Showing posts with label personal security. Show all posts
Showing posts with label personal security. Show all posts

Monday, December 31, 2012

Dissecting the Hack: The F0rb1dd3n Network the book

When the rest of the world thinks wardriving and bluesnarfing are news or that you are making up words, give them this book or directions to the local library where they can check it out in print or eForm.

This is another book I selected from our compiled leaders' reading lists. The first one I read was Little Brother which I enjoyed and recommend to others. Dissecting the Hack: The F0rb1dd3n Network is a two part book, Part 1 is the fictional story that aligns with real issues and Part 2 is the STAR - Security Threats Are Real that uses reflection sections from the story to help the reader understand.

Authors: Jayson E. Street, Kent Nabors, Brian Baskin, Marcus Carey

I recommend this book to readers interested in the fictional Part 1 as well as those looking for a quick reference and tools using Part 2 STAR

Contents
Part 1: FOrb1dd3n
PrO1Ogu3, Chapters ON3, TWO, THR33, FOUR, F1V3, S1X, S3V3N, E1GHT, N1N3, T3N, 3P1LOGU3
Part 2: Security Threats Are Real (STAR) 2.0
Chapters 1 Recon, 2 Scan, 3 Explore, 4 Exploit, 5 Expunge, 6 Hacker Culture, 7 Bit Bucket

This book is a great read for those new to the net, those interested in "Seeking first to understand then be understood (S Covey), people looking to explore other tools, techies who are looking for options when trying to explain security issues to others, and those people looking to diversify their book reading lists.

The short description of the book on whatever site you discover it on states (as quoted from the sites, their words not mine):
  • Utilizes actual hacking and security tools in its story-helps to familiarize a newbie with the many devices and their code
  • Introduces basic hacking techniques in real life context for ease of learning
  • Presented in the words of the hacker/security pro, effortlessly envelops the beginner in the language of the hack
  • Check out the companion site at www.dissectingthehack.com complete with an interactive forum!
  • Exclusive interviews in this revised edition include thoughtful insights into security issues and hacking culture from industry leaders Dan Kaminsky, Johnny Long, Jeff Moss and Marcus Ranum
One section between the Acknowledgements and About the Authors is How to Read Dissecting the Hack: The F0rb1dd3n Network. It closes with this sentence: Dissecting the Hack: The F0rb1dd3n Network can happen IRL.

The book is filled with links to sites and while some were verified in 2010 before the revised edition was published, some links are no longer valid, other links provide access to tools that you may have tinkered with as you learned more about your gadgetry, network connections, and situational awareness or lead you into discovering tools you did not know existed.

Check out 
f0rb1dden for more info about Jayson Street and an audio trailer of the book
Dissecting the Hack : The F0rb1dd3n Network on Google Play
Syngress book description
Dissecting the Hack: The F0rb1dd3n Network on Amazon (purchase or rent)
or check out the book via WorldCat so you can find the book in your local library

Have you read Dissecting the Hack: The F0rb1dd3n Network? Did you share your book review? Have you passed this book to others when you didn't feel like explaining any more?





Tuesday, March 31, 2009

What BBPs do you implement?

What best business practices do you incorporate to protect your network/personal information?

Conficker is on the radar. People are updating protection services and some are completely disconnecting from the network until April 1, 2009 passes.

Implement best business practices for your own network, your data, and mention in your letter of intent about how to handle your hardware, software, and network data once you pass on.

So what best business practices do you incorporate to protect your network?

One of the diary entries from the SANS Internet Storm Center under the title of, "Feeling Conflicted about Conficker?" states, "As always, we want to remind our readers that if you are doing what everybody considers to be best business practices (firewalls, unneeded services turned off, systems patched, current antivirus software, user education and awareness, good policies, an incident detection and response mechanism, etc.) then you have very little to worry about. If you detect anything new with respect to Conficker over the next 24 hours please let us know via our contact page. We'll sound the alarm should something bad happen. Otherwise, back to work and Happy April Fool's Day!!" (2009, Sachs)

If you have everything set up, automatic downloads, pre-scheduled scans, backups, take the time and check your own system and improve your own user awareness. If your BBPs are in place, take the time to share your knowledge with someone who is not implementing any safety practices for their network, personal or professional. Don't wait on anniversary of a virus or botnet attack to check your system, take care of your data on a regular basis. As with most things in life that we consider valuable, preventative maintenance is always more affordable than reactive maintenance.

As always, comments and recommendations are welcome.
Share your best business practices!