Download book's table of contents and sample chapters:
Links to the book materials and code:
Links to the book errata:
Links to selected book reviews:
Here is some information about us, the authors. Anton Chuvakin is a Senior
Security Analyst with a major security information management company. His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time he maintains his security portal http://www.info-secure.org. Cyrus Peikari is a founder of Airscanner.com and author of many security books and articles. If you have a question or a comment about the book, feel free to email us!
Anton Chuvakin also has a
security weblog @ O'Reilly .
Cyrus Peikari has a
blog on InformIT (here is the link to the blog [XML].
Other book related information:
(01/12/2004) We are featured on SecurityBooks.org. Book description there is really cool.
(03/01/2004) Here is a
fun interview with me about "Security Warrior". I talk about
(03/08/2004)The book is featured on Slashdot!
(03/08/2004)We beat "Hacking Exposed" in the
Amazon's Security bestseller list!
(04/14/2004)More great reviews are posted!
(04/28/2004)We are the #8 best-selling O'Reilly book this week!!!
(04/28/2004)Check out this
about our book!
(07/01/2004)I am amazed about how many great reviews the book has received!!!
(07/07/2004)Our book is being translated into German and Japanese! Really cool!!!
Buy the book at Amazon:
Authors' Other Security Publications
Here is some other material Anton Chuvakin wrote on security. A part of it was actually used for book research.
Look for Cyrus Peikari publications here.
series takes a recent vulnerability in some popular operating
system or other software and studies it. Realistic exploit scenarios are
developed, and suggested ways of mitigating risks are considered and new
ones proposed [published at SecurityWatch]
Other vulnerability and penetration testing articles
Penetration Testing" Gives an outlines of popular penetration testing
methodology (OSSPTMM) and challenges with standartizing penetration testing.
Magazine web portal]
(04/22/2003) "Covert Channels" A modern review of network covert channeling
methods which compares them with classic "Rainbow Series" covert channles
on secure operating systems [submitted for publication]
VPN, IPSec and encryption
IP Security" outlines the future of IP addressing (IPv6) and focuses
on the security components of next generation IP services (IPsec) [published
Malicious hacker attacks
Policy and people issues of information security
Social Engineering Attacks" describes a scary way of performing Social
Engineering attacks based on powerful NLP persuasion technology [published
attacks: Doom of Information Security" Research
report on internal security breaches, attacker motivations, various countermeasures
and their relative efficiency [published in the Journal of
Information Security (CRC)]
Security Tools and Intrusion Detection
Honeypots and honeynets
Security Data Analysis
Enterprise Security Management
Security Basics and FAQs
Information Security FAQs
risks taxonomy" A diagram that structures digital risks (such as hacking,
Do, etc) in the form useful for impact assessment for the purposes of insurance
(09/2001) "Impacts of digital risks on enterprise" [under
Protection: Infosec Perspective" The paper covers issues in critical
infrastructure protection and information security, lists several focus
areas that need efforts and summarizes the results of recent meeting in
New England on infrastructure protection. [published at SC
Magazine web portal]
New England: A Call to Action" The paper summarizes the results of
joint meeting on critical infrastructure protection in New England and
infosecurity community role in increasing information sharing [published
web site in PDF format]
Updated by Anton Chuvakin
Tue Jan 27 02:12:04 EST 2004