Customer Reviews


11 Reviews
5 star:
 (9)
4 star:
 (1)
3 star:
 (1)
2 star:    (0)
1 star:    (0)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 

The most helpful favorable review
The most helpful critical review


25 of 28 people found the following review helpful
5.0 out of 5 stars The CISO or Auditor Survival Guide
Yesterday morning I spent the better part of an hour in an interview with a reporter. The topic: "If you were giving advice to a brand new security officer, a CSO, or CISO, about how to avoid being fired in their first year, what would you tell them?" After the interview I started to read Special Ops and if there was any way to go back in time I would have told that...
Published on April 2, 2003 by Stephen Northcutt

versus
3 of 6 people found the following review helpful
3.0 out of 5 stars Overall good - great to see focus on internal security
There is many hacking books out there right now. Many of these are concerned with external penetration testing, which most non-security professionals are obsessed with - thanks to all the sensationalized hacking stories by the often clueless press.
"Special Ops" discusses the internal threat, which in most cases is more important to the majority of businesses. A...
Published on April 27, 2003


‹ Previous | 1 2 | Next ›
Most Helpful First | Newest First

25 of 28 people found the following review helpful
5.0 out of 5 stars The CISO or Auditor Survival Guide, April 2, 2003
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
Yesterday morning I spent the better part of an hour in an interview with a reporter. The topic: "If you were giving advice to a brand new security officer, a CSO, or CISO, about how to avoid being fired in their first year, what would you tell them?" After the interview I started to read Special Ops and if there was any way to go back in time I would have told that reporter, tell them to buy Special Ops and read it at least three times.
I normally classify books into a couple of categories; there are books about things and books that tell you how to do things. Special Ops weighs in at a thousand plus pages and covers Windows XP, 2000, Outlook, Exchange, Unix, Security Policy and much more, yet does not fall neatly into either category. So what category is Special Ops?
Dan Lynch, a founder of the Internet and the founder of Interop once used a term, Bogon filter, years before BGP was invented. Bogon, apparently, was a synonym for blarney if you get my drift. Technical people will tell managers and auditors almost anything because they are pretty sure they can get away with it. The chapters in this book are written by brilliant people; they are packed with useful information. You will not learn enough about securing XP to hang out your shingle, but if you read that chapter a couple times you will certainly be on solid ground to determine if the consultant you are considering hiring to secure your XP systems knows enough to even get near your computer facility. The auditor that invests the time to read this book cover to cover three times should be given a t-shirt that says "Fear me". Special Ops can help you develop a bogon filter better than any other single book I have seen on the marketplace.
Chapter 18, Creating Effective Corporate Security Policies, is one of the most fascinating chapters in the book. Though obviously it covers material that can be found in other places, the authors clearly knows their stuff; it is pure pragmatic advice. The warnings ring true and the links are there.
Though content is the most important ingredient of a technical book and Special Ops is packed with content, layout is also important. The book was happy to lay flat within the first four minutes I was playing with it. The fonts are well chosen and large enough to be readable, the paper is substantial. I do have two complaints regarding layout. After the first reading, it will primarily serve as a reference book, so running a camouflage overprint across half of the table of contents was less than brilliant. The same goes for the silly FAQ stamp on top of the questions. Never intentionally make a book hard to read! On the other hand, summary links for more information and an FAQ for every chapter show a real concern for the needs of the reader. As always, just buying the book and putting it on the shelf will not make your systems and network more secure. I have only met Erik Birkholz twice, but I truly believe that if you come up to him hoping for his autograph he is going to reserve a special word for the person with a copy of Special Ops that is full of sticky notes and scribble in the margins. This author team must have worked very hard to produce something this powerful; drink deep of their knowledge.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


12 of 13 people found the following review helpful
5.0 out of 5 stars A landmark achievement -- Syngress' best book to date, March 26, 2003
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
"Special Ops" is one of the most useful security books I've read -- and my library includes 92 titles acquired since 2000. "Special Ops" is not "Hacking Exposed" with a white-and-camouflage cover. While the "Hacking Exposed" series is more assessment- and enumeration-centric, "Special Ops" spends more time on proper installation and deployment of services and applications. Most usefully, "Special Ops" succinctly and powerfully addresses topics neglected by other security books.

