Security Warrior

The first 175 pages of the book provide an excellent introduction to the world of software cracking. After an introduction to assembly, they focus on reverse code engineering Windows, Linux and Windows CE platforms. The authors live examples coupled with their ability to clearly explain this science/art allow one to experience first hand the reversing process. They go on to explain both buffer and heap overflows with a live challenge to execute only reachable via proper manipulation of a buffer overflow condition. This section provided new experiences for me and was great fun.

The book continues to discuss threats through the eyes of an attacker, while providing guidance on defending against these attacks. Topics such as network stalking, wireless security, Unix, Windows attacks, SQL and SOAP threats are covered. Although more general in nature, I found these sections helpful in that the authors have an excellent way of explaining concepts such as the Window's Kerberos implementation and packet analysis. The information provided in these chapters has something for both introductory and advanced security professionals.

What I really took away from these chapters was awareness. Awareness that whatever your specific job functionality, be it security admin, system admin, network admin or application developer, we all must continually strive to assess the threats with which were are faced and make determinations as to how to defend against them. There will never be an end to that which we need to learn and like true warrior we must evolve and train to face these challenges.

The book ends with defense tactics such as ids and honeypot deployment as well as incident response and forensic analysis. They also included some methods of deterring the IR process which gives added insight to the process. Again, these chapters are full of very useful, practical information such as means of determining the efficacy of in IDS. As one who diligently studies the honeynet's Challenge of the Month, I really enjoyed the information provided as more insight how we can sanely assess and manage the ever mounting threats against us.

For an individual working in or planning a career in information security this book would be very valuable. It provides an overview of all the various technologies one must understand with vast amounts of granular information. The references at the end of each chapter, the hands on approach to the examples, and the authors' ability for clear explanation made this an incredibly fun and practical book.

Rating:
Summary: New and Different !
Review: Most books written on computer security seem to follow the same predicable pattern of describing various computer programs that can detect security issues on networks/computers, and then go through the process of exploiting them (which is prefaced by the usual warnings). Although there is some of it in this book, the main topic in Security Warrior that I have never seen explained in an easily understandable format is that of "Reverse Code Engineering (RCE)" - or simply stated, the techniques used for discovering or geting a pretty good idea of how the source code of a compiled executable is actually working.

I had always been of the opinion that RCE was impossible or extremely difficult at best; and although it is actually pretty labor intensive and time consuming in practice, this book does offer some real strategies for accomplishing it and mentions the tools to do so. I would say this book is a MUST HAVE for anyone in the anti-virus, anti-trojan horse, etc., business, or anyone that needs to figure out how non-competitor products work in order to build interfaces or other integrating components.

Good luck and hope this review helps you.

Rating:
Summary: How Does One Identify Threats to The IS Environment
Review: One of the early steps in conducting a risk assessment for an information technology environment is to do an analysis of the threats facing your enterprise and the vulnerabilities to these threats. But how does one really get a handle on the threats in an ever changing environment? How do you get inside a hacker's head? In their book Security Warrior (506 pages, O'Reilly Media, 2004, ISBN 0-596-00545-8), Cyrus Piekari and Anton Chuvakin attempt to take the reader inside the mind of the hacker, to find out what they already know about our systems, tools they use to analyze and attack our systems, and how they then cover their tracks.

This book will satisfy people from system administrators to CIOs from different levels. For the hard core 'techno-geek', the first part of the book goes into extensive discussion of reverse engineering, including many, many pages of code showing how it is done. Of course, this is done with a legal disclaimer that basically says "do not do this at home, but if you do it is at your own risk". As this book was released just this year, there are great overviews of how attacks are launched on Windows, Linux, UNIX, and Windows CE. If your focus is on wireless, they have you covered. SOAP, XML, & Web services Security? Not a large amount of material, but enough to get you started.

The only major fault I find with this book is that social engineering only gets 11 pages of coverage, even though Piekari and Chuvakin state up front that social engineering is one of the most threatening forms of hacking attacks. Granted, it is a very complex issue that could (and often does) fill a volume by itself. While people outside of the system administration arena may glisten key points from this book, it really is a tool that should sit on the bookshelf of every system administrator. It provides a very broad overview, while providing extra references for each chapter if you want to dig into more detail. You will learn things from the darkside you may not have known about, but in the end this is a good thing. And if you want to skip over the lines of detailed code, you can do this safely as long as you know reverse engineering is a problem and that you have a detailed reference to go back to.

The Business Control Caddy Scorecard: Birdie on a long par 5.

