Sunday, May 06, 2007

Reviews of IT Auditing, Hacking Exposed: VoIP, and Hacking Exposed: Wireless Posted

I am happy to report that I just posted three book reviews to The first is IT Auditing by Chris Davis, Mike Schiller, and Kevin Wheeler. From the four star review:

I have no experience with auditing in the formal sense described by IT Auditing. I am familiar with the technical aspects of host and network security, but I wanted to know more about the goals and views of those who audit enterprises from a security standpoint. IT Auditing succeeds when it discusses the profession of auditing but I found some of the technical details lacking. Therefore, I recommend focusing on chapters 1-3 and 12-15, while using the technical chapters as indicators for outside research.

The second book is Hacking Exposed: VoIP by David Endler and Mark Collier. This book is so much better than Practical VoIP Security it's not even funny. From my five star review:

Hacking Exposed: VoIP (HE:V) is the sort of HE book I like. It's fashionable to think HE books are only suitable for script kiddies who run tools they don't understand against vulnerable services they don't recognize. I like HE books because the good ones explain a technology from a security standpoint, how to exploit it, and how to defend it. I thought HE:V did well in all three areas, even featuring original research and experiments to document and validate the authors' claims.

The last book is Hacking Exposed: Wireless by Johnny Cache and Vincent Liu. Both are great guys, but I wrote a four star review:

When I read and reviewed Wi-Foo: The Secrets of Wireless Hacking three years ago, I was really impressed. Wi-Foo is obviously showing its age now, but a second edition is in the works. I was excited to see Hacking Exposed: Wireless (HE:W), green cover and all, because I hoped it would be just as good as Wi-Foo but covering newer topics. Overall I think the next Wi-Foo will be better than HE:W, but HE:W is currently the most up-to-date book on wireless security available.

I have more flying in store this and next month, so I expect to read and review many more books soon.


LonerVamp said...

I'm still trying to learn why the cover of the Wireless book is green. I thought it might have to do with the more specialized topic, which required more "background" info like describing what 802.11x was, and all that jazz including the physics. Either way, I've been pretty happy and jazzed reading through HE:W, which I'm currently in the middle of.

I agree, I have high expectations of Wi-Foo II. Wi-Foo came out when you couldn't deal with wireless security without wrestling pretty hardcore with nix support and drivers, making the start very muddy for everyone.

Mark Collier said...

Richard, thanks for the kind comments about our Hacking Exposed: VoIP book. Looking forward to meeting and chatting some time.

Mark Collier