ISBN:0072259558Book Description
Protect your network and web sites from malicious attacks with help from this cutting-edge guide. Extreme Exploits is packed with never-before-published advanced security techniques and concise instructions that explain how to defend against devastating vulnerabilities in software and network infrastructure. This book will give a detailed analysis of modern threats and their solutions along with a checklist for developing defenses at the end of each chapter. You’ll also be introduced to a winning methodology for custom vulnerability assessments including attack profiling and the theatre of war concept. Through in-depth explanations of underlying technologies, you’ll learn to prepare your network and software from threats that don’t yet exist. This is a must-have volume for anyone responsible for network security./p>
Reviews From AMAZON.COM
Awesome stuff about infrastructure attacks
Here is the thing - I am giving this book a high score (4) since it contains unique and fun content related to network infrastructure attacks and defenses, which I have not seen anywhere else. In my view, the good stuff justifies such score, although I suspect that some other reviewers will sledgehammer the book for having too much of routine material covered in other previous books, including the venerable Hacking Exposed.
While I had a general idea of how providers mitigate DDoS attacks, I did not know the specifics of unicast reverse-path forwarding method, described in the book. Similarly, I picked up a lot of material of setting up sinkholes for dropping traffic (and, more specifically, how they are better than ACLs in many cases).
From other topics, I liked their coverage on the evolution of DMZ from simple designs of years past to current security zone design.
The book also presents a lot of up-to-date material, such as the coverage of security information management (SIM), vulnerability management and recent security standards, such as CVSS. It doesn't go into details in some places where I'd wanted it to, but still is interesting to read.
On the other hand, some chapters are disappointing and seem to be in the book for it to appear "comprehensive". Forensics chapter is one of those (it is also mistakenly called "Exploiting Forensics", while no exploitation is taking place)
I recommend the book for most people, from beginners to advanced, since the former will enjoy the breadth of coverage while the latter will likely benefit from the network infrastructure protection (and devastation, of course!) tips. In addition, defense checklists in the end of each chapter are useful for those who do not have time to go and study the material in-depth. The book is slightly biased towards the defense side, with good coverage of the attacking side as well.
Dr Anton Chuvakin, GCIA, GCIH, GCFA is a recognized security expert and book author. In his current role as a Security Strategist with netForensics, a security information management company, he is involved with defining future features and conducting security research. A frequent conference speaker, he also represents the company at various security meetings and standard organizations. He is an author of a book "Security Warrior" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and the upcoming "Hacker's Challenge 3". Anton also published numerous papers on a broad range of security subjects. In his spare time he maintains his security portal at info-secure.org and a blog at O'Reilly"
Good broad coverage
The book has two major sections: (a) configuration and maintenance practices, and (b) techniques for vulnerability assessment. The breadth of coverage of many modern techniques and terminology is very good; they go in-depth on a few topics here and there.
The basic assumption of section (a) is that you're trying to defend against unknown/unfixable threats. This is basically the current (2001-2005-) school of thought on security and leads to default-deny policies. This book has lots of good information on how to implement default-deny. The book convinced me that it's much more difficult than a default-deny firewall rule.
The book has many contributing authors; this probably contributes to its strength.
Many books are focused on ISPs, or on enterprises (read: "windows clients and servers with a firewall"), or on software developers, or VoIP carriers. This book has some good material for all of those types.
It's written from a Unix perspective. It does have some coverage of analyzing threats to Windows-based systems, but you'll get the most value from the book as an analyst/administrator if you use some sort of Unix. They have a BSD bias.
The authors also have an bias towards open-source software.
But it's not perfectly integrated, and the organization isn't ideal everywhere. For example, there are two sections of the book that discuss buffer overflows, apparently contributed by two different authors.
The index is only minimal; it only covers one of the sections on stack overflows. Bad indexes are a common problem in technical books from some publishers.