Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Always Use Protection", Dan Appleman

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Always Use Protection", Dan Appleman
Date: Wed, 14 Dec 2005 11:03:40 -0800 
BKALUSPR.RVW   20050805

"Always Use Protection", Dan Appleman, 2004, 1-59059-326-X, U$17.99
%A   Dan Appleman www.alwaysuseprotection.com
%C   2560 Ninth Street, Suite 219, Berkeley, CA   94710
%D   2004
%G   1-59059-326-X
%I   Apress
%O   U$17.99 510-549-5930 fax 510-549-5939 info@apress.com
%O  http://www.amazon.com/exec/obidos/ASIN/159059326X/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/159059326X/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/159059326X/robsladesin03-20
%O   Audience i+ Tech 2 Writing 2 (see revfaq.htm for explanation)
%P   266 p.
%T   "Always Use Protection: A Teen's Guide to Safe Computing"

In the introduction, the author is at pains to point out that this is
not another "don't talk to strangers in chat rooms" book.  He seems to
be primarily concerned with virus infections and other malware.

Part one is about protecting the computer.  Chapter one is a very
brief mention of the possibility of gremlins in your machine.  Some
sloppy definitions of malware and a warning about cyberterrorism are
in chapter two.  There is some good advice on avoiding virus
infections in chapter three.  Unfortunately, there is also a lot of
questionable or useless material that will not give the reader any
protection.  Chapter four's advice on antivirus scanners isn't
necessarily wrong, but it certainly isn't great.  It's marginally
better than just saying "get antiviral software," but not by much. 
"Firewalls" (chapter five) deals only with network address translation
and packet filtering types, and is not clear about their limitations. 
The details on configuring routers tend to be both too specific to a
particular model, and also not technical enough to provide real
assistance.  Windows Update does not work well with older versions of
Windows, and generally refuses to work with non-Internet Explorer
browsers, which chapter six fails to mention.  Chapter seven is a bit
of a grab bag: some good suggestions on securing the Outlook email
client, some good but incomplete material on services, and three basic
recommendations on wireless LANs which are good as far as they go. 
(Changing the SSID is fine, but if you keep broadcasting the
information it doesn't do much good, and Wired Equivalent Privacy
encryption will protect you against those who don't even know they are
logging on to your network, as well as those opportunists who only
want a free Internet connection, but it is hardly secure against even
the novices among your script kiddie friends.)  The advice on backups,
in chapter eight, is actually realistic.  Chapter nine is quite a
complex troubleshooting tool to use if you have been hit, and I really
don't know how useful it would be in that case.

Part two deals with privacy.  Chapter ten discusses identity theft,
but glosses over the most common form, simple impersonation.  Some
generic, but decent, advice on passwords is provided in chapter
eleven.  Chapter twelve has a good overview of the personal
information on your machine that you may not know about.  Various ways
that your data can be collected, and some things you can do to prevent
it, is in chapter thirteen, but in rather random and ragged fashion.

Part three examines some more direct attacks.  Chapter fourteen
suggests that chat rooms aren't all *that* dangerous, and has some
brief words of advice.  Some of the more common scams (mostly email)
are listed in chapter fifteen.

This book is better than nothing, quite a lot better.  (Thomas
Greene's "Computer Security for the Home and Small Office" [cf.
BKCMSCHO.RVW] is more complete and technically accurate, but few teens
will be interested enough to follow it all the way through.)  In fact,
I can think of quite a few adults who should read this book.  They
won't be completely protected, or even mostly protected, but they'll
have fewer problems.

copyright Robert M. Slade, 2005   BKALUSPR.RVW   20050805


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca      slade@victoria.tc.ca      rslade@sun.soci.niu.edu
Television - a medium. So called because it is neither rare nor
well-done.                                          - Ernie Kovacs
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade


------------------------ Yahoo! Groups Sponsor --------------------~--> 
1.2 million kids a year are victims of human trafficking. Stop slavery.
http://us.click.yahoo.com/.QUssC/izNLAA/TtwFAA/kgFolB/TM
--------------------------------------------------------------------~-> 

 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Always Use Protection", Dan Appleman, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] Help for CISSP Certification, TEJ KOHLI
Next by Date:  [CISSP-D] REVIEW: "Guide to Computer Forensics and Investigations", Bill Nelson et al, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Previous by Thread:  [CISSP-D] Help for CISSP Certification, TEJ KOHLI
Next by Thread:  [CISSP-D] REVIEW: "Guide to Computer Forensics and Investigations", Bill Nelson et al, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Indexes:  [Date] [Thread] [Top] [All Lists]