Defend I.T.: Security by Example [Paperback]

Ajay Gupta (Author), Scott Laliberte (Author)

Book Description

Publication Date: May 29, 2004

"Ajay and Scott take an interesting approach in filling Defend I.T. with case studies and using them to demonstrate important security principles. This approach works well and is particularly valuable in the security space, where companies and consultants are often hesitant to discuss true security incidents for potential embarrassment and confidentiality reasons. Defend I.T. is full of engaging stories and is a good read." --Fyodor, author of the Nmap Security Scanner and Insecure.Org "Defend I.T. answers reader demand for scenario-driven examples. Security professionals will be able to look at these case studies and relate them to their own experiences. That sets this book apart." --Lance Hayden, Cisco Systems "This is an exciting book! It's like reading several mysteries at once from different viewpoints, with the added benefit of learning forensic procedures along the way. Readers will benefit from the procedures, and the entertaining presentation is a real plus." --Elizabeth Zinkann, Equilink Consulting The battle between IT professionals and those who use the Internet for destructive purposes is raging--and there is no end in sight. Reports of computer crime and incidents from the CERT Coordination Center at Carnegie Mellon University more than double each year and are expected to rise. Meanwhile, viruses and worms continue to take down organizations for days. Defend I.T.: Security by Example draws on detailed war stories to identify what was done right and what was done wrong in actual computer-security attacks, giving you the opportunity to benefit from real experiences. Approaches to securing systems and networks vary widely from industry to industry and organization to organization. By examining a variety of real-life incidents companies are too embarrassed to publicly share, the authors explain what could have been done differently to avoid the losses incurred--whether creating a different process for incident response or having better security countermeasures in place to begin with. Inside, you'll find in-depth case studies in a variety of categories: *Basic Hacking: Blackhat bootcamp, including mapping a network, exploiting vulnerable architecture, and launching denial-of-service attacks *Current Methods: The latest in malicious deeds, including attacks on wireless networks, viruses and worms, and compromised Web servers *Additional Items on the Plate: Often overlooked security measures such as developing a security policy, intrusion-detection systems, disaster recovery, and government regulations *Old School: Classic means of compromising networks--war dialing and social engineering *Forensics: How to investigate industrial espionage, financial fraud, and network intrusion Aimed at both information-security professionals and network administrators, Defend I.T. shows you how to tap the best computer-security practices and industry standards to deter attacks and better defend networks.

Editorial Reviews

From the Back Cover

"Ajay and Scott take an interesting approach in filling Defend I.T. with case studies and using them to demonstrate important security principles. This approach works well and is particularly valuable in the security space, where companies and consultants are often hesitant to discuss true security incidents for potential embarrassment and confidentiality reasons. Defend I.T. is full of engaging stories and is a good read."

--Fyodor, author of the Nmap Security Scanner and Insecure.Org

"Defend I.T. answers reader demand for scenario-driven examples. Security professionals will be able to look at these case studies and relate them to their own experiences. That sets this book apart."

--Lance Hayden, Cisco Systems

"This is an exciting book! It's like reading several mysteries at once from different viewpoints, with the added benefit of learning forensic procedures along the way. Readers will benefit from the procedures, and the entertaining presentation is a real plus."

--Elizabeth Zinkann, Equilink Consulting

The battle between IT professionals and those who use the Internet for destructive purposes is raging--and there is no end in sight. Reports of computer crime and incidents from the CERT Coordination Center at Carnegie Mellon University more than double each year and are expected to rise. Meanwhile, viruses and worms continue to take down organizations for days.

Defend I.T.: Security by Example draws on detailed war stories to identify what was done right and what was done wrong in actual computer-security attacks, giving you the opportunity to benefit from real experiences. Approaches to securing systems and networks vary widely from industry to industry and organization to organization. By examining a variety of real-life incidents companies are too embarrassed to publicly share, the authors explain what could have been done differently to avoid the losses incurred--whether creating a different process for incident response or having better security countermeasures in place to begin with.

Inside, you'll find in-depth case studies in a variety of categories:

• Basic Hacking: Blackhat bootcamp, including mapping a network, exploiting vulnerable architecture, and launching denial-of-service attacks
• Current Methods: The latest in malicious deeds, including attacks on wireless networks, viruses and worms, and compromised Web servers
• Additional Items on the Plate: Often overlooked security measures such as developing a security policy, intrusion-detection systems, disaster recovery, and government regulations
• Old School: Classic means of compromising networks--war dialing and social engineering
• Forensics: How to investigate industrial espionage, financial fraud, and network intrusion

Aimed at both information-security professionals and network administrators, Defend I.T. shows you how to tap the best computer-security practices and industry standards to deter attacks and better defend networks.

About the Author

Ajay Gupta, CISSP, founder and president of Gsecurity, is an expert on cyber security, secure architecture, and information privacy. Gsecurity provides cyber security and data privacy services to federal, state, and local governments, as well as commercial clients in the educational, financial, and health-care sectors.

