Security Warrior. By Cyrus Peikari and Anton Chuvakin; published by O'Reilly & Associates, 800/998-9938 (phone), www.oreilly.com (Web); 552 pages; $44.95.
As is the case in the physical world, when providing computer security the optimal approach is to be proactive. Security Warrior is about taking such a preventive approach to computer predators.
Attackers are often highly skilled, and the authors have adopted the premise that the only way to defend a network is to understand the motives of a hacker. With its peek into hacker psychology, this book isn't for the fainthearted.
Nor is it for novices. Chapters one through five mine the nitty-gritty of assembly language and software engineering of Windows and Linux systems. These chapters and much of the rest of the book delve deeply into the "C" programming language, so basic familiarity with that language is highly recommended.
Ensuing chapters go from the network layer to various software platforms, detailing the precise steps that an attacker will take to enter a network or software application. The vulnerabilities are clearly defined, but the book really shines when it provides detailed instructions on how systems can be protected.
Security Warrior is written for advanced system administrators charged with network or system security. Corporate security professionals may be intimidated by the book, but they would do well to get a copy to the appropriate person in their organization. That would be the proactive thing to do.
Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a New York City-based senior security consultant with ThruPoint, Inc. He is a frequent contributor to this column, as well as a member of ASIS International.