«

BKCMSCHO.RVW 20040727

"Computer Security for the Home and Small Office", Thomas C. Greene,
2004, 1-59059-316-2, U$39.99/C$57.95
%A Thomas C. Greene http://basicsec.org
%C 2560 Ninth Street, Suite 219, Berkeley, CA 94710
%D 2004
%G 1-59059-316-2
%I Apress
%O U$39.99/C$57.95 510-549-5930 fax 510-549-5939
%O http://www.amazon.com/exec/obidos/AS...bsladesinterne
http://www.amazon.co.uk/exec/obidos/...bsladesinte-21
%O http://www.amazon.ca/exec/obidos/ASI...bsladesin03-20
%P 405 p.
%T "Computer Security for the Home and Small Office"

Thomas Greene asked me to do the technical review for this book, which
speaks to his bravery, regardless of what it says about his wisdom.
So there's no point in pretending that I'm unbiased here. However, I
must say that I was bracing myself for yet another security book by a
writer rather than a techie--and was delightfully surprised, right
from the beginning, at how useful Greene's material was.

The "Introduction" is a bit unusual: it doesn't lay out the theme or
structure of the book, but jumps right into dispelling myths and
making suggestions. You will be introduced to the fact that Greene is
an Open Source/Linux ... well, fanatic might be too mild a term,
extremist might be closer to reality. There is also a section on how
to get, and configure, the Mozilla Web browser for safer surfing.

Chapter one deals with the dark side of computing, and a variety of
attendant risks. The descriptions sometimes gloss over technical
niceties, but the assessment of threat levels is more reasonable than
in most similar works. Vulnerabilities and means of attack are
presented in chapter two. An excellent and helpful list of Windows
services that most users can turn off at no cost to function (and
considerable addition in safety) is provided, as is a similar list for
Linux. A sensible review of social engineering is presented in
chapter three. More advanced tools are introduced in chapter four,
but, in contrast to many similar works, the text goes on to provide
explanations and suggestions on use.

Chapter five explains many places where information may be stored on
your computer (and network) in the course of normal operations, and
how to clean up after yourself. Greene really lets himself go in his
promotion of Linux and Open Source software in chapter six, presenting
sanguine arguments. In chapter seven, a number of anecdotes are used
to support the idea that you can learn about the computer and take
control of your own safety, without having to live in fear of the
unknown, or be dependent upon consultants of unknown competence.

This book presents material for the intelligent but non-specialist
computer user. The text is readable, and the content useful. It does
not cover the entire range of computer security, but it does provide
valuable information for those who rely on computers for their work,
and would like to achieve a level of security that is significantly
higher than that available by default, without having to spend a great
deal of time and money on it. Particularly for the Windows XP user,
this is my primary endorsement for a computer security book. I would
also recommend the work to security professionals, at least as a
reference, since it contains Windows configuration that system
administrators should know, and the vast majority don't.

copyright Robert M. Slade, 2004 BKCMSCHO.RVW 20040727

--
======================

============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
or mirror http://sun.soci.niu.edu/~rslade/
CISSP refs: [Base URL]mnbksccd.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
Security Educ.: http://groups.yahoo.com/group/comseced/
Review mailing list: send mail to techbooks-
or techbooks-

On Tue, 17 Aug 2004 15:33:24 +0000, Rob Slade, doting grandpa of Ryan and
Trevor schrieb :

> "Computer Security for the Home and Small Office", Thomas C. Greene, 2004,
> 1-59059-316-2, U$39.99/C$57.95
> %A Thomas C. Greene http://basicsec.org %C 2560
> Ninth Street, Suite 219, Berkeley, CA 94710 %D 2004
> %G 1-59059-316-2
> %I Apress
> %O U$39.99/C$57.95 510-549-5930 fax 510-549-5939 %O
> http://www.amazon.com/exec/obidos/AS...bsladesinterne
> http://www.amazon.co.uk/exec/obidos/...bsladesinte-21
> %O http://www.amazon.ca/exec/obidos/ASI...bsladesin03-20 %P
> 405 p.
> %T "Computer Security for the Home and Small Office"
>
> Thomas Greene asked me to do the technical review for this book, which
> speaks to his bravery, regardless of what it says about his wisdom. So
> there's no point in pretending that I'm unbiased here. However, I must
> say that I was bracing myself for yet another security book by a writer
> rather than a techie--and was delightfully surprised, right from the
> beginning, at how useful Greene's material was.

That sounds like my kind of book. Thanks for the review.

Cordially,

Kleeb.

"Kleeb" <> wrote in message
news:fNvUc.665$...
> On Tue, 17 Aug 2004 15:33:24 +0000, Rob Slade, doting grandpa of Ryan and
> Trevor schrieb :

<snip>

Just to second that.. you might not get too many replies or thanks for your
reviews, but there's at least one other person who appreciates them... )

Please keep up the good work!

