LJ Archive

Security Warrior by Cyrus Peikari and Anton Chuvakin

Dan York

Issue #126, October 2004

This book lives up to its claim.

O'Reilly & Associates, 2004

ISBN: 0-596-00545-8

$44.95 US

Security Warrior is, indeed, a dangerous book. Not so much for the specific tools and techniques it presents, as all of them can be found on the Internet, but because the book collects all this information in one convenient, easy-to-read volume. With a subtitle of “Know Your Enemy”, this book provides a powerful compilation of attacks against software, networks and individual systems.

Given that hundreds of security books are out there, I was a bit skeptical this one would live up to its claim of being so different. However, as soon as you enter the first section, “Software Cracking”, you know you are in for a different ride. After a quick refresher on assembly language, this section covers how to reverse engineer software in Windows, Linux and Windows CE, with the focus on how to crack malware such as viruses or spyware. I personally found this section a bit slow-going, but I did learn a good bit from it. I especially found the text on overflow attacks quite relevant, given the large number of such attacks around today.

For me, the book really hit its stride in the second section, “Network Stalking”. After a brief review of basic TCP/IP attacks and tools, the text dives into active and passive reconnaissance, OS fingerprinting and hiding an attack. Chapter 7, on social engineering, seems a bit out of place in this section, but it is an interesting read nonetheless. In later sections, I enjoyed the well-written chapters on hardening UNIX/Linux systems and UNIX/Linux attacks, which include information about breaking out of chroot jails that I hadn't seen in other security books.

My only minor complaint about the book is the editing is a little uneven. Most sections are well done, but in a few cases there are references to topics that “would be covered later” but never are. In another case, I felt there was unnecessary duplication of information. Overall, I found this book to be a strong text with a refreshingly different spin on computer/network security. If you are responsible for system or network security, Security Warrior is definitely worth reading.

LJ Archive