Review of The Cuckoo's Egg Posted just posted my five star review of The Cuckoo's Egg by Cliff Stoll. From the review:

Cliff Stoll's "The Cuckoo's Egg" (TCE) is the best real-life digital incident detection and response book ever written. I know something about this topic; I've written books on the subject and have taught thousands of students since 2000. I've done detection and IR since 1998, starting in the military, then as a consultant and defense contractor, and now as director of IR for a Fortune 5 company. If you're not an incident detector/responder, you're probably going to read TCE as a general enthusiast or maybe an IT professional. You'll like the book. If you're a security professional, you'll love it.


Anonymous said…
I love this book. The author's mix of story telling style with the facts of the incident makes for a great read. I always put it on my recommended reading list for my security classes.
Wyman Stocks said…
My major brought this book in for me to read in 1991. I could not stop reading it.

This is probably the best book to give you insight into the security mindset required to do intrusion detection and incident response.

I still have this book on my desk as a reminder of the lessons in it. (The old cover looks cooler too!)

As you say, the main lesson for me from this book: You have to care as much (or more) than your adversary does.

Michaelok said…
Loved this book. You can find a NOVA documentary (also on Youtube) about this book, with Cliff Stoll acting! One of the most interesting ideas from this book was to have two independent billing systems, one was the standard BSD system, and one was a customized one, which the hacker did not know about. So a little redundancy is good, a military idea, but in software we usually go to great lengths to eliminate redundancy.

Popular posts from this blog

Zeek in Action Videos

MITRE ATT&CK Tactics Are Not Tactics

New Book! The Best of TaoSecurity Blog, Volume 4