Halting the Hacker, A Practical Guide to Computer Security
by Donald Pipkin
ISBN 0-13-046416-3.Index, glossary, CD-ROM. $44.99 LoC QA76.9.A25 P56 2002
Reviewed by Robert Bruen September 15, 2003
More than five years have passed since the first edition of this book, so it was really time for an update. Much has happened during the intervening years. Halting the Hackers is aimed at understanding who the hackers are, why they are doing what they are doing and what exactly they are doing. Protecting your network from unknown attackers is more difficult than protecting it from attackers you know or at least understand. The idea of knowing your attackers is so important that honeypots were created, soon followed by the HoneyNet Project involving many people around the globe.
While it would be nice to know who the individuals are, we can not expect that much. What we can expect is to learn about their motives and behavior. For a number of years, hackers were portrayed as the misunderstood geek genius who sometimes went over to the dark side. Today we know that hackers and crackers are motivated by finances, politics, revenge, nationalism, and a host of other sources. All of these motives are pretty standard human motives which have moved into the digital age.
A good psychology textbook book should be on every security professional's bookshelf. But until that need is filled, one can use Pipkin's book to gain some insight. It is not enough to block ports, install firewalls and run anti-virus software, threat analysis is also necessary. On one side of the analysis are techniques to know your enemy. This is both a good idea and another good book (Lance Spiztner Honey Project) in this area. The Honey Project has taken one approach to identifying by setting up machines which can be probed and hacked to watch and learn. Pipkin has analyzed knowledge taken from extensive experience and other resources. Both approaches are helpful.
Pipkin has not stopped at describing the hacker mentality with specific categories, but he has also provided ways to deal with them. After explaining what the goal a hacker might be, he shows the steps needed to protect against the achievement of that goal. The examples are geared towards Unix/Linux because the author feels that this is where the future lies.
The book is a straight forward, sensible presentation without scare tactics. It is not the only book in this area, but it is an excellent one. I recommend it, especially to people who are working in technical positions that have found themselves in a position requiring them to learn about protecting their assets quickly.