Maximum Security [Paperback]

Anonymous (Author)

Book Description

ISBN-10: 0672313413 | ISBN-13: 978-0672313417 | Publication Date: September 15, 1998 | Edition: 2nd

Security continues to be the predominant concern for any organization that is either on the Internet now or considering it. Nary a week passes where there isn't some new report of hackers breaking into computer systems at some government agency, or trashing some Fortune 500 company's Web site, or even stealing user passwords and credit card numbers. In June 1997, this book's first edition immediately shot to the top of several computer security bestseller lists. While undoubtedly some bought the book to learn how to hack, it turns out that the book's most enthusiastic fans were computer security managers who appreciated the book's comprehensive coverage and clear, to-the-point descriptions of the most common techniques hackers use to penetrate systems. The hacking community, however, hasn't stood still. This thoroughly updated edition discusses the hundreds of new computer system holes that have been discovered over the course of the past year, and covers the latest hacker techniques.

Editorial Reviews

Amazon.com Review

This book is written for system administrators who need to know how to keep their systems secure from unauthorized use. The anonymous author takes a hacker's view of various systems, focusing on how the system can be cracked and how you can secure the vulnerable areas.

The book makes it clear from the outset that you cannot rely on commercial software for security. Some of it is flawed, and even the best of it has to be used correctly to provide even the most basic security measures. The author scrutinizes such operating systems as Microsoft Windows, Unix, Novell, and Macintosh. He details many of the tools crackers use to attack the system, including several that have legitimate uses for system administration. Rather than merely cataloging areas of risk and showing how various flaws can be exploited, the author makes every effort to show how security holes can be avoided and remedied. Maximum Security tells you which software to avoid and then details which security tools are invaluable, providing the URLs necessary to acquire them. An enclosed CD-ROM provides links to many of the tools and resources discussed in the book. The CD-ROM also leads you to several online documents where you can learn more about Internet security in general and specifics for securing your own site. --Elizabeth Lewis

From Library Journal

Network administrators need to read this book closely because a lot of aspiring hackers will be reading it closely and will be looking around for somewhere to practice their new skills, e.g., your lan or web server. This book covers in copious detail internet warfare, programming languages, scanners, sniffers, password crackers, trojans, platform security, remote attacks, spoofing, firewalls, and the law. It is a how-to protect book and, by default, a how-to attack book.
Copyright 1997 Reed Business Information, Inc. --This text refers to an out of print or unavailable edition of this title.

See all Editorial Reviews

Product Details

• Paperback: 864 pages
• Publisher: SAMS PUBLISHING; 2nd edition (September 15, 1998)
• Language: English
• ISBN-10: 0672313413
• ISBN-13: 978-0672313417
• Product Dimensions: 9 x 7.4 x 2.2 inches
• Shipping Weight: 3.2 pounds
• Average Customer Review: 4.0 out of 5 stars  See all reviews (101 customer reviews)
• Amazon Best Sellers Rank: #1,480,645 in Books (See Top 100 in Books)

Customer Reviews

Most Helpful Customer Reviews

15 of 17 people found the following review helpful:

5.0 out of 5 stars Knock it all you want, still worth its money, March 10, 1998

By A Customer

This review is from: Maximum Security: A Hacker's Guide to Protecting Your Internet Site and Network (Paperback)

Ok, some people said it, the book isn't perfect in an absolute sense. But compare it with other books out there and it's clearly the most real-world reference. Most NT security books merely echo Redmond's news releases and material readily (and free) available on the net. Though more Unix oriented than NT, it discusses plenty of issues that are NOS-independent and apply to everybody. Even if you only care about NT, most hacks will come from Unix/Linux systems. Knowing what tools are available for these platforms is a must, and this book tells you. The only problem is that there are dozens of hacks discovered since the book was written so it's not entirely up to date. Maybe "Anonymous" will get back to the word processor and write a sequel. And can someone tell us what the "secret message about the internet" is already? I'm sooo curious.

18 of 21 people found the following review helpful:

2.0 out of 5 stars I cannot agree with the other reviews at all..., July 4, 1999

By A Customer

This review is from: Maximum Security (Paperback)

I bought this book as a reduced return exemplar a week ago.

I cannot recommend this book. The author has done a very diligent work by collecting hundreds of URLs and texts from the web, but I think he gives no concise overall concept of internet security. The mentioned exploits and attaks are now mostly fixed and thus outdated, so many of the URLs are of limited value.

Maybe the book still is a good starting point for further research on the web, but most documents on the 'net give enough material to search for with altavista.

The sections dealing with VMS and Windows NT are superficial. I personally believe that knowing the standard security tools by name is not sufficient for securing a network.

Due to the dynamic nature of the web and the changing operating systems and new forms of security risks/attacks a book focusing on special tools must be outdated in a very short time. A book on general network security gives a better introduction, i think that the view of an hacker (or cracker) does not help very much in securing a network.

8 of 8 people found the following review helpful:

3.0 out of 5 stars A Third Edition that's lost its edge, June 18, 2001

By 

Richard Bejtlich "TaoSecurity" (Metro Washington, DC) - See all my reviews
(REAL NAME)   

This review is from: Maximum Security (3rd Edition) (Paperback)

I am a senior engineer for network security operations who hoped Maximum Security, Third Edition (MS:3E) would revive the spirit of the first edition, published in 1997. Some protested its publication, while others welcomed its endorsement of the full disclosure movement. Sadly, the third edition has become, in the author's words on page 22, "another general Internet security book." Few will find it revolutionary.

MS:3E features 14 authors, each commendably given credit for their chapters. Of these, Craig Balding's chapter on UNIX reigns supreme. For a book labeled "intermediate-advanced," only Craig's chapter delivers at that level. I liked his file system risk and kernel rootkit material, and his service-by-service security discussion was great. In contrast, the chapter on Microsoft's operating systems is mainly a laundry list of outdated exploits. I also found the virus, Cisco, and security policy chapters useful. (Note: chapter 7, page 121 -- TCP sequence numbers count BYTES of data, never packets! This is a common misunderstanding.)

Readers seeking no-nonsense product evaluations should look elsewhere. Bland lists of IDS and firewall packages will neither offend vendors nor offer practical guidance to buyers. I prefer authors who take a stand, like Paul Proctor or Stephen Northcutt -- even if I disagree with them!

MS:3E will not shock the security world as the first edition did. Too many other security web sites and books have shared "hacking secrets" with the masses. This condition endorses the Anonymous author's first edition goal, but makes his third edition redundant. If he plans to write "general security books," I suggest he continue his theme of OS-specific titles. (Maximum Linux Security, Second Edition arrives soon, followed by Maximum Windows 2000 Security, First Edition.) Retire Maximum Security, or write a better general guide after transplanting the OS-specific material to their respective titles. Better yet, write a book on how to develop, code, and employ new exploits; that will be ground-breaking work! (Disclaimer: I received my review copy free from the publisher.)