Hacking Exposed

Network Security Secrets and Solutions

McGraw-Hill, 2001

15 min read

10 take-aways

Text available

What's inside?

Computer hackers are invisible thieves, stealing your information, time and attention. But you can learn enough to protect yourself.

We currently cannot offer you an audio version of this summary.

Editorial Rating

Qualities

Innovative
Applicable

Recommendation

You might expect a massive book about computer hacking to be tedious reading, but - surprise - this one is actually fun. You’ll be impressed by the quality of the writing and the authors' clarity about complicated matters. Why have these clever writers gone public with information on how to hack into computers? They figure that hackers learn how to penetrate systems anyway. It’s the network administrators and other professionals who need to understand hacking to protect their own vulnerabilities. The book, which is a bit dated now, given the programs it refers to, still conveys relevant principles about defending your work and your company from attack. getAbstract recommends it as an essential reference for businesspeople who want to know why system administrators always look twitchy. It’s also a good tool for any computer professional whose day - or career - might be ruined by a single moment of system weakness.

Summary

Why Experts Believe in Open Disclosure

If you base your computer security on knowledge about the vulnerabilities of your computer system, your security will be stronger. Publishing information about the vulnerabilities of popular computer systems has its risks, of course, but that information leads to more robust security.

True, dark hat hackers will read any available information to learn more devious ways to disrupt computer users, but they would have learned about them anyway. It is more important for the computer system defense team in your company to know about network and system weaknesses than it is to throw a veil of blind secrecy over the entire matter - an approach which would only let hackers run amok. Overall, open disclosure means better security in the long run.

That’s the theory behind the Open Disclosure movement, which has resulted in a much more secure Internet over the years. Software designers have a much harder time denying vulnerabilities of their programs when the public is aware. Developers can’t hide problems that have been announced in the media from consumers. To protect your company and your computer system, learn all you can ...

About the Authors

Stuart McClure and George Kurtz are president/CTO and CEO, respectively, of Foundstone Inc. (www.foundstone.com), of which Joel Scrambray is a principle. The firm provides information system security consulting services to clients ranging from members of the Fortune 50 to newly minted startups. McClure, who has more than ten years of IT and security experience, specializes in security assessments, firewall reviews, e-commerce application testing, host reviews, PKI technologies, intrusion detection, and incident response. Kurtz, an internationally recognized security expert, has performed hundreds of firewall, network and e-commerce related security assessments.

Comment on this summary

Sign in to share your opinion
D. W. 9 years ago

...
B. S. 9 years ago

A bit dated.
D. O. 10 years ago

While most of the key takeaways are still relevant, a technical security book published in 2001 is of limited value in 2014; many of the technologies covered are now obsolete.

Joel Scambray, Stuart McClure and George Kurtz