Book Description
The best-selling Stealing the Network series reaches its climactic conclusion as law enforcement and organized crime form a high-tech web in an attempt to bring down the shadowy hacker-villain known as Knuth in the most technically sophisticated Stealing book yet.
Stealing the Network: How to Own a Shadow is the final book in Syngress ground breaking, best-selling, Stealing the Network series. As with previous title, How to Own a Shadow is a fictional story that demonstrates accurate, highly detailed scenarios of computer intrusions and counter-strikes. In How to Own a Thief, Knuth, the master-mind, shadowy figure from previous books, is tracked across the world and the Web by cyber adversaries with skill to match his own. Readers will be amazed at how Knuth, Law Enforcement, and Organized crime twist and torque everything from game stations, printers and fax machines to service provider class switches and routers steal, deceive, and obfuscate. From physical security to open source information gathering, Stealing the Network: How to Own a Shadow will entertain and educate the reader on every page. The books companion Web site will also provide special, behind-the-scenes details and hacks for the reader to join in the chase for Knuth.
· The final book in the Stealing the Network series will be a must read for the 50,000 readers worldwide of the first three titles
· The companion Web site to the book will provide challenging scenarios from the book to allow the reader to track down Knuth
· Law enforcement and security professionals will gain practical, technical knowledge for apprehending the most supplicated cyber-adversaries
Customer Reviews:
The SQL Injection Adventures of Pawn.......2007-06-14
Did you enjoy the previous three Stealing the Network books? Are you looking for more? Then move along now, nothing to see here.
The prior books were interesting because they introduced the reader to new ideas or new angles on old ideas, then moved on without belaboring them. If you wanted more details, there were often URLs provided. The last two tied the stories together with the intriguing Knuth character. But the folks running the project chose to switch to a new format, with fewer characters and stories, not to mention fewer authors, and fewer ways to split the profits.
After three books with the same (proven) formula, it's understandable the authors would want to try something new. Alas, it's a disaster.
Welcome to "How to Own a Shadow," aka "The SQL Injection Adventures of Pawn." Pawn is one of the new characters in this volume, and is the first StN character I hoped would get shot to death by the cops in a mini-mall parking lot. Yes, he's that irritating. Particularly after reading 40 pages about his childhood as a high-functioning autistic (or something like that), and around 100 pages of him performing SQL injection attacks. Most of which is totally unrelated to Knuth. Note to the authors: SQL injection is interesting, but if you want to write a book about it, just write a book about it. I even gave you a title, what more do you want? You can even recycle much of this book, like you recycled part of the last one here.
Oh, you noticed the real subtitle of the book, "The Chase for Knuth." First, one chases _after_ fugitives, and hunts or searches _for_ them. Not that it matters, because there's not much chasing or hunting going on in this book. There isn't much Knuth, either. We see him in the first hundred pages, which is mostly about his son analyzing poker software. That's the last we see of either of them. Because, really, this is "The Biography of Pawn." We do get 50 pages of Knuth at the end of the book, but don't get excited: it's all from the last book, added as obvious filler.
Speaking of filler, there's a 17 page advertorial thrown in for BiDiBLAH, which is commercial software by SensePost. Oddly enough, they're listed as technical advisors for the book. I'm sure it's a fine app, but the authors have forgotten about Knuth again, since it has nothing to do with the story. If it had been relevant, it might have been a less obnoxious addition.
Not everything is bad. There's a brief bit about RFID, which of course turns into how to use RFID for SQL attacks. We get to meet Knuth's supposedly dead wife, and a charming shrew she is. All in all, though, this book isn't worth reading unless you're a truly devoted fan of the series, or SQL. I'm still a fan of the previous books, and I hope the authors can recapture what made them so intriguing for their next book. I won't be buying that one until I'm sure it's not Book Two of the Pawn Saga, however.
Author "review".......2007-04-13
Let me first say that I am one of the authors on this book. I don't think authors can objectively review their own work in a forum such as this, so I won't. This won't stop me from rating it five stars to help reinforce the law of averages. ;-)
I will, however, address a few reviews posted here. First and foremost, I am a huge fan of the Stealing series, and the authors that worked on each of the three previous books. But based on customer reviews and our own feelings on the matter, the authors unanimously agreed that boosting the story value of the book was a priority. After all, even security geeks deserve a good plot and decent characters if they take the time to read technical fiction. Books of this genre should also teach. By all fair reviews, this book does both. If you're interested in straight fiction, or straight tech, you'll find this book to only be half-good. If you're willing to be entertained, and are looking to learn something cool about hackers and how they operate, this is the book for you. And there I go, drifting into a review.
