
or
http://tinyurl.com/5txxf5
Tags: Network Security