Special Ops: Host and Network Security for Microsoft Unix and Oracle (英語) ペーパーバック – 2003/2/17
Kindle 端末は必要ありません。無料 Kindle アプリのいずれかをダウンロードすると、スマートフォン、タブレットPCで Kindle 本をお読みいただけます。
Special Ops: Internal Network Security Guide is the solution for the impossible 24-hour IT work day. By now, most companies have hardened their perimeters and locked out the "bad guys," but what has been done on the inside? This book attacks the problem of the soft, chewy center in internal networks. We use a two-pronged approach-Tactical and Strategic-to give readers a complete guide to internal penetration testing. Content includes the newest vulnerabilities and exploits, assessment methodologies, host review guides, secure baselines and case studies to bring it all together. We have scoured the Internet and assembled some of the best to function as Technical Specialists and Strategic Specialists. This creates a diversified project removing restrictive corporate boundaries. The unique style of this book will allow it to cover an incredibly broad range of topics in unparalleled detail. Chapters within the book will be written using the same concepts behind software development. Chapters will be treated like functions within programming code, allowing the authors to call on each other's data. These functions will supplement the methodology when specific technologies are examined thus reducing the common redundancies found in other security books.
This book is designed to be the "one-stop shop" for security engineers who want all their information in one place. The technical nature of this may be too much for middle management; however technical managers can use the book to help them understand the challenges faced by the engineers who support their businesses.
Ø Unprecedented Team of Security Luminaries. Led by Foundstone Principal Consultant, Erik Pace Birkholz, each of the contributing authors on this book is a recognized superstar in their respective fields. All are highly visible speakers and consultants and their frequent presentations at major industry events such as the Black Hat Briefings and the 29th Annual Computer Security Institute Show in November, 2002 will provide this book with a high-profile launch.
Ø The only all-encompassing book on internal network security. Windows 2000, Windows XP, Solaris, Linux and Cisco IOS and their applications are usually running simultaneously in some form on most enterprise networks. Other books deal with these components individually, but no other book provides a comprehensive solution like Special Ops. This book's unique style will give the reader the value of 10 books in 1.
Erik Pace Birkholz (CISSP) is a Principal Consultant for Foundstone, specializing in assessing Internet and Intranet security. He has performed nearly a hundred attack and penetration tests since he began his career in 1995. Most recently, he presented his research at the Black Hat Windows Security 2002 Briefings and presented Hacking Exposed: Live! to over 500 of Microsoft's Windows developers at their corporate headquarters in Redmond. Erik also serves asan instructor for Foundstone's "Ultimate Hacking: Hands On" and "Ultimate NT/2000 Security: Hands On" courses. Prior to joining Foundstone, Inc., he served as Assessment Lead for Internet Security System's (ISS) West Coast Consulting Group. Before ISS, Erik worked for Ernst and Young's eSecurity Services as a member of the company's National Attack and Penetration team. He also served as an instructor for E&Y's "Extreme Hacking" course. Erik also workedfor two years as a Research Analyst for the National Computer Security Association (NCSA, now TruSecure Corp).
Erik is a contributing author for the new "Hacking Exposed" titles: "Hacking Exposed: Windows 2000" and "Hacking Exposed, Third Edition." Previously, he was featured in the international best seller, "Hacking Exposed, Second Edition." He also has been published in The Journal of the National Computer Security Association and Foundstone's Digital Battlefield column. He has presented his research findings at multiple Black Hat Windows Security Briefings and The Internet Security Conference (TISC). In 2001, Erik was a panel member for the second annual Orange County Internet Security and Hacking Summit. Throughout his career, Erik has presented results of his research to members of the major federal government agencies, including the Federal Bureau of Investigation, National Security Agency and all branches of the Department of Defense. He lives in Huntington Beach, California.
The Windows coverage is exhaustive, especially the stuff on Active Directory, Exchange and IIS. However UNIX stuff was only given one chapter. While the chapter on SQL server is good, I think more info on MSDE could have been provided. The isssue of the utility of UDP port 1434 (the SQL Slammer port) should have been discussed little more. The information on Mr. Andrew's web site, ... is far more exhaustive. Some of Mr. Litchfield's discussion on SQL injection and the buffer overflow that caused SQL Slammer would have also helped make the SQL Server chapter better.
I think it is a worthy book for its Windows coverage alone. But, IMHO, the title's explicit statement of total Windows and UNIX coverage is a little misleading.
