6 of 9 people found the following review helpful
This review is from: Hacking Exposed Linux, 3rd Edition (Paperback)
Quoted by request from Pete Herzog:
"As the project lead for this book, we did look to encompass hacking
ALL of Linux and not just networking. We spent the first 3 short
chapters of the book explaining how to apply the OSSTMM, the FREE,
OPEN standard for proper security testing, to the testing of the
systems. It was in no way an advertisement for something that is
public domain (and free!). The reviewer also refers to things which
were covered in the book under authentication attacks (FTP, SSH,
RLOGIN, TELNET) through dictionary and brute-force attacks. We ignored
RPC because that is used in MS Windows systems so why would it be? We
also talk about where to find the latest exploits and tools to use
them. We did not list exploits for various services because most of
them are old and if not, would be by the time the book was published.
The reviewer mentions RLOGIN which has not had a service exploit since
2001! The best ways to try to hack something that has no known
exploits is explained. We just don't need a whole book to do it.
Instead we focus on the few big, complicated services in Linux
networking (DNS, SMTP, and HTTP/S) and devote whole chapters to them.
The book will help people focus on securing their Linux systems no
matter what they do with it-- desktop, services, coding workbench,
wireless node, PBX, VOIP, etc. by hacking them, it just doesn't waste
your time with old exploits."
Sort: Oldest first | Newest first
Showing 1-1 of 1 posts in this discussion
Initial post: Oct 25, 2008 9:59:52 PM PDT
Richard Bejtlich says:
Authors giving their books five stars is lame. Also:
"We ignored RPC because that is used in MS Windows systems so why would it be?"
Ever heard of SunRPC?
‹ Previous 1 Next ›