Secrets of Computer Espionage: Tactics and Countermeasures
* Covers electronic and wireless eavesdropping, computer surveillance, intelligence gathering, password cracking, keylogging, data duplication, black bag computer spy jobs, reconnaissance, risk assessment, legal issues, and advanced spying techniques used by the government
* Author shares easily-implemented countermeasures against spying to detect and defeat eavesdroppers and other hostile individuals
* Addresses legal issues, including the U.S. Patriot Act, legal spying in the workplace, and computer fraud crimes
* Companion Web site contains links to security tools and useful security information resources
Rating: 
(out of 13 reviews)
List Price: $ 35.00
Price: $ 15.00
Hacking For Dummies-
A new edition of the bestselling guide-now updated to cover the latest hacks and how to prevent them!
It’s bad enough when a hack occurs-stealing identities, bank accounts, and personal information. But when the hack could have been prevented by taking basic security measures-like the ones described in this book-somehow that makes a bad situation even worse. This beginner guide to hacking examines some of the best security measures that exist and has been updated to cover the latest hacks for Windows 7 and the newest version of Linux.
Offering increased coverage of Web application hacks, database hacks, VoIP hacks, and mobile computing hacks, this guide addresses a wide range of vulnerabilities and how to identify and prevent them. Plus, you’ll examine why ethical hacking is oftentimes the only way to find security flaws, which can then prevent any future malicious attacks.
- Explores the malicious hackers’s mindset so that you can counteract or avoid attacks completely
- Covers developing strategies for reporting vulnerabilities, managing security changes, and putting anti-hacking policies and procedures in place
- Completely updated to examine the latest hacks to Windows 7 and the newest version of Linux
- Explains ethical hacking and why it is essential
Hacking For Dummies, 3rd Edition shows you how to put all the necessary security measures in place so that you avoid becoming a victim of malicious hacking.
Rating: 
(out of 17 reviews)
List Price: $ 29.99
Price:
Rating:
As co-owner of a small business I read “Secrets of Computer Espionage” with interest, particularly since I thought that running a firewall and virus protection made my system fairly safe from intrusion. Hardly.Consider the book required reading if you run any flavor of Microsoft Windows and need to keep private information private, and especially if your computers support external data connections (read: internet or external access). McNamara covers a wide range of possible computer attacks from the mundane to the geeky-obscure. And he discusses the reasonable likelihood of each different type of attack along with how to identify and defend against them.He also keeps the book common-sense, such as don’t invest tens of thousands of dollars in attack-hardened hardware and software if you leave your building unlocked. He talks about physical access restrictions, company security policies, and other considerations regarding the ultimate goal of keeping the contents of your computer system safe – points that some computer security books overlook.Finally, I love that McNamara injects humor, a conversational tone and many case studies into his book. It turns a potentially dry topic into an enjoyable read.
Rating:
Warning: This book will make you paranoid.It shows you just what kind of problems you face in securing your computers and life in the current legal climate. it shows just what can be done to you legally without papers being served on you. The current laws concerning wiretaping and gathering of evidence. How black bag operations are planned and committed. How your systems can be monitored in many many ways. The book is current as of 2003 and includes information on the oxymoronically named “Patriot Act”, as well as CALEA and other laws that remove your privacy from people with guns and an excuse.And then there are the illegal ways.The book does into a level of depth that the current law enforcement community would not want you to know. And you do want to know, even if you don’t have anything to hide. (And everyone does have things to protect. Your reputation, your credit information, where you keep your money, not to mention those things that may be unpopular with someone somewhere.)Well worth getting if you have any interest in security, computers or otherwise.
Rating:
You and your computer face a dizzying array of security threats, writes tech consultant Joel McNamara. Competitors, cops, crooks and even disgruntled kin would love a peek at your hard drive. But don’t hyperventilate just yet. If you calmly analyze the desirability and vulnerability of your secrets, you can figure out how to protect yourself. McNamara’s prose is surprisingly clear given the degree of difficulty of his topic, and he offers a number of useful sidebars, charts and examples from inside the tech business to juice up his instructional tome. We suggest this practical book to managers charged with protecting corporate data, and to people who are unsure just how safe their computers are.