--

Hairy One Kenobi

Disclaimer: the opinions expressed in this opinion do not necessarily
reflect the opinions of the highly-opinionated person expressing the opinion
in the first place. So there!

Kleeb wrote:

> On Tue, 17 Aug 2004 15:33:24 +0000, Rob Slade, doting grandpa of Ryan and
> Trevor schrieb :
>
>> "Computer Security for the Home and Small Office", Thomas C. Greene,
>> 2004, 1-59059-316-2, U$39.99/C$57.95
>> %A Thomas C. Greene http://basicsec.org %C 2560
>> Ninth Street, Suite 219, Berkeley, CA 94710 %D 2004
>> %G 1-59059-316-2
>> %I Apress
>> %O U$39.99/C$57.95 510-549-5930 fax 510-549-5939 %O
>> http://www.amazon.com/exec/obidos/AS...bsladesinterne
>> http://www.amazon.co.uk/exec/obidos/...bsladesinte-21
>> %O http://www.amazon.ca/exec/obidos/ASI...bsladesin03-20 %P
>> 405 p.
>> %T "Computer Security for the Home and Small Office"
>>
>> Thomas Greene asked me to do the technical review for this book, which
>> speaks to his bravery, regardless of what it says about his wisdom. So
>> there's no point in pretending that I'm unbiased here. However, I must
>> say that I was bracing myself for yet another security book by a writer
>> rather than a techie--and was delightfully surprised, right from the
>> beginning, at how useful Greene's material was.
>
> That sounds like my kind of book. Thanks for the review.
>

I'm 16 years old and I say the guy is full of ****!

What about buffer overflow, Huh? What about nessus & dsniff? Home and small
office my ass..First of all: You know damn good and well that there is NO
WAY to secure a windows O/S..

If you want to, secure your system, than the first thing you will need to do
is STOP PLAYING ON WINDOWS. Get a real O/S like slack, OpenBSD--FreeBSD
learn the basics.
Next; learn to hack.....Learn how to sniff packets, next, learn how to
decrypt those (packets) and crack md5 with say John.
From there learn how to exploit buffer overflow...WINDOWS IS FULL OF
IT.,,,,,,,,Learn how to use Nessus and Dsniff, setup a small network and
learn to use ethereal.
Now that you have the tools of hackers and see how they think. THEN YOU WILL
BE ABLE TO LOOK at your home pc and say: Now that I know how to hack, I can
protect my computer/network. You need to know what tools are out there and
what they do.

This should scare the hell out of anyone that uses windows.
http://www.freebsd.org/ports/security.html

You need to look at what's out there......

"XC_22-188-16" wrote...
> Kleeb wrote:
> > That sounds like my kind of book. Thanks for the review.
>
> I'm 16 years old and I say the guy is full of ****!

And I say you've got a lot to learn.

> What about buffer overflow, Huh? What about nessus & dsniff? Home
> and small office my ass..First of all: You know damn good and well
> that there is NO WAY to secure a windows O/S..

Utter rubbish. My Win2K is perfectly secure, and that's without a
firewall, and without the Sasser patch. Why? Because I understand the
OS, know exactly what's running and why, don't have stuff listening on
open ports, and don't go installing or running every piece of malware
that comes my way. RPC/DCOM, NetBT, SMB, etc, exploits and buffer
overflows from an Internet connected PC are a non-issue when you have
minimal services running, and close off the ports that Windows listens
on by default. I can even use an unpatched IE with little worry, it's
locked down so tight.

[snip]
> Now that you have the tools of hackers and see how they think.

Do you even know what a hacker is? I've been hacking code for 30
years.

[snip]
> This should scare the hell out of anyone that uses windows.
> http://www.freebsd.org/ports/security.html

What's scary about a load of utilities, packet sniffers, and
encryption software?

On Tue, 17 Aug 2004 20:31:11 -0400, XC_22-188-16 schrieb :

> I'm 16 years old and I say the guy is full of ****!
>
> What about buffer overflow, Huh? What about nessus & dsniff? Home and
> small office my ass..First of all: You know damn good and well that
> there is NO WAY to secure a windows O/S..

I was merely stating that this kind of book is what I would buy, and by
the sounds of the review, would give me quite a few pointers regarding my
Linux usage.

Your rants have done nothing to dissuade me, although of course, you're
entitled to your opinion/s.

I presume you've read the book then ?

I have no interest whatsoever in learning how to 'hack'. I'm quite
satisfied with what's on my own computer, without needing to peek into
others.

I'm 35 years old and I say you need to lay off the stimulants.

Cordially,

Kleeb.

P.S. I'm still grateful for the review, thanks Mr.Slade.