Security Warrior labels itself as the â€œmost comprehensive, up-to-date book covering the art of computer warï¿½?. Having been on my To-Read list since it was initially released a year and a half ago, I was interested to see how accurate this claim remains.
Obviously, some topics you might expect to be covered in a comprehensive security handbook are missing. No where to be seen is discussion of vulnerabilities in MD5 and SHA, as these hadn’t been published yet. Also missing is any reference to the Linux 2.6 kernel, as the first version of that was released barely a month before the first publishing.
However, this items discussed in this book are general enough that they are still valid and highly valuable. Discussion is platform neutral where possible, with further discussion on platform dependencies where needed. There are some very nice examples and case studies, which make the book a more interesting read than strict discussion. The Advanced Defense subsection is spectacular and well deserving of the designation Advanced. A lot of the ideas there, while simple in nature, are things that I haven’t come across before, or even thought of, especially their discussion on intrusion detection and log aggregation.
There are, however, a few problems with the book. First and foremost, I have a problem with the Social Engineering section. While I agree that social engineering is an important aspect of network security, 10 pages does not even begin to scratch the surface on the topic. Thankfully, this is offset by an amazing set of references at the end of the chapter, including the excellent â€œArt Of Deceptionï¿½? by Kevin Mitnick. Another problem that ties into this, is the fact that the Reconnaissance chapter comes AFTER the Social Engineering chapter, when reconnaissance is usually a precursor to a social engineering attack. I felt that the logical order would have created a smoother reading process here. Finally, the author’s repeatedly mentioned that some tools were standard on Linux distributions, but not commercial unix systems, and as a result might have to be installed manually. I felt this repetition for most of the tools discussed was distracting from the core information I was trying to read.
One area that deserves its own discussion is the section on Reverse Engineering. This section was highly interesting, showing a wide variety of techniques for not only the Unix operating system, but Windows CE as well. A plethora of information regarding techniques, tips and tools are contained in these chapters……. but really only for the Unix and Windows CE environments. Out of 175 pages, only 20 of those discusses reverse engineering on the actual windows platform. With 2/5 of the book actually being devoted towards this topic, I feel that this section might have been better off being an entire book of its own, with expanded discussion for all environments and additional examples.
Overall, Security Warrior was quite an interesting read. I fully plan to take many concepts I have learned here and incorporate them into both current and future plans. If you want a detailed look at network security concepts, this book is a very solid starting point, before branching out into other works.
Final Rating: 3.5/5
â€œSecurity Warriorï¿½? is available from O’Reilly Media, Inc. for CAN $65.95. Sample chapters can be obtained @ The O’Reilly Catalog