All,

I may have been dreaming as I have been unable to find any proof after the fact, but in case I'm not crazy (not likely according to the missus ) I have a question to ask.

I once read a sample chapter for an IT security book online, possibly EH-net but I can't find it. The book detailed 'offensive' security practices (not the training company) were admins could use configurations and tricks to thwart intrusion attempts, such as bogus DNS entries such as 'rm -r /' to kill an attackers machine parsing zone files. The book dealt with fictional scenarios going through each from both an attacking and defensive viewpoint.

Whilst I have no idea how technically good, correct or advisable the book is as I only managed to read a few pages, it was an interesting read and I would quite like to get my hands an a hardcopy.

I know this isn't technically a book 'review' but I couldn't think of a better forum for my plea for help. If anyone can help me out with the title I'm looking for I'd greatly appreciate it.

BillV,

looks exactly like what I was looking for, thanks man.

No problem.

Also, here's a thread I started a while back about that book.

Thanks to BillV know now what I was looking for,

quick Google and I've found the sample chapter that whet my appetite in the first place. Enjoy people
http://johnny.ihackstuff.com/downloads/task,doc_details&Itemid=/gid,36/

Just finished this book , so as promised here is my mini review.

The subject of the book revolves around the concept of a 'strike back' or 'hack-back', regardless of the term used it is primarily about aggressively protecting your network and/or devices. The idea was proposed in a paper by Timothy Mullen, and whilst the original article is included in the book it is towards the end (Chapter 10). Personally I feel the book could have been more coherent if this were moved to the start of the book, possibly as an introduction.

The first part of the book has 8 fictional scenarios in which you see both the initial attacks and the strike back attempts. Each chapter deals with a different subject matter and in places delves quite deeply into the technical processes involved. For example, chapter one deals with trojan software written for PDAs, and describes both Windows Mobile forensics and assembly code analysis/modification. Another of the chapters is the sample chapter posted above.

Due to the bredth of scenarios covered I am not an expert in all of the subject matter covered in the book, but in the areas where I felt most comfortable I had no issue with the technical information provided. Begrudgingly I'll admit that on more than a few occasions I though, 'oooh, wish I'd thought of that'. Unfortunately, this was often quickly followed by 'maybe that's not something I want to do after all'.

One aspect of the material that could have been covered better is the legal and ethical implications of adopting the strategies covered by the book. This isn't surprising given the topic in question and is probably a wise move by the authors and publishes to skip over this aspect. From my perspective I won't be keen to try any of examples in a live network, if anyone feels braver than me I would be interested to know your results.

If you are new to the field of computer security then this probably isn't the best option if you're on a budget. However it does give a fairly good impression of 'live' security events and in places could easily be anecdotes of seasoned veterans. Overall I'm glad I have taken the time to read this book, whilst it may not have any immediate impact to my working practices iit has opened my eyes potential dangers that I was unaware of, and managed to do it in a readable and entertaining manner.

If you've got the spare time and finances then I'd recommend this as an entertaining and informative resource.