Book Review: Defense Against the Black Arts

brothke writes "If there ever was a book that should not be judged by its title, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It, is that book. Even if one uses the definition in The New Hackers Dictionary of 'a collection of arcane, unpublished, and (by implication) mostly ad-hoc techniques developed for a particular application or systems area', that really does not describe this book. The truth is that hacking is none of the above. If anything, it is a process that is far from mysterious, but rather aether to describe. With that, the book does a good job of providing the reader with the information needed to run a large set of hacking tools." Read below for the rest of Ben's review.

Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It
author	Jesse Varsalone, Matthew Mcfadden, Michael Schearer, Sean Morrissey
pages	412
publisher	CRC Press
rating	7/10
reviewer	Ben Rothke
ISBN	1439821194
summary	Good reference for someone experienced in the topic who wants to improve their skills

Defense against the Black Arts is another in the line of hacking overview books that started with the first edition of Hacking Exposed. Like Hacking Exposed, the book walks the reader through the process of how to use hacking tools and how to make sense of their output.

Defense against the Black Arts is written for the reader with a good technical background who is looking for a nuts and bolts approach to ethical hacking. Its 14 chapters provide a comprehensive overview of the topic, with an emphasis on Windows.

But for those looking for an introductory text, this is not the best choice out there. The book is written for the reader that needs little hand-holding. This is in part due to its somewhat rough around the edges text and the use of more advanced hacking tools and techniques.

By page 4, the author has the reader downloading BackTrack Linux. BackTrack is a Ubuntu distro which has a focus on digital forensics and penetration testing. BackTrack is currently in a 5 R1 release, based on Ubuntu 10.04 LTS and Linux kernel 2.6.39.4. BackTrack comes with a significant amount of security and hacking tools preloaded, which the authors reference throughout the book.

After showing how to install BackTrack, chapter 1 shows how to log into Windows without knowing the password. Much of that is around the Kon-Boot tool, which allows you to change the contents of the Windows kernel in order to bypass the administrator password. Tools like Kon-Boot though will only work when you have physical access to the machine.

Chapter 3 gets into the details of digital forensics and highlights a number of popular tools for forensic imaging. While the book provides a good overview of the topic, those looking for the definitive text on the topic should read Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet.

Chapter 5 deals with web application penetration testing. The authors describe a number of tools that can be used to assess the security of web sites, and offer ways to attempts to manipulate data from a web page or web application.

One is likely hard pressed to find a large web site that will be vulnerable to such web attacks, given that most of them have already checked for those errors via validation control testing. Smaller vendors may not be so proactive, and find out that those $99- items are being sold for .99 cents. With that, the chapter details a number of tools developers can use to test for SQL injection, XSS and other types of web vulnerabilities.

Chapter 8 is about capturing network traffic. There are two perspective to collecting traffic. For the attacker, it is about identifying holes and avenues for attack. For those trying to secure a network, collecting network traffic is an exercise in identifying, thwarting and defending the network against attacks.

Chapter 10 provides a brief overview of Metasploit. For those looking for a comprehensive overview of Metasploit, Metasploit: The Penetration Testers Guide is an excellent resource. This chapter like many of the others provides the reader with detailed step-by-step instructions, including screen prints, on how to use the specific tool at hand.

Chapter 11 provides a long list of attack and defense tools that can be used as a larger part of a penetration tester's toolkit.

Chapter 12 is interesting is that it details how social engineering can be used. The authors show how public domain tools like Google Maps can be used in to mount an attack.

Chapter 13 – Hack the Macs– is one of the shorter chapters in the book and should really be longer. One of the reasons pen testers are increasingly using Macs is that the newer Macs run on the Intel platform, and can run and emulate Windows and Linux. The increasing number of tools for the Mac, and significant Mac vulnerabilities, mean that the Mac will increasingly be used and abused in the future.

