Hacker's Challenge : Test Your Incident Response Skills Using 20 Scenarios (Paperback)

by Mike Schiffman (Conductor)

Editorial Reviews

Amazon.com Review
Mike Schiffman has hit upon a great formula for Hacker's Challenge. Rather than try to research, fully understand, and adequately explain attacks that have taken place on other people's networks--the approach taken by too many writers of books about computer security--Schiffman lets network administrators and security experts tell their stories first-hand. This is good. What's better is that Schiffman has edited each of their war stories into two sections: one that presents the observations the sysadmin or security consultant made at the time of the attack, and another (in a separate part of the book) that ties the clues together and explains exactly what was going on. The challenge in the title is for you to figure out what the bad guys were doing--and how best to stop them--before looking at the printed solution. Let's call this book what it is: an Encyclopedia Brown book for people with an interest in network security.

It doesn't really matter, from a value-for-money standpoint, whether your skills are up to the challenge or not. The accounts of intrusions--these are no-kidding, real-life attacks that you can probably learn from, by the way--are written like chapters from a novel (though log file listings, network diagrams, and performance graphs appear alongside the narrative text). Recall every time you've seen a movie or read a book with computer scenes so technically inaccurate they made you wish for a writer with a clue. Schiffman and Hacker's Challenge is what you wished for. --David Wall

Topics covered: The sorts of attacks that black-hat hackers (everyone from script kiddies to accomplished baddies) launch against Internet-linked computers and networks. Everything is presented from the perspective of the defenders--i.e., the network administrators--who have to look at log files and process activity to figure out what's going on.

Product Description
Find out if you have what it takes to keep the bad guys out of your network. This real-world resource contains 20+ hacking challenges for you to solve. Plus, you'll get in-depth solutions for each, all written by experienced security consultants.

See all Editorial Reviews

Product Details

• Paperback: 300 pages
• Publisher: McGraw-Hill Osborne Media (October 18, 2001)
• Language: English
• ISBN-10: 0072193840
• ISBN-13: 978-0072193848
• Product Dimensions: 9 x 7.4 x 0.9 inches
• Shipping Weight: 1.7 pounds (View shipping rates and policies)
• Average Customer Review: 4.4 out of 5 stars See all reviews (24 customer reviews)
• Amazon.com Sales Rank: #652,984 in Books (See Bestsellers in Books)

  Popular in this category: (What's this?)

  #32 in

  Books > Computers & Internet > Home Computing > Internet > Web for Kids

Customer Reviews

Most Helpful Customer Reviews

39 of 39 people found the following review helpful:

4.0 out of 5 stars Innovative and practical for technical trainers and students, November 8, 2001

By	Richard Bejtlich "TaoSecurity.com" (Washington, DC) - See all my reviews (TOP 500 REVIEWER)    (REAL NAME)

I am a senior engineer for network security operations. I read "Hacker's Challenge" because one of my work duties involves training tier one and tier two security analysts. (Tier one analysts can recognize insecure digital assets; tier two analysts understand the threats to insecure digital assets; tier three analysts can manipulate most aspects of digital assets to mitigate insecurity.) I hoped "Hacker's Challenge" would educate my tier one and possibly tier two students. I now realize the book offers something for security professionals at all levels of expertise.

"Hacker's Challenge" is a collection of twenty "case studies." By dropping the reader into an incident response scenario, the book challenges security professionals to answer tough questions: How did the intruder gain access? What tools were used after the compromise occurred? How do you mitigate that threat in the future? This approach breathes new life into the world of security reading. Students will learn a lot by taking the time to answer these questions before consulting the well-written "solutions" section.

I noticed several technical themes repeated throughout "Hacker's Challenge." They included wireless vulnerabilities, Unicode and directory traversal attacks against Microsoft IIS, and older Solaris exploits. I particularly enjoyed the SQL server attack (challenge 7), and the thorough description of the sadmind worm (challenge 8). I liked the Macintosh case (challenge 15), but wished for coverage of OS X. Finally, the need for network security monitoring via intrusion detection system was wisely emphasized in many "solutions."

"Hacker's Challenge" isn't perfect, however. HK.exe, mentioned in challenge 10, exploits the "spoofed LPC port request" vulnerability of MS00-003, and doesn't involve directory traversal or Unicode. While an old Checkpoint ACK flood vulnerability was well explained (challenge 17), one of the references pointed to an unrelated IP fragmentation vulnerability. Also, the lead author should change his reference to the Air Force Information Warfare Center from "AFWIC" to AFIWC. He might also re-evaluate his interest in the TAB soft drink. (Read challenge 20!)

I plan to incorporate "Hacker's Challenge" into my analyst development program. I believe challenges 1,4,5,8,12,13, and 16 are suitable for tier one personnel. Challenges 2,3,6,10,11,14,15,17 and 18 are suitable for tier two staff. Tier three personnel may enjoy challenges 7,9,19, and 20. I look forward to second and third follow-on books to further enrich the security community.

(Disclaimer: I received a free review copy from the publisher.)

12 of 14 people found the following review helpful:

5.0 out of 5 stars Real-World Security IQ Test, November 26, 2001

By	W. Fergerstrom "ferg" (san diego, ca) - See all my reviews (REAL NAME)

Mike Schiffman's book, "Hackers Challenge," is a very innovative approach towards computer security learning and skill assessment. Guiding the reader from evidence, to reasons, to how and why, and to the end results of a hack attempt, this book provides a blueprint for pursuing and examining the forensic evidence of an attack. This book cohesively brings together all aspects of a hacking event into 20 separate incidents that will guide the reader towards the ultimate answers but only if you have the ability to see the forest from the trees. If you have the skills to recognize the attacks this book will provide confirmation of your abilities along with items of interest you may have missed. If you are left wondering what all the evidence adds up to, this book will get you as close to the on-site experience as possible that most dry manual or reference books do not provide.

For any system administrator this book provides an invaluable way to test your talents and expertise against real-world hacking events in a safe environment using multiple hardware and software products. This book is a must-have for anyone serious about the security of their systems and their ability to recognize and thwart hackers before, during and after an attack. I highly recommend this book for the beginner looking to build their abilities to a veteran looking to confirm or update their skills.

8 of 10 people found the following review helpful:

3.0 out of 5 stars Good book but light on info, January 19, 2002

By	"arcticfox1" (Canada) - See all my reviews

The premise of the book really intrigued me so I picked it up. While the writing is good and there is some really good information, I don't think the information content was quite worth the money. Not to spoil the mystery for you, but several of the hacks described really just boiled down to a particular type of attack (to compromise) followed by something else. Similarly, the logs provided (for publishing purposes) have to be truncated. In essence, the reader is spoon-fed because only relevant logs are shown; quite different than real life where an admin may be facing 20 Mb of logs that they have to sift through.

One last point. The author of one of the sections was Tim Mullen. Had I known that beforehand, I would not have purchased the book. I've read his articles on securityfocus.com and have little respect for his abilities in the security field. Luckily, he only authored one scenario.