Counter Hack: A Step-by-Step Guide to Computer Attacks and Effective Defenses

If you have experience, the first 144 pages are a complete waste.
The author provides a review of TCP/IP, Unix and NT in 144 pages.

I have no doubt that the author is a seasoned professional. He even makes mention of the fact that he provides advice to the groups of authors who make the SANS security publications. Maybe he does, but this book is not written very well.

If you actually read this entire book, you'll find yourself
saying "I've read this somewhere else". Don't get me wrong, buy the book only if you have not read other security books. There are others that you should get before you read this one.

Rating:
Summary: worth the money
Review: Akhou sha7ta,this easy-to-use, step-by-step guide will empower network and system administrators to defend their information and computing assets-whether or not they have security experience. In Counter Hack, leading network security expert Edward Skoudis presents comprehensive, insider's explanations of today's most destructive hacker tools and tactics-and specific, proven countermeasures for both UNIX and Windows environments.

Whatever your role in protecting network infrastructure and data, Counter Hack delivers proven solutions you can implement right now and long-term strategies that will improve security for years to come.

Rating:
Summary: Excellent and an easily readable security book
Review: Counter Hack is a great book overall. It encapsulates all that should be a good technical book. It's easy to read, easy to follow, contains lots of useful information, and doesn't bog down the reader with useless specifications or incredibly obtuse details.

From the view of a security newbie, this book provides an all-encompassing view of hacking and counteracting it. The book starts out with a simple introduction to various system and network technologies, and then details the ways to hack into, and then prevent hacking into these technologies. The book takes a great view in each chapter. First it explains the evil hacker's view and how they could exploit vulnerabilities and weaknesses. Then it follows it up with how to shore everything up and prevent such hacking.

This book also goes into the tools, websites, and methods to hack and to counter hack, providing an invaluable reference without annoying the reader with too much information. Include this with its remarkable readability, and I would say this should be required reading for anyone administrating networks or writing software applications.

In short, I could not imagine a better security book around.

Rating:
Summary: Absolutely FANTASTIC!!
Review: Counter Hack is arguably one of the best introductions to applied information security available today. I rank this book right up there with such classics as 'Secrets and Lies' by Schneier and 'Hacking Exposed' by Scambray, McClure, and Kurtz. In fact, Counter Hack may be the perfect supplement to these two classics because it provides the microscopic detail not found in Secrets and Lies as well as the articulate explanations not found in Hacking Exposed.

Counter Hack is good in many ways. First, it is highly readable. Ed Skoudis is one of those rare, gifted writers who can take an extremely complex technical subject and convey it in a manner that is both easy to follow and entertaining at the same time.

Second, Counter Hack is well organized. The book starts by providing valuable background information on networking, Unix, and Windows and then proceeds into chapters on reconnaissance, scanning, application and OS attacks, network attacks, DoS attacks, maintaining access, covering tracks, and "Putting It All Together" in which three actual attack scenarios are examined in detail. The book concludes with a discussion on the future of information security and with a list of resources for "keeping up to speed".

A third reason I like Counter Hack so much is because it covers the most relevant attack tools and methods of the day. Nmap, Nessus, netcat, dsniff, buffer overflow attacks, web application attacks, address spoofing, DoS attacks, trojans, rootkits, and much more are all covered in great detail. The sections on nmap, netcat, buffer overflows, and address spoofing are the best I've seen anywhere.

Finally, Counter Hack provides numerous links to valuable resources on the web. Most of these links are provided inline with the main text of the book and in general, this works out just fine. In a future edition, however, it would also be nice to see these URL's combined into a centralized list somewhere (perhaps as an Appendix).

Counter Hack is absolutely one of the best introductions to information security that I have ever read and IMHO, it's destined to become a classic. I learned something new in nearly every chapter of this book despite the fact that I have read numerous infosec books prior to this. Stated simply, Counter Hack has a very high signal to noise ratio. This book is refreshingly well written, rich in content, and very detailed. Ed Skoudis is obviously a highly skilled information security professional, but more importantly to me, he is also a skilled writer and teacher. I look forward to reading more titles from Ed in the future.