So let me address one other complaint: the lack of a "real" ending. Well, that's our fault. There's more to the series, and we know how it's going to end, but we adamantly refused to slip another deadline, so the book went to print with a cliffhanger ending. Now we're not out to sell more books or make your life miserable by leaving you hanging, but this book had to either wrap up where it did, or it would have been scrapped by the publisher, who had no real choice in the matter. As authors, we missed our deadlines, but we did it in order to improve the final product. I'm personally proud of the end result, and the reviews show that we have good reason to be proud.
So to long-time Stealing readers, this book is different because we grew in our craft, and our EXTREMELY capable story editor (Scott Pinzon) held us to the standard of mainstream fiction. Will we make the New York Times best-seller list because of our efforts? No. But this book isn't for those readers. It's for those in and around technology that have read one to many straight technical books.
So we would love to hear what you think. Post a review if you'd like, or if you just want to chat about the book, head over to the "book talk" section of my web site's forums (you know where to find it- Google is your friend). I'd love to hear from you.
j0hnny
One of the better installments when it comes to plot and pacing..........2007-04-05
It's nice when recreational reading overlaps with technical material, and the Stealing The Network series qualifies for that designation. The latest installment is Stealing the Network: How to Own a Shadow - The Chase For Knuth by Johnny Long, Timothy Mullen, Ryan Russell, and Scott Pinzon, and it's an enjoyable read that is heavy on the technical how-to while maintaining a decent plotline.
There's basically two story-lines here... The first involves Robert Knoll Jr. and his father, and is a continuation from the last book. All the police surveillance and investigations are taking a toll on Junior's life, so he decides to act on his father's cryptic message to head down to Mexico with nothing much more than the clothes on his back (and a large amount of cash). He is contacted by people who work for his father, and is taken down to Costa Rica where Senior runs an on-line poker site. Everything that Junior wants is provided (top of the line, too), and he starts doing some programming and network intel for his father. But he really doesn't have a clue as to what Senior is really up to...
The second story-line involves an autistic kid by the name of Paul Wilson. As he grows up, he starts gaining an interest in computer hacking and solving puzzles involving gaining access to various network sites. He's befriended by an on-line entity known as Rafa who is amazed at how Paul can pick up concepts almost immediately. It helps that he has a photographic memory and is wired such that these types of problems engage him. Rafa starts paying him for "research assignments", and Paul is thinking that he's actually doing legit security work. That, coupled with his intense interest in the martial arts, pretty much absorbs all his time. But he starts to understand a bit of what's really going on when he starts to hack a mysterious local business in order to help out a woman in his dojo. She has an ulterior motive for wanting to use his phenomenal hacking skills, but it may get them both arrested or killed.
From a plot pacing standpoint, I was pleasantly surprised. The other books tended to be a bit more "vignette" in nature, so the overall story suffered. At least here, the plot and technology actually supported each other. Again, it's not New York Times best-seller action-adventure, but it works for this type of approach. Paul seemed to be a bit over-the-top in his skills, but that element was supported by his autism. It stretched credibility at times, but not so much that you started to laugh (or at least I didn't). My biggest disappointment is that there was no plot resolution to either story-line, so it's a given that you'll need to read the next one to see how it turns out. The plotlines are converging, and the next book *should* be pretty good. Still, I would have liked a bit more payoff at the end.
Regardless, this is an interesting book about hacking techniques (complete with code) all wrapped up in an action/adventure plot. I'll be interested to see how they merge the story and carry it on in the next installment...
Entertaining way to learn.......2007-04-05
This book was excellent for someone interested in technology but has a hard time reading dull technical books. I have been interested in digital security for a while, but until recently hadn't played around with SQL injections. I was interested in learning more about them and pleased to see that this book offered an excellent primer on SQL injections in the form of a story, which held my interest. In addition there was a cool primer on RFID hacking which I really enjoyed. The supporting story was intriguing and kept me reading to find out what happened next.
There was a cliffhanger ending, and now I'm really looking forward to the next one.
Best One Yet.......2007-03-14
You can definately see the influence of the infamous Johny Long in the writing of this one. The book is incredible i was 150 pgs into it before I could take a bathroom break. :D get it and the rest.
Book Description
This book contains some of the most up-to-date information available anywhere on a wide variety of topics related to Techno Security. As you read the book, you will notice that the authors took the approach of identifying some of the risks, threats, and vulnerabilities and then discussing the countermeasures to address them. Some of the topics and thoughts discussed here are as new as tomorrows headlines, whereas others have been around for decades without being properly addressed. I hope you enjoy this book as much as we have enjoyed working with the various authors and friends during its development. Donald Withers, CEO and Cofounder of TheTrainingCo.
Jack Wiles, on Social Engineering offers up a potpourri of tips, tricks, vulnerabilities, and lessons learned from 30-plus years of experience in the worlds of both physical and technical security.
