Online-Bibliothek

Praise for Aviel D. Rubin's 'White-Hat Security Arsenal'

'As a researcher, Avi has produced excellent work in a number of areas, and is an engaging writer. With the vast new opportunities on the Internet come problems, complex and confusing.... This book considers many of these problems, analyzes them, and presents fine solutions. More importantly, Avi presents approaches to the solutions, which generalize to related problems you will encounter.... A book like this is a tremendous aid.' --From the foreword by William R. Cheswick

'This is one of the most readable yet exhaustive books on a vital aspect of computer technology. All computer users, whether they be hackers, IT professionals, academics, or just lay users, will benefit from its content and derive pleasure from its clear and user-friendly style. Rubin has done a great service by identifying and explicating the complexities and subtleties of computer security.' --Jack Goldman, Ph.D., Founder of Xerox PARC

''White-Hat Security Arsenal' is an enormously valuable toolkit for anyone who depends on the Internet today. It gives a refreshingly realistic and hype-free picture of the threats, with practical and up-to-date guidance not only on how to protect yourself, but on what to worry about if you don't.' --Matt Blaze, Ph.D., AT&T Labs-Research

'Avi's book has breadth and depth relating to information security defense needs. It tackles your shackles and threats in Nets with blistery history and constructive realism.' --Peter G. Neumann, Ph.D., Principal Scientist, Computer Science Lab, SRI International, author of 'Computer-Related Risks,' moderator of the ACM Risks Forum

'Avi Rubin has done a stunning job of presentingthe material and correctly stressing key points.... I can't wait to recommend this book to security folks in my own company and other companies with whom I am affiliated. It is extremely well done and offers many you-can-use-them-today insights.' --Sandra Henry-Stocker, Lea

As a diverse collection of information--much of it at a fairly advanced level--White-Hat Security Arsenal: Tackling the Threats is a valuable primer on matters of computer and network security. The author doesn't offer specific instructions on how to harden your systems against attack, and doesn't go far in explaining how to build security into software you write. But he does offer good overviews of how particular manifestations of malice--such as Babylonia (a specific virus) and distributed denial of service (DDOS) systems (a broad class of attack)--work. Similarly, he details how security protocols and mechanisms--packet filters and the Secure Sockets Layer (SSL) protocol are two examples--go about their tasks. In brief, the book breaks little new ground, but it covers the familiar data communications security material extremely capably and with frequent reference to the most recent exploits of the bad guys. Rubin is at his best in explaining the details of security protocols, which rarely make intuitive sense. Using the proven "conversation" method of illustration ("Alice sends her public key to Bob..."), he untangles even the remarkably obtuse Diffie-Hellman algorithm. He backs the dialogues with the formulas that underlie encryption and authentication, and usually translates the simplified conversations into the actual messages exchanged by machines. This book is worth the cover price for its lucid explanations of how security protocols work. It also highlights places in which security technology is lacking (in making sure no unauthorised data is goes out from a Web server, for example) , which is refreshing. --David Wall Topics covered: the state of the art in computer and network security, explained from the point of view of the system administrator wishing to keep bad guys out. A menagerie of recent viruses and attack profiles is followed by discussions of secure storage (with emphasis on encrypted file systems and local password authentication), data exchange via public-private key pairs and trust management system (including Kerberos, of course), network defence with firewalls and intrusion detection systems (IDS), and secure communications via the Secure Sockets Layer (SSL) protocol.

As a diverse collection of information--much of it at a fairly advanced level--White-Hat Security Arsenal: Tackling the Threats is a valuable primer on matters of computer and network security. The author doesn't offer specific instructions on how to harden your systems against attack, and doesn't go far in explaining how to build security into software you write. But he does offer good overviews of how particular manifestations of malice--such as Babylonia (a specific virus) and distributed denial of service (DDoS) systems (a broad class of attack)--work. Similarly, he details how security protocols and mechanisms--packet filters and the Secure Sockets Layer (SSL) protocol are two examples--go about their tasks. In brief, the book breaks little new ground, but it covers the familiar data communications security material extremely capably and with frequent reference to the most recent exploits of the bad guys. Rubin is at his best in explaining the details of security protocols, which rarely make intuitive sense. Using the proven "conversation" method of illustration ("Alice sends her public key to Bob..."), he untangles even the remarkably obtuse Diffie-Hellman algorithm. He backs the dialogues with the formulas that underlie encryption and authentication, and usually translates the simplified conversations into the actual messages exchanged by machines. This book is worth the cover price for its lucid explanations of how security protocols work. It also highlights places in which security technology is lacking (in making sure no unauthorized data goes out from a Web server, for example), which is refreshing. --David Wall Topics covered: The state of the art in computer and network security, explained from the point of view of the system administrator wishing to keep bad guys out. A menagerie of recent viruses and attack profiles is followed by discussions of secure storage (with emphasis on encrypted file systems and local password authentication), data exchange via public-private key pairs and trust management system (including Kerberos, of course), network defense with firewalls and intrusion detection systems (IDS), and secure communications via the Secure Sockets Layer (SSL) protocol.