Thursday, August 04, 2005

Latest Book Pre-Reviews

I've had a ton of new books dropped at my door in the last week. Here are my initial impressions.

I finally got my copy of Visible Ops by virtue of attending a Tripwire Webinar. The Information Technology Process Institute published this book by Kevin Behr, Gene Kim, and George Spafford. I plan to integrate the Visible Ops methodology into the remediation section of my network incident response training classes. This guide is indeed a "handbook" -- it's only 106 pages and measures about 7" x 5" in size. The text inside is really small though. I would have preferred a bigger format like Ben Rothke's Computer Security: 20 Things Every Employee Should Know.

I noticed that page 10 references this 2001 Gartner story titled "NSM: Often the Weakest Link in Business Availability." The "NSM" is "network and systems management," not my beloved network security monitoring. The article contains one source of the "80%" quote I've mentioned before:

"Gartner research shows that an average of 80 percent of mission-critical application service downtime is directly caused by people or process failures. The other 20 percent is caused by technology failure, environmental failure or a disaster."

Next is a new Syngress book called Network Security Evaluation Using the NSA IEM by Russ Rogers, Ed Fuller, Greg Miles, Matthew Hoagberg, Travis Schack, Chuck Little, Ted Dykstra, and Bryan Cunningham (whew). I am interested in this book because my local ISSA chapter is offering training on the topic and I am attending. I haven't seen too many books on conducting formal vulnerability assessments, although I did like Ajay Gupta's Hack I.T..

Now we come to another Syngress book, with one of the more interesting covers I've seen in the last several years: Stealing the Network: How to Own an Identity by Timothy Mullen, Ryan Russell, Riley (Caezar) Eller, Jeff Moss, Jay Beale, Johnny Long, Chris Hurley, Tom Parker, and Brian Hatch (another whew). Syngress sure likes to assemble author teams and then give some poor leader author or editor the job of keeping this group on track! I liked previous "Stealing the Network" books because they push the envelope of publicly discussed threat vectors. Their fictional content allows for great creativity.

>Speaking of threats, I've been looking forward to a new Addison-Wesley book titled Rootkits : Subverting the Windows Kernel by Greg Hoglund and James Butler of HBGary and Rootkit.com. I'm glad the subtitle refers to Windows, as this is what Rootkits is about. I reviewed drafts of the book and I thought it was valuable. I think the book's genuine audience is fairly small, though. You have to really know programming and Windows to appreciate Rootkits, but the work you put into understanding the material will be rewarded.

If you're a programmer, but not ready to write rootkits, consider reading a new McGraw-Hill Osborne book called 19 Deadly Sins of Software Security by Michael Howard, David LeBlanc, and John Viega. All three are known for their own work on secure coding. Now they have teamed to write this sub-300 page treatise. The title reminds me of the X-number-step books popular in the business press. I wonder if we will start to see a similar number of security books based on the 11 Ways to Secure Your Enterprise or the 7 Security Gurus You Meet at Def Con?

Finally we have a new Wiley book titled Debian GNU/Linux 3.1 Bible by Benjamin Mako Hill, David B. Harris, and Jaldhar Vyas. I have been eagerly anticipating this book too. I don't forget to show Linux some love when it's the only OS I can install on some of my more exotic hardware. I've always thought Debian would be a great OS for servers as I highly value package management. This is the first real Debian book in four years, but I see another arriving next month from No Starch press. Everyone considering an alternative to Red Hat should given Debian a look.

I will probably kickstart my reading program by re-engaging with the shortest book on this list, and then working as time allows.

2 comments:

Anonymous said...

I think you meant to say "Gene Spafford".

Anonymous said...

...or not. I guess Gene Kim just likes working with guys named "Spafford".

My bad.