Russ Rogers on the Basics of Penetration Testing illustrates the standard methodology for penetration testing: information gathering, network enumeration, vulnerability identification, vulnerability exploitation, privilege escalation, expansion of reach, future access, and information compromise.
Johnny Long on No Tech Hacking shows how to hack without touching a computer using tailgating, lock bumping, shoulder surfing, and dumpster diving.
Phil Drake on Personal, Workforce, and Family Preparedness covers the basics of creating a plan for you and your family, identifying and obtaining the supplies you will need in an emergency.
Kevin OShea on Seizure of Digital Information discusses collecting hardware and information from the scene.
Amber Schroader on Cell Phone Forensics writes on new methods and guidelines for digital forensics.
Dennis OBrien on RFID: An Introduction, Security Issues, and Concerns discusses how this well-intended technology has been eroded and used for fringe implementations.
Ron Green on Open Source Intelligence details how a good Open Source Intelligence program can help you create leverage in negotiations, enable smart decisions regarding the selection of goods and services, and help avoid pitfalls and hazards.
Raymond Blackwood on Wireless Awareness: Increasing the Sophistication of Wireless Users maintains it is the technologists responsibility to educate, communicate, and support users despite their lack of interest in understanding how it works.
Greg Kipper on What is Steganography? provides a solid understanding of the basics of steganography, what it can and cant do, and arms you with the information you need to set your career path.
Eric Cole on Insider Threat discusses why the insider threat is worse than the external threat and the effects of insider threats on a company.
*Internationally known experts in information security share their wisdom
*Free pass to Techno Security Conference for everyone who purchases a book$1,200 value
*2-HOUR DVD with cutting edge information on the future of information security
Book Description
"Machine Learning and Data Mining for Computer Security" provides an overview of the current state of research in machine learning and data mining as it applies to problems in computer security. This book has a strong focus on information processing and combines and extends results from computer security.
The first part of the book surveys the data sources, the learning and mining methods, evaluation methodologies, and past work relevant for computer security. The second part of the book consists of articles written by the top researchers working in this area. These articles deals with topics of host-based intrusion detection through the analysis of audit trails, of command sequences and of system calls as well as network intrusion detection through the analysis of TCP packets and the detection of malicious executables.
This book fills the great need for a book that collects and frames work on developing and applying methods from machine learning and data mining to problems in computer security.
Customer Reviews:
Good Process Overview.......2003-06-21
The "Computer and Intrusion Forensics" book is a good high-level overview of the digital forensic process. It contains chapters that will appeal to all types of new investigators who will need to deal with computer-related incidents, including law enforcement, corporate investigators, internal audit teams, and corporate incident teams. A strong International overview of the legal issues are also given for the United States, Europe, and Australia.
This book provides a good overview of tool techniques, but does not give many details on how the techniques would actually be done with any tool. A detailed overview of three tools are given, but two of them are available to law enforcement only. The reader will finish this book with a solid understanding of the process that occurs during a computer investigation, but will still need additional books or training to start performing an investigation.
The chapter on fraud is very informative, as the topic is not covered in other digital forensic books and the skills will likely be helpful for most investigators in the future. The "Computer Forensics in Law Enforcement and National Security" chapter describes the investigation process that any investigator would find useful, not just law enforcement as the title suggests. The "Intrusion Detection and Intrusion Forensics" chapter gives an overview of Intrusion Detection Systems and Logging, but little is mentioned on how to confirm an intrusion while minimizing the amount of evidence that is modified.
This book will be useful as a first book to a new investigator who is looking to learn about the digital forensic process. This book will also be useful for technical managers and supervisors who will need to understand what their investigators are doing.
Book Description
This digital document is a journal article from Digital Investigation, published by Elsevier in . The article is delivered in HTML format and is available in your Amazon.com Media Library immediately after purchase. You can view it with any web browser.
Description:
Investigations of network security breaches are both complex and costly. Even a moderate amount of forensic preparation in an organization can mitigate the impact of a major incident and can enable the organization to obtain restitution. A case study of an intrusion is outlined in which the victim organization worked with law enforcement agencies to apprehend the perpetrator. This case study contains examples of challenges that can arise during this type of investigation, and discusses practical steps that an organization can take to prepare for a major incident. The overlapping roles of System Administrators, Incident Handlers, and Forensic Examiners in a network intrusion are explored, with an emphasis on the need for collaboration and proper evidence handling. This case study also shows how effective case management and methodical reconstruction of events can help create a more complete picture of the crime and help establish links between computer intruders and their illegal activities.
