Richard Bejtlich is one of the most authoritative person in computer security field. You can follow his blog at TaoSecurity.
He is an acclamated reviewer of most books on the subject. This is his personal rank of the books he has read and reviewed in 2011:
- 10. pfSense by Jim Pingle; Reed Media Services.
- 9. Beginning Visual C++ 2010 by Ivor Horton; Wrox
- 8. Windows System Programming, 4th Ed by Johnson M. Hart; Addison-Wesley.
- 7. Beginning C, 4th Ed by Ivor Horton; Apress
- 6. Robust Control System Networks by Ralph Langner; Momentum Press.
- 5. Managed Code Rootkits by Erez Metula; Syngress.
- 4. Ghost in the Wires by Kevin Mitnick and William L. Simon; Little, Brown and Company.
- 3. America the Vulnerable by Joel Brenner; Penguin Press HC.
- 2. Windows Internals, 5th Ed by Mark Russinovich, David A. Solomon, and Alex Ionescu; Microsoft Press.
And, the winner is…
- Hacking: The Art of Exploitation, 2nd Ed by Jon Erickson; No Starch.
This is the last in a recent collection of reviews on “hacking” books. Jon Erickson’s Hacking, 2nd Ed (H2E) is one of the most remarkable books in the group I just read. H2E is in some senses amazing because the author takes the reader on a journey through programming, exploitation, shellcode, and so forth, yet helps the reader climb each mountain. While the material is sufficiently technical to scare some readers away, those that remain will definitely learn more about the craft.
H2E accomplishes a very difficult task. The book strives to take readers with little to no real “hacking” knowledge to a level where they can at least understand, if not perform, fairly complicated digital security tasks. Other books aren’t as successful, e.g., “Gray Hat Hacking,” which features material on C, assembly, Python, etc. into one short chapter. In contrast, H2E, in my opinion, does a credible job leading the reader from pseudo-code to C and assembly. Now, I would not recommend this book as a reader’s sole introduction to programming, let alone C or assembly. Please see my older reviews for recommendations on books devoted to those topics. Still, H2E credibly integrates programming into the hacker narrative in a compelling and educational manner.
The author also has a great eye for consistency and style. I welcomed reading his examples using gdb, where he presented code, explained it, stepped through execution, showed memory, transitioned from displaying source, then assembly, and so on. This was a compelling teaching method that technical authors should try to emulate.
Overall I really liked H2E, hence the 5 star review. My only main gripe was the author seems to believe that it’s in society’s benefit for black hats to test and exploit defenses. His claims on p4 and p 319 that hackers improve security reminds me of the broken window fallacy, meaning it’s economically beneficial to break windows so a repairman has a job. In reality, the security world is more a redirection of resources away from more beneficial innovation, not a way to build “good security jobs.” Furthermore, all of the supposed advances spurred by reacting to intruder activity do not result in increased security in the enterprise. At this point so much legacy software and equipment is deployed that intruders can always find a way to accomplish their mission, thanks often to the discoveries of so-called hackers. At the end of the day one has to accept the reality that intruders will always try to breach defenses, so it behooves defenders to understand attackers for the benefit of defense.
Hacking: The Art Of Exploitation, 2nd Edition is the book I currently read. I recommend it to all people that would gain some knowledge in the computer security field, in the right way: coding, coding, coding.