By Cyrus Peikari, Anton Chuvakin
First Edition January 2004
Pages: 552 (More details)
(Average of 3 Customer Reviews)
Price: $44.95 USD, $65.95 CAD, £31.95 GBP
Buy two books, get the third FREE! Use discount code "opc10"
This book qualifies for FREE SHIPPING. See details.
Read our 100% guarantee
What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.
Full Description
What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.
Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.
Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.
Register your book | Submit Errata
Browse within this book
Cover | Table of Contents | Index | Sample Chapter | Colophon
No time right now? %0A%0ANetwork Security Hacks:%0A

![]() The Art of Exploitation Read more |
![]() 100 Industrial-Strength Tips & Tools Read more |
![]() Know Your Network Read more |
No time right now? %0A%0APractical UNIX and Internet Security:%0A

![]() Secure Programming Cookbook for C and C++ Recipes for Cryptography, Authentication, Input Validation & More Read more |
![]() Practical UNIX and Internet Security Read more |
![]() Web Security, Privacy & Commerce Read more |
Book details
First Edition: January 2004
ISBN: 0-596-00545-8
Pages: 552
Average Customer Reviews: (Based on 3 Reviews)
Featured customer reviews
NLUG: Book Review - Security Warrior by Cyrus Peikari & Anton Chuvakin
Rating:
2004-12-16 05:42:55
James Ko, CISSP
[Reply | View]
I enjoyed reading the Assembler and the reverse engineering section of the book. I didn't realize there are so many variants of x86 Assemblers. I thought it was brilliant to use the CD organizer as an analogy to program stack to explain the buffer overflow problem, The little HackMe challenge dramatizes the whole buffer overflow issue. It really sticks into reader's mind about how vulnerable our software industry stands today. However, I feel it fall short on the networking section, where the authors could have spent more time on explaining these evil hacking tools. There were no examples on how to use hping, for example. As far as I know, there are lot more evil packet injection tools out there worth mentioning, such as Nemesis, libnet, hping and packit. I was somewhat disappointed given that the authors said in the beginning (preface)this is an advanced security book that I would expect more on the networking side. However, on the positive note, the Log Analysis section is very valuable to system administrators because it provides a lot of good information. There is not a lot of literature out there spend time on explaining what log is, or what is being captured. In fact, log analysis is gaining popularity because it is used for security forensics where security professional tries to piece the evidence together. All in all, this is a very useful book for those who wants to have a survey of what is involved in the field of security incident handlers and/or intrusion detection.
Covers the spectrum well. Good reference.
Rating:
2004-04-26 10:02:43
Alex Belt from the Columbia Java Users Group
[Reply | View]
This excellent, well-written book can be an enigma at times. The authors indicate that the material is for someone who has read on the subject before, although there is quite a bit of material geared more towards novices like myself. In other places I was defintely out of my depth, not having enough of a C/*Nix background to fully comprehend the material. The authors cover reverse engineering, network attacks, platform attacks, and defense/intrusion detection methods.
I very much liked the samples and references to existing tools, although they clearly indicate the possible criminal repercussions of using some of these tools/techniques. The samples provide invaluable insight and experience into learning the techniques, and how to thwart them, if it's possible at this time. The intrusion detection/defense material is split between information that would benefit everyone, including home pc users, and techniques more suited to professionals, such as advanced intrusion detection and network defense. This would be a very good second book on the subject, and barring any sudden changes in the security landscape, this book should hold it's value for some time to come.
Security Warrior Review
Rating:
2004-02-24 09:36:36
Ali Rahbar
[Reply | View]
This is one of the first book that talk about the fundamentals of reverse
engennering.It is true that you can find can all the books subjects on the net but for finding and understanding them you should waste a lot of time and effort (to seek different messageboard and reversers site). This book
has done the hard works for you and you can read everything classified and in great details. I recomend it for everyone interested in security and if you already know all the topic in this book I still recommend you to read this book
for a fast and well organized review.
Media reviews
"A very well written, comprehensive text that contains useful references, and details of software tools (and where they can be found). An essential resource for those responsible for information security."
