Hack Proofing Your Network: Internet Tradecraft

Too many network administrators depend on the "big sky" principle of network security--they believe that the large number of Internet-connected machines out there will keep black-hat hackers away. Hack Proofing Your Network: Internet Tradecraft points out that statistics are no defense, and that such an attitude is irresponsible. The book shows steps that you can take to harden your resources against attack. Although most of the material in this book isn't up-to-the-minute (how could it be, when the tactics of attackers change daily), you can discourage hackers by implementing the strategies that it describes.

Many antihacking texts assume a fair bit of knowledge, but this one doesn't. Ryan Russell and coauthors explain many terms and concepts, such as traffic sniffing, cryptography, and file differentiation ("diffing"), and the tools that evildoers use to wreak havoc on the systems that they attack--complete with Internet addresses from which you can download them. The book walks you through sample attacks, too, such as hijacking a connection by using a tool called Hunt. Overall, this is a fine introductory-to-intermediate antihacking volume that leads well into more current and advanced resources. You might want to supplement it with two other practical computer-security books: Hacking Exposed catalogues many of the tools that bad guys use, while Network Intrusion Detection helps you analyze security logs and spot attacks in progress. --David Wall

Topics covered:

• Modes of attack, and means of defending against them
• Political environment governing software and networking
• Laws and policies springing from that environment
• Approaches to the problem of breaking into systems or denying their services to legitimate users
• Spoofing
• Sniffing
• Transmission interception
• Several other popular tactics