Enterprise Security: A Manager’s Defense Guide
(From the Back Cover) EBusiness is on the rise, but so are the likelihood and severity of computer attacks. Melissa, the Love Bug, Nimda, and Reezak all caught the eBusiness community off guard, costing billions of dollars in lost productivity and damage. Maintaining enterprise security is now, without question, a crucial aspect of doing business in today's Internet-based economy.
Enterprise Security: The Manager's Defense Guide is a comprehensive, state-of-the-art handbook for harnessing eBusiness security. It examines the most recent attack strategies and offers specific techniques for combating attempts at data infiltration, destruction, and denial-of-service attacks. Understanding that security must be incorporated within multiple levels of eBusiness technology and practice, the author presents measures for securing your system platform, applications, operating environment, processes, and communication links. He explains how the traditional security technologies of firewalls and virtual private networks (VPNs) can be integrated with risk management, vulnerability assessment, intrusion detection, and content management for a comprehensive security plan.
You will find indepth coverage of such topics as: the goals and sophisticated tools of today's hackers; the advantages and shortcomings of firewalls and VPNs; incorporating security into application development; TCP/IP attacks, including SYN Flood and Land attacks; distributed denial-of-service (DDoS) attacks; ICMP directed broadcast and Smurf bandwidth attacks; the Bubble Boy virus; JavaScript attacks; adding TCP Wrappers and security in layers; guidelines for vulnerability assessment and risk management.
Several informative appendixes enumerate the top twenty enterprise vulnerabilities, provide an incident response form, discuss how to harden the often targeted Windows 2000 operating system, and examine denial-of-service attacks in depth. Featuring the latest in attack technology and defenses, this book is an invaluable resource for IT managers and professionals who must remain a step ahead of the enemy in the ongoing security arms race.
Review By: Ed Martin
01/29/2003This book gives a good overview of what e-security is, what the threat to e-business is, who the players are, and what can be done about keeping information, networks, and businesses safe. Its main theses can be summed up by saying that there are no cookie cutter e-security solutions, that everyone in an organization is responsible for e-security, and that good e-security requires good planning, the more formal the better.
The book comprises four thematic sections. Part 1 provides an overview of e-business and why it is attractive for entrepreneurs and bad guys alike. It also explains what e-security is and takes a look at the world of hackers who try to circumvent it for entertainment, profit, or malicious mischief.
Part 2 explores some of the most common defensive measures businesses employ such as VPNs and firewalls, their strengths and weaknesses, and what hackers have done to defeat them. By the end of this part, the reader will have a good idea of what e-security means and why it is important.
Part 3 moves from the theoretical to the applied. Two chapters are devoted to attack tools employed by hackers to exploit system vulnerabilities. Four chapters dealing with how to prevent an attack from happening and how to survive an attack if it occurs follow. Specifically, there are chapters on distributed denial of service, backdoor, and script attacks and countermeasures against them, as well as on hardening network infrastructures and building security architectures.
Part 4 provides best practices dealing with vulnerability and risk assessment management. The book concludes with a nice glossary and appendix that includes a listing of the FBI’s top twenty Internet vulnerabilities and a closer look at one of the more devastating types of attacks—denial of service.
The book does a good job of looking at e-security from about 10,000 feet. It doesn’t take a ground-level, nuts-and-bolts view, nor does it give a 35,000-foot view that is too general to be of any value to a technical reader. As such, this book is targeted mainly for IT managers, Webmasters, and security professionals who want to have a better idea of the threats that face the businesses and organizations once they open their doors to the Internet, and how to prevent attacks, direct or indirect, from succeeding. It would also make a good textbook.
A strength of this book is that it does a good job of explaining e-security terminology. It does not assume too much technical expertise from the reader. This is a big help to those new to e-security, but it can lead to a lot of quick page turning for those with more extensive backgrounds in this area. The book is organized logically and has some good explanatory diagrams to accompany the easy-to-read text.
Software testing and QA professionals, too, can gain from this book by getting a better understanding of e-security questions in general. They can learn some of the vulnerabilities any organization experiences when it goes online, which can in turn help them develop tests and procedures to assess the protection offered by proposed countermeasures. The book also examines risk management, gathering requirements, and developing a security plan, all of which should interest QA readers.