Book review by Joe Moran
September 24, 2002
The tag line of Hack Proofing Your Network, Second Edition,
is "The Only Way to Stop a Hacker is to Think Like
One." Truer words were never spoken. Indeed, the only
real distinction between hacking and hack-proofing may ultimately
This hefty tome is penned (alright, typed) by a baker's
dozen of authors, not including several more who originally
worked on the book's first edition. Two of the authors are
known only by their "hacker handles" (K2 and Rain
Forest Puppy) which sound more the names of rock groups
than people. This abundance of contributors underscores
(perhaps unintentionally) what a broad discipline network
security is, and how unlikely it is for any one person to
be an expert on all of the various areas that comprise it.
As I mentioned in a previous
review of another book in this series, I like these
Syngress books because of the way the information is summed
up succinctly at the end of each chapter. In addition, each
chapter includes a Solutions Fast Track: a bulleted review
list of key concepts that reinforce the material. They are
great for getting the essence of the chapter without having
to plod through all the detail which may not be relevant
to your situation.
Hack Proofing Your Network is 17 chapters long, and is
a very thorough discussion of network security theory, concepts,
and practices. The book approaches the topic from a couple
of different perspectives.
The first is from the perspective of programmers. The book
explores different classes of vulnerabilities lying in various
types of application code (Web servers, databases, and so
forth). This includes things like buffer overflows, which
are the basis of many of the highest profile and most recent
attacks, like Code Red. The book outlines techniques for
exposing and exploiting these weaknesses, ostensibly for
the purpose of eliminating them in your code. If you've
never written code, you'll likely find the examples and
some of the terminology difficult to follow, but the information
still has value, explaining the rudiments of how these weaknesses
The other angle of approach is from that of a network engineer.
Topics such as encryption and tunneling are explained as
means to provide secure communications, and the book goes
into detail on things like sniffing (reading frames off
a wire in order to glean information), and spoofing (providing
false information to another host), telling the reader what
they are and how to do it.
Coming from a networking rather than a programming background,
my favorite chapters were on sniffing and outlining the
differences between viruses, worms, and Trojan horses (three
terms too often used interchangeably).
Even if, like me, you have a solid understanding of TCP/IP
(but no particular expertise in security), this book can
be somewhat disturbing to read, since it outlines the myriad
ways that computers on your network can be attacked, infiltrated,
and compromised. It confirmed what I knew to be possible
but tried not to think about. This book forces you to think
like a hacker, and realize that what is possible may also
be probable and in fact going on right under your nose.
Unfortunately, the book is that it doesn't include a CD.
The book is strewn with references to various relevant utilities,
including protocol analyzers, tools for session hijacking
and other attacks, and programs to audit your environment
and check for vulnerabilities. Most of these are open source
and freely distributable, so it would be nice if they were
collected and included with the book.
That is ultimately a minor complaint. If you're a programmer,
network administrator, or simply an interested observer,
you'll learn a great deal by reading this book. Just make
sure you put your newfound knowledge to good use.