Scott Laliberte, CISSP, CISM, MBA, is a leader of Protiviti’s Global Information Security Practice. He has extensive experience in the areas of information systems security, network operations, incident response, and e-commerce, and has served clients in many industries, including healthcare, life sciences, financial services, manufacturing, and other industries. Scott has led many security engagements, including attack and penetration studies, Web application security reviews, systems vulnerability assessments, wireless security reviews, and security systems implementation. In addition, he has led a number of incident response projects, which help organizations identify, stop, and recover from security incidents and attacks. He has spoken on information security topics for a variety of audiences and industries, including MIS Training Institute (MISTI), National Association of Financial Services Auditors (NAFSA), ISACA, IIA, and HCCA. He has been quoted as a security expert in the Financial Times, Securities Industries News, and elsewhere, and has authored numerous information security articles for a variety of publications.

See all Editorial Reviews

Product Details

• Paperback: 384 pages
• Publisher: Addison-Wesley Professional (May 29, 2004)
• Language: English
• ISBN-10: 0321197674
• ISBN-13: 978-0321197672
• Product Dimensions: 9.1 x 6.9 x 1 inches
• Shipping Weight: 1.5 pounds
• Average Customer Review: 4.2 out of 5 stars  See all reviews (13 customer reviews)
• Amazon Best Sellers Rank: #1,433,750 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

7 of 7 people found the following review helpful:

4.0 out of 5 stars Fun and enlightening security read, May 31, 2004

By 

Dr Anton Chuvakin "Dr. Anton Chuvakin" (CA, USA) - See all my reviews

This review is from: Defend I.T.: Security by Example (Paperback)

Defend IT book review

I was not a major fan of the author's previous book "Hack I.T.', thus I was a bit skeptical about this one. However, this book delivers! It reminded me of "Hackers Challenge" 1 & 2 books (which I loved it), because the information in the book is structure around the realistic (or maybe even real) cases, illustrating various security aspects.

The stories in the book cover a wide range of issues: from building a secure network from small business all the way to social engineering. Worm/virus infections, wireless security assessments, web applications, forensic investigation, security policy issues, DR and BCP, picking the right NIDS all find their place in the book. Especially, I loved the way they approached a usually boring subject of creating and implementing a security policy and DR planning. The policy case describes everything from 'why you need a policy' to security awareness and compliance verification. Executive fraud case was also lots of fun to read.

Also, this is the first security book I've seen that explicitly mentions regulations and compliance issues. I liked their take on 'HIPAA in plain English.' Another great item were various response flowcharts for virus infection, attacks, etc.

On the downside, the book does contain some technical errors. I would have discounted them as typos, but they look like the actual hands-on skills of the authors are getting rusty in some areas ('tcpdump', 'nmap', etc).

In any case, the book's value lies more in the approach to explaining security, rather than in teaching all the 'nmap's command line options. The cases are detailed enough to engross the reader and I was sometimes wondering 'how it will end', like I would with a good fiction book. This book is both fun and enlightening.

To conclude, while there is no substitute for actually experiencing the things covered in the book, reading about it will help aspiring and actual infosec pros.

Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org

6 of 6 people found the following review helpful:

4.0 out of 5 stars Great addition to your IT security library !!!, August 29, 2006

By 

Ron Goodbin (New Jersey) - See all my reviews

This review is from: Defend I.T.: Security by Example (Paperback)

"Defend I.T.: Security by Example" is one of my first reads on IT security. I am currently a programmer, looking to get into the information security field.

This book has successfully turned my interest in IT security into intrigue. Each chapter is a different real life case study, with techniques used and lessons learned. Coming from a technical background, I appreciated the technical depth that the authors delve into. From the get go in Chapter 1, the authors present a tutorial on the popular scanning tool called NMAP which is fascinating. The network diagrams throughout the book were very helpful in explaining to the reader the difficult concepts such as Distributed Denial-of-Service attack and Ingress and Egress filtering.

"Defend I.T.: Security by Example" introduced me to many new concepts including IDS, INGRESS, EGRESS, DMZ, SSO, ZOMBIE,FIREWALL's, VPN's, PKI, and DOS attacks, just to name a few. Overall, this book is very informative and well-written.

I highly recommend this book as a great addition to your IT Security library.

6 of 6 people found the following review helpful:

4.0 out of 5 stars Learn Security By Example Using Case Studies, February 7, 2005

By 

Tony Bradley "s3kur3" (Houston, TX) - See all my reviews
(VINE VOICE)   

This review is from: Defend I.T.: Security by Example (Paperback)

The authors of Defend I.T.: Security By Example, teamed up previously to write Hack I.T.. The previous work was more along the lines of the hacking genre of books such as Hacking Exposed or Counter Hack, providing detailed explanations of various attacks to use in performing a penetration test of your network.

Books like that are great for those with the knowledge and skills to make sense of them, but people who aren't as technical and don't necessarily work the front lines of network security such as managers and executives can still benefit from having an understanding of how such attacks can impact their company and a high-level understanding of how to defend against them.

This book is not written for someone with zero technical knowledge. It does assume a certain level of understanding, but the case studies help to illustrate how the various attack techniques in the other type of books can be used and how you can protect your network.

This book is similar to the Hacker's Challenge books in that it provides real-world scenarios, except that rather than solving the puzzle on your own the solution is included in the story like a short mystery.

Managers of I.T. departments or security personnel and those who control the security budget would benefit from reading a book like this to understand what their people are up against. Those who actually work the front lines would still benefit from being able to associate information with real-world examples and applications.

(...)