Wednesday, March 23, 2005

Review of The Art of Intrusion Posted

Amazon.com just posted my four star review of The Art of Intrusion. This may be one of my more controversial opinions, so you may want to read the whole review to get my entire take on the book. Here is the beginning of the review:

"Over two years ago I read and reviewed The Art of Deception also by Mitnick and Simon. I thought that book was 'original, entertaining, [and] scary.' Those same adjectives apply to The Art of Intrusion (TAOI). While I also add 'disappointing' and 'disturbing' to the description of TAOI, sections of the new book make it an absolute must-read. If you want to understand the consequences of systematic, long-term compromise of your enterprise, you must read and heed the lessons of TAOI."

2 comments:

Keydet89 said...

Very interesting and well-written review, Richard. It's obvious that you put time and thought into what you're writing.

I don't think the trend you point out is going to go away...in that actually compromising a network and showing proof of it will be viewed by the client as a one-time thing...once it's fixed, the issue is done. There are many admins who are as you describe, and lack simple troubleshooting skills, let alone the ability to perform IR. I'm sure that there are a great many compromises that have gone unreported, as the administrator simply saw something they didn't understand, so they reloaded the system and never informed management.

H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com

Anonymous said...

Nice review of that book! I also found it very nice and it contains a wide range of attacks and penetrations. I was amazingly happy to read about attacks that took many months to perpetrate and about attacks against satellite systems, or rather, things outside the immediate company network that dial in or otherwise gain remote access. It is not often that I read about attacking a company by attacking home users of that company who might just happen to dial in to work from home, or, in this case, company drivers.

I was also very pleased to hear not only stories of "hackers," but also of legitimate penetration testers. The authors did a good job of mixing things up and keeping it less repeitive than Art of Deception was (imo). They ran the gamut of crackers, hackers with various motives, security persons.

I think the book would be most enlightening to someone like a technical or IT manager, who knows just enough to appreciate the motives, techniques, and importance of the stories in the book, but not someone who may be looking for the tools and walkthrough on actually performing these penetrations (or stopping them). KM and WS, at times, were obviously writing to laypersons, but sometimes would slip into jargon that might lose more casual computer users.

-LonerVamp