Defend I.T.: Security by Example

By | December 5, 2004

With the recent surge of interest in the IT/IS field, we are seeing many newcomers(myself included). This is resulting in many new books each year. This one is actually one of the more interesting ones I´ve read lately. It uses case studies to really grab your attention, and then it explains what it´s attempting to show you in the study, and how. If you enjoy reading security books, then you´ll probably enjoy this one.

Authors: Ajay Gupta, Scott Laliberte

Pages: 384

Publisher: Addison Wesley Professional

ISBN: 0321197674

Available for download sample chapter 15 – “Executive Fraud”.

About the authors

Ajay Gupta has held both client service and research positions in his more than five years of experience in the information security field. His commercial industry experience includes the healthcare, pharmaceutical, manufacturing, insurance, financial services, banking, and high tech sectors. Currently, Mr. Gupta is the founder and president of Gsecurity, an information security consulting firm with a global client base representing the government, IT, health care, financial, legal and banking sectors.

Scott Laliberte is part of Ernst & Young’s Security and Technology Solutions practice. He has extensive expertise in the areas of information systems security, network operations, and electronic commerce. He has led numerous penetration testing engagements for Fortune 500 companies and designs e-commerce architectures and security controls. He is also an instructor for the Ernst & Young’s Extreme Hacking course.

The Book

The book begins with a preface, a section abou the contributing authors, and finally an introduction. The preface lists their goals for this book, the type of audience they think should be reading this, and some info on how the book is structured. The book is dividen into five parts. The parts are labeled “Basic hacking”, “Current Methods”, “Additional Items on the Plate”, “Old School”, and “Computer Forensics”. An interesting thing about this book is how it explains information. It does almost everything in case studies, applying the information to real-life situations, which really made the book so much more enjoyable than your common security book.

Part one covers just what it says: Basic Hacking. It has about three chapters covering things from fingerprinting a remote network, to a Distributed Denial of Service attack on a network. The case studies are fun and interesting as well. It shows you the tools it uses, where to get them, and how to use them. Tools such as Nmap, p0f, NSLookup, WHOIS, Xprobe, and others are implemented and explained in this part.

Part two, “Current Methods” is an interesting section. It covers wireless security, controlling a virus outbreak, and a penetration test performed on an Apache webserver. I personally enjoyed the wireless security chapter and the penetration test chapter. Those two were very good. The virus outbreak chapter was interesting as well, and is explained in depth very well also. The wireless security chapter is about a bank wanting to set up a wireless network, but wanting to know the dangers, so they hire a penetration team(us) to attempt to break into the banks wireless network. All together I believe you will enjoy this part of the book.

Part three is all about defense. The first chapter of it explains through a case study, how to setup, research, and maintain a (N)IDS. A somewhat boring chapter, but useful nonetheless. Chapter two is about setting up and enforcing security policies (ie., no checking personal mail, etc.). Chapter three was somewhat interesting, it´s about setting HIPAA security regulations in your place of business, and how to setup, control, and maintain them.

Part four is appropriately labeled “Old School”, as it deals with old school methods of hacking. This part of the book contains only two chapters. Chapter one is about war-dialing. It first explains an attack and then explains ways you can restrict access and secure your companies computers. Chapter two is a somewhat shorter chapter about social engineering and other non technical attacks. The social engineering aspect of the chapter is good and has a good case study. For anyone interesting in old techniques, you´ll like this section.

Finally we come to chapter five, which is about computer forensics. It has three chapters, each about a different subject. Chapter one deals with industrial espionage, how to spot it, and how to prove it. Very interesting and well written chapter in my opinion. The next chapter is about executive fraud. Nice chapter, has some good information in it about forensics and what to look for. The final chapter is labeled “Cyber extortion”. We´ve all seen it or heard about it, an angry employee or hacker gets hold of some customer information or something and then proceeds to use that information to extort money. It´s an interesting chapter, even though it seems a bit repatitive at times.

My Opinion

All together, this is an excellent book. I enjoyed almost all of it. The writers know what they are talking about and are very good at writing. I would recommend this book to anyone who is interested in computer security or someone who just wants to see a change for once in regards to how security books are written.

Leave a Reply