Sponsored links


Valid XHTML 1.0!
Valid CSS!



Product: Book - Paperback
Title: The Tao of Network Security Monitoring : Beyond Intrusion Detection
Publisher: Addison-Wesley Professional
Authors: Richard Bejtlich
Rating: 4/5
Customer opinion - 4 stars out of 5
A coherent approach to Network Security Monitoring


As commercial websites and networks get built out, some companies find that their network becomes the nervous system of the organisation. The ubiquity of email and browsing, and the storage of much corporate information on a network, has led to a vital need to defend it.

The good news, in part, as pointed out by Bejtlich, is that you, the sysadmin, have available a very powerful set of free, open source tools, to scrutinise the network for anomalies. Tcpdump, Tethereal, Ethereal, Snort, Editcap, Mergecop, Tcpslice, etc. All free and supported by communities of developers. But these are not trivial to use. For example, Ethereal and Snort each have entire books devoted to them. Not surprisingly then, a large portion of this book discusses using the many tools. You do not necessarily need to use all of them. But as a sysadmin, you need to be generally aware of the different capabilities of the major tools, and how to best use them. Some explanations also include screen captures from their UIs, to give you a better idea of their operation.

But the book is more than just a collection of tool explanations. Bejtlich also promotes an overarching coherent approach to network security monitoring, that rises above the operational details of any tool. Much more qualitative than the specific details of using a given tool. But ultimately, this approach may be the most enduring value of the book.



Product: Book - Hardcover
Title: Hackers and Painters: Big Ideas from the Computer Age
Publisher: O'Reilly
Authors: Paul Graham
Rating: 5/5
Customer opinion - 5 stars out of 5
A great collection of essays about the Hacker world


I saw this book on O'Reilly's site and was quite interested, so I ordered it. The quick review? It was a very interesting read, and at least half of it is understandable to people with all varieties of computer knowledge, as Graham is very good at explaining things simply.

It's basically a collection of essays that Graham (a Lisp programmer, an artist, and one of the parners who started Viaweb, which produced a web-based online store creator which was bought by Yahoo! and to this day runs the Yahoo Store). The essays all flow very nicely with each other, so there are few parts in the book that feel random. And definately go from easy to understand to everyone, into more complex as the book goes on.

He explains a lot of typical "Hacker" (good programmers, not people who illegally break into computers!) culture, and compares it to other art forms. He starts out by explaining nerds, and why they are so unpopular in school, a fun chapter that makes me feel a bit better about being such a nerd in High School. The book goes into internet startups, programming languages, and it's only in the last three or four chapters that he gets into specifics which may lose the ordinary reader. Still, from the chapters preceding those you get a great snapshot of the Hacker world.

I was very pleased with how he used his artist background to draw historical and artistic parallels between the art world and the computer world. And these strong associations really made this book different from others that I've read hacker culture.

This book was definately worth my time.



Product: Book - Paperback
Title: A Programmer's Guide to Java (tm) Certification
Publisher: Addison-Wesley Professional
Authors: Khalid A. Mughal, Rolf W. Rasmussen
Rating: 4/5
Customer opinion - 4 stars out of 5
Useful, but maybe more than enough


This book covers all the areas and concepts u need to know to pass the exam. If you really go through the book and try the questions, the exam is not a problem for u. (the questions in this book are more difficult than those in real exam) However, seems to me that this book is just trying to present all the facts, possiblities and combinations of java, without proper explanation or any indication on whether the concepts is required or it is just for reference. Using this book to prepare the exam requires you to memorise lots of facts and rules, in which quite a lot of them are not necessary. It is because, many of them can be deduced once u know the main principles, or just because they are not included in the exam objectives. In conclusion, the concepts discussed in this book are more that the exam required, and one may take quite a lot of time to digest them all. ( it is good for java programmer anyway =) )



Product: Book - Paperback
Title: J2EE Web Services
Publisher: Addison-Wesley Professional
Authors: Richard Monson-Haefel
Rating: 5/5
Customer opinion - 5 stars out of 5
Just ok!


This book will teach you the basics you need to know about developing web services,it focus's on how to build Web services from Java and J2EE.Anybody who has a reasonable understanding of Java, J2ee and XML can easily cope with it.