It's difficult for security staff to keep up with the security details of new services and applications. Admins often rely on general purpose manuals, heavy on page count but light on security specifics. Although "Special Ops" weighs in at over 1000 pages, it is the first book to devote attack- and defense-driven chapters to services and applications that matter most. Where else can one find essential, concise security advice on Active Directory (ch. 6), Exchange and Outlook Web Access (ch. 7), Microsoft Terminal Services (ch. 9), Microsoft SQL Server (ch. 12), and Oracle (ch. 13)? These were my favorite chapters, combining examples of attacks, defenses, and proper deployment.

Other chapters broke new ground on old subjects. Had admins taking ch. 10's advice on disabling WebDAV, their Web servers would not have been susceptible to the latest Microsoft IIS vulnerability. The explanation of DNS in ch. 8 is one of the best ever written, and its installation instructions for DJBDNS are sorely welcome after the latest BIND vulnerability. Suggestions for modifying the war dialing tool Tone Loc in ch. 2 save assessors time and effort. Ch. 14's UNIX advice expands beyond the traditional focus on Linux to include Solaris and the BSDs, including discussions of RBAC and filesystem ACLs. I even found something new in the wireless section (ch. 15).

Beyond the product-specific material, "Special Ops" integrates several key themes. Logging, auditing, compartmentalization, network architecture, exposure as "bi-directional visibility," disabling unnecessary services -- many are applied throughout the book.
Because the book features contributions from nearly two dozen authors, it is sometimes internally repetitive and inconsistent. The "CAM" of ch. 15 is incorrectly called "computer-aided manufacturing," while ch. 16's excellent explanation of switch security correctly deciphers "CAM" as "content addressable memory." I would have liked reading about different ways to determine hotfix and patch levels for Windows and UNIX, or at least how existing tools make their determinations. Advice on properly applying Windows service packs, patches, and hotfixes was missing. Ch. 6 assumed a working knowledge of LDAP, which should have been included, at least as an appendix. All of these can be addressed in a second edition.

Overall, "Special Ops" is an incredible book. The authors (thoughtfully identified, chapter by chapter) took the time to explain the internals of the applications they attack and defend. Some authors -- such as the Oracle wizard -- even discovered new vulnerabilities while researching their material! "Special Ops" carries a hefty page count and cover price, but you won't find another book so vital to the security of your enterprise.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


9 of 12 people found the following review helpful
4.0 out of 5 stars Good, but expected a lot more, March 24, 2003
By 
Verified Purchase(What's this?)
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
I just bought book "Special Ops." As a prior purchaser of "Hacking Exposed, 2nd Edition" and "Hacking Windows 2000" I was expecting great things. While I believe the book brings up some important topics, I think it could have been better.
The Windows coverage is exhaustive, especially the stuff on Active Directory, Exchange and IIS. However UNIX stuff was only given one chapter. While the chapter on SQL server is good, I think more info on MSDE could have been provided. The isssue of the utility of UDP port 1434 (the SQL Slammer port) should have been discussed little more. The information on Mr. Andrew's web site, ... is far more exhaustive. Some of Mr. Litchfield's discussion on SQL injection and the buffer overflow that caused SQL Slammer would have also helped make the SQL Server chapter better.
I think it is a worthy book for its Windows coverage alone. But, IMHO, the title's explicit statement of total Windows and UNIX coverage is a little misleading.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


7 of 9 people found the following review helpful
5.0 out of 5 stars Superb, well balanced content, June 2, 2003
By 
Jeff Williams (Seattle, WA United States) - See all my reviews
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
It isn't often I come across a book on security that gets so much right. While I think of myself as a subject matter expert on matters of security I was pleased at how much depth this book contained and how many tips I picked up. The SQL and IIS chapters are perhaps the best coveraged of their subject matter I have yet seen.
The coverage is balanced between the various colors of hats people wear and contains masses of recommendations for hardening the various components discussed.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4 of 5 people found the following review helpful
5.0 out of 5 stars Tons of new stuff!, March 27, 2003
By A Customer
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
I'm not sure what book this guy from Orange, CA was reading, but I found all kinds of new and relevant information in several chapters! The chapter on Terminal Services was especially enlightening. Many new things to consider when rolling this one out to the enterprise! Yikes.
I think the reader from Orange missed the whole point of the book. It wasn't intended to be a catalog of the latest and greatest tools on the market - like the Hacking Exposed series - it looks like it was designed to help internal security staffs think differently about how they secure the critical components of the enterprise. This includes how they write their policies, and consider the human factor in the security equation.
I have personally used the book's content to create focused audit programs and been very successful at doing so.
Please create more books in this series!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


