Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Stealing the Network: How to Own the Box", Ryan Russe

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Stealing the Network: How to Own the Box", Ryan Russell et al
Date: Thu, 12 Jan 2006 08:43:33 -0800 
BKSTNHOB.RVW   20051023

"Stealing the Network: How to Own the Box", Ryan Russell et al, 2003,
1-931836-87-6, C$49.95/U$69.95
%A   Ryan Russell et al BlueBoar@thievco.com
%C   800 Hingham Street, Rockland, MA   02370
%D   2003
%G   1-931836-87-6
%I   Syngress Media, Inc.
%O   C$49.95/U$69.95 781-681-5151 fax: 781-681-3585 amy@syngress.com
%O  http://www.amazon.com/exec/obidos/ASIN/1931836876/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/1931836876/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/1931836876/robsladesin03-20
%O   Audience i Tech 2 Writing 2 (see revfaq.htm for explanation)
%P   303 p.
%T   "Stealing the Network: How to Own the Box"

Like the subsequent "Stealing the Network: How to Own a Continent"
(cf. BKSTNHOC.RVW), this is a work that uses fiction to try to
demonstrate some of the techniques and dangers involved in computer
intrusion.  In this case, the individual stories stand alone, rather
than being tied in a narrative thread, no matter how tenuous.

Chapter one outlines standard discovery and enumeration.  It is very
difficult to say what chapter two is about: it mentions worm
operations and disassembly, but also has a great deal of irrelevant
narrative.  A grab bag of industrial espionage makes up chapter three,
mostly to do with physical access.  Standard intrusion, with a minor
in printers, makes up the thread in chapter four.

Chapter five notes the more difficult task of directed intrusion.  The
dangers of wireless LANs are reviewed in chapter six.  Chapter seven
deals primarily with social engineering.  The gathering of information
from publicly available sources is outlined in chapter eight, which
also examines physical social engineering.  Chapter nine is entitled
"BabelNet," and this is oddly appropriate in view of the perplexing
narrative, but there are some interesting ideas about net scanning and
mapping.  Network forensic tracking of an intruder is explained in
chapter ten.  Final advice on security is listed in an appendix.

The book is fiction, and therefore (in most places) easier to read
than a technical work.  It does provide some indication of the
possibilities of intrusions.  Personally, I didn't find it either as
interesting or as useful as "How to Own the Continent," but I can't
find really solid reasons why.

copyright Robert M. Slade, 2005   BKSTNHOB.RVW   20051023


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca      slade@victoria.tc.ca      rslade@sun.soci.niu.edu
I like long walks, especially when they are taken by people who
annoy me.                                               - Fred Allen
http://victoria.tc.ca/techrev    or    http://sun.soci.niu.edu/~rslade


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Stealing the Network: How to Own the Box", Ryan Russell et al, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] REVIEW: "Rootkits", Greg Hoglund/James Butler, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Next by Date:  [CISSP-D] Re: Computer Forensics Certification, Rob
Previous by Thread:  [CISSP-D] REVIEW: "Rootkits", Greg Hoglund/James Butler, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Next by Thread:  [CISSP-D] risk assessment vs disaster recovery, s m
Indexes:  [Date] [Thread] [Top] [All Lists]