It's difficult for security staff to keep up with the security details of new services and applications. Admins often rely on general purpose manuals, heavy on page count but light on security specifics. Although "Special Ops" weighs in at over 1000 pages, it is the first book to devote attack- and defense-driven chapters to services and applications that matter most. Where else can one find essential, concise security advice on Active Directory (ch. 6), Exchange and Outlook Web Access (ch. 7), Microsoft Terminal Services (ch. 9), Microsoft SQL Server (ch. 12), and Oracle (ch. 13)? These were my favorite chapters, combining examples of attacks, defenses, and proper deployment.
Other chapters broke new ground on old subjects. Had admins taking ch. 10's advice on disabling WebDAV, their Web servers would not have been susceptible to the latest Microsoft IIS vulnerability. The explanation of DNS in ch. 8 is one of the best ever written, and its installation instructions for DJBDNS are sorely welcome after the latest BIND vulnerability. Suggestions for modifying the war dialing tool Tone Loc in ch. 2 save assessors time and effort. Ch. 14's UNIX advice expands beyond the traditional focus on Linux to include Solaris and the BSDs, including discussions of RBAC and filesystem ACLs. I even found something new in the wireless section (ch. 15).
Beyond the product-specific material, "Special Ops" integrates several key themes. Logging, auditing, compartmentalization, network architecture, exposure as "bi-directional visibility," disabling unnecessary services -- many are applied throughout the book.
Because the book features contributions from nearly two dozen authors, it is sometimes internally repetitive and inconsistent. The "CAM" of ch. 15 is incorrectly called "computer-aided manufacturing," while ch. 16's excellent explanation of switch security correctly deciphers "CAM" as "content addressable memory." I would have liked reading about different ways to determine hotfix and patch levels for Windows and UNIX, or at least how existing tools make their determinations. Advice on properly applying Windows service packs, patches, and hotfixes was missing. Ch. 6 assumed a working knowledge of LDAP, which should have been included, at least as an appendix. All of these can be addressed in a second edition.
Overall, "Special Ops" is an incredible book. The authors (thoughtfully identified, chapter by chapter) took the time to explain the internals of the applications they attack and defend. Some authors -- such as the Oracle wizard -- even discovered new vulnerabilities while researching their material! "Special Ops" carries a hefty page count and cover price, but you won't find another book so vital to the security of your enterprise.
I normally classify books into a couple of categories; there are books about things and books that tell you how to do things. Special Ops weighs in at a thousand plus pages and covers Windows XP, 2000, Outlook, Exchange, Unix, Security Policy and much more, yet does not fall neatly into either category. So what category is Special Ops?
Dan Lynch, a founder of the Internet and the founder of Interop once used a term, Bogon filter, years before BGP was invented. Bogon, apparently, was a synonym for blarney if you get my drift. Technical people will tell managers and auditors almost anything because they are pretty sure they can get away with it. The chapters in this book are written by brilliant people; they are packed with useful information. You will not learn enough about securing XP to hang out your shingle, but if you read that chapter a couple times you will certainly be on solid ground to determine if the consultant you are considering hiring to secure your XP systems knows enough to even get near your computer facility. The auditor that invests the time to read this book cover to cover three times should be given a t-shirt that says "Fear me". Special Ops can help you develop a bogon filter better than any other single book I have seen on the marketplace.
Chapter 18, Creating Effective Corporate Security Policies, is one of the most fascinating chapters in the book. Though obviously it covers material that can be found in other places, the authors clearly knows their stuff; it is pure pragmatic advice. The warnings ring true and the links are there.
Though content is the most important ingredient of a technical book and Special Ops is packed with content, layout is also important. The book was happy to lay flat within the first four minutes I was playing with it. The fonts are well chosen and large enough to be readable, the paper is substantial. I do have two complaints regarding layout. After the first reading, it will primarily serve as a reference book, so running a camouflage overprint across half of the table of contents was less than brilliant. The same goes for the silly FAQ stamp on top of the questions. Never intentionally make a book hard to read! On the other hand, summary links for more information and an FAQ for every chapter show a real concern for the needs of the reader. As always, just buying the book and putting it on the shelf will not make your systems and network more secure. I have only met Erik Birkholz twice, but I truly believe that if you come up to him hoping for his autograph he is going to reserve a special word for the person with a copy of Special Ops that is full of sticky notes and scribble in the margins. This author team must have worked very hard to produce something this powerful; drink deep of their knowledge.