--Major Keary, "PC Update," October 2004
"As in the case in the physical world, when providing computer security the optimal approach is to be proactive. Security Warrior is about taking such a preventive approach to computer predators...The vulnerabilities are clearly defined, but the book really shines when it provides detailed instructions on how systems can be protected. Security Warrior is written for advanced system administrators charged with network or system security. Corporate security professionals may be intimidated by the book, but they would do well to get a copy to the appropriate person in their organizations. That would be the proactive thing to do."
--Ben Rothke, Security Management, January 2005
"Overall, Security Warrior was quite an interesting read. I fully plan to take many concepts I have learned here and incorporate them into both current and future plans. If you want a detailed look at network security concepts, this book is a very solid starting point, before branching out into other works."
--Sean Smith, Dalhousie Student Chapter ACM, July 2005
"Given that hundreds of security books are out there, I was a bit skeptical this one would live up to its claim of being so different. However, as soon as you enter the first section, 'Software Cracking,' you know you are in for a different ride...Overall, I found this book to be a strong text with a refreshingly different spin on computer/network security. If you are responsible for system or network security, Security Warrior is definitely worth reading."
--Dan York, Linux Journal, October 2004
"['Security Warrior' gives you] lots of code examples to work with, and no patronizing along the way...Sure, you can do what the hackers do, and trawl the dodgy hacking we sites and chat rooms to get this information, but why bother when for less than £25 [$44.95 US] you get it all in one reference..."
Rating: 9/10
--PC Plus, Spring 2004
"Security Warrior is the most comprehensive, up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you are on the front lines of computer network defense, defending your site against attackers, you need this book...These authors have produced a significant contribution to the rapidly growing number of titles in the specialized genre of computer security. Even though there are many other similar titles, this O'Reilly title is superior to most and I strongly recommend all network administrators get a copy of this powerful title, and to also consider multiple copies for loaning to other computer network support staff."
--Dale Farris, Golden Triangle PC Club, May 2004
"'Security Warrior' is a book that you will dog-ear and sticky-note like crazy, and keep pulling it off the shelf every time you embark on a new security project or do a job for a new client. If I had to describe 'Security Warrior' in one word, it would be 'toolkit.'"
--Brian Keefer, San Francisco OpenBSD Users Group, April 2004
http://www.smtps.net/project-docs/security_warrior.html
"This is one of the few books that goes beyond the 'what' and deals with the 'how' of system and software security. A thorough reading and study of this book will arm you with the tools and knowledge you need to analyze and bight back against software attacks."
--Portland Domino/Notes User Group (PDNUG), March 2004
http://www.lotus-users.org/QuickPlace/pd-nug/Main.nsf/h_Discussion/DF5A02D4E051F3AE86256E5E00197E26/?OpenDocument&Form;=h_PageUI
"Peikari and Chuvakin have written a valuable book that will soon find its way onto the shelf of everyone involved in network and machine security."
Peter Salus, UnixReview.com, March 2004
http://www.unixreview.com/documents/s=8989/ur0403f/
"This book will help if you want to know enough about IT security to claim to be a know-it-all."
--Vince Tuesday, ComputerWorld, February 2004
"['Security Warrior' is] a great collection of tricks that should be part of a good warrior's training."
--Peter Wayner, Slashdot, March 2004
http://slashdot.org/article.pl?sid=04/03/05/1949238
"This is a book with an amazing amount of information that at first glance may scare the living daylights out of some sys admins when they learn of the relative ease with which a system can be compromised. Then again, most security experts know of the risks and dangers involved with computer security. And I've always felt that to defend yourself against an attack, you should 'know the enemy.' This book offers lots of ways and 'tricks' to do just that."
--Todd Hawley, Amazon.com, February 2004
"If you want to know the latest about how black-hat hackers break into Windows, Linux, and even handheld operating systems such as Windows CE, then 'Security Warrior' is a read you need...For the true IT professional this is the kind of stuff that's essential to understand. Another security classic from O'Reilly Publishing."
--Brian Livingston, BriansBuzz.com, February 2004
http://www.briansbuzz.com/w/040212/