Book Reviews: Security Books

If you missed Mitch Tulloch’s other Security Books reviews please read:

Hardening Windows Systems

Hardening Windows Systems by Roberta Bragg (Osborne/McGraw-Hill). Roberta Bragg is a very readable author and I usually enjoy her books. This book is no exception and it’s a good general overview of how to harden Windows-based networks. One of the best features of her book is its first chapter “An Immediate Call to Action” which summarizes key steps and best practices you should start with to ensure your network is secure. The second part of the book looks at hardening various aspects of your network including authentication, infrastructure (logical and physical), server roles, Active Directory, applications, network communications, and more. Some of these chapters are excellent practical tutorials, while others like hardening your physical network (covers segmenting and firewalls) are a bit too general in their approach to be of much use. The last two chapters provide a good introduction to the larger picture of information security and cover developing and enforcing a security policy, patch management strategies, disaster recovery, and auditing.

The Business Case For Network Security

The Business Case For Network Security: Advocacy, Governance, and ROI by Catherine Paquet and Warren Saxe (Cisco Press). This book takes a conceptual approach to network security that assumes the reader is technologically literate but not necessarily an actual practitioner like a systems administrator or consultant. While the main target of this book seems to be business executives who want to learn why network security is important, I actually recommend this book for IT professionals also as it allows them to step back from the nitty-gritty technical details of their daily work and take a broader look at the overall questions of why and how to secure corporate networks. In fact, if I was asked to train a group of system administrators in network security I would have them read a book like this one first before drilling down into platform-specific practices as Roberta Bragg’s book does for Windows NT/2000/2003. One thing that could have made this book even more valuable would have been an accompanying study guide with questions for discussing issues raised in each chapter. Otherwise, this is a well-written book that despite being more about business than networking is still quite technically challenging and informative.

Microsoft Log Parser Toolkit

Microsoft Log Parser Toolkit by Mark Burnett (Syngress). Microsoft Log Parser 2.2 (which you can download for free from here) is a flexible and powerful tool for analyzing log files from a variety of different sources including IIS logs, event logs, Perfmon logs, Snort alerts, and so on. Being a flexible and powerful tool however, it can also be difficult to learn how to use, and Mark’s book fills a real need in this regard as he walks the reader through using log parser for monitoring, auditing, log file management, and other tasks in a variety of application environments. Some familiarity with SQL and Windows scripting is essential to get the most out of this book, but there’s no other book like it and if you need to get the most out of your log files using a free tool like Log Parser, this is the book to show you how to do it. And like all Syngress books, this one comes with lots of scripts and samples you can download from the Syngress website to complement what’s in the book.

Hacking Exposed Computer Forensics: Secrets and Solutions

Hacking Exposed Computer Forensics: Secrets and Solutions by Chris Davis, Aaron Philipp and David Cowen (Osborne/McGraw-Hill). Another great book in the highly successful Hacking Exposed series, this book examines the subject of forensic investigation of computer security incidents and provides both a set of best practices to follow and detailed instructions for performing various kinds of forensic tasks using readily available tools. The book is organized in several parts covering how to prepare for the inevitable incidents that will occur; how to properly collect evidence; specific investigation techniques you can use on Windows, Linux and Macintosh systems; forensic investigation of enterprise storage systems; email analysis; tracking user activity; gathering evidence from PDAs and cell phones; and how to document and present the evidence you’ve collected in a court of law. Definitely the kind of book your IT department wants on its shelf as it will likely need it one day soon.

Linux Server Security

Linux Server Security by Michael D. Bauer (O’Reilly). Even Windows administrators can’t get very far away from Linux these days, and the more you know about it the better off you’ll be, especially in the area of server security. This book is essentially a tutorial in hardening Linux servers and covers important topics like using iptables, secure remote administration, OpenSSL and Stunnel, and securing various server roles including DNS, LDAP, database, email, and web servers. Good familiarity with basic Linux administration is assumed of course, but the procedures are clearly described and easy to follow even if you’re not a Linux guru.

If you missed Mitch Tulloch’s other Security Books reviews please read:


Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top