 |
||
| Article Index - Product Contact Details | ||
|
Book Review Hack Attacks Revealed by John Chirillo |
||
|
||
|
This is a heavy book. Both in its actual weight and in its content. If you
don't speak C/C++, Perl, etc., you're going to have a struggle with parts of
this one. That, though, is its real value. This is, without question, a
'hacker's handbook'. When you finish with this you'll know what you need to
know to recognize and understand how 'they' do 'it'.
Don't read this one front to back. First, it's not that kind of book. Hack Attacks Revealed is an encyclopaedia. It is the sort of book that one uses as needed. Second, do read the first six chapters. These chapters discuss the entire landscape of the hacker's target: your network. The author begins by making no assumptions. He starts off telling the reader about the Internet, then progresses to network communications, how to uncover the vulnerabilities that hackers attempt to exploit and concluding with a discussion of hacker technology. Then, the book moves into the coding of exploits and this is where the encyclopedic part begins. Starting with chapter eight, there is a wealth of reference material on vulnerabilities and tools. Many of the tools are available on the companion CD. I am often critical of this type of book because within tons of pages there are only ounces of real information. This volume does not suffer from that problem. If anything, there is too much information. But the book says one thing loud and clear: hacking is real technology. Hacking is not scripts and sweeps of huge ranges of addresses in the hope of 'owning' some Linux box. Hacking is hard, it takes study and it encompasses a lot of information. That said, defending against the bad guys is equally tough technology. I have participated, over the years, in the ongoing debate about 'consorting' with hackers. I have taken the position that if you are going to understand your enemy, you have to penetrate his camp and learn his secrets. Chirillo has done a first rate job of this on our behalf and he delivers his bounty of intelligence in this book and its companion Hack Attacks Denied (see companion review). Chirillo is no lightweight either. He wrote his first program, a game, at the age of twelve. He's been in the computer and security arena ever since, today working as a consultant. His work is credible, comprehensive and, clearly, exhaustive. This book won't make you into a hacker, but it will teach you what the hacker knows and how he or she operates. Thus armed, you will be far better prepared to defend your gates. For a change, this book brings us specific, technically valid information, gleaned from the trenches and applied where it can do you the most good. If I have any complaints about this one
they center around making an attempt to cover all of the territory and not
quite pulling it off in a way that is completely useful. Hack Attacks
Revealed could be broken down into two books, one covering the basics and
the other covering more advanced issues and coding. This approach would be
easier to digest and more useful in actual application. A bit too much of a
good thing for five stars, but a solid four stars for what it attempts and
carries off quite well. |
||
|
||
|
||
|
||
|
SC On-Line |
||
|
|
||
| Copyright © 2001 West Coast Publishing. All rights reserved. |
