The book is organized based upon groupings of countermeasures. It has a section that deals with ports and services, one that addresses intrusion defense mechanisms and one that focuses on locking down the perimeter. Each area is explicit, revealing specific configurations for several different types of devices, sometimes even by brand name. Scripts, configuration files, even screen shots help the reader to understand clearly the steps to take to secure against attacks.

The book, like its companion, has an included CD. The tools on the CD include all of those referred to in the text. Many are typical freeware tools such as TCP Wrappers. Some are the author's own tool set (Tiger Tools). The tools are appropriate and a good value considering that they are free with the book. Commercial tools are discussed as well throughout the volume.

Another valuable addition is a list of papers from a wide variety of writers, many in the underground. Some of these are quite old but, given that there are a lot of older systems still in use, even these have value.

Generally, this is a first rate book with a lot of value. Having received both this book and its companion for review, however, I would have to say that they are most valuable when bought together. In any event, Hack Attacks Denied is a must-have reference for all system administrators and others who need to lock down computers and networks against the wily hacker. While it does not have all the answers on all the platforms, it is much better than 95 percent of the other books out there.

SC On-Line
SC Magazine
www.scmagazine.com