Author: Various
Publisher: Syngress
Price: $49.95
Pages: 789
ISBN: 1-928994-70-9

The tag line of Hack Proofing Your Network, Second Edition, is "The Only Way to Stop a Hacker is to Think Like One." Truer words were never spoken. Indeed, the only real distinction between hacking and hack-proofing may ultimately be intent.

This hefty tome is penned (alright, typed) by a baker's dozen of authors, not including several more who originally worked on the book's first edition. Two of the authors are known only by their "hacker handles" (K2 and Rain Forest Puppy) which sound more the names of rock groups than people. This abundance of contributors underscores (perhaps unintentionally) what a broad discipline network security is, and how unlikely it is for any one person to be an expert on all of the various areas that comprise it.

As I mentioned in a previous review of another book in this series, I like these Syngress books because of the way the information is summed up succinctly at the end of each chapter. In addition, each chapter includes a Solutions Fast Track: a bulleted review list of key concepts that reinforce the material. They are great for getting the essence of the chapter without having to plod through all the detail which may not be relevant to your situation.

Hack Proofing Your Network is 17 chapters long, and is a very thorough discussion of network security theory, concepts, and practices. The book approaches the topic from a couple of different perspectives.

The first is from the perspective of programmers. The book explores different classes of vulnerabilities lying in various types of application code (Web servers, databases, and so forth). This includes things like buffer overflows, which are the basis of many of the highest profile and most recent attacks, like Code Red. The book outlines techniques for exposing and exploiting these weaknesses, ostensibly for the purpose of eliminating them in your code. If you've never written code, you'll likely find the examples and some of the terminology difficult to follow, but the information still has value, explaining the rudiments of how these weaknesses are caused.

The other angle of approach is from that of a network engineer. Topics such as encryption and tunneling are explained as means to provide secure communications, and the book goes into detail on things like sniffing (reading frames off a wire in order to glean information), and spoofing (providing false information to another host), telling the reader what they are and how to do it.

Coming from a networking rather than a programming background, my favorite chapters were on sniffing and outlining the differences between viruses, worms, and Trojan horses (three terms too often used interchangeably).

Even if, like me, you have a solid understanding of TCP/IP (but no particular expertise in security), this book can be somewhat disturbing to read, since it outlines the myriad ways that computers on your network can be attacked, infiltrated, and compromised. It confirmed what I knew to be possible but tried not to think about. This book forces you to think like a hacker, and realize that what is possible may also be probable and in fact going on right under your nose.

Unfortunately, the book is that it doesn't include a CD. The book is strewn with references to various relevant utilities, including protocol analyzers, tools for session hijacking and other attacks, and programs to audit your environment and check for vulnerabilities. Most of these are open source and freely distributable, so it would be nice if they were collected and included with the book.

That is ultimately a minor complaint. If you're a programmer, network administrator, or simply an interested observer, you'll learn a great deal by reading this book. Just make sure you put your newfound knowledge to good use.