Book Review - Stealing The Network - How To Own The Box
Book Review – Stealing The Network
Stealing The Network – How To Own The Box – Ryan Russell, Tim Mullen, FX, Dan “Effugas” Kaminsky, Joe Grand, Ken Pfeil, IdoDubrawsky, Mark Burnett, Paul Craig
1st edition, 2003, 303 pages, Syngress
Anyone with an interest in network security and wants to look into the mind of a network cracker/hacker.
This book is mostly a series of fictional stories written in first-person narrative on what happens during a network attack or an investigation into an attack.
The book is divided into the following chapters: Hide And Seek; The Worm Turns; Just Another Day At The Office; h3X’s Adventures In Networkland; The Thief No One Saw; Flying The Friendly Skies; dis-card; Social (in)Security; BabelNet; The Art Of Tracking; The Laws Of Security
All too often the topic of network security becomes an academic exercise, until it’s too late. Companies might know what they should do, and they might even think they are beyond attack. But to a motivated person, your system may be nothing more than swiss cheese. Stealing The Network takes you beyond the technical and into the psychology of an attack.
Stealing The Network is a series of fictional stories about network attacks of various sorts. Hide And Seek is an attack on a company’s network by a person upset with poor customer service. He steals a credit card file and posts it for others to use. The Worm Turns is an all-night hacking session to dissect the latest internet virus and post a patch before any of the other anti-virus firms do so. Just Another Day At The Office is a story of hacking for organized crime against a firm developing a new type of land mine, and involves both network and physical building intrusion. While it might be easy to dismiss these as the result of a vivid imagination, the reality is that all of these attacks are done on a daily basis. They may even have happened to you at your company, and you just don’t know it yet.
The final chapter, The Laws Of Security, is a discussion of computer security and how you need to be thinking in order to secure your network. So it’s not just a series of stories with no opportunities to learn what needs to be done. Also, each story is detailed with specific software and techniques used to accomplish the hack or the trackdown of the intruder. So as you’re reading the story, you’re actually picking up the necessary information you need in order to understand the network weakness and how to defend against it.
In my opinion, it’s this blending of fictional reality that makes this book so valuable. I’d definitely recommend this to any security professional who is looking to understand the person behind the attacks.
An excellent read… Takes the subject of network security out of the academic and theoretical and places a face and attitude behind it all, while also teaching you the nuts and bolts of how attacks occur.