White Hat Security Arsenal, Tackling the Threats
by Aviel Rubin
Addison-Wesley, 2001.
330 pages. Index,Glossary and Bibliography. $44.99 softcover. ISBN 0-201-71114-1.

Reviewed by  Robert Bruen   September 12, 2001


In the security world, there are white hats, black hats and gray hats, perhaps even a few without a hat. Over the past decade or so people interested in security issues have migrated into several camps, some of them driven by morality, some driven by profit (legal or illegal) and some driven simply by their job. Many of the white hat folks simply want to be able to get through a week at work without some new security problem causing them to lose sleep trying to respond and recover to somebody's idea of a good time. If they experienced such a week, they would probably be happy to spend it reading Rubin's new book, White Hat Security Arsenal.

The first section presents the threat, just in case you has not noticed lately, which includes one of the better history of worms and viruses from Morris to the Love Bug with clear, understandable explanations of how and why each of them worked, with source code. The white hats need to know how the black hat creations function. Rubin also covers how the recovery process proceeded.

Secure data storage is a topic usually left out of security books probably because it is not as sexy as the virus de jour, but it is needed in the practical world. The three area presented are file systems, remote storage and backups, although we all know a backup does not count as much as a restore. The file systems is mainly protected by encryption, although that is not enough. For example, passwords to protect files are critical. He has a nice explanation of how graphical passwords work. NFS, the Network File System, is discussed. I have never believed the secure and NFS belong in the same sentence, nevertheless, the issues are important, and there are methods available to decrease the risks associated with NFS so that the conveniences can be enjoyed. Backups over a network is certainly one of the conveniences that system administrators enjoy. There are a number of useful tips in the this chapters, such as compressing the files, encrypting them, then backing the up over the network to prevent sniffing as the files traverse the network. A number of commercial products are described as well.

The section on transferring information securely on networks is where the issues on public keys, authentication and identify will be found. These topics are covered in numerous security books, but sometimes the coverage is better than in other places. White Hats Security Arsenal tackles the difficult task of explaining technical details in a clear fashion very well. The next section, protecting against network threats, naturally involves firewalls to control what comes into your network and defending against the black hats with tools that make up for what firewalls cannot do.

The last section deals with on line commerce and privacy. One of the important uses of the net is for business transactions. Unless users feel confident that their purchases are secure, business use will stall. One of the approaches to this problem is Microsoft's Passport. Rubin shows how it is supposed to work along with some of its vulnerabilities. This book is well written, easy to understand and has a good scope of coverage. It is a helpful book supplemented with lots of short, good case studies and lots of relevant web sites references. I am happy to recommend this book to hats of any color.