Friday, February 03, 2006

Four New Pre-Reviews

I received four new books in the last few weeks. The first is Wiley's Security Patterns: Integrating Security and Systems Engineering by Markus Schumacher, et al. I am very interested in books like Wiley's unparalleled Security Engineering: A Guide to Building Dependable Distributed Systems by Ross Anderson. I hope Security Patterns will present techniques that can be implemented in a vendor- and possibly technology-neutral manner.

The second is No Starch's TCP/IP Guide by Charles M. Kozierok. The book is already online, but in a fairly difficult format for reading. This is an interesting approach. One might consider mirroring the whole site, but that violates the author's rules. You can download the book or now purchase the printed version. You might want to buy it directly from the author, since he offers an electronic copy with the printed one. As for the book itself, it's a massive 1500+ page tome. Reviews seem to be positive, and at a glance the content looks good. I hope to read this in order to provide a proper review, but that will be quite an undertaking.

The third book is McGraw-Hill/Osborne's Hacking Exposed: Cisco Networks by Andrew Vladimirov, et al. The book's Web site has published advisories as a result of the author team's research into attacking IOS. I spoke to the authors months ago and I have been eagerly awaiting this book. The authors also developed tools while writing the book, which I look forward to trying. I guess I am excitied by the potential for originality that a book like this offers.

The last book is Syngress' Security Log Management: Identifying Patterns in the Chaos by Jake Babbin, et al. I like what I've seen so far in this book. It uses Argus and Bro, two network security monitoring tools that haven't seen much print outside of my books. The authors use these tools in novel ways, which I appreciate. I will definitely read and review this book.

1 comment:

Sean C said...

I've started reading the Hacking Exposed: Cisco Networks book. I'm about 100 pages into it. I also had high expectations for this book. But..., just into the first 100 pages, I'm already starting to find some annoying mistakes. Like they mention UDP flags (I thought only TCP had flags) or that all Cisco IOSs support NTP authentication (not true - what about IOSs that only support NTP).

Anyway, I'll post my review on Amazon in the next week or so. But my bubble has already burst on this one.
Sean C