Rating:
Judging from the title, Secrets of Computer Espionage: Tactics and Countermeasures would appear to be geared to governments, security agencies, or high-level corporations. In fact, as the author makes clear, anyone with an Internet connection is a potential target of online espionage-even by such “mundane” means as viruses, worms, and phishing attacks-and this book is addressed to that huge audience.
Just who is spying on whom? The author explains that the typical person might be a target of bosses, friends, family members, hackers, and many others. Even people with nothing confidential or of value on their computers risk getting caught up in espionage and other cyber capers. For instance, hackers can use their computers as vehicles for staging attacks or as a location for storing illicit files, such as child pornography. And as more cell phones and PDAs connect to the Internet, the risks multiply.
What may be disturbing to some readers is that every computer device and peripheral provides at least one avenue of attack. The author explains many of these schemes, such as keystroke loggers and cleartext file transfers via file transfer protocol (FTP). In addition, operating-system and application-level vulnerabilities constitute even more ways that systems can be compromised.
Despite the grim picture painted by the author, the book isn’t intended to make readers paranoid, but rather to acquaint them with the many risks posed by the Internet. This excellent book shows that someone quite possibly is out to get you, but it provides the tools to protect yourself.
Rating:
Joel McNamara’s book is one of the very, very, few books that I classify as a “Must Read” for anyone involved in business or technology. This book does an amazing job of avoiding the “paranoia for paranoia’s sake” tone seen so often in computer security books while still taking the issues seriously and discussing them intellegently. The conversational tone is fun and often quite funny while not making the user feel talked down to. And Mr. McNamara does an equally great job of explaining very complex topics in way that works for both extremely sophisticated computer technology professionals and non-techies alike. I’ve brought this book around for side-discussions in the seminars I’ve given since it came out and my students, ranging from small business owners to 30+ year professional tech veterans in Fortune 50s have learned new and important lessons from it. For a book to address all these audiences is rare. For a book to succeed and be invaluable for all of them is virtually unheard of. This book succeeds amazingly well.I’ve not only read the book through in one sitting, I keep referring back to it and it’s incredibly useful web site on a regular basis.Joel, thank you for writing one of the key books of the year!
Rating:
I used to wonder why anyone would want to break into my computer, there’s not much there of any interest. Even I don’t find it all that interesting. Then one day I was puzzled when my ISP asked why my machine was putting out millions of bytes of stuff to the point where it was bogging down their T1 line. I didn’t know. We unpluged the machine from the network and it stopped sending. We plugged it back in and it wasn’t sending. But the next day it was.
It wasn’t until we got an e-mail telling us to stop sending out copyrighted movies that we realized what had happened. It wasn’t anything in my computer they wanted, it was the bandwidth. Knowing what to look for it wasn’t all that hard to stop. Google quickly provided links on this problem.
This book is aimed at people just like me. It gives an overall, if fairly light, view of the overall security problem. Like the other For Dummies books it has a writing style that doesn’t (quite) put you to sleep. It has enough humor to enable you to get through it. It won’t make you an expert, but it will point out the problem areas so that you can go deeper into those that are important to you. It’s a good introduction.
Rating:
The media often mistakenly characterize hackers as bored technical geniuses. In truth, most hackers, as the media use the term, are not geniuses; they are simply adept at downloading hacking tools that do all of the dirty work for them. These so-called script kiddies often do not know what they are doing until the damage is done.
From the perspective of the victimized company, however, it’s not really important who is doing the attacking; all that matters is how organizations can protect themselves from myriad attacks and tools. Hacking for Dummies is written on the premise that to catch a hacker, you have to think and behave like one. This is a well-written and engrossing book that helps the reader understand how hackers compromise computer systems and networks. Its clear, easy-to-read style won’t intimidate readers unfamiliar with abstruse security terms and concepts.
