Review of The Art of Intrusion Posted
Amazon.com just posted my four star review of The Art of Intrusion. This may be one of my more controversial opinions, so you may want to read the whole review to get my entire take on the book. Here is the beginning of the review:
"Over two years ago I read and reviewed The Art of Deception also by Mitnick and Simon. I thought that book was 'original, entertaining, [and] scary.' Those same adjectives apply to The Art of Intrusion (TAOI). While I also add 'disappointing' and 'disturbing' to the description of TAOI, sections of the new book make it an absolute must-read. If you want to understand the consequences of systematic, long-term compromise of your enterprise, you must read and heed the lessons of TAOI."
"Over two years ago I read and reviewed The Art of Deception also by Mitnick and Simon. I thought that book was 'original, entertaining, [and] scary.' Those same adjectives apply to The Art of Intrusion (TAOI). While I also add 'disappointing' and 'disturbing' to the description of TAOI, sections of the new book make it an absolute must-read. If you want to understand the consequences of systematic, long-term compromise of your enterprise, you must read and heed the lessons of TAOI."
Comments
I don't think the trend you point out is going to go away...in that actually compromising a network and showing proof of it will be viewed by the client as a one-time thing...once it's fixed, the issue is done. There are many admins who are as you describe, and lack simple troubleshooting skills, let alone the ability to perform IR. I'm sure that there are a great many compromises that have gone unreported, as the administrator simply saw something they didn't understand, so they reloaded the system and never informed management.
H. Carvey
"Windows Forensics and Incident Recovery"
http://www.windows-ir.com
http://windowsir.blogspot.com
I was also very pleased to hear not only stories of "hackers," but also of legitimate penetration testers. The authors did a good job of mixing things up and keeping it less repeitive than Art of Deception was (imo). They ran the gamut of crackers, hackers with various motives, security persons.
I think the book would be most enlightening to someone like a technical or IT manager, who knows just enough to appreciate the motives, techniques, and importance of the stories in the book, but not someone who may be looking for the tools and walkthrough on actually performing these penetrations (or stopping them). KM and WS, at times, were obviously writing to laypersons, but sometimes would slip into jargon that might lose more casual computer users.
-LonerVamp