Three Pre-Reviews

I'd like to thank several publishers for sending me new books from my Amazon.com Wish List to read and review. The first is Hacking Exposed: Wireless by Johnny Cache and Vincent Liu, published by McGraw-Hill/Osborne. I love the green -- talk about a departure from the old red covers. If you want to sound 31337 you should make fun of any Hacking Exposed book, but I don't care. The great majority of these titles follow a format which I think suits 90% of the security community.

  1. Introduce a technology or service with which the reader may or may not be familiar.

  2. Discuss ways to attack said technology or service.

  3. Provide countermeasures for attacks.


Many books ignore step 1, focus on step 2, and breeze over step 3. A good HE book covers all three phases.< The second book is Backup and Recovery by W. Curtis Preston, published by O'Reilly. This book is more of a reference for me than a read cover-to-cover, so I'm not sure if I will review it. (I strongly tend to review only that which I read throroughly.) The book covers so many useful aspects of backup, however, that I'll probably read a good deal of it. The third book is Building a Monitoring Infrastructure with Nagios, by David Josephsen, published by PHPTR. I've already read and reviewed two other books on Nagios, so I'm wondering what this much shorter book has to say. I don't have a Nagios installation running anywhere, so if I can find the time maybe I'll use this new book as an excuse to finally deploy Nagios. This newest version discussed in the book is 2.5, but Nagios 3 alpha code became available last month. I'll probably try the new version.

Comments

JimmytheGeek said…
I have a moderate sized Nagios installation (~ 100 hosts, ~ 400 service checks) and Wolfgang Barth's _Nagios:System and Network Monitoring_.

I still learned some stuff from the second chapter of _Building a Monitoring Infrastructure with Nagios_. I do plan to finish it.

It's got a different approach that made sense of what I considered boilerplate config stuff. For example, I have gone with defaults for all scheduling. If I need to tweak something to make Nagios scale farther, this gives me the fu. It may be in the Barth book, too.
4:18 PM
Anonymous said…
vliu and johnnycsh do a wonderful job with HEW... the first part is redundant but worthwhile for new readers... the rest contains many gems... i especially like the part about using older linux kernels written by johnnycsh and at the end about the "fuzz-e" tool in airbase. the only thing this book didn't cover was aircrack-ptw (new technique - as seen on slashdot i believe).

the backup and recovery book is great. the authors have a bunch of the content and extras available at - the articles on rsnapshot and rdiff-backup are great free reads from that site that are included from the book.

the nagios book looks sort of interesting, i think i saw it at the chicago borders on michigan ave. i finally got a chance to preview all the books i haven't seen on shelves there last week. most of them aren't that great, so i'll be buying less books thanks to that visit, but my finances are looking better because of it ;>

have you read securitymetrics by jaquith yet?
8:45 PM
Unknown said…
I'm still trying to find out why the new HE:W book is green. It certainly caught my eye at the store though!

I'm looking forward to this book and any other upcoming wireless security books mostly because as Linux and wireless (and the combination) mature, we don't have to spend 1/3 of the book just detailing how to get Linux to be happy with wireless gear.

I've worked with Nagios in the past, but never built from the ground up or done so on my own network. I've thumbed through those other Nagios books but they really never picked me up and kept me enthralled. I might thumb through this one as well and see where it takes me. I wouldn't mind putting up Nagios as it has been years since I've touched it.
12:20 AM
Anonymous said…
_UNIX Backup and Recovery_ was one of my favorite O'Reilly books. Preston obviously knew his stuff (assume he still does), and the book was pragmatic and useful from the get-go. Overall, it gave me the same feel that I got when I was a modestly-skilled UNIX admin talking to a seasoned pro. They knew what I was facing, had seen the ways to deal with it, and provided tested advice that scaled, and did so in a non-condescending way. I have been hoping for a 2nd edition for years. I'm looking forward to your review, Rich.
12:22 PM
Post a Comment

Popular posts from this blog

Zeek in Action Videos

Image
This is a quick note to point blog readers to my Zeek in Action YouTube video series for the Zeek network security monitoring project .  Each video addresses a topic that I think might be of interest to people trying to understand their network using Zeek and adjacent tools and approaches, like Suricata, Wireshark, and so on.  I am especially pleased with Video 6 on monitoring wireless networks . It took me several weeks to research material for this video. I had to buy new hardware and experiment with a Linux distro that I had not used before -- Parrot .  Please like and subscribe, and let me know if there is a topic you think might make a good video.
Read more

MITRE ATT&CK Tactics Are Not Tactics

Image
Just what are "tactics"? Introduction MITRE ATT&CK  is a great resource, but something about it has bothered me since I first heard about it several years ago. It's a minor point, but I wanted to document it in case it confuses anyone else. The MITRE ATT&CK Design and Philosophy document from March 2020 says the following: At a high-level, ATT&CK is a behavioral model that consists of the following core components: • Tactics, denoting short-term, tactical adversary goals during an attack; • Techniques, describing the means by which adversaries achieve tactical goals; • Sub-techniques, describing more specific means by which adversaries achieve tactical goals at a lower level than techniques; and • Documented adversary usage of techniques, their procedures, and other metadata. My concern is with MITRE's definition of "tactics" as "short-term, tactical adversary goals during an attack," which is oddly recursive. The key word in the tacti
Read more

New Book! The Best of TaoSecurity Blog, Volume 4

Image
  I've completed the TaoSecurity Blog book series . The new book is  The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship .  It's available now for Kindle , and I'm working on the print edition.  I'm running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up. I described the new title thus: Go beyond TaoSecurity Blog with this new volume from author Richard Bejtlich. In the first three volumes of the series, Mr. Bejtlich selected and republished the very best entries from 18 years of writing and over 18 million blog views, along with commentaries and additional material.  In this title, Mr. Bejtlich collects material that has not been published elsewhere, including articles that are no longer available or are stored in assorted digital or physical archives. Volume 4 offers early white papers that Mr. Bejtlich wrote as a network defender, either for technical or pol
Read more