Most Helpful Customer Reviews
|
|
9 of 9 people found the following review helpful:
4.0 out of 5 stars
Highly recommended for novices, May 10, 2004
By A Customer
Mr. Greene examines multiple areas regarding computer security covering subject areas such as hackers, viruses and worms, adware/spyware, data traces (such as file slack space and data traces), internet privacy, internet anonymity, wireless security and many others. A nice thing about this book is the range of topics covered which allows beginner or novice users to expose themselves to a number of concepts that are completely unfamilliar. The author takes the reader step-by-step through important tasks such as disabling services that put your computer at risk of attack, configuring your computer for SSH tunneling, and using netstat and ethereal to monitor connections being made to your computer. These step-by-step instructions make it easy for naive readers to perform basic security functions that would otherwise be reserved for intermediate and power users. One downside to this book is the reader is often given only the minimum explanation on subjects of interest often leaving more questions in the reader's head than were present before the subject was discussed. This is likely due to page constraints inherent in covering such a broad topic and basically puts it in the reader's hands to seek out more information.The author focuses on hardening Microsoft Windows XP since this is by far the most common operating system on PCs (not to mention it is in dire need of securing due to the way in which it is made and distributed). Despite the emphasis on Windows XP the author covers Linux systems as well since it is gaining popularity and appears to be his personal preference. The author doesn't hide his frustrations with Microsoft and takes every opportunity to explain ways in which Linux is superior. The appendices are quite useful as they contain summaries on important configurations discussed in the book, a glossary of technical terms, a list of commonly used and exploited ports, and a list of helpful online resources. The recommendation of this book is for beginner to intermediate level users. Being as naïve as I was it was a safe bet that this book would be completely novel to me but depending on how one defines `intermediate user' this book may contain many things an intermediate user is already familiar with. This book is written clearly enough such that no one should fear it being too difficult to understand. To give you an idea of where my knowledge base was when I ordered the book, I knew that firewalls somehow `hide' your computer on the internet and I knew an IP address is how your computer is identified over the internet. That's about it! By no stretch of my imagination do I classify myself as anything more than an `informed beginner' but I'm now aware of many of the risks involved with network computing and I feel I have enough knowledge to manage some of those risks and research them on my own. I highly recommend this book for people who, like me, feel that computer literacy is too overwhelming of a subject to even begin to understand and have often relied on network administrators or that `friend of a friend who knows some stuff about computers' to help you understand how your computer works. This book is by no means the definitive authority on understanding computer networks and computer security but you can be certain it will be less mysterious of a subject after you've read it. I don't give it the full 5 stars because I felt some subjects (in particular netstat) were far too brief and could have been explained in more detail. (By the way, Amazon.com installs adware on your computer.)
|
|
|
8 of 8 people found the following review helpful:
5.0 out of 5 stars
Awesome security treatise for layman!, May 4, 2004
I have to admit that when I just started reading the book, I only hoped to find the entertaining read, written by a cool and famous technology journalist. However, it looks like I was up for a pleasant surprise and the book was way better than that, event delivering some new material on security. It is important to note that the book is not targeted for security experts in its coverage of material, but presents a clearly written and entertaining "story" of computer security. It covers threats and vulnerabilities, social and technical issues, various platforms (focusing on Linux and Windows). The book possesses a noticeable anti-Windows bias, justified by security history of this platform. Open source solutions such as Linux and Mozilla are recommended by the author. In fact, he implies that in the ideal world only experts should be allowed to run Windows (since it is so hard to secure), while the rest should go with Linux, which is more transparent and behaves predictably (which greatly contributes to its security). The book offers an amazing breadth of coverage, starting from simple Linux and Windows security tips all the way to malware (such as spyware, viruses and worms), basics of security risk analysis, privacy abuses, erasing trace of activity from computers and even "cyberterrorism". I also liked how well the author presented encryption - usually a difficult subject for security novices. Highly recommended for those curious about computer security and pretty much everyone using a computer (and, thus likely fighting malware and various bugs). At times, the book does go to more in-depth subjects such as NAT, Windows registry and Linux file system structure, but even in those areas the style seems perfectly acceptable for a security neophyte. Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major security information management company. He is the author of the book "Security Warrior" (O'Reilly, 2004). His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
|
|
|
10 of 11 people found the following review helpful:
4.0 out of 5 stars
Good material with definite biases..., July 13, 2004
I recently finished reading and reviewing the book Computer Security for the Home and Small Office by Thomas C. Greene (Apress). While it does seem to lose focus a bit towards the end and has a definite bias (which I agree with!), the overall content and information is vital to know and understand.The chapter breakdown:
Introducing the Dark Side; Vectors; Social Engineering; From Newbie to Power User; Treasure Hunt; The Open-Source Escape Hatch; Trust Nothing, Fear Nothing; Glossary; Procedures, Processes, and Ports; Online Resources; Index First off, this is a highly readable and interesting book on how to secure your computer systems against attacks and keep your data private. The author is very vocal in his opinions, and you'll quickly learn where those biases are. He is a major proponent of using Linux and ditching Windows. The only reason you should use IE is because you're forced to. Even with that, he does go into each system and explain in detail what you need to do in order to harden your system. This includes shutting down unnecessary services, running anti-virus software, and using firewalls. All the stuff you'd expect to see in a book like this, and he delivers. The detail is sufficient for most intermediate users to follow, and after you're done you'll have a system that most script kiddies will bypass as it's not worth the time or effort to crack. Starting in the Trust Nothing chapter, he starts to rant about how security is portrayed in the media, along with the potential conflicts of interest between vunerabilities and the companies who fix them. While interesting material, the focus on home/small office seems to get lost in the mix. I don't know if it's just the style of the writing or what, but I was starting to wonder if we could just move on... Windows bashers will love the book, Windows defenders will think he's overly critical of the platform. Either way, this is material you can't afford to ignore in today's environment.
|
|
|
Most Recent Customer Reviews
|
