Sponsored links

Valid XHTML 1.0!
Valid CSS!

Product: Book - Hardcover
Title: The Art of Deception: Controlling the Human Element of Security
Publisher: Wiley
Authors: Kevin D. Mitnick, William L. Simon, Steve Wozniak
Rating: 5/5
Customer opinion - 5 stars out of 5
A Must Read for security professionals

If you have any interest in IT Security, you need to study Social Engineering, and this book is a great resource. It's truly amazing how effective Social Engineering can be against security systems of any kind.
I was a former victim of Kevin's exploits. He gained access to our network through an elaborate pretext; gaining access to systems that were secured by firewalls, dial back modems, extensive security policies and (unfortunately) many humans like myself. Everything but the humans worked flawlessly.
The art of the con is as old as anything. Con artists know that any system, yes ANY system, can be compromised as long as humans are involved. All the technology in the world (alone) isn't going to stop a creative and motivated social engineer.
Sadly, the focus of IT security today is on technology and technology alone. Very little attention is paid to the topic of social engineering and how to mitigate this threat. `Human nature' is, once again the culprit here, as people view controls that reduce social engineering threats (strict process controls, seemingly redundant and repetitive procedures) as unnecessary or overly paranoid.
This book goes a long way to illustrate the wide applicability of this type of threat, even describing social engineering attacks against the traffic court systems and the Social Security Administration.
This book is a `must read' for any serious security professional, and a very interesting read for anybody wanting a look at the way a real hacker's brain works.

Product: Book - Paperback
Title: Inside Com (Microsoft Programming Series)
Publisher: Microsoft Press
Authors: Dale Rogerson
Rating: 5/5
Customer opinion - 5 stars out of 5
Good luck finding a better intro book

This book is about as good as they come. Dale Rogerson should be commended. I've been in this field longer than most and can safely say this is one of the best intro books I've ever read. Clear, concise and straight to the point. No bloated examples that run for 200 pages. Just tiny and very simple snippets of code demonstrating the precise mechanics of how to develop a COM object from scratch. Target audience is C/C++ developers with a Microsoft compiler background though others will benefit as well. Don't listen to the naysayers on this one. This book is terrific.

Product: Book - Hardcover
Title: Programming Microsoft ASP.NET
Publisher: Microsoft Press
Authors: Dino Esposito
Rating: 4/5
Customer opinion - 4 stars out of 5
Good Tech. but not a good presentation and tough langauge

Its good to know the underpinnings of any technology. But my sincere suggesstion to Dino would be to consider making the presentation technique an interesting one with a complete practical exapmle for any future books he writes or perhaps a revised edition of the same book . As of now all examples are unrealistic and also just bits and pieces. Examples could be more realistic and complete, that can be applied to a more practical scenario. Even a technical description, if it goes with a good and fairly simple example that can be applied to a practical scenario, it would make the book a great success and will make more people read. To say the truth, I use this book just to glance through when I have doubts but the title means that you can use it to learn ASP.NET. Because of the language, presentation and examples used, I dont get motivated to read it continuously. But the teachnical stuff is really good. Its just the language, presentation and examples needs to be refined and improved. In general, a useful book for ASP.NET if anyone wants to get a in depth knowledge of ASP.NET.

Product: Book - Paperback
Title: Network Intrusion Detection (3rd Edition)
Publisher: Sams
Authors: Stephen Northcutt, Judy Novak
Rating: 5/5
Customer opinion - 5 stars out of 5
Required reading for effective use of an IDS

Stephen Northcutt is one of the fathers of intrusion detection, and his book complements Bace's...
Northcutt's seminal work with the "Shadow IDS," a network monitoring tool developed by the U.S. Navy, was a forerunner of most contemporary IDSs.
With his experience and knowledge conveyed throughout his writings, Northcutt details varied types of intrusions and discusses how an IDS should respond. His book is invaluable to anyone responsible for intrusion detection or anyone who needs to understand attack techniques and the forensic tools needed to detect and document them.