|
|||||||||||||||||||||||||||||||||||
|
1 Review
|
Average Customer Review
Share your thoughts with other customers
Create your own review
|
|
Most Helpful First | Newest First
|
|
3 of 3 people found the following review helpful:
3.0 out of 5 stars
Plenty of potential, but falls short,
By
This review is from: Combating Spyware in the Enterprise: Discover, Detect, and Eradicate the Internet's Greatest Threat (Paperback)
I hoped Combating Spyware in the Enterprise (CSITE) would follow in the footsteps of recent Syngress books on related topics, like Phishing Exposed (me: 5 stars), Software Piracy Exposed (me: 4 stars), Securing IM and P2P Applications for the Enterprise (me:4 stars), Inside the Spam Cartel (me: 5 stars), and Insider Threat (4 stars). Each of those books takes a good look at a slice of the modern security landscape, some delivering outstanding material. Unfortunately, CSITE doesn't fit in this group.
The first problem with CSITE is the mediocre integration of material from seven authors. It's the job of the editor or lead author to reduce the internal redundancy to an absolute minimum. This goal was not achieved, especially in places like Ch 4 where one author covers material already presented by another author. The second problem with CSITE is the inclusion of an appendix, in its entirety, from Phishing Exposed by Lance James. While I liked Phishing Exposed, I didn't need 40 pages from his first book in CSITE. Given that CSITE's main text ended at p 334, the duplicated text looks like padding. The third problem with CSITE is that I don't think it covers the subject thoroughly. If CSITE were a book on a broader topic, I might not worry so much about missing certain details. However, CSITE is supposed to be about fighting spyware in the enterprise. Yet, it completely ignores enterprise network-level techniques involving traffic inspection and interdiction. Companies spend plenty of money running products like Websense or proxy-based solutions to control inbound and outbound spyware-related traffic. CSITE ignores this and focuses on host-based ways to configure Windows, email, and Web browsers. Those are all extremely necessary, but not sufficient. Intrusion detection/prevention, extrusion detection/prevention, and smarter firewalls are all ignored too. I wished CSITE had spent more time analyzing actual spyware. While some examples were given, nothing really definitive was shared. It would have been nice to have seen a forensic analysis of a system afflicted with various forms of x-ware, including host- and network-based evidence. Peter Szor's older but brilliant book is much better in this respect. As far as what CSITE does present, it appears accurate and helpful. I liked the tools overview in Ch 6 and the end user recommendations in Ch 5. The only repeated goof I found was mentioning "Evi Gadron" twice, instead of "Gadi Evron." If you have no other spyware reference, you will probably find CSITE helpful. Otherwise, I would wait for a second edition that addresses the concerns in this review. |
|
Most Helpful First | Newest First
|
|
Combating Spyware in the Enterprise: Discover, Detect, and Eradicate the Internet's Greatest Threat by Jeremy Faircloth (Paperback - September 19, 2006)
$51.95
In Stock | |
 
| ||
