Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "Black Hat", John Biggs

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "Black Hat", John Biggs
Date: Thu, 06 Dec 2007 11:47:56 -0800 
BKBLCKHT.RVW   20070923

"Black Hat", John Biggs, 2004, 1-59059-379-0, US$19.99
%A   John Biggs john@blackhatbook.com www.blackhatbook.com
%C   2560 Ninth Street, Suite 219, Berkeley, CA   94710
%D   2004
%G   1-59059-379-0
%I   Apress
%O   U$19.99 510-549-5930 fax 510-549-5939 info@apress.com
%O  http://www.amazon.com/exec/obidos/ASIN/1590593790/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/1590593790/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/1590593790/robsladesin03-20
%O   Audience n- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P   158 p.
%T   "Black Hat: Misfits, Criminals and Scammers in the Internet Age"

Chapter one contains the all-too-common exhortation that "Bad Stuff"
is out there on the Internet.  The chapter content tends to the
sensational and is short on details and accuracy.  The discussion of
spam, in chapter two, is rather specific to the time the book was
written (and will therefore date quickly).  It doesn't provide much
detail on the general types of anti-spam systems, although it does
have a short (but reasonable) section on dissecting headers to track
down spam sources.  The information on spyware and adware that chapter
three provides is unreliable: the text confuses spyware with
keylogging trojans, the FBI's proposed Magic Lantern system, and even
hardware keyloggers.  Chapter four's examination of viruses and worms
is even worse, containing a compilation of tidbits (some true, other
not too reliable) and stories of various programs but providing little
or no useful background on the basic concepts.

By the nature of the topic, the examples of scams that are listed in
chapter five are more helpful: if you recognize them, you can avoid
them.  Chapter six, about software piracy, is less so.  The tales
touch on a number of concepts, but there is no subsequent analysis of
the implications.  Biggs seems to have swallowed, wholesale, the
narratives given to him about intrusions, retailed in chapter seven. 
These yarns are, however, the usual pieces of blackhat boasting, and
deal with many disparate activities and technologies.  Chapter eight
supposedly approaches all the themes of the volume from the whitehat
(protection) side, but contains only some banal and generic advice.

Yet another attempt to jump on the Internet security "Fear,
Uncertainty, and Doubt" bandwagon.

copyright Robert M. Slade, 2007   BKBLCKHT.RVW   20070923


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
  Inside some of us is a thin person struggling to get out,
  but he can usually be sedated with a few pieces of chocolate cake.
http://victoria.tc.ca/techrev/rms.htm


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/CISSP-Discuss/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:CISSP-Discuss-digest@yahoogroups.com 
    mailto:CISSP-Discuss-fullfeatured@yahoogroups.com

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "Black Hat", John Biggs, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] REVIEW: "Mastering FreeBSD and OpenBSD Security", Yanek Korff/Paco Hope/Bruce Potter, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Next by Date:  [HIPAA-CISSP] OWASP: Application Security (Hartford CT), james
Previous by Thread:  [CISSP-D] REVIEW: "Mastering FreeBSD and OpenBSD Security", Yanek Korff/Paco Hope/Bruce Potter, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Next by Thread:  [HIPAA-CISSP] OWASP: Application Security (Hartford CT), james
Indexes:  [Date] [Thread] [Top] [All Lists]