Sarasota PC Monitor
Hacking Exposed
A Book Review
by George Whitesell
Member of the Sarasota Personal Computer Users Group, Inc.I am working with several companies concerned with security issues related to viruses, spyware and hackers.
When Herb Goldstein mentioned a book about hacking, of which I am not an expert, I gladly volunteered to review "Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition" by Stuart McClure, Joel Scambray and George Kurtz.
The book is divided into four main sections: Casing the Establishment, System Hacking, Network Hacking and Software Hacking. The first section deals with what I would refer to as information gathering. The authors detail the various tools hackers use to obtain your network IP addresses, domain names and any other initial information they can get to help them penetrate your network.
Section II discusses hacking methods used against the various operating systems including all flavors of Windows, as well as Novell and UNIX. Overall the book primarily deals with hacking attempts on networks and this section describes the differences between the various operating systems and the different tools used by hackers to try and penetrate each one.
Section III deals with network hacking and Section IV software hacking. Software hacking involves the use of remote access software which allows a person to access their office computer remotely, or in the case of Windows XP, remote assistance software. Throughout the book the authors explain the various weaknesses in the different components of computer networks that hackers attempt to exploit; the tools and methodologies they use to attack each weakness; and the tools and practices we can use or implement to protect our networks. The weaknesses include hardware, software, and any security practices that are in place (or lacking).
The authors believe that to be truly prepared to thwart any hacker attacks you need to understand how the hackers think and the weaknesses they look for and exploit. Protecting a network from hackers requires a lot more than just installing a firewall and software security patches and the book describes all facets of network and individual computer protection in detail.
The book includes a DVD containing presentations of some of the methods used by hackers to gain access to your network or computer. The authors also maintain a website at www.hackingexposed.com which has links to sites where the many hacking "tools" mentioned in the book can be found. This makes it much easier to find the sites mentioned in the book without having to type each web address into your browser.
Hacking Exposed is not a quick read, however it is well written, interesting and it achieves its purpose of educating the reader about the tools and disciplines needed to protect a network from hackers. I consider this book to be a definitive reference for anyone involved in detecting, preventing or reacting to hacking attempts.
McGraw Hill/Osbourne , ISBN 0-07-222742-7, $49.99 :
Copyright 2003. This article is from the June 2003 issue of the Sarasota PC Monitor, the official monthly publication of the Sarasota Personal Computer Users Group, Inc., P.O. Box 15889, Sarasota, FL 34277-1889. Permission to reprint is granted only to other non-profit computer user groups, provided proper credit is given to the author and our publication. We would appreciate receiving a copy of the publication the reprint appears in, please send to above address, Attn: Editor. For further information about our group, email: admin@spcug.org/ Web: http://www.spcug.org/
The Sarasota Personal Computer Users Group, Inc. has 1,100+ members and was established in 1982. We are members of the Assoc. of PC User Groups (APCUG), the Florida Assoc. of PC Users Groups, Inc., and we are members of the America Online Ambassador Program.
See http://www.spcug.org for all reviews from the Sarasota PC Monitor, go to the Newsletter Section.