Customer Reviews

Hacker's Challenge : Test Your Incident Response Skills Using 20 Scenarios

5 star:		(16)
4 star:		(4)
3 star:		(2)
2 star:		(1)
1 star:		(1)

 

 

I am a senior engineer for network security operations. I read "Hacker's Challenge" because one of my work duties involves training tier one and tier two security analysts. (Tier one analysts can recognize insecure digital assets; tier two analysts understand the threats to insecure digital assets; tier three analysts can manipulate most aspects of digital assets to mitigate insecurity.) I hoped "Hacker's Challenge" would educate my tier one and possibly tier two students. I now realize the book offers something for security professionals at all levels of expertise.

"Hacker's Challenge" is a collection of twenty "case studies." By dropping the reader into an incident response scenario, the book challenges security professionals to answer tough questions: How did the intruder gain access? What tools were used after the compromise occurred? How do you mitigate that threat in the future? This approach breathes new life into the world of security reading. Students will learn a lot by taking the time to answer these questions before consulting the well-written "solutions" section.

I noticed several technical themes repeated throughout "Hacker's Challenge." They included wireless vulnerabilities, Unicode and directory traversal attacks against Microsoft IIS, and older Solaris exploits. I particularly enjoyed the SQL server attack (challenge 7), and the thorough description of the sadmind worm (challenge 8). I liked the Macintosh case (challenge 15), but wished for coverage of OS X. Finally, the need for network security monitoring via intrusion detection system was wisely emphasized in many "solutions."

"Hacker's Challenge" isn't perfect, however. HK.exe, mentioned in challenge 10, exploits the "spoofed LPC port request" vulnerability of MS00-003, and doesn't involve directory traversal or Unicode. While an old Checkpoint ACK flood vulnerability was well explained (challenge 17), one of the references pointed to an unrelated IP fragmentation vulnerability. Also, the lead author should change his reference to the Air Force Information Warfare Center from "AFWIC" to AFIWC. He might also re-evaluate his interest in the TAB soft drink. (Read challenge 20!)

I plan to incorporate "Hacker's Challenge" into my analyst development program. I believe challenges 1,4,5,8,12,13, and 16 are suitable for tier one personnel. Challenges 2,3,6,10,11,14,15,17 and 18 are suitable for tier two staff. Tier three personnel may enjoy challenges 7,9,19, and 20. I look forward to second and third follow-on books to further enrich the security community.

(Disclaimer: I received a free review copy from the publisher.)

Mike Schiffman's book, "Hackers Challenge," is a very innovative approach towards computer security learning and skill assessment. Guiding the reader from evidence, to reasons, to how and why, and to the end results of a hack attempt, this book provides a blueprint for pursuing and examining the forensic evidence of an attack. This book cohesively brings together all aspects of a hacking event into 20 separate incidents that will guide the reader towards the ultimate answers but only if you have the ability to see the forest from the trees. If you have the skills to recognize the attacks this book will provide confirmation of your abilities along with items of interest you may have missed. If you are left wondering what all the evidence adds up to, this book will get you as close to the on-site experience as possible that most dry manual or reference books do not provide.

For any system administrator this book provides an invaluable way to test your talents and expertise against real-world hacking events in a safe environment using multiple hardware and software products. This book is a must-have for anyone serious about the security of their systems and their ability to recognize and thwart hackers before, during and after an attack. I highly recommend this book for the beginner looking to build their abilities to a veteran looking to confirm or update their skills.

The premise of the book really intrigued me so I picked it up. While the writing is good and there is some really good information, I don't think the information content was quite worth the money. Not to spoil the mystery for you, but several of the hacks described really just boiled down to a particular type of attack (to compromise) followed by something else. Similarly, the logs provided (for publishing purposes) have to be truncated. In essence, the reader is spoon-fed because only relevant logs are shown; quite different than real life where an admin may be facing 20 Mb of logs that they have to sift through.

One last point. The author of one of the sections was Tim Mullen. Had I known that beforehand, I would not have purchased the book. I've read his articles on securityfocus.com and have little respect for his abilities in the security field. Luckily, he only authored one scenario.

This is an very fun and interesting book. The book is laid out as a set of 20 real world incidents and then the solutions to each of those incidents.

Although not every incident is very interesting, they are written well and can be very entertaining.

One thing that struck me about this book was the fine line it walked between education and entertainment. Honestly, many of the incidents described in this book are helpful to a security consultant. But for most people, the scenarios will seem very arcane. Therefore, I can really only reccomend it to people who are really into security issues. For the general public, this may seem very dull.

So, you'd like to know more about real security incidents and computer forensics... then this could be your book!
Note however, that for the book being profitable, you should already have a good understanding of the matter.
The presentation is a bit melodramatic trying to sell a 'mystery' image. Twenty cases of security incidents are presented under suggestive names (e.g., 'A Thousand Razors', 'Omerta', and so on..) and of course, twenty separated 'solutions' are proposed as well. Unfortunately, the presentations are quite heterogeneous, ranking from very clever ones to real 'puzzles'.
As for the issues covered, the range is quite broad, including among others:
- Directory traversal attacks
- VPNs attacks
- Wireless attacks
- Buffer overflows
- E-mail sniffing
- Macintosh hacking
- DoS attacks
- Trojan codes
- Forensic analysis

Three or four cases can be easily solved, but some of the challenges are almost impossible to solve due to the weakness of the supplied clues.
At the bottom line, the book is well worth to be purchased. It is original (almost unique) and very useful in expert hands. Once the cases are solved, all the information makes sense, giving you twenty illustrative case studies.

Hacker's Challenge is a must have for every computer forensics. The scenarious given are indeed technically challenging and I like the fact that the complexity of attack, prevention, and mitigation are already specified. It is also very helpful as it make references to external resources that contain more info about a particular specified vulnerabilities. The log files, network maps, etch are very helpful in making a forensic analysis. I look forward to getting the new version. Cold Eyes

The Challenge/Solution style of these books are great for security beginners as well as seasoned professionals. If you read carefully you can pick up many hints/tools which you can use in real life security scenarios.

My only -ve comment about this book is its getting out of date now. Many of the incidents described are not relevant now, as security practices at most firms would thrawt these incidents. Having said that, the scenarios are still good for security beginners. For advanced readers I would suggest the Second edition or the soon to be released third edition.

I have read many books about network security, but none had put it so easy to actually test the knowledge gain from my reading.
I would recommend this book to any tech guy entrusted with the security of any network of any site. This is the complement book for hacker exposed

As a network security major, I have a lot of information just floating around in my head. This book has helped me by bringing it all together. I can't wait for the other two books in the series to arrive!

This book was insanely useful. I thought it was going to suck
badly.. but it turned out to be invaluable. The examples/scenerios along with the witty banter make this my #1
reccomendation for the ole add-to-cart

It was also very entertaining, I laughed until I stopped.