Mike Schiffman

This book is a real wake-up call: By the time you've finished reading this book you'll be wanting to rush out and lock down all your systems, install intrusion detection and completely review your security and admin procedures.There are 20 scenarios, each of which reads as a story. As the story develops it becomes apparent that something bad has happened or is happening. You are shown log files and given other clues. Then you are asked what has happened, how it happened, how it could have been prevented. In the rear half of the book the solutions are given as a continuation of the story. The exploit is identified, the evidence and logs are preserved, the network is locked down and the procedures reviewed. Each scenario is completed with URLs to real security products you can download, such as SNORT, to use in your own organisation. Most of the exploits are IIS flaws but the point is that it is the ability to spot that something is wrong - slow systems, lack of bandwidth, strange operations, etc - which this book teaches. There are exploits and intrusions involving UNIX and even Wi-Fi covered in this book, as well as notes on keeping software up to date. A must read, and indeed an investment, for any network or security administrator.… (mehr)