Title: Open Source Security Tools

Author: Tony Howlett
Pages: 578
Publisher: Prentice Hall
Rating: 9/10

Reviewer: Gary Smith

Summary: Great book on tools of the trade

Today's security analyst/administrator is confronted not only with constant attacks from within and without his organization but also the twin demons of No Money and No Time. Who's he/she going to call to get out of this dilemma? Ghostbusters? A better resource is Tony Howlett's book, "Open Source Security Tools." The book start off with an introduction to information security and OSS (Open Source Software). If you're new to being a security analyst and you need to know some basic things about information security and threats this is a good introduction. If you're a seasoned security veteran with the battle scars to prove it, it's still a useful section as a quick reference for hitting up management (pointy-haired or otherwise) when they ask questions.

The book starts with tools that are readily usable by the security admin, tools for the operating system. These simple tools in the first chapter can go a long way to improving the security of the operating systems. From there, the chapters go through increasingly more complex tools and the problems that they are designed to confront. These include firewalls, port scanners, vulnerability scanners, network sniffers, IDS (Intrusion Detection Systems), analysis and management tools, encryption tools, wireless tools, and forensic tools. The book gives a good discussion of why you need a particular tool, how to get it, set it up, use it, and make the most of it. Each chapter is peppered with tips and traps about the tools, a very useful thing for the harried security admin.

I found Chapter 8, "Analysis and Management Tools" particularly good. Snort is a great tool but sometimes, using it is like trying to drink from a fire hose. What you need is a way to archive all that data and review it in some comprehensible manner. Chapter 8 describes how to due this using several OSS tools including ACID and MySQL. Following Mr. Howlett's steps, you'll have a management console that will aid you analysis and get the notice of your management.

I also liked Chapter 10, "Wireless Tools." Let's face it, wireless networks are hot and show no signs of cooling down anytime soon. They are also a squeaky wheel when it comes to needing oil to keep things quiet. Management can get very nervous about wireless networks and what you don't know can really hurt you. This chapter gives the security admin the tools to make sure that any wireless network in the company is secure and that there aren't any wireless networks you don't know about. And then there's the CDROM included with the book. You could spend hours burning up the bandwidth searching the 'net to get all the tools in the book. Prentice Hall has made it easy for you by including a CDROM of all the tools described in the book right at your finger tips.

At 578 pages, "Open Source Security Tools" is chocked full of tools, tips, and techniques that any security admin can use to solve the types of problems he/she may face. The choice of tools is excellent, the organizational structure of the book is good and the Mr Howlett's writing style is easy to follow and quite humorous at times.

I can offer only two suggestions about the book for future editions. One is if the CDROM were a live distro like Knoppix that you could pop into a system and run the tools straight away. The other is if the book were bound in a "lie flat" format for easier reading and use at the desk. Get the book, use the tools, make your systems more secure, and your job easier.

Return to Home Map and Directions Member Services Schedule of Talks Mailing Lists SIGs Roadmap to Wiki Free Books Membership/Individual Benefits Membership/Corporate Roster Benefits Organization Bylaws Policies Officers Other Talk Suggestions Volunteer! Member Blogs Member Profiles Historical Archives Newsletter Audio of Meetings Webmaster
	Top . Main . OpenSourceSecurityTools	Recent Changes Printable View Page History Edit Page
	Content Last Modified on January 12, 2005, at 01:14 AM CST Title: Open Source Security Tools Author: Tony Howlett Pages: 578 Publisher: Prentice Hall Rating: 9/10 Reviewer: Gary Smith Summary: Great book on tools of the trade Today's security analyst/administrator is confronted not only with constant attacks from within and without his organization but also the twin demons of No Money and No Time. Who's he/she going to call to get out of this dilemma? Ghostbusters? A better resource is Tony Howlett's book, "Open Source Security Tools." The book start off with an introduction to information security and OSS (Open Source Software). If you're new to being a security analyst and you need to know some basic things about information security and threats this is a good introduction. If you're a seasoned security veteran with the battle scars to prove it, it's still a useful section as a quick reference for hitting up management (pointy-haired or otherwise) when they ask questions. The book starts with tools that are readily usable by the security admin, tools for the operating system. These simple tools in the first chapter can go a long way to improving the security of the operating systems. From there, the chapters go through increasingly more complex tools and the problems that they are designed to confront. These include firewalls, port scanners, vulnerability scanners, network sniffers, IDS (Intrusion Detection Systems), analysis and management tools, encryption tools, wireless tools, and forensic tools. The book gives a good discussion of why you need a particular tool, how to get it, set it up, use it, and make the most of it. Each chapter is peppered with tips and traps about the tools, a very useful thing for the harried security admin. I found Chapter 8, "Analysis and Management Tools" particularly good. Snort is a great tool but sometimes, using it is like trying to drink from a fire hose. What you need is a way to archive all that data and review it in some comprehensible manner. Chapter 8 describes how to due this using several OSS tools including ACID and MySQL. Following Mr. Howlett's steps, you'll have a management console that will aid you analysis and get the notice of your management. I also liked Chapter 10, "Wireless Tools." Let's face it, wireless networks are hot and show no signs of cooling down anytime soon. They are also a squeaky wheel when it comes to needing oil to keep things quiet. Management can get very nervous about wireless networks and what you don't know can really hurt you. This chapter gives the security admin the tools to make sure that any wireless network in the company is secure and that there aren't any wireless networks you don't know about. And then there's the CDROM included with the book. You could spend hours burning up the bandwidth searching the 'net to get all the tools in the book. Prentice Hall has made it easy for you by including a CDROM of all the tools described in the book right at your finger tips. At 578 pages, "Open Source Security Tools" is chocked full of tools, tips, and techniques that any security admin can use to solve the types of problems he/she may face. The choice of tools is excellent, the organizational structure of the book is good and the Mr Howlett's writing style is easy to follow and quite humorous at times. I can offer only two suggestions about the book for future editions. One is if the CDROM were a live distro like Knoppix that you could pop into a system and run the tools straight away. The other is if the book were bound in a "lie flat" format for easier reading and use at the desk. Get the book, use the tools, make your systems more secure, and your job easier.
WikiHelp	Recent Changes Printable View Page History Edit Page