Product Description
International Federation for Information Processing
The IFIP series publishes state-of-the-art results in the sciences and technologies of information and communication. The scope of the series includes: foundations of computer science; software theory and practice; education; computer applications in technology; communication systems; systems modeling and optimization; information systems; computers and society; computer systems technology; security and protection in information processing systems; artificial intelligence; and human-computer interaction. Proceedings and post-proceedings of referred international conferences in computer science and interdisciplinary fields are featured. These results often precede journal publication and represent the most current research. The principal aim of the IFIP series is to encourage education and the dissemination and exchange of information about all aspects of computing.
For more information about the 300 other books in the IFIP series, please visit www.springer.com.
For more information about IFIP, please visit www.ifip.org.
Book Description
This digital document is a journal article from Digital Investigation, published by Elsevier in 2004. The article is delivered in HTML format and is available in your Amazon.com Media Library immediately after purchase. You can view it with any web browser.
Description:
Most of the effort in today's digital forensics community lies in the retrieval and analysis of existing information from computing systems. Little is being done to increase the quantity and quality of the forensic information on today's computing systems. In this paper we pose the question of what kind of information is desired on a system by a forensic investigator. We give an overview of the information that exists on current systems and discuss its shortcomings. We then examine the role that file system metadata play in digital forensics and analyze what kind of information is desirable for different types of forensic investigations, how feasible it is to obtain it, and discuss issues about storing the information.
Book Description
Readers can say "I do" to being "married in business" with this fun book designed to help couples succeed in running a business together. Inspired by their own experience, Jack and Elaine Wyman illustrate the "musts" for success and offer up inspiring case studies that illustrate the do's and don'ts of doing business with the one you love. Like a cheering squad on your side, this guide encourages couples who are in the process of creating their professional independence together. It sets down the ground rules-being best friends is key. The Wymans' priceless advice, which includes everything from how to turn a business around to engendering the right attitude in employees, is highlighted by whimsical cartoons that take an unabashed look at the unique foibles and rewards of falling into business together. Highlights include: *
The essentials for being successfully married in business *
44 profiles of successful businesses and the couples who grew them *
Original cartoons starring Doug and Dot Com and their dog, ROM *
A list of nationwide S.C.O.R.E. offices, a leading resource for entrepreneurs.
Customer Reviews:
Too cute for me.......2005-04-26
I have been working with my wife for over 15 years. Recently, we've had some friction in a new venture. I hoped this book would offer some solid, business savvy advice. Unfortunately it was not that deep. And although I agree with the authors about the importance of a sense of humor, I found the "humor" in this book lacking in underlying wisdom and too cutesy for my taste.
Most of the book is made up of brief profiles of other businesses. This sounds like it would be interesting, but after reading several, they all seemed like PR blurbs about the companies, never revealing very much.
In the end, I returned it.
Books:
- Strategic Information Management: Challenges and Strategies in Managing Information Systems, Third Edition
- Streetwise Manhattan (Streetwise)
- Tears of the Moon: The Gallaghers of Ardmore Trilogy #2 (Irish Trilogy)
- Technical Analysis of the Currency Market: Classic Techniques for Profiting from Market Swings and Trader Sentiment (Wiley Trading)
- Technology Strategies for the Hospitality Industry
- The Accidental Empire: Israel and the Birth of the Settlements, 1967-1977
- The Amulet of Samarkand (The Bartimaeus Trilogy, Book 1)
- The Case for Christ: A Journalist's Personal Investigation of the Evidence for Jesus
- The Case for Faith: A Journalist Investigates the Toughest Objections to Christianity
- The Chronicles of Narnia Boxed Set
Books Index
Books Home
Recommended Books
- Free to Choose: A Personal Statement
- War Story: The Classic True Story of the First Generation of Green Berets
- Schaum's Outline of Principles of Accounting I
- Shadows of the Empire: Planets Guide
- The Starbucks Experience: 5 Principles for Turning Ordinary Into Extraordinary
- What to Expect: Eating Well When You're Expecting
- The Rise of Theodore Roosevelt Part 1 of 2
- The Marketing Advantage II: New Ideas on Getting and Keeping Clients
- The Chomsky Trilogy: Secrets, Lies and Democracy/the Prosperous Few and the Restless Many/What Uncle
- Field Guide to Mammals of Southern Africa
Hacking
| Business & Culture
| Computers & Internet
| Subjects
| Books
Stealing the Network: How to Own an Identity (Stealing the Network) (Stealing the Network)
Stealing the Network: How to Own the Box
Stealing the Network: How to Own a Continent
Hacker's Challenge 3 (Hacking Exposed)
Botnets: The Killer Web Applications
![Case study: Network intrusion investigation - lessons in forensic preparation [An article from: Digital Investigation]](http://ecx.images-amazon.com/images/I/21RPSFF4Q4L.jpg)
