Hacker's Challenge 3

One of the best ways to teach is via the use of examples. This book is chock full of real world forensic scenarios along with their solutions. As the author of a forensics book myself, I understand and appreciate the hard work that these four brilliant individuals have put into this excellent text. We need to see more books like this in the future!

What struck me about this book is that the attacks are all brand new. This isn't just a rehash of the same old attacks we read about over and over again, nor is it a rehash of the attacks - but on steroids - from the previous Hacker's Challenge books. The day of the simple port scan and null session enumeration are long gone. Today's world is much more complicated and scarier. Hacker's Challenge 3 proves it. And these aren't off-the-wall attacks cooked up in hidden computer labs by researchers. They're the type of threats now, unfortunately, becoming more commonplace to any one in information security. The chapters on phishing are real-life and could've been taken right out of the playbook of an actual attack perpetrated against a real bank. The steps for investigating, tracking down and bringing down malicious phishing sites closely follow those actually taken by information security professionals on the job. Another attack presented is pharming, a new and frightening type of DNS poisoning that threatens financial and e-commerce web sites. The description of the attacks is very accurate. It's almost as if you were working with the team trying to block the attack. Hacker's Challenge 3 is written by a star-studded cast of well-known industry players, each a top notch expert in their specialty in the field. For each attack, this book provides a complete set of steps for detection, resolution, prevention and evasion of future attacks. There are detailed examples of the forensics examination used to track down both the attack and its offending attackers, including samples of analyzed logs and data that would be used by an actual threat and incident management team in action on a case. Each chapter has a series of questions that add to the material and provide thought-provoking points for further discussion. This is a digest of the new world of Twenty-First Century attacks that should be read by every information security professional.

What I like about this book is that the technical information is at a level where amateurs will not be overwhelmed while seasoned pros will not be bored. The format is also very nice because you become involved in the solution rather than just having technical information thrown at you. Finally, and most important to me, the solutions to the challenges are technically correct. The book is certainly a good read.

I've been looking for a resource that would be useful as a recommendation to the students in my wireless training classes. There've been plenty teaching wireless security and penetration philosophically, but I wanted a practical - get your hands dirty - approach. It's here! Hackers Challenge 3 contains a great "case study" of a hack attack on a wireless network and gives you the insights you need to analyze such an attack. In addition, you get information related to other newer attacks like phishing, VoIP vulnerabilities and social engineering. This is a great book and MUST be in every security technician's library. Tom Carpenter, Author: Wireless@ Certification Official Study Guide, CWSP Certification Official Study Guide, and Foundations of Effectiveness.

This book surpassed my expectations. I expected a high-level, tech-jargon-filled, 'computer-geek' book with no link to the mentality of a novice user like myself. Instead, I found that it actually IS all of those things, but blends it very nicely with an engaging set of real-life stories. The attention to the details of the lives and experiences of each individual in the stories gives an added flavor not seen in most computer books. I would expect anyone to be able to relate to these stories, and the experiences they depict. It also reveals how ignorant most people are to the real dangers of insecure networks and PCs, and it's an applaudable attempt to reach those people. Well done!