The 19 chapters progress from the basics of security to the hardening of an operating system and the hacking of Web applications. While the reader is not expected to have a deep technical background, the book does go into some detail, as it must to provide a hands-on approach. For a high-level theoretical approach to network defense, look elsewhere. This is a down-and-dirty tool for ensuring that the organization’s systems and network are secure.
Rating:
Update (11/2008): My review below is based on the first (2004) edition. In a comment, the author calls the second, 2006 edition substantially different. So, I reviewed the 2006 edition table of contents, except, and index available on amazon. The excerpt and table of contents did not seem substantially different to me. The primary substantive change in the excerpt (Chapter 1) are the bits about the “rogue insider”; much of the writing is word-for-word identical to the 2004 edition. Maybe the other chapters are “substantially” reworked (the index suggests many changes) but the chapters’ titles, order and lengths are not much different in the 2006 edition.
This book should be titled “penetration testing” with the subtitle “without any actual information on how to go about penetration testing, per se”.
There are two schools of thought about disseminating detailed information on exploiting security vulnerabilities (that “it’s a necessary evil” and “it’s immoral”). So, the author is in good company to be in the later group.
Only, why then WRITE A BOOK entitled “Hacking”? The title seems close to fraudulent to me. Anyone hoping to find out how to crack from this book is going to be sorely disappointed. For example, while password cracking is passably well-covered, there isn’t even a mention of how crackers get their hands on password files. The author spends only two paragraphs and a few bullets on rootkits–treating them like viruses or worms–despite the fact that they are critical cracker tools. There is a lot of discussion of portscanning without any discussion of how to penetrate the systems you’ve scanned.
So, you say, “Who cares about would-be criminals!?” Ok, but this book is not going to provide much real value to would-be white-hats either. You will find very little concrete advice on penetrating client systems from this book. However, the book does have quite a bit of advice and a number of tips about setting-up the gig (e.g., “Agree in writing”), general issues (e.g., “Don’t test production systems during business hours.”), and how to write the report (e.g., “prioritize vulnerabilities”).
Actual admins will find very, very little of value. The “Plugging security holes” chapter is only five pages long! The tips sprinkled around are often poor or abstract (or common sense). The book provides little information on how attacks will occur. And it’s quite marginal in describing the hacker psyche.
The book is full of links to software. But then so is Google and this book won’t help much in choosing between most of them (i.e., my favorite tools were barely mentioned
.
I did (finally) identify a group who might benefit from this book: people who HIRE penetration testers–by educating you about how the process works. (Without giving away any of the trade secrets that might allow you to be self-sufficient!) It might also be a broad (shallow) introduction for the complete novice to security in abstract.
Rating:
This is a great, easy to read and use reference for both non-technical business leaders as well as IT professionals. It is also a great resource for home computer users, and small- to medium-sized businesses who often do not have the resources to hire dedicated security staff. The book covers the entire spectrum of ways in which computer systems can be compromised and attacked, an easy-to-understand description of how the exploits are executed, and, usually lacking in other reference books on this topic, step-by-step instructions for not only how to identify when the hacks occur, but also how to defend against them. Kevin Beaver also includes some very important warnings you need to keep in mind when performing your own vulnerability and hacking tests against your own network and systems to discover your own technical weaknesses.
Rating:
There is certainly no shortage of books in this genre- Counter Hack, Hack Attacks Revealed and the best-selling Hacking Exposed (and all of its spin-offs) have covered this information in grueling detail. What sets this book apart is that it does not assume you are already a CISSP or network security guru. Being a “For Dummies” book means that it is written from the assumption that you don’t know anything and the information is written in plain English and in terms that even a child could often understand.
One of things that makes “For Dummies” books like this one great is the use of humor and icons to help lighten the information while also pointing out the key points and highlighting the “need to know” information. Hacking For Dummies walks the reader through basic computer and network security and progresses through various topics of hacking such as hacking applications or hacking various operating systems.
Anyone interested in this topic, but especially those who are new to the world of computer and network security, should read this book. It is great on its own, but also provides an excellent foundation for someone interested in proceeding to more detailed works such as Hacking Exposed.
(…)