Hacknotes Windows Security Portable Reference

Since I am also an I/T Security Consultant, I decided to pick up this book as a good reference or to learn a few tips that I might not have known. The good:I'm about halfway through it and there is plenty of great information in it. If you have a good working knowledge of IP networks and (to a lesser degree) associated protocols like DNS, SMTP, HTTP, etc... This will serve as a great reference. It's also good for newer types who want to learn from a very concise author. It approaches a lot of topics from an attack-defend perspective, demonstrating what you would want to accomplish as a hacker vs. what you would want to accomplish as a security conscious sysadmin.The bad:It reads like it was published by a combination of Foundstone's marketing department, the author's personal marketing department, and the technical auditor's personal marketing department. Basically every suggestion they have for a tool will benefit one of them with only minor mentions of some of the industry leading applications. I can't really blame them, but I wouldn't suggest taking their tool suggestions directly to heart without doing a little digging on your own.

With HackNotes(tm) Windows Security, Michael O'Dea has certainly contributed an essential read for those with any exposure to the Windows OS, from the home user to the seasoned network administrator. In clear, easy to follow steps with accompanying screenshots and exact command syntax, the reader is presented first with fundamental concepts and graduates into advanced topics such as "IP Security Policies" and "Active Directory domains".In this concise and relevant reference book, he offers a refreshing change from the expected tradition of overwhelming the reader with unabridged bibles, if you will, which seem to remain for the most part unread expect for the occasional glance. In just a mere 6" x 1/2" x 9" worth of material (which certainly reads as if its equivalent weight of knowledge is twice that), this is an enjoyable read from cover to cover. Also, in its well organized format with its visual cues and hierarchical headers, it is effortless to quickly find and access any information as you would require from a "portable reference". One of my favorite features is the 32 pages of the which, as if it was possible, a quick reference for the already concise 230+ page book. For example, listed again are the "Quick Command Lines" and "Command Reference" for the choice of built-in and easily obtainable (and often free) utilities Michael uses to demonstrate his concepts and techniques. Furthermore, he makes an effort to litter the book with treasures of facts which appeal to the trivia buffs such as the explanation about the validity of port 0 during his discussion about port scanning.BOTTOM-LINE: Do not be dissuaded from the size of this book; what it "lacks" in physical girth is certainly made up for in content with its much appreciated relevancy with discussions about current and significant security concerns.

For any admin who struggles with the day to day issues of securing their network, this is a must have guide to help you address your holes. With most guides, you receive only a quick overview of potential problems. With this guide, you not only get the "what's" but the "how's". All this in a compact, well thought out reference. I would definitely recommend this book for any security conscious administrator. Now if we could only get the users to read this.

"No plan, no matter how well-conceived, survives contact with the enemy. That's why Michael O'Dea's Windows Security Portable Reference is a must have for today's over-burdened, always on-the-move security professional. Keep this one in your hip pocket. It will help you prevent your enemies from gaining the initiative."Dan Verton,Author of Black Ice: The Invisible Threat of Cyber-Terrorism (Osborne/McGraw-Hill, 2003) and award-winning senior writer for Computerworld.

HackNotes Windows Portable Reference takes a "Just the Facts, Ma'am" approach to security. It checks the overly longexposition at the door, focusing on specific areas of attack and defense. If you're more concerned with securing systems than speed reading thousand-page tech manuals, stash this one in your laptop case now.