Christopher Byrne
The Business Controls Caddy
http://www.controlscaddy.com/

Rating:
Summary: To know the enemy
Review: Security Warrior comes with the subject "Know Your Enemy" written across the top of the cover. In those three words, Peikari and Chuvakin give you the reason to read the book. O'Reilly's books are usually of the highest caliber, and happy to say this is shown in Security Warrior. The book is aimed at the security administrator, or the hard core computer person. While much of the book, and of security writing in general, is directed at UNIX systems there is a decent coverage of the Windows environment, which given its track record is in much more need of security warriors.

What the authors do is to give you the why and how of attacks and various threats, showing you some of the tools that can be used in these actions against you. The reader can then take these tools and turn them against the attackers, finding vulnerabilities first, and using other tools to counteract attacks and minimize damage. The first part looks at attacks at software, showing how reverse engineering can find out a lot more than might be planned as to how the program works. Things can get rather technical here but it's a great introduction to the mechanics of reverse engineering software and shows how someone could go looking for vulnerabilities, and finding out maybe not all the hows of the program, at least potential entry points in the software's operation.

Then it is on to OS and network security, with the focus on UNIX and some Windows Systems. The authors give some practical examples to explain what goes into attacks you commonly hear about - SQL Injection and Overflow attacks - but may not have seen demonstrated with examples. Many of the chapters and sections that are written about could and do fill whole books, but the authors do a very good job of balancing going beyond the surface of the topic without going too deeply down the technical details and examples to overwhelm or bore the reader. This is not a light, breeze through book, but a technical reference guide. It's one that I can see returning to again and again to help brush up understanding of certain topics as they are needed. This book is a very good starting point for overviewing the ideas as well as the mechanics of security attacks and to help you learn how to repulse them and become the security warrior. Know thy enemy is the necessity of the modern world.

Rating:
Summary: Good- as in really good
Review: Security Warrior is an awesome book.

Many security books only get to the juicy stuff around page 150.

Security Warrior gets there on about page 4.

This is an intense advanced book and is one of the best around.

Rating:
Summary: You really should check out this book...
Review: Target Audience
Intermediate to advanced programmers, network administrators, or security administrators who need an in-depth understanding of how software and systems can be exploited.

Contents
This is a detailed guide on how to reverse-engineer and analyze software and systems for vulnerabilities and exploits.

The book is divided into five parts:

Part 1 - Software Cracking - Assembly Language; Windows Reverse Engineering; Linux Reverse Engineering; Windows CE Reverse Engineering; Overflow Attacks

Part 2 - Network Stalking - TCP/IP Analysis; Social Engineering; Reconnaissance; OS Fingerprinting; Hiding The Tracks

Part 3 - Platform Attacks - Unix Defense; Unix Attacks; Windows Client Attacks; Windows Server Attacks; SOAP XML Web Services Security; SQL Injection; Wireless Security

Part 4 - Advanced Defenses - Audit Trail Analysis; Intrusion Detection Systems; Honeypots; Incident Response; Forensics and Antiforensics

Part 5 - Appendix

Review
"Know Your Enemy". This phrase is on the cover of the book Security Warrior, and it is an apt subtitle for the book. Very few security books on the market today do more than just tell you about the types of software and network attacks that exist. Peikari and Chuvakin go beyond the "what" of attacks and show you "how" to exploit systems and software.

This book is definitely geared to the experienced developer or network administrator. For instance, the first eight pages is an explanation of assembly language, registers, stacks and the like. Each following chapter on reverse engineering then takes that knowledge and walks you through how to analyze an executable using tools that you can purchase or download. Obviously, if you have absolutely no assembler language knowledge, you'll be lost here. But if you have that background, you'll start to learn how hackers develop exploits, and how you can build more secure software once you understand the vulnerabilities.

At the end of each chapter, the authors list a number of additional references (both books and websites) that can help you to further your understanding of the material presented. This is a great addition if you are looking to focus in on a particular type of attack, like those related to wireless security. At the website for the book, they have also made sample programs available that can be used by the reader to work through exercises in the book. For instance, when they present information on reverse engineering, they also provide a sample program that you can analyze and crack. A perfect way to lead the reader from theory to practical knowledge.

The argument could be made that this book could be used by crackers to learn how to break software. The reality is that this information is already out there. A book like this will help those who are trying to prevent break-ins understand the methods that are being used against them. And henceforth, the sub-title "Know Your Enemy".

One caveat about the book... Be very careful with the material presented in the reverse engineering section. Under the Digital Millennium Copyright Act (DMCA), reverse engineering can be considered a crime in certain circumstances. The authors acknowledge this, and that's probably why they provide their own sample programs for you to work on. Still, just remember that this knowledge, if misused, could land you in some very hot water.

