Maximum Security: A Hacker's Guide to Protecting Your Internet Site and Network (Paperback)

~ Anonymous (Author)

Editorial Reviews

Amazon.com Review

Written by an anonymous hacker, Maximum Security details hundreds of ways in which invaders may be able to penetrate your system and the steps that you can take to stop them. Before he was arrested, the author used his considerable talents to crack ATMs. Drawing on his vast experience, the author takes you on a journey of the tools that crackers have at their disposal, the ways in which they exploit holes in popular operating systems, and what protective measures are available for each.

At nearly 900 pages, this volume is not only an excellent reference source, but also a testimony to the sheer volume of techniques available to those who wish to illicitly gain access to systems. If you're a system administrator, this book will, quite simply, scare you silly--and it should. It will also help you take preventative steps that will ultimately allow you a well-deserved peace of mind. An included CD-ROM contains a selection of security utilities, such as SAFEsuite, a demo of PORTUS Secure Firewall, and the famous SATAN (Security Administrator Tool for Analyzing Networks), which are all discussed within the book.

From Library Journal

Network administrators need to read this book closely because a lot of aspiring hackers will be reading it closely and will be looking around for somewhere to practice their new skills, e.g., your lan or web server. This book covers in copious detail internet warfare, programming languages, scanners, sniffers, password crackers, trojans, platform security, remote attacks, spoofing, firewalls, and the law. It is a how-to protect book and, by default, a how-to attack book.
Copyright 1997 Reed Business Information, Inc.

See all Editorial Reviews

Product Details

• Paperback: 885 pages
• Publisher: Sams; Bk&CD-Rom edition (June 1997)
• Language: English
• ISBN-10: 1575212684
• ISBN-13: 978-1575212685
• Product Dimensions: 9.5 x 7.5 x 2.2 inches
• Shipping Weight: 3.7 pounds
• Average Customer Review: 4.0 out of 5 stars  See all reviews (100 customer reviews)
• Amazon.com Sales Rank: #1,579,952 in Books (See Bestsellers in Books)

  Popular in this category: (What's this?)

  #36 in

  Books > Computers & Internet > Certification Central > Publisher > Sams

Customer Reviews

Most Helpful Customer Reviews

15 of 17 people found the following review helpful:

5.0 out of 5 stars Knock it all you want, still worth its money, March 10, 1998

By A Customer

Ok, some people said it, the book isn't perfect in an absolute sense. But compare it with other books out there and it's clearly the most real-world reference. Most NT security books merely echo Redmond's news releases and material readily (and free) available on the net. Though more Unix oriented than NT, it discusses plenty of issues that are NOS-independent and apply to everybody. Even if you only care about NT, most hacks will come from Unix/Linux systems. Knowing what tools are available for these platforms is a must, and this book tells you. The only problem is that there are dozens of hacks discovered since the book was written so it's not entirely up to date. Maybe "Anonymous" will get back to the word processor and write a sequel. And can someone tell us what the "secret message about the internet" is already? I'm sooo curious.

18 of 21 people found the following review helpful:

2.0 out of 5 stars I cannot agree with the other reviews at all..., July 4, 1999

By A Customer

This review is from: Maximum Security (Paperback)

I bought this book as a reduced return exemplar a week ago.

I cannot recommend this book. The author has done a very diligent work by collecting hundreds of URLs and texts from the web, but I think he gives no concise overall concept of internet security. The mentioned exploits and attaks are now mostly fixed and thus outdated, so many of the URLs are of limited value.

Maybe the book still is a good starting point for further research on the web, but most documents on the 'net give enough material to search for with altavista.

The sections dealing with VMS and Windows NT are superficial. I personally believe that knowing the standard security tools by name is not sufficient for securing a network.

Due to the dynamic nature of the web and the changing operating systems and new forms of security risks/attacks a book focusing on special tools must be outdated in a very short time. A book on general network security gives a better introduction, i think that the view of an hacker (or cracker) does not help very much in securing a network.

8 of 8 people found the following review helpful:

3.0 out of 5 stars A Third Edition that's lost its edge, June 18, 2001

By	Richard Bejtlich "TaoSecurity.com" (Metro Washington, DC) - See all my reviews (TOP 500 REVIEWER)    (REAL NAME)

This review is from: Maximum Security (3rd Edition) (Paperback)

I am a senior engineer for network security operations who hoped Maximum Security, Third Edition (MS:3E) would revive the spirit of the first edition, published in 1997. Some protested its publication, while others welcomed its endorsement of the full disclosure movement. Sadly, the third edition has become, in the author's words on page 22, "another general Internet security book." Few will find it revolutionary.

MS:3E features 14 authors, each commendably given credit for their chapters. Of these, Craig Balding's chapter on UNIX reigns supreme. For a book labeled "intermediate-advanced," only Craig's chapter delivers at that level. I liked his file system risk and kernel rootkit material, and his service-by-service security discussion was great. In contrast, the chapter on Microsoft's operating systems is mainly a laundry list of outdated exploits. I also found the virus, Cisco, and security policy chapters useful. (Note: chapter 7, page 121 -- TCP sequence numbers count BYTES of data, never packets! This is a common misunderstanding.)

Readers seeking no-nonsense product evaluations should look elsewhere. Bland lists of IDS and firewall packages will neither offend vendors nor offer practical guidance to buyers. I prefer authors who take a stand, like Paul Proctor or Stephen Northcutt -- even if I disagree with them!

MS:3E will not shock the security world as the first edition did. Too many other security web sites and books have shared "hacking secrets" with the masses. This condition endorses the Anonymous author's first edition goal, but makes his third edition redundant. If he plans to write "general security books," I suggest he continue his theme of OS-specific titles. (Maximum Linux Security, Second Edition arrives soon, followed by Maximum Windows 2000 Security, First Edition.) Retire Maximum Security, or write a better general guide after transplanting the OS-specific material to their respective titles. Better yet, write a book on how to develop, code, and employ new exploits; that will be ground-breaking work! (Disclaimer: I received my review copy free from the publisher.)