REVIEW: "Defend I.T.", Ajay Gupta/Scott Laliberte

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Jul 22, 2004.

  1. BKDFNDIT.RVW 20040623

    "Defend I.T.", Ajay Gupta/Scott Laliberte, 2004, 0-321-19767-4,
    %A Ajay Gupta
    %A Scott Laliberte
    %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
    %D 2004
    %G 0-321-19767-4
    %I Addison-Wesley Publishing Co.
    %O U$34.99/C$49.99 800-822-6339 Fax: 617-944-7273
    %P 349 p.
    %T "Defend I.T.: Security by Example"

    The preface states that this collection of (sixteen) "case studies" is
    intended to explain the security profession. This seems to be a bit
    of a challenge since not all security work involves "cases."

    Part one is entitled "Basic Hacking." Chapter one describes the
    process of enumerating a network with nmap and other tools. There is
    lots of information about blackhat activity in this regard, but
    nothing on defending IT and nothing on what security professionals do.
    Chapter two, however, actually does deal with security work in
    describing forensics and the importance of logs and auditing when
    dealing with intrusions and attacks over trusted links. Unlike the
    conceptual discussion in chapter two, chapter three's packet dump
    listings are not explained in terms of the evidence that would
    indicate a DDoS (Distributed Denial of Service) attack.

    Part two's emphasis seems to be on how "current methods" of security
    are insufficient for most companies. Chapter four follows the
    security assessment of a new wireless network, although not quite the
    system design process promised at the beginning. A virus infection
    (except that Sadmind is a worm) is used to demonstrate the need for
    patching and scanning, in chapter five. A worm infection is used, in
    chapter six, to prove the need for incident response. (There is
    significant misleading information: the user actions described would
    not start a worm, and virus scanning of email would not prevent it.)
    Chapter seven looks at a web defacement indicating the need for clear
    contracts and understandings in penetration tests.

    Part three reviews additional items. Chapter eight deals with the
    selection of an IDS (Intrusion Detection System), but could be a
    general model for any security acquisition. While a company's ad hoc
    recovery from disaster is exciting, chapter nine does not clearly make
    the case for business continuity planning. Policy is vital to
    security, but chapter ten does not effectively demonstrate either the
    centrality or the process. Chapter eleven could have had the
    requirements of HIPAA (Health Insurance Portability and Accountability
    Act) point out the need for re-assessment under changing legislation,
    but didn't.

    Part four nominally reviews old stuff. Unfortunately, it returns to
    the pattern of chapter one, concentrating on the attack aspects and
    limiting the discussion of defence. Chapter twelve looks at war
    dialling and says very little about the countermeasures: thirteen is
    even worse in dealing with social engineering.

    Part four covers aspects of computer forensics. Supposedly about
    industrial espionage, fraud, and a really clumsy attempt at extortion,
    chapters fourteen to sixteen actually just recycle the usual material
    on data recovery and chain of custody.

    A "conclusion" attempts to fill in the holes that this book leaves in
    dealing with other areas of security.

    The division of the book into parts seems quite arbitrary and
    artificial. The groups of chapters do seem to have vague themes, but
    they are tenuous at best.

    Overall, the book must be said to have gone some ways towards
    fulfilling its goal of explaining what the security profession is
    about. Not the whole way: there are serious gaps in the coverage, and
    someone getting a picture of a security career from this book alone
    would receive a fairly skewed image. But the book does present some
    interesting aspects of the field in a (mostly) readable form. There
    are any number of books that present a more misleading image.

    copyright Robert M. Slade, 2004 BKDFNDIT.RVW 20040623


    ============= for back issues:
    [Base URL] site
    or mirror
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Security Educ.:
    Review mailing list: send mail to
    Rob Slade, doting grandpa of Ryan and Trevor, Jul 22, 2004
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. m1k30rz

    Scott Woodlands

    m1k30rz, Jun 21, 2005, in forum: Case Modding
    Aug 13, 2005
  2. Scott

    The name 'Scott'

    Scott, Dec 31, 2003, in forum: Computer Support
    Ralph Wade Phillips
    Jan 1, 2004
  3. Fishb8
    Sep 4, 2003
  4. -=[Waylon Smithers]=-

    Sahil Gupta back in the news again

    -=[Waylon Smithers]=-, May 19, 2005, in forum: NZ Computing
    Dave -
    May 20, 2005
  5. Better Info
    Ray Fischer
    Dec 15, 2009