My only complaint about the book... The sumo wrestlers on the cover really needed to be bigger... :-)

Conclusion
This is one of the few books that goes beyond the "what" and deals with the "how" of system and software security. A thorough reading and study of this book will arm you with the tools and knowledge you need to analyze and bight back against software

Rating:
Summary: excellent breadth with substantial depth
Review: The difficulty with writing a book like this--a comprehensive look at security of applications, systems, and networks from the perspective of attacker and defender--is that it covers such a wide territory that it is impossible to touch on everything, let alone go into great detail, and is almost instantly out-of-date.

Peikari and Chuvakin have done quite well at presenting a book that offers something for beginner and expert alike, though it of course suffers from these flaws. The book is already out-of-date in a number of respects. The biggest such deficiency that I noticed was in its coverage of denial of service attack tools, which seemed to date circa 2001 (Trinoo, Tribal Flood Network, Stacheldraht), leaving out mention of the current scourge of bots and botnets.

The book is unusual in its coverage of an issue that has not received the attention it deserves--application security--though it focuses only on reverse engineering and the writing of exploits such as buffer overflows. To be fair, the book's section of five chapters on software are under the heading "Software Cracking," and aren't intended to be coverage of software flaws or secure coding (see Graff and van Wyk's book for an overview of that subject).

The second section of the book is on "network stalking"--reconnaissance, scanning, fingerprinting, and includes a thin and light chapter on social engineering (citing Cialdini's classic and highly recommended book Influence as well as Kevin Mitnick's The Art of Deception, though the latter work is not properly referenced).

Part three is on "Platform Attacks" and covers Unix, Windows, SOAP XML, SQL Injection, and Wireless Security. This material isn't much different than what you'd find in the Hacking Exposed series.

The final part is on "Advanced Defense" and includes chapters on analyzing logs, using IDS and honeypots, incident response, and forensics and anti-forensics. In some ways it seems like the authors were trying to do too much, and some of the chapters seem rather thin compared to more in-depth works on those particular subjects. The breadth, however, is quite impressive and unmatched by any other book on these subjects I'm aware of, while the depth is also greater than many security books. I recommend it as a good introduction and overview, to be supplemented by other works for further depth.

Rating:
Summary: Something for everyone
Review: The scope of this book isn't just broad, it's encyclopedic. Want to understand how hackers hide their tracks? It's in here. Need to know more about wireless security? That's in here, too. The chapter on reconnaissance is particularly interesting. Another chapter, on social engineering, will make you re-examine your security in terms of the people in your own organization who can compromise that security. That's one element many books fail to consider.

Any infosec professional worth his or her salt already knows a lot of what you'll find in here. But none of us knows everything; the authors aim to fill in the blanks in any professional's knowledge. The great thing about this book is that you can instantly flip to the section on what you need to know more about and find clear, in-depth information. If that's not enough, each topic includes a list of additional references to help you learn more.

If I have any complaint about this book, it's the pages and pages of code. How many of us actually read all that code when we encounter it in a book? When code is needed to make a point, I'd like to see no more than ten - fifteen lines of it at a time with appropriate comments in the text. If we really need the rest, it would be far more helpful in appendices at the back of the book, or, better yet, on a CD-ROM included with the book. That said, this book is likely to become an indispensable reference for your library, and well worth the price.

Rating:
Summary: Eye-opening
Review: The whole concept of this book is: know your enemy. If you are a software developer or systems administrator, something you touch is bound to be attacked. Software developers need to understand this when writing programs. Likewise, systems administrators must protect their system from outside attack. This book proceeds from the premise that attack is inevitable, but we are more effective in dealing with it if we know the tactics of hackers. As we understand how they think and act, it helps us write and maintain a higher level of security within applications or network infrastructure.

This book is very interesting to read and amazing to see how easy it is to "hack" various kinds of applications with just a few tools. The book discusses the basics of reverse engineering on Windows, Linux, and Pocket PC. Additionally, the authors step through a couple of examples, to show just how easy it is to bypass entering a serial number in a software install. Other "hacks" shows include buffer overflow, TCP/IP, SQL injection attacks, and even social engineering.

I would recommend this book to anyone interested in any kind of software or network security. It is very eye-opening to see just how easy it is to compromise a system. Once you know how your enemy attacks, you can proceed with ways to combat them.

Rating:
Summary: Excellent Coverage
Review: This book is definitely an excellent resource for a very broad range of security related issues. In spite of its large coverage, it is very technical. The authors take you from assembly level reverse engineering to much higher level SQL code injection; the book is a must in every geek's bookshelf.