.

Hacking Exposed Windows 3rd Edition Book Review

<<

LSOChris

Post Fri Feb 29, 2008 6:36 pm

Hacking Exposed Windows 3rd Edition Book Review

4 stars

Not bad for the 3rd iteration

Disclaimer: I received a review copy of HE:Windows.

The latest HE:Windows takes us toe to toe with Vista and Server 2008 and gives us a recap of some Win2k3 and Win2k knowledge. I was torn between whether to give this book three or four stars. I ended up giving it a four because it was well written, hit the majority objectives it laid out, and would be useful for someone that didn't have the two previous iterations, if you have the other two keep in mind there is a fair amount of content reuse and if you do this for a living, it may come up short of expectations.

The book covers a lot of ground but at the end I was left feeling like the authors were saying that if I was pentesting a Vista host or Server 2008 host/domain I should just call it quits. Going back and rereading a bit of the HE: Windows Server 2003 book I felt they said the same thing in that book as well. This obviously ended up being not the case, and I don't think will be the case with Vista and Server 2008 either. Its also not a viable option for any penetration tester.

Some examples of what I am talking about can be seen in Chapter 4 where the SMB enumeration examples only work against Windows 2000 and maybe Windows XP SP1. No mention of how to actually start pulling that information out from current environments. The Active Directory section reused the old content and made no discussion of any current tools or changes in 2003 environments and 2008 environments which have pretty much eliminated anonymous binds to extract information. Chapter 5, Hacking Windows Specific Services reused a lot of content which was disappointing, especially disappointing was the reuse of the smbrelay content, especially with tools that work much better like the smbrelay module in the metasploit framework.

The rootkit chapter is pretty good and talks about a rootkit I had never heard of (Unreal rootkit)..

Client side attacks has a decent update to it covering phishing, ActiveX, office and pdf exploits and a bit of cross site scripting, but refers you to the HE Web Applications book for more detail, which is fair.

Physical Attacks section is mostly the same with some updates on wireless, keyloggers and bootkits but mostly just overviews not followable steps.

Ch12 windows security features and tools is probably what pushed the book from a 3 to a 4. It covered bitlocker, Vista Windows integrity control, server hardening, stack protections, and others information.
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Fri Feb 29, 2008 8:13 pm

Re: Hacking Exposed Windows 3rd Edition Book Review

Thanks for the review.
<<

Dengar13

User avatar

Sr. Member
Sr. Member

Posts: 380

Joined: Tue Sep 20, 2005 8:43 am

Location: The Steel City

Post Sat Mar 01, 2008 11:05 am

Re: Hacking Exposed Windows 3rd Edition Book Review

Yes, thanks for your review.  This is one of my favorite series.
A+, Net+, MCP, CEH
MCSE: Security/Messaging
MCSA: Security/Messaging
Former U.S. Marine and damn proud of it!
<<

Mr. Roboto

User avatar

Jr. Member
Jr. Member

Posts: 67

Joined: Thu Feb 14, 2008 9:57 am

Location: Ohio

Post Sat Mar 01, 2008 5:47 pm

Re: Hacking Exposed Windows 3rd Edition Book Review

ChrisG,

I'm very glad you did a review of this book.  Thanks a lot. 

For those of us how have HE: Win 2K3, do you feel that there is enough new material to justify the purchase of HE: Win 2K8/Vista version?
A+, Security+, HDI Support Center Analyst, MCTS: Vista
<<

LSOChris

Post Sat Mar 01, 2008 6:19 pm

Re: Hacking Exposed Windows 3rd Edition Book Review

i'd flick thru it at the bookstore to decide for yourself but i would lean towards no you wouldnt need it.
<<

Mr. Roboto

User avatar

Jr. Member
Jr. Member

Posts: 67

Joined: Thu Feb 14, 2008 9:57 am

Location: Ohio

Post Tue Mar 04, 2008 3:35 am

Re: Hacking Exposed Windows 3rd Edition Book Review

I'm a sucker for the Hacking Exposed series and own several of the books.  I'll probably buckle down and buy this one too.  Sometimes I just can't help myself.

Thanks for your comments ChrisG.
A+, Security+, HDI Support Center Analyst, MCTS: Vista

Return to Gates

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software