3 of 4 people found the following review helpful
5.0 out of 5 stars Best security book I have read!, March 10, 2003
By A Customer
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
I had been waiting for this book to come out for a while, and I bought it at Black Hat when it first came out a couple of weeks ago. I've been reading it since (it's big, almost 1,000pages)and now that I am finished I must say it's the best computer security book that I've read. I'm a security consultant so I have to be current on all the most popular platforms. I haven't seen any other book that covers as many things to the level of detail of Special Ops. There is a very good balance between the theory and practice of network design and security. This one will definitely occupy primo real estate on my book shelf.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2 of 3 people found the following review helpful
5.0 out of 5 stars Huh?, March 27, 2003
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
I just finished this book and I found it to be well written, comprehensive, and incredibly informative and up to the minute in terms of the vulnerabilities covered. I specialize in SQL security and I'm not sure if the negative reviewer below actually read this chapter. He complains the SQL chapter: "...mentions nothing about port blocking which is the first thing I would do. UDP Port 1434 really has no purpose and should be blocked..." The following is from page 637 of the SQL chapter in Special Ops: "It cannot be stressed enough just how important it is to either apply this patch [from MS] or block all UDP 1434 inbound to the server." It's a great book and I don't think people should be turned off by incorrect criticsisms.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2 of 3 people found the following review helpful
5.0 out of 5 stars The best of the best!, March 14, 2003
By 
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
I've always wanted to go to one of the Black Hat shows, and I was finally able to attend the W2k show in Seattle last month. I decided to buy this book after seeing several of the authors from it (Erik Birkholz, Eric Schultze, David Litchfield) speak at the conference. I've been involved with network security for years, but I was still amazed by the level these guys operate at. I was familiar with Litchfield's work on the SQL Slammer worm, so I was glad to see he wrote part of the book. If you are serious about network security, you have to read this book. You will get access to information that you just won't find anywhere else. The SQL and IIS chatpers in particular are worth the price of the book.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars WOW!, March 14, 2003
By A Customer
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
I just finished reading this book, and I was totally blown away by it. The chapters are absolutely packed with bleeding edge information on vulnerabilities and defense tactics for all the major operating systems, databases, etc. There are also some really good chapters on corporate security policies, and HR issues. It's a little [costly] but not at all overpriced when you actually see what you get. ...
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5 of 8 people found the following review helpful
5.0 out of 5 stars Awesome book!, March 11, 2003
By A Customer
This review is from: Special OPs: Host and Network Security for Microsoft, Unix, and Oracle (Paperback)
I've been working in information security since before their was information security. I've seen just about every type of hack and every type of network: good, bad, and ugly. This book contains an astounding amount of very up to date and very detailed information on UNIX, Windows, Exchange and OWA, SQL, Oracle, Web apps, Network architecture, corporate policy, etc. You name it, it's in here. What really impressed me about the book is the authors are able to cover such a breadth of topics at such an advanced level. You'll learn more about Oracle security in this one chapter (by David Litchfield, so it shouldn't be surprising) than you will reading a whole book on Oracle security.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


‹ Previous | 1 2 | Next ›
Most Helpful First | Newest First

Details

Special OPs: Host and Network Security for Microsoft, Unix, and Oracle
Special OPs: Host and Network Security for Microsoft, Unix, and Oracle by Stuart McClure (Paperback - February 17, 2003)
Used & New from: $0.98
Add to wishlist See buying options
Search these reviews only
Send us feedback How can we make Amazon Customer Reviews better for you? Let us know here.