-krypt0, MCSE, CCNA

Rating:
Summary: Skoudis Knows His Stuff
Review: Ed Skoudis has written an excellent book on the subject of computer attacks and effective defense. Counter Hack is well-written and informative, while also being fairly easy to read. Mr. Skoudis manages to make seemingly dry information into an enjoyable read. Rather than simply naming tools or displaying a list of command line switches to use with tools, he weaves the tools into the paragraphs providing more detailed and useful descriptions that help you understand how you would apply the tool in your situation. This book makes an excellent primer for Mr. Skoudis interactive CD course- The Hack-Counter Hack Training Course. Overall this is an excellent book- one of the best of this genre. I highly recommend this book to anyone.

Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security (http://netsecurity.about.com), providing a broad range of information security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security (http://www.tonybradley.com).

Rating:
Summary: A useful and logical approach to a complex topic.
Review: Enter: The Hacker. Throughout the years, there have been many articles, papers, and books that attempt to describe what a hacker does and how one thinks. Typically, these have focused upon either one specific detail or incident publicized in the media, or one specific incident or experience in the life of the author, and as such, they have not had a great appeal to the majority of the intended audiences. Any book focusing on information security will have two major types of readers; Information security or IT specialists with a few years of experience in the industry, and people who are looking for introductory knowledge and who are beginning to learn about information security.

Counter Hack offers introductory knowledge in information security to anyone interested in the filed. Ed's methods of explaining advanced concepts compares to the methods of some of the finest university professors that I have had the pleasure of learning from. He often begins on a personal note, explaining in lay man's terms the details of what would normally be considered a difficult or abstract concept. He then follows with technical details, and provide examples that drive home the points he was trying to make.

For the seasoned professional, there is still quite a bit of information that would be beneficial - no matter the area of IT or information security. Ed puts an interesting - and often funny - twist on the angles he uses to describe hacker styles. No one person will remember every tool, method, or example that comprises the sum of his/her experiences. In this case, Counter Hack serves the requirement for a reference book on Hacker tools and methods. If you're looking for a way to explain to management how a particular vulnerability was exploited on your network, find the appropriate chapter, and look at how Ed did it.

Ed Skoudis has taken the sum of his experience in working with, dealing with, and responding to hacker and cracker incidents, and formulated his thoughts into a methodical approach to explaining the tools, practices, and methods surrounding this environment. Counter Hack is one of, if not the, finest book to date that I have had the pleasure of reading on this topic.

Jeffrey Posluns, CISA, CISSP, SSCP, CCNP
Chief Technology Officer
SecureOps, Inc.

Rating:
Summary: This book is a keeper !!
Review: For those of you out there who are new to computer security, or who understand theory and concepts and want some practical explanations about what's out there, this is a book you cannot do without. If you are really serious about wanting to know details about what you are up against when protecting your organization, or your PC from attacks you will not just want to glance through the book but read it from cover to cover. The is not a book that will teach you theory about encryption, PKI and all the mathamatical and computer science concepts that Computer Science or Computer Engineering majors usually learn. There are plenty of good books out there for that. This book is more of a practical hands-on approach to how attacks are executed and how to stop and defend against them.
Ed Skoudis has really done a phenomenal job presenting the material in an organized, easy-to-follow format without making it like a 'security for dummies' type of book. He gives you knowledge and techniques you can apply. Ed begins with 3 chapters on the basics of TCP/IP, UNIX and Windows NT/2000. I found these three chapter very helpful in preparing for the rest of the book even though I have read books on and worked with all three before. Ed presents a few ideas about the vulnerabilities of these systems without going into detail. That comes later. Then he serves up the main course. The 5 phases of an attack are outlined and the following is a brief description:

Phase 1: How do attackers do research on their targets ? This includes web sites where they look up their info, social engineering techniques, etc.
Phase 2: How do they find vulnerable systems ? This includes war dialers, port scanners, network mappers etc. He also gives you detailed information about where you can find these tools how to use the most popular ones and how they actually work internally.
Phase 3: What can an attacker actually do once he has found the vulnerabilities in your system and breached security ? This tells you about cracking passwords in UNIX and NT, how to attack web apps by finding bad cgi scripts, stack buffer overflows, packet sniffing, IP spoofing, etc. This once again has detailed explanations on where to get the tools and how they are used.
Phase 4: How does the attacker maintain access to the system ? This tells you about trojan horses, back doors, Rootkits, etc
Phase 5: How does the attacker cover his tracks ?

