Book Reviews: Computer Security
When I was a policeman, many years ago, we set up a plan to find stolen cars on a Motorway service area, preferably with criminals inside. We got lots. Thieves only steal the easy ones: keys in the lock or under the seat, windows open, engine left running. Houseowners, too, might just as well leave a sign on the front gate for burglars: "Walk in here." Because thieves do.
In my trips around offices, and around the Internet, I am disturbed at how easy it is to enter someone else's computer. My work is on my hard disks and I do not want students (for example) or others having a look at the data. Nor do I want outsiders stealing data that officaldom may have recorded about me.
The doors are wide open, because many of the bureaucrats in charge of information have little idea of the ease with which those with intent can (and do) break into the computers on which our data is stored. These three books take a serious look at the problems.
Of the three, Security Warrior is the most accessible; and it is the most useful in terms of a wider audience. It takes a similar approach to other useful security books: it outlines the problems, then offers advice on how to fix them. We have, however, seen several changes in recent years in both operating systems and access methods, for example, wireless networks.
It is in four major parts (with appendix): Software Cracking, examining Assembly language, reverse engineering and overflow attacks; Network Stalking which is of major value to network managers, particularly the chapter on Social Engineering -- hands up all those who tell other people their passwords -- which everyone should read; Platform Attacks, with sections on the weaknesses of major operating systems; and Advanced Defense. The last section deals with catching the miscreants and what the signals mean.
A technical but readable book in typical O'Reilly style: neat, clear; and well-written with the occasional hint of humor. The image of the Samurai warriors for the cover picture is well-chosen: a true fighter must understand the foe in order to exploit weaknesses.
Anyone interested in computers ought to read this to find out just how weak the defences are, and how vulnerable to attack we may be.
The following two books are specific to proprietary technologies and are less accessible to a normal reader. That market is not their aim. Syngress is a smaller publisher specialising in security publishing. The works here are of great value to network administrators whose systems have the relevant software installed.
Check Point's Next Generation security administration suites are installed on both Windows and Solaris platforms. The highly technical volume examines the installation and running of virtual private networks and firewalls, allowing the management of these and the fine-tuning of the security aspects: rule bases, encryption, administration, authentication, resources and logging.
Part of the deal with the book is a year's access to an online resource that covers updates and changes to security and operating systems, plus a newsletter; so although the shelf price looks on the high side, this is offset considerably by that necessary updating facility. Users of all perating systems are more aware these days of the regular updates required to keep safe from the latest exploits as they are discovered. A network administrator worth his salt would do well to examine the possibilities of the protection offered here. My experience of local administrators suggests that few look further than the Microsoft site; and not very often.
A whole book on Ethereal packet sniffing seems to be somewhat ambitious but the authors take great pains to examine the tools available to administrators so they can come up with answers as to why their networks have shortcomings, either from outside attacks or other bottlenecks in a system.
The book, and the CDROM that is included, concentrate on Windows, Linux and Solaris. Like the other Syngress work reviewed here, there is considerable detail on just what is entailed to configure and use such systems. This work also has a similar one-year access and update plan to the Check Point book.
Not for the ordinary mortal, the book takes a considerable effort to read because of its technical nature and its intended audience.
As long as we have areas which are forbidden, people will try to gain access to them. It does not matter if the intent is malicious or frivolous; nor does it matter if the acess is to a locked room or a computer's hard disk. "Thou shalt not enter," or "Private" are seen by some as invitations and not the bars they are intended to be.
For further information, e-mail to Graham K. Rogers.
To eXtensions: Book Reviews
To eXtensions: Year One
Back to homepage