12 of 13 people found the following review helpful:
5.0 out of 5 stars
Computer Anti-Forensics and Forensics 101, September 19, 2011
This review is from: Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It (Paperback)
Jesse Varsalone hits this one out of the park. Jesse leverages his depth of knowledge and experience with his years of teaching experience to get right down to business.
He leads the computer forensics/hacker n00b through the nuts and bolts of vulnerabilities. He jumps right in and demonstrates in the first 3 pages what a hacker can do using descrete vulnerabilities and keeps up the pace throughout the rest of the book. He always demonstrates how vulnerabilities are exploited and what to do to stop them or discover them.
Jesse is a seasoned CF professional and instructor and this is obvious in the logical step by step manner the book is written. I found the explanations of the "how and why" of safely and legally testing the techniques he covers quite relevant and important to newcomers. These also serve as good reminders for those who may dabble in hacking and penetration testing.
The Table of Contents reads like a syllabus for a anti-forensics and computer security college class. It starts with the basics of Windows exploits and how to defend against them and steps the reader through each attack like a lab exercise, and then steps the reader though the defensive tools. This cookbook, lab-type presentation enables the reader to see and do the attack and understand the defense. The reader can literally follow the steps on their own test setup.
At just shy of 400 pages it isn't a enormous 10 pound tomb of knowledge, but a readable, doable guide of the Black Arts of computer hacking and anti-forensics.
This book would serve well as a college text for a Basic Anti-Forensics or Intro to Computer Security courses. It provided up-to-date, relevant CF concepts and exercises that are the foundation for a computer security or Computer Forensic tech. This is also a handy reference of the more common exploits, how they are utilized, detected and thwarted.
I found the contents to be current and timely, combining discussions of the newest techniques with old school hacks that are still relevant today. The content is tight and without extra fluff and easy to either browse through or to follow page by page, front to back.
Help other customers find the most helpful reviews
Was this review helpful to you? Yes
No
6 of 7 people found the following review helpful:
4.0 out of 5 stars
Really good reference for someone experienced in the topic who wants to improve their skills, December 21, 2011
This review is from: Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It (Paperback)
If there ever was a book that should not be judged by its title, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It, is that book.
According to Wikipedia, black art can refer to:
* art forms by persons of African descent
* black magic
* optical effect in stage magic
* typesetting
* process that is mysterious or difficult to master or describe
Even if one uses the definition in The New Hacker's Dictionary of "a collection of arcane, unpublished, and (by implication) mostly ad-hoc techniques developed for a particular application or systems area", that really does not describe this book.
The truth is that hacking is none of the above. If anything, it is a process that is far from mysterious, and rather either to describe. With that, the book does a good job of providing the reader with the information needed to run a large set of hacking tools.
Defense against the Black Arts is another in the line of hacking overview books that started with the first edition of Hacking Exposed. Like Hacking Exposed, the book walks the reader through the process of how to use hacking tools and how to make sense of their output.
Defense against the Black Arts is written for the reader with a good technical background who is looking for a nuts and bolts approach to ethical hacking. Its 14 chapters provide a comprehensive overview of the topic, with an emphasis on Windows.
But for those looking for an introductory text, this is not the best choice out there. The book is written for the reader that needs little hand-holding. This is in part due to its somewhat rough around the edges text and the use of more advanced hacking tools and techniques.
By page 4, the author has the reading downloading BackTrack Linux. BackTrack is a Ubuntu distro which has a focus on digital forensics and penetration testing. BackTrack is currently in a 5 R1 release, based on Ubuntu 10.04 LTS and Linux kernel 2.6.39.4. BackTrack comes with a significant amount of security and hacking tools preloaded, which the authors reference throughout the book.
After showing how to install BackTrack, chapter 1 shows how to log into Windows without knowing the password. Much of that is around the Kon-Boot tool, which allows you to change the contents of the Windows kernel in order to bypass the administrator password. Tools like Kon-Boot though will only work when you have physical access to the machine.
Chapter 3 gets into the details of digital forensics and highlights a number of popular tools for forensic imaging. While the book provides a good overview of the topic, those looking for the definitive text on the topic should read Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet.
Chapter 5 deals with web application penetration testing. The authors describe a number of tools that can be used to assess the security of web sites, and offer ways to attempts to manipulate data from a web page or web application.
One is likely hard pressed to find a large web site that will be vulnerable to such web attacks, given that most of them have already checked for those errors via validation control testing. Smaller vendors may not be so proactive, and find out that those $99- items are being sold for .99 cents. With that, the chapter details a number of tools developers can use to test for SQL injection, XSS and other types of web vulnerabilities.
Chapter 8 is about capturing network traffic. There are two perspective to collecting traffic. For the attacker, it is about identifying holes and avenues for attack. For those trying to secure a network, collecting network traffic is an exercise in identifying, thwarting and defending the network against attacks.
Chapter 10 provides a brief overview of Metasploit. For those looking for a comprehensive overview of Metasploit, Metasploit: The Penetration Tester's Guide is an excellent resource. This chapter like many of the others provides the reader with detailed step-by-step instructions, including screen prints, on how to use the specific tool at hand.
Chapter 11 provides a long list of attack and defense tools that can be used as a larger part of a penetration tester's toolkit.
Chapter 12 is interesting is that it details how social engineering can be used. The authors show how public domain tools like Google Maps can be used in to mount an attack.
Chapter 13 - Hack the Macs - is one of the shorter chapters in the book and should really be longer. One of the reasons pen testers are increasingly using Macs is that the newer Macs run on the Intel platform, and can run and emulate Windows and Linux. The increasing number of tools for the Mac, and significant Mac vulnerabilities, mean that the Mac will increasingly be used and abused in the future.
Just last week, Dr. Mich Kabay wrote in Macintosh Malware Erupts that malware specifically designed for Mac is on the rise. This is based on progressively more and more serious malware for the Mac since 2009 where given that Apple products have been increasing their market share for laptops and workstations but especially for tablets and phones.
The article notes that one of the reasons Mac OS X is perceived as superior to Windows is because of its appearance of having integrated security. But although the design may be sound, the operating system does not prevent people from being swayed into thinking that the malicious software they are downloading is safe. With that, Apple will have to concentrate more on security and vulnerability within their operating system.
The book ends with about 30 pages on wireless hacking. The chapter provides an overview of some of the weaknesses in Wi-Fi technology and how they can be exploited. The chapter focuses on the airmon tool, part of BackTrack that you can use to set your wireless adapter into monitor mode, to see all of the traffic traversing the wireless network.
Overall, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It is a really good reference for someone experienced in the topic who wants to improve their expertise.
.
Help other customers find the most helpful reviews
Was this review helpful to you? Yes
No
![[Start the discussion]](http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/discussion_boards/start-new-discussion-sec._V192250339_.gif){kind=small}
