Security Warrior: Know Your Enemy

Front Cover
"O'Reilly Media, Inc.", Jan 12, 2004 - Computers - 556 pages

When it comes to network security, many users and administrators are running scared, and justifiably so. The sophistication of attacks against computer systems increases with each new Internet worm.What's the worst an attacker can do to you? You'd better find out, right? That's what Security Warrior teaches you. Based on the principle that the only way to defend yourself is to understand your attacker in depth, Security Warrior reveals how your systems can be attacked. Covering everything from reverse engineering to SQL attacks, and including topics like social engineering, antiforensics, and common attacks against UNIX and Windows systems, this book teaches you to know your enemy and how to be prepared to do battle.Security Warrior places particular emphasis on reverse engineering. RE is a fundamental skill for the administrator, who must be aware of all kinds of malware that can be installed on his machines -- trojaned binaries, "spyware" that looks innocuous but that sends private data back to its creator, and more. This is the only book to discuss reverse engineering for Linux or Windows CE. It's also the only book that shows you how SQL injection works, enabling you to inspect your database and web applications for vulnerability.Security Warrior is the most comprehensive and up-to-date book covering the art of computer war: attacks against computer systems and their defenses. It's often scary, and never comforting. If you're on the front lines, defending your site against attackers, you need this book. On your shelf--and in your hands.


What people are saying - Write a review

Security warrior

User Review  - Not Available - Book Verdict

Network security assessment (see also Computer Media, LJ 8/03) involves identifying vulnerabilities so that they can be minimized, and these guides address the topic from varying perspectives. Case ... Read full review

User Review - Flag as inappropriate

I liked it, but this is not surprising given that I wrote it :-)

Selected pages


Part I
Assembly Language
Windows Reverse Engineering
Linux Reverse Engineering
Windows CE Reverse Engineering
Overflow Attacks
Part II
Windows Client Attacks
Windows Server Attacks
SOAP XML Web Services Security
SQL Injection
Wireless Security
Part IV
Audit Trail Analysis
Intrusion Detection Systems

TCPIP Analysis
Social Engineering
OS Fingerprinting
Hiding the Tracks
Part III
Unix Defense
Unix Attacks
Incident Response
Forensics and Antiforensics
Part V
Useful SoftICE Commands and Breakpoints

Other editions - View all

Common terms and phrases

References to this book

Bibliographic information