[Dailydave] Book Review : Network Attacks & Exploitation : A Framework
Darkpassenger
darkpassenger at unseen.is
Mon Feb 1 16:49:44 EST 2016
how long ago was my last book review ? doubtful . maybe around 10 years
ago at the time Pedram Amini's OpenRCE was relevant and rootkit.com an
openre had happy contributors . so i write this review for a book on
Cyberwar , which is small in size but rich enough for content..as
somebody who's been involved with actual cyberwars his whole adult life
- no kidding . i hope you read the review , then read the book and find
more advanced steps after that trusting you have been show the right
direction and language and basics to form strategies of your own in
perhaps more complex frameworks - although very similar to the one
discussed in the book . all boiled down from experience -- and dudes ,
trust me , Cyber is young and you can simple get ahead by listening and
looking at what folks has done in relatively recent years..and reach to
a level of wisdom using the book and there it is ..real life - you and
your decisions toward CNA/CNE/CND..
Specifics :
Network Attacks & Exploitation
by Matthew Monte
tech edit Dave Aitel
Published by
John Wiley & Sons, Inc.
Published simultaneously in Canada
ISBN: 978-1-118-98712-4
very late of 2015
192 pages
25.8 MB in PDF
the names of CIA and NSA is mentioned in the first pages for various
reasons . some are ass-covering some are funny law practice by people
hungry for a chair in some building . all that aside this tells me the
author and his editor and adviser were in ranks of SPY . yeah , of
course we are cool with that :>
A.audience : this is a small book . its good . fit the profile of many
courses in university or in-job training courses where people got to
understand --WITHOUT BULLSHIT -- what is Cyberwar and Why would they
care about that . i assume computer students , young hackers who have
lost their soul yet , policy makers , think-tanks , military courses ,
governmental education programs official handbook , a must for
Journalists and also for whoever is in Media , a requirements for people
involve in strategic decision in other domains whether Senior or Junior
-- again this is a relatively small book . i realize this book will have
good impact on these social groups .
B. what do i get from reading , honestly ?
here are headlines , chapter by chapter :
1.CHAPTER 1 : understanding what an ATTACK really is and what roles does
it play in our warfare
you will learn about CNA and CNE and also the possibility of attacks
from cyber get Kinetic or not -- and what values any of those situations
may or may not have based on our cyberwar strategy .
2.CHAPTER 2 : here you get a through analysis of an ATTACKER , his
standard operations and digestion of the operations into the separate
parts of PHASE of an Attack . here its also discussed why each phase
takes place and what are the outcomes --which one is tactical and which
strategic .
3.CHAPTER 3 : talks about the DEFENDER . against the force of attacker .
what would be the life-cycle of a defender and what are the primitives
in defense a defender must pay too much attention .
4.CHAPTER 4 : discusses the various angles of ASYMMETRIES in Cyber . you
gotta know how to think as an attacker or defender to handle the
asymmetry effect of cyber in the op you are dealing with . if you are
into use or abuse this characteristic of Cyber then this chapter is
definitely yours to read .
5. CHAPTER 5&6 : if you are an attacker u most certainly want to know
about your possible FRICTIONS . same is true for defenders , although
with different point of views but still about possible FRICTIONS . there
is a strong saying goes like " you knowww... shit happens" - and if you
have faced one of these situations , read these two chapters .
6. CHAPTER 7 : is all about Offensive Strategy . here you learn the
steps required to come at a good strategic understanding of your planned
offense - what info and resources you gonna need and what are the
typical pitfalls ,,,
in this part of the book , the word "Framework" is taking shape and real
meaning .
7. CHAPTER 8 : obviously about defense Strategy . a 15 pages short
discussion how to develop a defense strategy shows one of the two things
: either Author didnt want to get dirty in technological side of defense
which is very big business and folks livelihood depends on it -- or , he
thinks the tone of this book calls for about this amount of defense data
not much more . well , its up to you to read the book and make judgments
i suppose .
8. CHAPTER 9 : is an interesting collection of very latest Cyber
incidents some could be translate to war and you read all the facts here
in one place without disruptions . its important you get facts with less
propaganda and business or politics disruptions . i assume the author
did tried for this to happen . this chapter is interesting for
college-type people or law practitioners who may get in different sides
of cyber conflict . this is the experience and skill you are gonna need
out there
Final notes : this is a small 200-ish mages book with easy and fresh
language not complicated for average and above to understand and
comprehend . at the same time , it teaches about having strategies and
making moves based on a Framework . which makes it different than the
usual hack/cyber book . its not about tools and its not about
philosophical thoughts -- its a in-between book for a easy read about
Cyberwar and what could be defined around it now that we are slowly
getting more and more into it , every time with names and shapes and
angles and different motivations.. this book hopefully help the reader
to analyze a cyber event or if planning one , do it like professionals
in recent history done some won some failed and there are lessons to be
learned .
judgement : good book . above average . tell your friend specially with
average or less experience in cyberwar ..or as we used to call it netwar
back in university ;) to buy it
objections : obviously not every book is perfect . across the book
author has chosen to place a SHARK picture whenever he wants to
demonstrate an attacker . well , i have been an attacker my whole adult
life and even if i would want it couldn't be possible to list the sort
of mass or targeted damages i caused or my strategies led to them..now
when i see that a nice and very "delicious" fish , the lovely shark is
set to be the attacker i am insulted ! dude i hope you edit the second
edition and put a human as the attacker..human with pink
heart..motivations..intelligence and GREED . it would be much more fair
and wont bother animal lovers like me :)
i have things to add to this mail . they are coming in the next one .
-dp
More information about the Dailydave
mailing list