Wednesday, March 23, 2005

Review of The Art of Intrusion Posted

Amazon.com just posted my four star review of The Art of Intrusion. This may be one of my more controversial opinions, so you may want to read cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 whole review to get my entire take on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book. Here is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 beginning of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 review:

"Over two years ago I read and reviewed The Art of Deception also by Mitnick and Simon. I thought that book was 'original, entertaining, [and] scary.' Those same adjectives apply to The Art of Intrusion (TAOI). While I also add 'disappointing' and 'disturbing' to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 description of TAOI, sections of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 new book make it an absolute must-read. If you want to understand cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 consequences of systematic, long-term compromise of your enterprise, you must read and heed cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lessons of TAOI."

2 comments:

Anonymous said...

Very interesting and well-written review, Richard. It's obvious that you put time and thought into what you're writing.

I don't think cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 trend you point out is going to go away...in that actually compromising a network and showing proof of it will be viewed by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 client as a one-time thing...once it's fixed, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 issue is done. There are many admins who are as you describe, and lack simple troubleshooting skills, let alone cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 ability to perform IR. I'm sure that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re are a great many compromises that have gone unreported, as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 administrator simply saw something cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y didn't understand, so cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y reloaded cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 system and never informed management.

H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com

Anonymous said...

Nice review of that book! I also found it very nice and it contains a wide range of attacks and penetrations. I was amazingly happy to read about attacks that took many months to perpetrate and about attacks against satellite systems, or racá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r, things outside cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 immediate company network that dial in or ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365rwise gain remote access. It is not often that I read about attacking a company by attacking home users of that company who might just happen to dial in to work from home, or, in this case, company drivers.

I was also very pleased to hear not only stories of "hackers," but also of legitimate penetration testers. The authors did a good job of mixing things up and keeping it less repeitive than Art of Deception was (imo). They ran cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 gamut of crackers, hackers with various motives, security persons.

I think cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book would be most enlightening to someone like a technical or IT manager, who knows just enough to appreciate cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 motives, techniques, and importance of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 stories in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 book, but not someone who may be looking for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 tools and walkthrough on actually performing cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se penetrations (or stopping cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m). KM and WS, at times, were obviously writing to laypersons, but sometimes would slip into jargon that might lose more casual computer users.

-LonerVamp