Just last week, Dr. Mich Kabay wrote in Macintosh Malware Erupts that malware specifically designed for Mac is on the rise. This is based on progressively more and more serious malware for the Mac since 2009 where given that Apple products have been increasing their market share for laptops and workstations but especially for tablets and phones.

The article notes that one of the reasons Mac OS X is perceived as superior to Windows is because of its appearance of having integrated security. But although the design may be sound, the operating system does not prevent people from being swayed into thinking that the malicious software they are downloading is safe. With that, Apple will have to concentrate more on security and vulnerability within their operating system.

The book ends with about 30 pages on wireless hacking. The chapter provides an overview of some of the weaknesses in Wi-Fi technology and how they can be exploited. The chapter focuses on the airmon tool, part of BackTrack that you can use to set your wireless adapter into monitor mode, to see all of the traffic traversing the wireless network.

Overall, Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It is a really good reference for someone experienced in the topic who wants to improve their expertise.

Ben Rothkei s the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

FOR OPTIMUM SAFETY

[Anonymous Coward]

Avoid using computers and mobile phones!

Protection from hackers?

[Anonymous Coward]

But, who writes the operating system then?

Re:

[ackthpt]

But, who writes the operating system then?

Write it yourself and that'll really confound them. Write your own browser and office suite, too. Even better, make your own CPU with your very own instruction set, which will really drive them nuts!

Re:Protection from hackers?

[M0j0_j0j0]

You did all that and can't register a /. account?

Re:

[Anonymous Coward]

You must be alluding to: Reflections on Trusting Trust by Ken Thompson
http://cm.bell-labs.com/who/ken/trust.html

Reflections on Trusting Trust
Ken Thompson
Reprinted from Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763. Copyright © 1984, Association for Computing Machinery, Inc. Also appears in ACM Turing Award Lectures: The First Twenty Years 1965-1985 Copyright © 1987 by the ACM press and Computers Under Attack: Intruders, Worms, and Viruses Copyright © 1990 by the ACM press

Re:

[justforgetme]

Great read, very insightful. OTOH, while criminalization of unauthorized cracking into computer systems is quite sane, corporations should face criminal charges as well when exposed to be neglecting data security for sensitive information. Otherwise the punishment is one way and only unjust.

Re:Disappointed

[v1]

but then I saw the author wasn't Snape...

Re:

[Anonymous Coward]

Luckily it's not Ankit Fadia [amazon.com] either. Whenever I see a book about "hacking" I think of him. Don't ever buy his books, because you can learn more about "hacking" by watching Swordfish. But if you want a good laugh, do borrow one. The only thing his books are missing is an MST3K commentary.

Re:

[justforgetme]

Dude, from personal experience a book that calls itself "unofficial {directive}" is never serious!

Re:

[wmbetts]

that actually made me and my wife laugh. good job

Re:

[turkeyfeathers]

I was disappointed that this book wasn't published by Packt.

Re:

[burhan11]

http://www.versiertips.tk/ [versiertips.tk] http://www.ripdizi.tk/ [ripdizi.tk] http://www.snel-vermageren.nl/ [snel-vermageren.nl] http://www.tipsentrucs.tk/ [tipsentrucs.tk]

Front cover scare tactics!

[multiben]

That's what most crackers imagine they look like. Rather than the pale, pudgy, neck beards they are in reality.

co-authors

[tverbeek]

The books is co-authored by Quirinus Quirrell, Gilderoy Lockhart, Remus Lupin, Alastor Moody, Dolores Umbridge, and Severus Snape.

Re:

[jd]

That would explain why they're dead set against hackers rather than crackers. Gotta protect the Slytherins!

Hah

[DnaK]

I read the title to see some crazy harry potter fan writing a book on defense of dark arts. Oh man i've been on the rss feed too long.

So my employer has to defend itself

[rrohbeck]

...against my work, which consists of hacking to some extent - figuring out the arcane properties of software components to debug them and make them work?

Re:

[wmbetts]

I'm guessing the poster has an issue with Ubuntu for some unknown reason.

