Monday, 23 November 2009

The book for Windows bug hunters, Gray Hat Python review

Gray Hat Python: Python programming for hackers and reverse engineers by Justin Seitz

ISBN: 978-1593271923

Paperback: 232 pages

Publisher: No Starch Press April 1, 2009

Review by Henrik Lund Kramshoej, hlk@kramse.org

Gray Hat Python cover

November 2009

This book was a joy to read, but take notice of the reverse engineer part in the title.

Contents

The content of this   More text

Posted by hlk at CET 06:11 23/11/2009 in Books

Responses (0)

Tuesday, 3 November 2009

Hacking VoIP: Protocols, Attacks, and Countermeasures, review

Review by Henrik Lund Kramshoej, hlk@kramse.org

Hacking VoIP: Protocols, Attacks, and Countermeasures by Himanshu Dwivedi

ISBN: 978-159327163

Paperback: 211 pages

Publisher: NO STARCH PRESS 15 Oct 2008

Hacking VoIP

November 2009

This is a very short book, so I will try to keep the review short too.

I have tried to stay clear of VoIP networks, phones, software, hacking - while keeping an eye out for major problems. The monster called VoIP includes just to many protocols and I have a lot of work doing internet security as it is.

During the last few years though, people are moving even more into VoIP phones and thus I have read a few resources about VoIP, attended a few conference presentations about VoIP security - but not really gotten dirty with hacker tools for VoIP. I asked for a review copy of this book and one was provided by the nice people of No Starch.

This has changed and this book is the reason, because Hacking VoIP is a very practical book that will get you started hacking VoIP networks.

The book is very short, which is great, I like books that you can actually read from cover to cover. The content is also presented clearly with excellent wording and just enough detail to get me started. The book also list precise tools, programs and even allows you to download configurations and special tools.

The problems described are very real and the scenarios are precisely what is found in real life. The target audience for this book is specified as VoIP administrators, but being a security consultant myself I think the actual target audience is a bit wider. The level needed to do the lab exercises is consistent with a VoIP administrator, which have had some experience using Asterisk/BackTrack.

This book also present a VoIP Security Audit Program (VSAP) which I think is a great idea and resource for people to audit their own systems.

To summarize the Good stuff:

  • Short - this book is short, so you can actually finish it
  • Practical - using the tools described you will be able to get a VoIP network running quickly
  • Contents - Specific VoIP stuff, not generic hacker stuff
  • Writing style - excellent

The Bad stuff about this book

  • Repeated content - chapter 8 contains some sniffing and injection which is repeated from chapter 4, including half page screen shoots :-( This might be more of an editorial problem, but having a 200 page book which repeats itself?!
  •   More text

Posted by hlk at CET 09:11 03/11/2009 in Books

Responses (0)

« november »
mationtofr
      1
2345678
9101112131415
16171819202122
23242526272829
30