Ed finally ties it all together by describing attacks using the phases and tools he talks about above with examples along with a discussion of mistakes made by system admins. I should also mention that for all the attacks mentioned in the book, Ed always fills you in on how to defend against them so you don't feel like you are fighting a losing battle as a system admin. The book is written in a way that is very easy to follow. It is almost like someone standing in front of you in a classroom and explaining things to you. Ed uses personal experiences along with light-hearted comments about system administrators and hackers that will make you smile so that the reading doesn't stay too serious.

This book is worth reading and keeping as a reference. I gave it 5 stars because it is the best book I have seen on practical computer security.

Rating:
Summary: Excelent
Review: Good book dinamic and simple. it does not use complicated words and easy to fallow.

Rating:
Summary: Simply magnificent. Start here to learn digital security.
Review: I am a senior engineer for network security operations, who has taught SANS, InfraGard, and FIRST audiences. Since late 1998 I've been looking for the one book I could recommend to newcomers to the digital security realm. Ed Skoudis' "Counter Hack" is that book. My previous reviews show I don't shelter weaker books, and I reserve praise for truly deserving titles. "Counter Hack" is a solid, accessible, practical title that merits my highest recommendation.

"Counter Hack" contains all I could ask for in an introductory book. Chapters three (30 pages) and four (40 pages) provide the basics of UNIX and Windows (respectively). For each operating system, one reads about file architecture, accountability, privileges, trust, and services. Armed with this background, "Counter Hack" then explains reconnaissance, scanning, application/OS-based attacks, network-based attacks, denial of service, maintaining access, and covering tracks. Each chapter is thorough and very well written. Chapter twelve's three attack scenarios are a fitting conclusion, showing how the earlier tactics are utilized in realistic network intrusions.

Veterans will find "Counter Hack" useful too. Some of the topics receiving exceptionally good coverage are Route's "Firewalk" tool, IDS evasion techniques, the Achilles web proxy/attack tool, netcat relays, Reverse WWW Shell, and Covert_TCP. "Counter Hack" includes the single clearest, most concise explanation of stack-based buffer overflows I've read. It offers novel material, like a comparison of netcat's superiority to telnet, and implementing source routing attacks. Most of these discussions include excellent diagrams and well-documented command line instructions.

"Counter Hack" is not perfect. I think the mentions of sequence numbers could be more accurate (ACK with ISN B+1 rather than simply ISN B, for example). Also, early in the book MAC addresses are shown with four bytes, when they are actually six bytes. These minor errors were the only ones I found, however.

If you are a new player in the security arena, I highly recommend reading "Counter Hack." I plan to buy several copies for my office. It's the single most useful volume published for entry level security personnel, and it also contains material which veterans will appreciate.

(Disclaimer: I received a free review copy from the publisher.)

Rating:
Summary: A superb hack/cracking book
Review: I am an MCSE who recently inherited several Linux machines do to downsizing at my company. I purchased several books to help me shore up my unix security knowledge. First I read Hacking Linux Exposed because it is 100% Linux specific, and followed with this book.Counter Hack covers a huge range of security problems much better than anything else I've read. It not only reinforced the concepts from Hacking Linux, but taught me many thing from the Windows world that I didn't know, in spite of my previous training.I really appreciated the instructions to fix and avoid problems. I'd recommend this book over "Hacking Exposed, 3rd Edition" any day. If you have unix machines, I'd purchase "Hacking Linux Exposed" too. In fact, I'd love to see what Skoudis and Hatch could write if they collaberated.