Re:

[retchdog]

the most hardcore security work [network and static binary analysis] i've seen has been done in windows, which isn't surprising; dos and win95 were great places to start cutting your teeth on exploiting security flaws.

for this kind of thing, the OS doesn't really matter as much as the tools available, and here's a real surprise for you: there are plenty of technical skills more impressive and valuable than dealing with the quirks of linux. plenty of meritorious technical types, just like normal people, want

Re:

[Smallpond]

It's rather aether to define.

Re:

[plover]

Knock, knock.
Who's there?
Aether.
Aether who?
Aether Bunny.

Re:

[jd]

Aether is the fifth element, so presumably only those who understand French sci-fi will understand the book.

Re:

[swalve]

That's a fire description.

Is this mostly a cookbook?

[Roobles]

From the review, it really sounds like this book is only demonstrating how to use specific tools/programs. Is that just what the reviewer is highlighting? Or is this book really lacking in the theories/principals of vulnerabilities and their exploits? I know very little about "hacking," but the last way I'd want to learn about it is through something that amounts to little more than a script kiddy's field guide. To me it feels like a very immature and impractical approach to a very serious/important pro

Re:

[Anrego]

Indeed.

I was a fan of "Hacking: the art of exploitation" and "Silence on the Wire".

The first one doesn't really give you much of practical use.. but gives you the basic foundation of buffer overflows and shellcode and such, a long with a fairly decent amount of background. There is a bit at the end on wireless network that kind of delves out of that curve (and in truth, feels kinda tacked on.. almost like it doesn't belong in the book but was added at the very end of writing for some reason).

Silence on the

Well then

[koan]

Is there a well regarded hacking book out there?
Most comments suggest there is not and I get the feeling hackers are primarily self taught so if you're grabbing Backtrack and using youtube tutorials you most likely are not a "hacker" (cracker?)

Re:

[Anrego]

I just made a comment about this above, but I'm a fan of "hacking: the art of exploitation" and "silence on the wire".

"Silence on the Wire" is completely useless from a real world standpoint, but gives a tremendous amount of background knowledge. The section on network alone is better than any networking textbook I've ever read.

"hacking: the art of exploitation" gives you basic background in how buffer overflows work, shell code is written, and just basic core background. Again, nothing that you can actuall

Long Gone

[interval1066]

I guess its not going to do any good AT ALL to bring up (yet again) how wrongly the term "hacking" is applied to script kiddies, hijackers, and black hat ops. The classic MIT (and correct) def of "hacker" is just a distant memory now.

Re:

[Anrego]

In my view, it is no longer wrong.

The definition of "hacker" has changed to include people who break into systems for evil purposes. The battle to prevent this is over, it's a done deal. Insisting people use the word "cracker" is at this point just annoying.. it was a stupid choice of word to begin with, and never caught on (and never will). If they'd chosen something that doesn't make you sound like a complete tool and had intuitive meaning, maybe something like "cyber criminal", it might have had a shot,

Defence Against the Dark Arts

[Anonymous Coward]

Am I the only one who misread that as a title of Harry Potter fan books?

Re:

[suso]

I think its an obvious parody. I do know that whoever the author of this book is, they will turn out to be the villain by the end.

Ah, Backtrack 5! Highly Recommended...

[alreaud]

My favorite OS for penetration testing and back-tracking those pesky shell attackers and phishers. If you really want to learn the "dark arts" go through some of their online/manuals and courses, like the Metaspoit one. BT5 has some awesome tools. Ones that Anonymous themselves would be proud of. Things like zenmap, openvas, maltego, msf, siege, etc. That is what gets installed in every laptop I own.

Lets see, using that I back-track every single shell attacker. The commonalities are HTTP TRACE, lots of open

Misleading Title

[gblues]

With a name like that, I expected this book to tell me how to defend myself from an evil voodoo priestess, or how to protect my body against necromancy, or warding against Magic Missile. Maybe I've just been playing too much Skyrim.