Looking for Brian Keefer
? <-- Click there.
Book Review: Security Warrior
by Cyrus Peikari & Anton Chuvakin, published by O'Reilly
*** Disclaimer: I obtained Security Warrior
from O'Reilly & Associates, Inc
for free through a community review program with SFOBUG
Immediately upon cracking open this book you'll notice the authors have gone out of their way to lend real "street cred" to it. With contributers and reviews such as Seth Fogie, Mammon_, and Fyodor (to name a few) you get the feeling that this will be a serious examination of the topics, rather than the brief romp through buzzwords like a few security books and articles that I've read in the past. Also in a move that few current-day security professionals are likely to recognize, the authors give a nod to +HCU and one of it's famous members, +Fravia (actually, his website has it Fravia+). When I saw that, it raised my already high hopes for this book.
After the preface, the reader is dumped right into a detailed look at software reverse engineering (or Reverse Code Engineering). I understand that the authors are taking a foundational approach, i.e. start at the machine level and move up through the levels of abstraction, but I am ashamed to say I struggled trying to keep up though the first couple of chapters. Even though I took programming in tech school & university, and I was already familiar with assembly on a basic level, it was difficult to follow the examples, since it's not something I deal with every day. Perhaps it would be better for the average reader to start at the other end, i.e. the familiar application layer (which people deal with as part of their jobs every day), then work down through the logical stack to the bedrock of the machine layer.
Actually this is probably a good time to point out that Security Warrior
is very much a book to read in the evenings, in front of your workstation at home. A lot of the scenarios in the book assume that you will have access to the software being described and that you can follow along. Indeed, the appendix contains a very handy list of SoftIce commands. This is not a good book to attempt to read on airplanes and between flights, like I did (or if you do, you should already have all the programs installed so you can go through the tutorials).
In addition to covering software reversing--which is very useful in two ways, to help you understand attackers, and so you can disassemble malicious code--the book goes on to cover all the normal areas, like network attacks, social engineering, SQL injections, Windows & UNIX specific attacks, etc. A disappointment of mine is that some of the areas were covered in much more depth than others. For instance, while Linux & Windows software reversing and SQL injections were covered in tireless detail, network layer attacks got only a brief mention. I was dearly hoping to see tutorials on how attackers manage to foil firewalls with specifc malicious packets, but alas the tactic was only mentioned, not shown.
As for the style, you distinctly get the feeling that different authors worked on different sections (which they did), but some times the transitions feel a little sudden. The authors aren't shy about mentioning other works they've written (which admittedly, are relevant) and they also take a fairly opinionated stance on various operating systems and software (a stance that they warn you about from the beginning). Thankfully, they are not as informal and blistering as Michael W. Lucas is in Absolute OpenBSD
(which is actually a good book, despite the off-key delivery), but they definately have no love for Windows™ OSs.
Interestingly, the authors are also very frank about the flaws in UNIX-like OSs, particularly Linux (which most experts know isn't much different from Windows in terms of security, but no Linux zealot wants to admit). In particular, the authors shine the bright light of truth on Red Hat Linux, which has had some fairly outrageous security flaws, and the authors even suggest using recent versions of Red Hat as "honeypots" to attract hackers and examine their tactics (since even recent distributions of RH Linux have exploitable flaws).
The book in general is what you could consider a reference, with pointers to numerous tools, utilties, papers, and websites. It's almost worth the cost just as a mini-Google on security & hacking HOW-TOs, without even considering all the in-depth content the authors provide. There are some books that you read once to assimilate the knowledge, then you put it on your bookshelf to collect dust or cover your costs by eBay'ing it. This is not one of those books. Security Warrior
is a book that you will dog-ear and sticky-note like crazy, and keep pulling it off the shelf every time you embark on a new security project or do a job for a new client. If I had to describe Security Warrior
in one word, it would be "toolkit".
This site © copyright 2003,2004 Brian Keefer. Unauthorized republication is forbidden.