[The date of publication is not known.]
Cyrus Peikari & Anton Chuvakin
Paperback – 581 pages (January, 2004)
$44.95 – O’Reilly ISBN: 0-596-00545-8
Security Warrior is one of the latest books that attempts to cover hacking and security information in a way that appeals to all levels of the field. Most books of this nature will present a wide variety of concepts and technologies that fall under the “security” blanket. These topics usually include an introduction to security, networking, reconnaissance, social engineering, attack and defense. As with most professions, attempting to disclose the ins and outs in a comprehensive manner would take volumes of information and could never be summed up in a single book.
Breaking away from the mold, Security Warrior stands out in a crowd of security books by delving into the world of software cracking through reverse engineering. While this is not a skillset many security personnel use or know, it can be a very handy skill to have. Peikari and Chuvakin spend almost one third of the book on reverse engineering by providing detailed explanations, real world examples and even exercises to test your ability to break past software that restricts your access to a program on your own computer. While the skill of reverse engineering is useful, it is also fairly intensive and requires a solid programming knowledge. The extensive use of program source code in the book can get a bit overdone as most people reading the book will already understand it and find no use for it typed out in a book, or find themselves lost after the second line.
The next major section covers the basics of networking and reconnaissance as relates to security testing. After a brief outline of TCP/IP and other protocols that make this big Internet thingy work, they immediately dive into the art of Social Engineering before going back to network recon, OS fingerprinting and hiding your attacks. While this information is all valuable, the sudden turn to Social Engineering in the middle of technical network attacks is disjointed to say the least.
Once you have identified your targets via network recon, the next step is to figure out what specific platform attacks may work for you. Unfortunately, you need to read the chapter on Unix defense before Unix attacks in this book. While the order of the chapters is a minor nuisance, the author’s consistency is a tad annoying. After learning about Unix defense and attack, you then get treated to Windows Client Attacks and Windows Server Attacks. Apparently, the chapter on Windows defense got left on the cutting room floor. Even more odd is the next chapter on SOAP XML Web Services Security followed by the SQL Injection attack chapter. While these are all well written chapters that convey the information very cleanly, the order and choice of topics is very messy.
The last section covers Advanced Defense and goes into audit trails, intrusion detection, honeypots, incident response and forensics. Each chapter receives a good share of attention and falls back into an orderly fashion for dispensing the details of each technology. This material is a solid conclusion to a book that has a place in the security professional’s library. For someone just entering the security circle, this book will be a rough start.