Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Degunking Your Email, Spam, and Viruses", Jeff Duntem

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Degunking Your Email, Spam, and Viruses", Jeff Duntemann
Date: Wed, 26 Jan 2005 08:31:32 -0800 


BKDYESAV.RVW   20041205

"Degunking Your Email, Spam, and Viruses", Jeff Duntemann, 2004,
1-932111-93-X, U$24.99/C$37.99
%A   Jeff Duntemann feedback@paraglyphpress.com
%C   Suite 115 4015 North 78th Street, Scottsdale AZ   85251
%D   2004
%G   1-932111-93-X
%I   Paraglyph Press
%O   U$24.99/C$37.99 602-749-8787 ssayre@paraglyphpress.com
%O  http://www.amazon.com/exec/obidos/ASIN/193211193X/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/193211193X/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/193211193X/robsladesin03-20
%O   tl i rl 3 tc 3 ta 4 tv 4 wq 3
%P   334 p.
%T   "Degunking Your Email, Spam, and Viruses"

Lots of books have "quick tips" at the front these days.  Usually
these are nothing more than promotional fluff, designed to convince
you that the author Knows Important Stuff.  However, when I perused
the suggestions for what to do about email and viruses if you had
limited amounts of time, I was quite impressed that Duntemann had, in
fact, carefully selected those tasks that would give the most
protective value for the temporal coin.  I could cavil at a few, but
generally this list is very well chosen for those readers who do need
to get started right away.

Chapter one is an introduction, defining the various problems, and
outlining the "12-step" program that structures most of the rest of
the book.  Although chapter two is supposed to be about creating an
email strategy it doesn't go quite that far.  But Duntemann does
provide guidance on the type of email user you are, and notes the
importance (which varies) of having alternative email addresses. 
Various email clients, and important features, are reviewed in chapter
three.  The advice is good (although I don't know why he is dissing
Pegasus  :-)  Chapter four outlines good email habits, and effective
practices for using and managing email.  The advice on maintaining
contact and synchronization on the road, given in chapter five, is
helpful to travelers although I am not sure that it a) applies to
everyone, and b) is a "gunky" problem.  Chapter six provides valuable
advice for managing stored or saved messages.

Chapter seven describes the situation with regard to spam, and
suggests the standard actions to avoid it.  The concepts and tools for
spam filtering are outlined in chapter eight.  Chapter nine walks the
reader through the installation and "training" of POPfile, while ten
lists arguments against non-Bayesian spam prevention filters and
systems.

Chapter eleven is a good introduction to the broad categories of
malware.  The choice and evaluation of antiviral programs, given in
chapter twelve, is quite decent, although the space and precedence
given to the "three sisters" seems to be excessive: companies like
Sophos, F-Prot, and Avast turn out technically superior products and
are hardly "obscure."  Spyware and adware, as well as suggestions to
limit them and products to deal with them, are covered in chapter
thirteen.  Chapter fourteen has good advice about dealing with worms
(although I'm surprised that Duntemann did not mention turning off
DCOM, which would probably have saved his friend some grief).  Chain
letters and scams are discussed in chapter fifteen.  (I was teaching
in Nigeria when I read this book, so I found the coverage of the 419
scam ironic.  Nigeria isn't in chaos: it just seems that way.) 
Chapter sixteen finishes off with advice on what to do if you *have*
been hit with something nasty.

The book has a lot of very practical and useful information.  It is
written at a level that any intermediate user, and many intelligent
novices can use directly without further experimentation.  (A few
items could use more detail: how do you turn an .iso file into a
bootable CD?)  I would recommend this as an excellent reference to
have to hand for pretty much any computer user.

copyright Robert M. Slade, 2004   BKDYESAV.RVW   20041205


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca      slade@victoria.tc.ca      rslade@sun.soci.niu.edu
We are what we repeatedly do. Excellence, then, is not an act,
but a habit.                                             - Aristotle
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade






 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Degunking Your Email, Spam, and Viruses", Jeff Duntemann, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] CISSP is not EASY., Shahzad Rasheed
Next by Date:  [CISSP-D] REVIEW: "Open Source Security Tools", Tony Howlett, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Previous by Thread:  [CISSP-D] Passed the CISSP!!!, dush90
Next by Thread:  [CISSP-D] REVIEW: "Open Source Security Tools", Tony Howlett, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Indexes:  [Date] [Thread] [Top] [All Lists]