![[LWN Logo]](/images/lwn.banner.gif)
Date: Wed, 13 Jan 1999 18:50:44 -0700 (MST) From: mea culpa <jericho@dimensional.com> To: InfoSec News <isn@repsec.com> Subject: [ISN] REVIEW: "Maximum Security", Anonymous Forwarded From: secedu@all.net Originally From: "Rob Slade" <rslade@sprint.ca> BKMAXSEC.RVW 981025 "Maximum Security", Anonymous, 1998, 0-672-31341-3, U$49.99/C$70.95/UK#46.95 %A Anonymous %C 201 W. 103rd Street, Indianapolis, IN 46290 %D 1998 %E Mark Taber newtech_mgr@sams.mcp.com %G 0-672-31341-3 %I Macmillan Computer Publishing (MCP) %O U$49.99/C$70.95/UK#46.95 800-858-7674 http://www.mcp.com %P 829 p. + CD-ROM %T "Maximum Security, second edition" Rather loudly promoted on the net these days, the major selling point of this book is that it was written "by an experienced hacker." Supposedly one who spent some time as a guest of Uncle Sam for fiddling bank machines. (Some of what we are told about the author does not fit with the contents of the book, but then, as an old professional paranoid, I may be unduly suspicious.) Leaving aside questions of morality and definitions of the term "hacker," let us merely observe that these people are the gnostics. They are the devotees of the hidden, esoteric, and arcane knowledge. Such knowledge, of course, is cheapened and weakened by being revealed. Which may explain a certain reticence on a number of points in the first edition of the book. The introduction to that edition made it fairly clear: Anonymous assumed that if you did not work diligently at his direction you did not deserve to secure your system. One could almost feel his glee at the expectation that thousands of sysadmins around the world were wracking their brains and flooding Usenet with discussions of the significance of his clues to the vital encrypted message he had hidden on the CD-ROM. The riddle, and that attitude, seem to have been removed from this second edition. The author tacitly admits that the first was a bit of a kludge: he says that it was written in haste. He also states that the second edition is more "solution oriented." It could hardly have been less. Be that as it may, the book is, as the author states, essentially completely rewritten. It has been much improved in the process, moving up from truly awful to merely mediocre. The new version provides a good deal of reference information, although assessing the quality of that information is left as an exercise to the reader. The section on viruses is an overview of the book in miniature. The hype has been toned down, and the explanation of how viruses work is much more reasonable. However, it still insists that "destruction" is the major characteristic of a virus. (There is, later, an admission that "[m]ost viruses do not actually destroy data.") We are treated to the old myth that virus researchers write viruses as a kind of job security. While a general background to viruses is provided, there is no discussion of protection options. However, there are more listings of antiviral programs and resource sites than there are for virus creation programs. Many topics within the text have lists of books and Web sites for further study, and there is one for viruses that includes three of the four tomes recommended by the VIRUS-L FAQ. Unfortunately, it also contains some lesser works, and there are no annotations to the bibliography. Part one is simply two chapters of introduction to the book. A somewhat limited overview to security concepts is given in part two, concentrating on the Internet. Chapters look at the Internet, TCP/IP basics, hackers and crackers, targets, possibilities of fights over the net, and very brief data security primer. Various types of security and attack software are outlined in part three. There is consideration of malicious software, security weakness scanners, password crackers, trojans, network packet sniffers, firewalls, and audit software. Part four looks at specific operating systems: Windows, UNIX, Novell, VMS, and Macintosh. Two chapters look at very basic security requirements in part five. Network based attacks are discussed in part six, reviewing levels of attack, spoofing, telnet, scripting languages and extensions, and hiding of identity. Different types of resources and references are contained in appendices. (I was disappointed in the loss of a chapter on laws in various countries until I found it had been moved back here.) If you don't know security, this book is probably not going to teach it to you. On the other hand, if you work with security, you may find that some of the resources listed here are things that you want to explore. For the novice it isn't altogether reliable, but for the professional it is at least worth looking at. copyright Robert M. Slade, 1998 BKMAXSEC.RVW 981025 -o- Subscribe: mail majordomo@repsec.com with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]