BKHKATDN.RVW 20031019 "Hack Attacks Denied", John Chirillo, 2003, 0-471-23283-1, U$50.00/C$77.50/UK#37.50 %A John Chirillo %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8 %D 2002 %G 0-471-23283-1 %I John Wiley & Sons, Inc. %O U$50.00/C$77.50/UK#37.50 416-236-4433 fax: 416-236-4448 %O http://www.amazon.com/exec/obidos/ASIN/0471232831/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0471232831/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0471232831/robsladesin03-20 %P 689 p. + CD-ROM %T "Hack Attacks Denied" The introduction states that this book is a companion to "Hack Attacks Revealed" and that the audience is everyone. Part one is about securing ports and services. Chapter one, describing common ports and services, recommends replacing TFTP with Tiger FTP, which just happens to be written by the author. Eighteen pages are helpfully devoted to reprinting the source code, just in case you'd like to type it in for yourself. The level of security information varies substantially: there is, for example, no mention of the fact that TFTP has no real use in Windows, and that disabling it is a very good idea. More detail is provided for UNIX than Windows, and some items are helpful, but most are not. Concealed ports and services, otherwise known as backdoors or trojans, are discussed in chapter two. There is a fourteen page source code listing of a crippled trojan, a catalogue of backdoor trojans, and mention of some protective software. Chapter three is mostly about how to get other information, although less space is devoted to the discovery of countermeasures, and an awful lot of the content is of the "you might be able to" variety. Part two, which consists only of chapter four, is about intrusion defence and safeguarding against penetration attacks, but, again, more space is devoted to attacks than defence. Part three is entitled "Tiger Team Secrets." Chapter five is a random list of attacks, including various viruses. Some items, such as the "reboot attack," make no sense as described. Seventy five attacks, most of which have been recounted before, are in chapter six. The countermeasures usually boil down to "protect against this," but are short on how. Chapter seven finishes off with a guide for consultants who want to write security policies (including an outline that bears a striking resemblance to the CISSP CBK). Two sample "audits" are given, along with a reprint of a twenty one page router log (with no analysis). This book is not very revealing, and won't do much to deny access to attackers. copyright Robert M. Slade, 2003 BKHKATDN.RVW 20031019