In my full-time day job, I am, for lack of a better term, a "webmaster," meaning that I update content on a very highly-trafficked website on a daily basis. On our team we also have a number of individuals who maintain our server farm and actually engineer the site code, so while I don't directly work with incoming traffic or network security protocol, our company is small enough that I have to constantly be aware of new security trends and the like to keep our site safe.
This is why the book Cyber Adversary Characterization: Auditing the Hacker Mind (Syngress Press) struck me as a tome that might be particularly useful in my line of work. The title led me to believe that the volume would be filled with case studies of hacking incidents and psychological profiles of "types" of hackers, and while the book does contain a few such examples, this is not its primary focus.
Following what I thought was a difficult-to-read foreword by Jeff Moss, the first chapter provides (in brief) the kind of information I was hoping to read--a couple of case studies containing some psychological insight into the hacker mind, as well as a broad overview of the goals of the book.
From there, however, the book delves deep into somewhat complicated metrics and formulas designed to help a network administrator or security auditor analyze a network, determine what type of attack might take place, and how to initiate steps to prevent such an attack. Also covered are formulae geared towards disassembling an attack after the fact, as sometimes it just isn't possible to predict how or why a particular type of attack on a website or network might occur.
While the book is heavy on metrics, formulae and tables full of numbers that are more-or-less meaningless to non-network administrators, the principles behind the numbers are solid, and are useful in creating a generalized overview of how secure a site or network is, or where an attack may originate from. The book, however, concludes with a fascinating chapter containing a description of an attack from start to finish. Sure, it's a touch geekier than, say, a Michael Crichton novel, but it is still interesting nonetheless and is a nice close to an otherwise challenging read.
.jpg?t=20120527181101)
Article comments