Sponsored links

Valid XHTML 1.0!
Valid CSS!

Product: Book - Paperback
Title: Embedded Systems Design: An Introduction to Processes, Tools and Techniques
Publisher: CMP Books
Authors: Arnold Berger, Arnold S. Berger
Rating: 2/5
Customer opinion - 2 stars out of 5
A good primer but poor writing

I was tempted to give this book two stars because the topic is excellent, however Berger falls short of the mark. The book is aimed at beginners (quote: "A complete discussion of <X> would quickly drive all but the most dedicated readers into 'geek overload', so I'll end my discussion here."), but fails in that endevour by providing a patchy and incoherent text. The book is sprinkled with insights from "In the Trenches" which makes you doubt that he's actually ever been there.

Product: Book - Paperback
Title: Oracle PL/SQL 101
Publisher: McGraw-Hill Osborne Media
Authors: Christopher Allen
Rating: 5/5
Customer opinion - 5 stars out of 5
It is a great book for beginners

I am learning Oracle now in the biggest computer school in Beijing. All of our classmates think this book is the best one we have read for beginners.

Product: Book - Paperback
Title: Programming Jakarta Struts, 2nd Edition
Publisher: O'Reilly
Authors: Chuck Cavaness
Rating: 5/5
Customer opinion - 5 stars out of 5
very thorough coverage

There are now several books on the market about Struts. The biggest strength I've found in this book is how each of the topics are explained well. Many of the other books cover a lot or show some neat examples but they don't seem to explain them in as great as detail as this author does. You really get a good understanding of what is going on based on his clear writing style. Since Struts is constantly advancing there are some things not covered in this book, but this book will definitely get you grounded in a true understanding of the concepts.

Product: Book - Paperback
Title: The Tao of Network Security Monitoring : Beyond Intrusion Detection
Publisher: Addison-Wesley Professional
Authors: Richard Bejtlich
Rating: 5/5
Customer opinion - 5 stars out of 5
Beyond Intrusion Detection

Every once in a while you come across a book that really opens your eyes. One that talks in-depth about something completely different. Unfortunately, most technical IT books are rehashes of a bunch of papers and tutorials off the net, and you often wonder whether the time you spent reading the book would have been better spent on google.

The Tao of Network Security Monitoring is not one of these books. It is with great pleasure that I am reviewing what I consider one of the most informative and well written books I have ever come across.

Network Security Monitoring (NSM) is half a science, and half a black art. It requires an in-depth knowledge of packets, protocols, applications, vulnerabilities and black hat tactics. This book focuses on the philosophy behind NSM, the skills required, the tools you need, and the way to set up an effective NSM operation.

The author, Richard Bejtlich, is a former Air Force intelligence officer, and the approach he dictates is almost military in nature. This book covers an introduction to security, what NSM is, how to deploy it, the best tools for the job and the types of things you will see.

I was most impressed by the analysis of normal versus suspicious versus malicious traffic. Since deep packet inspection is one of my hobbies, I am no stranger to reading data off the wire, but I was amazed by the amount of information this man was able to glean by looking at a simple DNS packet !

He explains the differences between full content data (logging everything to the application layer), session data (looking at just the different conversations between hosts), and statistical data. Everything in this book is practical, you can even go to the website and download the same packet traces he uses for explanation and run through them yourself.

This book taught me about a host of new tools, from Argus, to the incredible SGUIL. It taught me a lot of tricks about designing a top notch NSM collection and analysis setup, and more than anything, it introduced me to a completely new mind-set.

In short, this is at present the most enlightening book on my IT bookshelf. I strongly recommend it to anyone who is involved with networks or security. It will be of special interest to the sort of people who get a rush ripping up packets and understanding what happens below the surface. It also goes really well with firewall.cx, since most of the protocols talked about are explained here in detail.

If there is one disappointment, it's the absence of an included CD-ROM containing tools, or perhaps a live FreeBSD CD (Freebie) like the one he introduces in the book.

This one gets a scorching 5/5. Get it now, and open your mind !