From: secedu@all.net
Reply-to: secedu@all.net
Organization: Information Security Educators Mailing List
Subject: Information Security Educators Mailing List 1999-01-11
<pre>---------------------------------------------
From: "Rob Slade, doting grandpa of Ryan and Trevor" <rslade@sprint.ca>
Subject: REVIEW: "Maximum Security", Anonymous

BKMAXSEC.RVW   981025

"Maximum Security", Anonymous, 1998, 0-672-31341-3,
U$49.99/C$70.95/UK#46.95
%A   Anonymous
%C   201 W. 103rd Street, Indianapolis, IN   46290
%D   1998
%E   Mark Taber newtech_mgr@sams.mcp.com
%G   0-672-31341-3
%I   Macmillan Computer Publishing (MCP)
%O   U$49.99/C$70.95/UK#46.95 800-858-7674 http://www.mcp.com
%P   829 p. + CD-ROM
%T   "Maximum Security, second edition"

Rather loudly promoted on the net these days, the major selling point
of this book is that it was written "by an experienced hacker." 
Supposedly one who spent some time as a guest of Uncle Sam for
fiddling bank machines.  (Some of what we are told about the author
does not fit with the contents of the book, but then, as an old
professional paranoid, I may be unduly suspicious.)  Leaving aside
questions of morality and definitions of the term "hacker," let us
merely observe that these people are the gnostics.  They are the
devotees of the hidden, esoteric, and arcane knowledge.  Such
knowledge, of course, is cheapened and weakened by being revealed. 
Which may explain a certain reticence on a number of points in the
first edition of the book.  The introduction to that edition made it
fairly clear: Anonymous assumed that if you did not work diligently at
his direction you did not deserve to secure your system.  One could
almost feel his glee at the expectation that thousands of sysadmins
around the world were wracking their brains and flooding Usenet with
discussions of the significance of his clues to the vital encrypted
message he had hidden on the CD-ROM.

The riddle, and that attitude, seem to have been removed from this
second edition.  The author tacitly admits that the first was a bit of
a kludge: he says that it was written in haste.  He also states that
the second edition is more "solution oriented."  It could hardly have
been less.  Be that as it may, the book is, as the author states,
essentially completely rewritten.  It has been much improved in the
process, moving up from truly awful to merely mediocre.  The new
version provides a good deal of reference information, although
assessing the quality of that information is left as an exercise to
the reader.

The section on viruses is an overview of the book in miniature.  The
hype has been toned down, and the explanation of how viruses work is
much more reasonable.  However, it still insists that "destruction" is
the major characteristic of a virus.  (There is, later, an admission
that "[m]ost viruses do not actually destroy data.")  We are treated
to the old myth that virus researchers write viruses as a kind of job
security.  While a general background to viruses is provided, there is
no discussion of protection options.  However, there are more listings
of antiviral programs and resource sites than there are for virus
creation programs.  Many topics within the text have lists of books
and Web sites for further study, and there is one for viruses that
includes three of the four tomes recommended by the VIRUS-L FAQ. 
Unfortunately, it also contains some lesser works, and there are no
annotations to the bibliography.

Part one is simply two chapters of introduction to the book.  A
somewhat limited overview to security concepts is given in part two,
concentrating on the Internet.  Chapters look at the Internet, TCP/IP
basics, hackers and crackers, targets, possibilities of fights over
the net, and very brief data security primer.  Various types of
security and attack software are outlined in part three.  There is
consideration of malicious software, security weakness scanners,
password crackers, trojans, network packet sniffers, firewalls, and
audit software.  Part four looks at specific operating systems:
Windows, UNIX, Novell, VMS, and Macintosh.  Two chapters look at very
basic security requirements in part five.  Network based attacks are
discussed in part six, reviewing levels of attack, spoofing, telnet,
scripting languages and extensions, and hiding of identity.  Different
types of resources and references are contained in appendices.  (I was
disappointed in the loss of a chapter on laws in various countries
until I found it had been moved back here.)

If you don't know security, this book is probably not going to teach
it to you.  On the other hand, if you work with security, you may find
that some of the resources listed here are things that you want to
explore.  For the novice it isn't altogether reliable, but for the
professional it is at least worth looking at.

copyright Robert M. Slade, 1998   BKMAXSEC.RVW   981025

======================
rslade@vcn.bc.ca  rslade@sprint.ca  robertslade@usa.net  p1@canada.com
Find virus, book info http://victoria.tc.ca/int-grps/techrev/rms.html
Robert Slade's Guide to Computer Viruses, 0-387-94663-2 (800-SPRINGER)
---------------------------------------------