Tuesday, July 17, 2007

Another Review, Another Pre-Review

Amazon.com just posted my five star review of Network Warrior:

Network Warrior is the best network administration book I've ever read.

I spend most of my reading time on security books, but because I lean towards network security I like reading complementary sources on protocols and infrastructure.

Gary Donahue has written a wonderful book that I highly recommend for anyone who administers, supports, or interacts with networks. Network Warrior may be the best book I will read in 2007.

Yeah, I liked it that much. I devoured this book, staying up until 1 am or more several nights in a row.

I'm looking forward to reading Mark Kadrich's Endpoint Security. I think this book will directly affect how I approach some projects at work. I really hope it can help me better understand how to deal with endpoint security in 2007. It's taken me a while to get this book. For some reason it was published in "March 2007" but only available recently.

I'd like to briefly mention a new book that's great, but which I won't read and review: Exploiting Online Games: Cheating Massively Distributed Systems by Greg Hoglund and Gary McGraw. I reviewed drafts of this book and I think the underlying message behind the code is extremely important. To understand why, please read this post by Brian Chess. He makes a much better case than I could. Because I am so time-crunched, and I really do not care about the details of exploiting WoW, I am not going to review Exploiting Online Games. I will have a couple copies to share at Black Hat for students or teaching assistants who make my life easier in class!

3 comments:

dre said...

Because I am so time-crunched, and I really do not care about the details of exploiting WoW, I am not going to review Exploiting Online Games

Strange.

Distributed systems... grid computing... reminds me of... financial trading systems. I wonder if any of the concepts in the book that apply to distributed systems would apply to similarly designed distributed systems?

Large amounts of UDP traffic... server-side... reminds me of... DNS amplification attacks (e.g. using SOA RR's). I wonder if the book will cover network traffic and scaling issues, UDP in particular, and I wonder we'll see a repeat of GameSpy's problems of the past?

Huge client-side code... unvalidated input... reminds me of... XSS worms against web browsers. I wonder if some sort of client-side input validation issue in gaming clients, similar in manner and attack pattern as XSS - could cause worms of similar power to affect each other - or even go Cross Application Scripting like XAS did in the recent URI Use and Abuse paper?

Somehow I think exploiting WoW has some deeper meaning to the world of information security than you do.

Richard Bejtlich said...

Dre,

Those are all good ideas and you are not alone in thinking of them. However, when I thumb through a book with pages and pages of code relevant to WoW, I don't see the need to read the specifics.

http://www.architectsban.webs.com said...
This comment has been removed by a blog administrator.