By reading through security web sites, traversing through software depositories and using Google, you can keep your self updated with the latest tools and attack/defense scenarios based on them. If you want a centralized place on reading this kind of information, “Security Power Tools” is definitely the book you should check out.
About the authors
A number of different authors and technical reviewers are credited in this book, so there is no point in giving details on all of them. All of the authors are working inside the industry and have technical knowledge in different areas.
Inside the book
As I mentioned, this mammoth 800+ pages O’Reilly publication is a product of collaboration between a number of technical authors and experts that chipped in with their own specialities. The book is focused on covering a large chunk of the security dood’s arsenal, with details on different tool usage in a variety of scenarios. After a brief introduction on ethics and legal issues, the book gets divided into six main topics including reconnaissance, penetration, control, defense, monitoring and discovery.
When it comes to reconnaissance, the readers are first introduced with network and vulnerability scanning methods and afterwards authors go deeper with LAN reconnaissance tactics, methods of mangling with wireless networks and the way of creating custom packets.
The penetration section is opened with a 30 page overview of Metasploit concept and carries on with the “hacking” point of view on the previous wireless reconnaissance chapter. The two most interesting topics of this part of the book are custom exploitation and an overview of exploitation framework applications.
Remote system control can be done on different ways, but the appropriate section in “Security Power Tools” mostly concentrates on using backdoors (prime focus on Back Orifice 2000) and deploying rootkits. Both of these subjects receive just around 25 pages each.
After almost 400 pages of tools and methods primarily used from the attacker’s point of view, the authors provide their tips on defending your systems using firewalls, host hardening, email security with anti-spam and securing communications. The latter is mainly connected with SSH and PGP usage.
The monitoring section of the book comprises of sets of information on different technologies and techniques related to host and network monitoring (focus on Snort), as well as network capturing using tcpdump and Wireshark. Through the last 80 pages, authors work they way around forensic issues and popular methods of application fuzzing.
I am a big fan of Security Power Tools because it has a great concept, it is easy to use as a reference in specific situations, and the quality of the content is top notch.