REVIEW: "Security Warrior", Cyrus Peikari/Anton Chuvakin

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Jun 24, 2004.

  1. BKSECWRR.RVW 20040509

    "Security Warrior", Cyrus Peikari/Anton Chuvakin, 2004, 0-596-00545-8,
    %A Cyrus Peikari
    %A Anton Chuvakin
    %C 103 Morris Street, Suite A, Sebastopol, CA 95472
    %D 2004
    %G 0-596-00545-8
    %I O'Reilly & Associates, Inc.
    %O U$44.95/C$65.95 800-998-9938 fax: 707-829-0104
    %P 531 p.
    %T "Security Warrior"

    The preface isn't a really clear piece of writing, but does,
    eventually, get around to stating that the book focuses on security
    from an attack, rather than defence, perspective. I have, in numerous
    other reviews, pointed out the errors and limitations in this

    Part one deals with cracking software, primarily involved with
    breaking copy protection. Chapter one explains a few concepts about
    assembly language quite well, and then ends abruptly. Some Windows
    tools for reverse engineering are listed in chapter two, plus a couple
    of poorly explained examples. The material on reverse engineering in
    Linux is longer and more detailed, but still has very limited tutorial
    value, and is padded with extensive code listings of dubious worth.
    Chapter four is supposed to deal with reverse engineering for
    Windows CE, but contains an odd mix of CE operating system
    architecture, a partial list of ARM CPU opcodes, and a description of
    how to crack the registration code check in a program written solely
    to allow you to crack the registration code check embedded within it.
    Overflow attacks, in chapter five, explains buffer and other overflow
    conditions, and gives an example of a buffer overflow as a crack in
    another fake program.

    Part two presents information about networks. Chapter six is a rather
    unstructured overview of TCP/IP and a listing of some sniffing tools.
    (TCP is explained before IP itself, and the relationship of the
    various protocols in the suite is not discussed. A section on "covert
    channels" emphasizes a strange misuse of header fields, and then
    drifts into something like session hijacking.) Social engineering can
    be used in a variety of ways, so it is strange that chapter seven
    should be here rather than in the "Advanced Defence" of part four.
    The random content provided has little organization and a fair number
    of errors: the authors insist that social engineering attacks can be
    divided into active and passive types, but, by its nature, social
    engineering is almost entirely active. (The book does seem to tacitly
    admit this: there is a list of example "active" attacks, but no
    corresponding "passive" list.) Chapter eight mentions a few methods
    of reconnaissance with differing levels of detail. Some more advanced
    techniques for identifying the operating systems in chapter nine, but
    the particulars are similarly inconsistent.

    Part three lists attacks against specific platforms. The authors
    betray their lack of study once again in chapter eleven: UNIX is *not*
    "reborn from" MULTICS (although it was heavily influenced), and TCSEC
    (the Trusted Computer System Evaluation Criteria) is definitely *not*
    the Common Criteria. The various security related aspects, tools, and
    hardening of UNIX are not bad, but lack definition. The UNIX attacks
    listed in chapter twelve are good: ironically, because of the generic
    nature of the descriptions the examples are probably useful as a guide
    to defensive measures, rather than being outdated tricks. The Windows
    client attacks listed in chapter thirteen, because they are specific,
    have limited the material both in scope and utility. Chapter
    fourteen, listing Windows server attacks, notes some interesting
    security bugs in Server 2003 and other programs (and one bit on
    smartcards.) "SOAP XML Web Services Security," in chapter fifteen, is
    a long title for a short piece on XML digital signatures. "SQL
    Injection," in chapter sixteen, has some examples of malformed data
    attacks, and also points out the dangers of adding programming
    functionality to applications. As with social engineering, the tie to
    networks is thin, seemingly limited to the PHPNuke program. Some
    aspects of wireless antennae, sniffing, and a brief review of the
    weaknesses in WEP (Wired Equivalent Privacy) are in chapter seventeen.

    Part four looks at more advanced defence. Miscellaneous thoughts on
    logging are in chapter eighteen. Chapter nineteen has a confused
    explanation of intrusion detection systems (IDS). There is no mention
    of rule (or activity monitoring) based engines, signature based
    engines are said to be restricted to net-based IDS, different terms
    are used for anomaly detection engines on hosts versus networks, and
    there is a muddled attempt to tie Bayesian analysis to odd
    mathematical ratios of false positive (false rejection) and false
    negative (false acceptance) errors. The installation of a simple
    honeypot is described in chapter twenty (which probably *should* be in
    part two). There is a good initial outline of incident response in
    chapter twenty one, but it breaks down when getting into specifics.
    Forensics and antiforensics, in chapter twenty two, gives some
    background and tools for data recovery and obfuscation.

    It is ironic that the book starts out with a quotation from "The Code
    of the Samurai," stating that "[a]ll samurai ought certainly to apply
    themselves to the study of military science. But a bad use can be
    made of this study to puff oneself up and disparage one's colleagues
    by a lot of high-flown but incorrect arguments that only mislead the
    young ..." This assessment fits Peikari and Chuvakin's work almost
    perfectly. There is a lot of interesting information in this volume:
    if you have limited technical background in the fields examined, you
    will find that a quick perusal will provide you with some superficial
    familiarity with the topics. However, the uneven coverage ensures
    that the information is spectacular, rather than tutorial. The
    disjointed jumps from one subject to the next prove the technical
    erudition of the authors, but do not help the reader very much.

    copyright Robert M. Slade, 2004 BKSECWRR.RVW 20040509


    ============= for back issues:
    [Base URL] site
    or mirror
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Security Educ.:
    Review mailing list: send mail to
    Rob Slade, doting grandpa of Ryan and Trevor, Jun 24, 2004
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Thad

    DP Review Leica Digilux 2 Review

    Thad, May 11, 2004, in forum: Digital Photography
    May 12, 2004
  2. Mike McGee
    Mike McGee
    Dec 4, 2003
  3. Shane

    ping Anton

    Shane, Oct 3, 2005, in forum: NZ Computing
    Oct 4, 2005
  4. Replies:
  5. Bucky Breeder

    Miley Cyrus Danced on the Pole

    Bucky Breeder, Aug 13, 2009, in forum: Computer Support
    Old Peeple's Forum
    Aug 14, 2009