IIRC, there was recently a thread about learning to be an ethical
hacker/pen-tester.
Feel free to discard my comments, as I haven't performed a penetration
test in over 2 years, but I recently ventured across what I'd consider
to be something of a 'gem' for budding would-be pen-testers.
It's a book called 'Gray Hat Hacking'[1], crediting Shon Harris, Allen
Harper, Chris Eagle, Jonathan Ness and Michael Lester as the authors.
The reason I think it's a good buy is because it goes in to a far
deeper technical level than you'll find in any 'Hacking Exposed' book.
Some of what's in there is pretty basic, and the book spends (IMHO)
far too much time discussing various legal and ethical stances, such
as your preferred choice of disclosure policy. Whilst this is
valuable information to any tester, as is what I call the 'legally
covering your ass' section -in my experience things like 'disclosure
policy' are dictated by the client, not the evaluation team. Usually
with a 'Non-disclosure' agreement.
Also - the legal section in this book is geared towards the US legal
system. Brits like myself will need to remember this when reading
that chapter.
However - the key thing that sets this book apart from books like the
'Hacking Exposed' series is that it actually goes to the trouble of
not using layman's terminology to describe how illustrated exploits
work, rather than using an analogy to provide 'script-kiddies' just
enough clue to make themselves sound knowledgeable (or 7337 if you
prefer) on IRC and USENET.
Another good point with this book is that it provides exam-type
questions with every section - so the reader gets the chance to think
for themselves a little. If you've been reading up for your
Microsoft/LPI/Novell/Cisco certs, you'll no doubt be used to such a
format, and may even find it helpful - although the book doesn't seem
to be geared towards any particular syllabus.
If you're a seasoned tester, this book will probably be of little
worth to you, unless you've been stuck in management for a few years,
and just want to brush up on your hands-on skills. However -if you're
new and genuinely interested in penetration testing, and currently
think that shellcode is 'something that other people write', this book
will be a good starting point for you. Obviously, it won't teach you
*everything* in little more than 400 pages, but if you can use google
and the 'man' command, it will give you a good start.
If you're not in to pen-testing, but broadly concerned with your
organization's security policies, I'd also recommend reading Kevin
Mitnick's 'Art of Deception' - although I haven't read this in a
while, and lent my copy to an IT manager some months back, so can't
say too much about it right now.
[1] If you're interested, the ISBN above the barcode is 0-07-225709-1
--
AdamT
"People may not like giving up their kids, but that's why we run the
country. We know better."
-nationstates.net
