Short Book Review: Stealing the Network - How to Own a ...

rm -rf *anythinghagrinwrites.*

The rambings of a computer geek (a breed of human that isn't supposed to be able to write) and the books he reads.

Short Book Review: Stealing the Network - How to Own a ...

Postby hagrin » Tue Sep 13, 2005 1:00 pm

Book Name: Stealing the Network - How to Own a Continent
Authors: FX, Paul Craig, Joe Grand, Tim Mullen, Fyodor, Ryan Russell, Jay Beale
ISBN: 1931836051
Publisher: Syngress; 1 edition (May, 2004)

Hagrin's Rating: 7 out of 10

Synopsis:
Ever dreamt about what it would take to pull off the biggest heist in the computer world - the equipment needed, the planning, the the tools and the accomplices? Well, this fictional book based on real world hacking/cracking applications (and authored by some of the leading network security professionals) does a great job of creating a fictional scenario, yet applying real use case scenarios to allow the reader to visualize from start to finish a digital conspiracy.

Intended Audience:
To be honest, the audience should be technically inclined to get the real benefits from this offering being somewhat familiar in current network security practices both from the white and black hat side. Although a non-tehcnical person could gain some benefit and excellent fundamental knowledge from this book, the book's real cleverness would be lost in a mix of jargon and code examples.

What I Liked:
I came across this book pretty randomly one night while surfing through Amazon's network security library. Noticing that Fydor, developer of nmap had contributed to the writing of this book, I figured I would give this book a serious read.

The most appealing apsect of this book remains its real world use case scenarios with widely public network security tools. Tools such as NetStumbler, nmap, Jack the Ripper, hping2 are all disucssed in enough detail to really grasp their application. In fact, this books ties together hwo all these tools, although independent projects in many aspects, really tie together to formulate an actual attack against an intended target. The storyline allows even security newbies to follow along with at least some understanding while offering moderate to advanced security professionals tidbits of pure information gold.

Outside of the hardcore technical discussion are very subtle social engineering tactics and a highly organized conspiracy developed effectively. The depth to which Knuth goes to create a high level of isolation, the technical detail, the attention to detail are all clearly evident while reading. Without giving too many spoilers, Knuth's seeming ability to control the potential rogue aspects of his operation with immense foresight and precision are admirable and desired.

What I Didn't Like:
Much of what I didn't like, truthfully, is unfair criticism to the great IT minds that wrote this book as they are exactly that - IT minds and not professional writers.

Character development is sparce and really left up to the reader. I think the authors really counted on the reader developing their own character profiles from stereotypes usually generated in the security field - the young genius, the shady criminal, the over zealous youthful hacker, etc. The writing techniques used are more for a Usenet discussion not an actual book, but in some cases it does work to give the book some authenticity. The one character development flaw though that proved increasing difficult to deal with was Knuth. Although clandestine in design, when talking in the first person he offered tidbits of information such as losing millions in the stock market without really fully explaining his motives. If money was his motive, you really have to question losing millions on purpose, spending an immense amount of resources just to get "more" money. The risk to reward ration seems to shrink rapidly as the book develops and remains the one critical flaw I see. I'm sure one could argue numerous motives, but together as a whole, the book doesn't seem to spell out any one theory that justifies the risk involved.

Conclusion:
Although flawed, this book really shines in its ability to create a clear conspiracy, accurately and effectively use non-fictional tools and security approaches to develop a page turner for those interested in network security.
User avatar
hagrin
Keeper of the Boards
 
Posts: 9130
Joined: Fri Apr 01, 2005 2:17 pm
Location: Garden City, NY

Return to Writings & Books

Who is online

Users browsing this forum: No registered users and 0 guests

cron