Rating: 
Summary: SANS books are usually very good. But...
Review: Hi,I love Sans courses and books,
I liked how this book started but I really got stuck right on the first exercise. L I'm a MCSE and I'm starting to learn the Linux world, and on the first exercise where he was showing how to create a user account thru RLogin on Linux, I believe he missed a step.
I followed his instructions installing Linux (it really has to be the version 7.2 Red Hat) if you try 7.1 the screens will be different from the one in the book. The instructions were good, I created a User account (Linux gave me an opportunity to create a normal user account during installation). I logged in as this new user to start the exercise where he is explaining about trust relationship. And using the Rlogin command, I create the new user account ++ jmm and then on the next step he asks to log in with the new user account?? That is when I got lost. Is there a way the log off in the Shell Prompt (that is where the exercise was done) as "user A" and log in as the new user (user B) that I just created or do I have to totally get out and log off and then connect as jmm (I tried the second option but then it asks for a password in which I did not create for jmm since the exercise did not mentioned to do so. I could not log back in.) Trying to research to see if there are any good books on Windows admins learning Linux (red hat).
I understand that this issue might be too basic, sorry guys, I always been a MS kind of guy. But now I'm trying to test new waters. It would have been great if the author might suggested some previous reading that would give further details on the type of exercise that he is trying to show and just in case you are totally newbie with the Linux O.S.
Thanks
Rating: 
Summary: Great hands on book
Review: I really liked this book. I liked how it did not just inform you about these tools but actually had you use them to gain understanding. Any good systems/network admin should be familier with the tools in this book. Both UNIX and Windows admins will gain great experiance and understanding of their systems weaknesses.
I have read many books on "hacking" and security and this one is the only one that actually has you use these tools.
It is setup in a very easy to follow and understand format. This book is a must for EVERY Admin, not just for preparing you for a test. Even if you never take a security exam, this book will give you great intro and experience with the use of the tools described.
Rating:
Summary: good book, but not always accurate
Review: If you don't have any security background then this book is a good place to start. Be ready, however, for most of the links to be out of date (the book was published in 2002). This can be circumvented by a little help from Google to find the utilities you need for the exercises. There are also a few inaccuracies in the syntax provided. These can be resolved with help from "man" (i.e. 'man ipchains') or the help for the particular utility.
Rating:
Summary: good book, but not always accurate
Review: If you don't have any security background then this book is a good place to start. Be ready, however, for most of the links to be out of date (the book was published in 2002). This can be circumvented by a little help from Google to find the utilities you need for the exercises. There are also a few inaccuracies in the syntax provided. These can be resolved with help from "man" (i.e. 'man ipchains') or the help for the particular utility.
Rating:
Summary: Excellent reference
Review: The GIAC Certification: Security Essentials Toolkit (GSEC) is an excellent reference to use for the SANS GSEC certification. The book is quite different from most other, if not all certification prep guides. Rather than simply provide the reader with reference material and acronyms to memorize, the book has exercises that the reader uses for their preparation. Each chapter has a separate hands-on exercise that is used to solidify the knowledge required for the exam. The exercises are well laid-out and organized, and proceed in a methodical way. The only think I personally did not like about the book was its size, it is 11 x 8.5''. I found it to be cumbersome at times to use. But its main point, content, is first rate. Anyone planning on obtaining GSEC certification should definitely invest the money- in the GIAC Certification: Security Essentials Toolkit, it is well worth it.
Rating:
Summary: Excellent reference
Review: The GIAC Certification: Security Essentials Toolkit (GSEC) is an excellent reference to use for the SANS GSEC certification. The book is quite different from most other, if not all certification prep guides. Rather than simply provide the reader with reference material and acronyms to memorize, the book has exercises that the reader uses for their preparation. Each chapter has a separate hands-on exercise that is used to solidify the knowledge required for the exam. The exercises are well laid-out and organized, and proceed in a methodical way. The only think I personally did not like about the book was its size, it is 11 x 8.5''. I found it to be cumbersome at times to use. But its main point, content, is first rate. Anyone planning on obtaining GSEC certification should definitely invest the money- in the GIAC Certification: Security Essentials Toolkit, it is well worth it.
Rating:
Summary: No time spent proofreading this book
Review: This book presents some welcome hands on exercises to learn about security. However, it is very clear that at no time did anyone sit down with the book and actually try out the exercises before the book was published. The result is that many of the exercises simply do not work as written and much time is spent simply troubleshooting the steps. Apart from the poor quality control of this book, it lacks good solid explanations to accompany most of them. Like many such exercise-oriented book the minimal level of explanations leaves one feeling that they are merely following a recipe in a cookbook. In summary, while the book offers something that is missing in the marketplace, it seems that is was rushed into print with little quality control. Unfortunately there are no errata sheets available from the publisher.
Rating:
Summary: Excellent hands-on coverage
Review: This is *the* authoritative text for those who are new to security or wish to enhance their existing security knowledge. The hands-on, exercise driven approach is extremely effective at teaching the material. I have seen John Millican speak at SANS and have always been impressed with his ability to dive deep into security issues while explaining it simply and elegantly. This book is particularly helpful because of the broad range of tools it covers, and the multi-OS perspective that it takes on the matter. A must-have for those who are serious about learning security.
Rating:
Summary: Excellent hands-on coverage
Review: This is *the* authoritative text for those who are new to security or wish to enhance their existing security knowledge. The hands-on, exercise driven approach is extremely effective at teaching the material. I have seen John Millican speak at SANS and have always been impressed with his ability to dive deep into security issues while explaining it simply and elegantly. This book is particularly helpful because of the broad range of tools it covers, and the multi-OS perspective that it takes on the matter. A must-have for those who are serious about learning security.
Rating:
Summary: Great Step by Step Guide
Review: This is a great book to dive into if you are new to security or interested in learning more about Infomation security tools. It is the only book that I have come across that provides hands on step by step instructions. This book goes into a good amount of detail on how to configure and use 80% or more of the tools available in the free world. The information is also presented in a very responsible manner giving the reader an understanding of any potential risks associated with using some of these tools and what the user should do prior to usage. It's a must have if you are interested in learning how to setup and use tools such as snort, nmap, nessus, ethereal, and many more.
| 
