REVIEW: "Computer Security for the Home and Small Office", Thomas C. Greene

Discussion in 'Computer Security' started by Rob Slade, doting grandpa of Ryan and Trevor, Aug 17, 2004.

  1. BKCMSCHO.RVW 20040727

    "Computer Security for the Home and Small Office", Thomas C. Greene,
    2004, 1-59059-316-2, U$39.99/C$57.95
    %A Thomas C. Greene
    %C 2560 Ninth Street, Suite 219, Berkeley, CA 94710
    %D 2004
    %G 1-59059-316-2
    %I Apress
    %O U$39.99/C$57.95 510-549-5930 fax 510-549-5939
    %P 405 p.
    %T "Computer Security for the Home and Small Office"

    Thomas Greene asked me to do the technical review for this book, which
    speaks to his bravery, regardless of what it says about his wisdom.
    So there's no point in pretending that I'm unbiased here. However, I
    must say that I was bracing myself for yet another security book by a
    writer rather than a techie--and was delightfully surprised, right
    from the beginning, at how useful Greene's material was.

    The "Introduction" is a bit unusual: it doesn't lay out the theme or
    structure of the book, but jumps right into dispelling myths and
    making suggestions. You will be introduced to the fact that Greene is
    an Open Source/Linux ... well, fanatic might be too mild a term,
    extremist might be closer to reality. There is also a section on how
    to get, and configure, the Mozilla Web browser for safer surfing.

    Chapter one deals with the dark side of computing, and a variety of
    attendant risks. The descriptions sometimes gloss over technical
    niceties, but the assessment of threat levels is more reasonable than
    in most similar works. Vulnerabilities and means of attack are
    presented in chapter two. An excellent and helpful list of Windows
    services that most users can turn off at no cost to function (and
    considerable addition in safety) is provided, as is a similar list for
    Linux. A sensible review of social engineering is presented in
    chapter three. More advanced tools are introduced in chapter four,
    but, in contrast to many similar works, the text goes on to provide
    explanations and suggestions on use.

    Chapter five explains many places where information may be stored on
    your computer (and network) in the course of normal operations, and
    how to clean up after yourself. Greene really lets himself go in his
    promotion of Linux and Open Source software in chapter six, presenting
    sanguine arguments. In chapter seven, a number of anecdotes are used
    to support the idea that you can learn about the computer and take
    control of your own safety, without having to live in fear of the
    unknown, or be dependent upon consultants of unknown competence.

    This book presents material for the intelligent but non-specialist
    computer user. The text is readable, and the content useful. It does
    not cover the entire range of computer security, but it does provide
    valuable information for those who rely on computers for their work,
    and would like to achieve a level of security that is significantly
    higher than that available by default, without having to spend a great
    deal of time and money on it. Particularly for the Windows XP user,
    this is my primary endorsement for a computer security book. I would
    also recommend the work to security professionals, at least as a
    reference, since it contains Windows configuration that system
    administrators should know, and the vast majority don't.

    copyright Robert M. Slade, 2004 BKCMSCHO.RVW 20040727


    ============= for back issues:
    [Base URL] site
    or mirror
    CISSP refs: [Base URL]mnbksccd.htm
    Security Dict.: [Base URL]secgloss.htm
    Security Educ.: [Base URL]comseced.htm
    Book reviews: [Base URL]mnbk.htm
    [Base URL]review.htm
    Security Educ.:
    Review mailing list: send mail to
    Rob Slade, doting grandpa of Ryan and Trevor, Aug 17, 2004
    1. Advertisements

  2. Rob Slade, doting grandpa of Ryan and Trevor

    Kleeb Guest

    That sounds like my kind of book. Thanks for the review.


    Kleeb, Aug 17, 2004
    1. Advertisements

  3. <snip>

    Just to second that.. you might not get too many replies or thanks for your
    reviews, but there's at least one other person who appreciates them... :eek:)

    Please keep up the good work!


    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!
    Hairy One Kenobi, Aug 18, 2004
  4. Rob Slade, doting grandpa of Ryan and Trevor

    XC_22-188-16 Guest

    I'm 16 years old and I say the guy is full of shit!

    What about buffer overflow, Huh? What about nessus & dsniff? Home and small
    office my ass..First of all: You know damn good and well that there is NO
    WAY to secure a windows O/S..

    If you want to, secure your system, than the first thing you will need to do
    is STOP PLAYING ON WINDOWS. Get a real O/S like slack, OpenBSD--FreeBSD
    learn the basics.
    Next; learn to hack.....Learn how to sniff packets, next, learn how to
    decrypt those (packets) and crack md5 with say John.
    From there learn how to exploit buffer overflow...WINDOWS IS FULL OF
    IT.,,,,,,,,Learn how to use Nessus and Dsniff, setup a small network and
    learn to use ethereal.
    Now that you have the tools of hackers and see how they think. THEN YOU WILL
    BE ABLE TO LOOK at your home pc and say: Now that I know how to hack, I can
    protect my computer/network. You need to know what tools are out there and
    what they do.

    This should scare the hell out of anyone that uses windows.

    You need to look at what's out there......
    XC_22-188-16, Aug 18, 2004
  5. Rob Slade, doting grandpa of Ryan and Trevor

    Ant Guest

    And I say you've got a lot to learn.
    Utter rubbish. My Win2K is perfectly secure, and that's without a
    firewall, and without the Sasser patch. Why? Because I understand the
    OS, know exactly what's running and why, don't have stuff listening on
    open ports, and don't go installing or running every piece of malware
    that comes my way. RPC/DCOM, NetBT, SMB, etc, exploits and buffer
    overflows from an Internet connected PC are a non-issue when you have
    minimal services running, and close off the ports that Windows listens
    on by default. I can even use an unpatched IE with little worry, it's
    locked down so tight.

    Do you even know what a hacker is? I've been hacking code for 30

    What's scary about a load of utilities, packet sniffers, and
    encryption software?
    Ant, Aug 18, 2004
  6. Rob Slade, doting grandpa of Ryan and Trevor

    Kleeb Guest

    I was merely stating that this kind of book is what I would buy, and by
    the sounds of the review, would give me quite a few pointers regarding my
    Linux usage.

    Your rants have done nothing to dissuade me, although of course, you're
    entitled to your opinion/s.

    I presume you've read the book then ?

    I have no interest whatsoever in learning how to 'hack'. I'm quite
    satisfied with what's on my own computer, without needing to peek into

    I'm 35 years old and I say you need to lay off the stimulants.



    P.S. I'm still grateful for the review, thanks Mr.Slade. :)
    Kleeb, Aug 18, 2004
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.