Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CISSP-D] REVIEW: "PC Pest Control", Preston Gralla

from [Rob, grandpa of Ryan, Trevor, Devon & Hannah] Network Security [Permanent Link]
Subject: [CISSP-D] REVIEW: "PC Pest Control", Preston Gralla
Date: Mon, 03 Mar 2008 09:55:41 -0800 
BKPCPECO.RVW   20071119

"PC Pest Control", Preston Gralla, 2005, 0-596-00926-7,
U$24.95/C$34.95
%A   Preston Gralla
%C   103 Morris Street, Suite A, Sebastopol, CA   95472
%D   2005
%G   0-596-00926-7
%I   O'Reilly & Associates, Inc.
%O   U$24.95/C$34.95 800-998-9938 fax: 707-829-0104 nuts@ora.com
%O  http://www.amazon.com/exec/obidos/ASIN/0596009267/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0596009267/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0596009267/robsladesin03-20
%O   Audience n- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P   275 p.
%T   "PC Pest Control: Protect Your Computers from Malicious Internet
      Invaders"

Chapter one, as is all too common in books about securing home
computers, is long on sensational stories and a bit short on useful
advice.  There are suggestions of things to do, and those
recommendations may even be proper security measures.  Instructions on
actually performing the security actions, however, are mostly absent. 
Much the same material is repeated in chapter two, though in slightly
different wording and structure.  Various computer activities are
listed, and then some of the risks of those functions are described
briefly.  Once again, there are suggestions about actions to take to
protect yourself (this time in the form of "checklists"), but no
directions on how to perform them.  A number of pieces of security
software, mostly commercial, are mentioned in chapter three, but
requirements for management, or the implications of reports that you
might obtain from these applications are not covered.  Details related
to the operation of Microsoft Windows' System Restore and Registry are
given in chapter four, but while the instructions are clear the
significance of these activities may not be.  Immediately after
telling you to run Windows Update, in chapter five, Gralla provides
guidelines for disabling it--by disabling ActiveX and not running
Internet Explorer.  (The fact that this would be the outcome of
following the tutorial is not mentioned.)  Chapter six is concerned
with spyware, and by this time a lot of the recommendations are
starting to sound very familiar.  The definition of "virus" provided
in chapter seven is worse than is usual even for general home computer
security books.  It asserts that viruses are delineated by requiring
no user intervention, whereas the most useful distinction between
viruses and worms is that viruses generally do require some operator
action, even if uninformed.  (That Gralla keeps reiterating that
"virus" is just a generic term for any type of malware is also
annoying and misleading.)  Along with the (not terribly helpful) text
on trojans and bots comes a list of names and descriptions of the "top
five" or so programs in those categories.  This is a feature of other
sections of the book as well, and provides little help (or solid
information), and, of course, dates very quickly.  It is rather
strange that worms are not included with the related topic of malware
in chapter seven, but with the subject of email and instant messaging
in chapter eight, and that spam, which is related to email, is handled
separately in chapter nine.  (Chapter nine also contains an "ANSI"
table, which, instead, turns out to be a table of ASCII [American
Standard Code for Information Interchange] codes for text characters,
the table being used to illustrate a discussion of the alternate data
representations that can be employed in Web pages.)  Phishing,
anonymizing, and the customary vague rules for protecting kids online
makes up chapter ten.  Chapter eleven's material on safeguarding
wireless networks will make your home network less subject to attack,
though not as impregnable as Gralla seems to suggest.  The content on
safety at wireless "hotspots" is less useful.  The book is padded out
with an appendix that repeats material from the text.

There is a lot of white space, and the inclusion of pointless
graphics.  There is a lot of verbiage.  There is little helpful
information, and certainly nothing like the assistance that can be
obtained from Thomas Greene's "Computer Security for the Home and
Small Office" (cf. BKCMSCHO.RVW) or "Just Say No to Microsoft" by Tony
Bove (cf. BKJSN2MS.RVW).

copyright Robert M. Slade, 2007   BKPCPECO.RVW   20071119


======================  (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca     slade@victoria.tc.ca     rslade@computercrime.org
[I]f a man has good corn, or wood, or boards, or pigs to sell...
you will find a broad, hard-beaten road to his house.
                                            - Ralph Waldo Emerson
 (some seven years after his death, Emerson's comment on quality
  was altered to the now famous dictum on innovation, that if you
  built a better mousetrap the world would beat a path to your door)
http://victoria.tc.ca/techrev/rms.htm


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/CISSP-Discuss/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:CISSP-Discuss-digest@yahoogroups.com 
    mailto:CISSP-Discuss-fullfeatured@yahoogroups.com

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CISSP-D] REVIEW: "PC Pest Control", Preston Gralla, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=
Previous by Date:  [CISSP-D] File - ++CISSP-Discuss.doc, CISSP-Discuss
Next by Date:  [CISSP-D] Re: CISSP or Security +, Adam
Previous by Thread:  [CISSP-D] File - ++CISSP-Discuss.doc, CISSP-Discuss
Next by Thread:  [CISSP-D] Re: CISSP or Security +, Adam
Indexes:  [Date] [Thread] [Top] [All Lists]