Monday, April 29, 2013

Routing TCP/IP, Volume 1 2nd Edition, Jeff Doyle



Jeff Doyle's 2nd edition of his best-selling book - "Routing TCI/IP Volume 1" is a welcome revision to the cannon required for any CCIE Routing & Switching candidate. Jeff Doyle, along with Jennifer Carroll, has done an excellent job at updating what is considered by many to be THE book on routing. In particular, the new edition does a terrific job at describing the white-elephant in the room - IPv6, IPv6's packet format and how to configure some routing protocols to advertise IPv6 prefixes.

The primary focus of this book discusses the most popular routing protocols - RIPv1 & RIPv2, EIGRP, OSPFv2 and, particular to IPv6, RIPng and OSPFv3. Dedicating over 450 pages to these topics alone makes the book worth itself. A further 130 pages are used to discuss route control (redistribution, filtering and route-maps).

In particular, I was impressed by:

* The book is fully-updated, and is not just a copy-and-paste of subject matter from the first book. For instance, on page 439 is discussed the use of a much misunderstood newer command `area nssa translate type7 suppress-fa'. This is just an example of complex and new commands that are documented.

* Of all the books I have looked at, this book does the best job at introducing oneself to RIPng.

* The book wastes little time discussing site-local addresses for IPv6. As the difficulties of using of IPv6's site-local addresses has rendered ths address as too complex to implement (and was, in fact, deprecated in RFC 3879), this books notes this and moves on. This goes against other recent books that that wastes pages and time discussing IPv6 site-local addresses. As any CCIE candidate will attest, studying time comes at a premium.

There are few cons worth mentioning:

* The book repeatedly incorrectly documents IPv6's link-local addresses as FF80::/10. Link-local addresses start as FE80::/10.

*IS-IS is discussed (which is no longer on the CCIE R&S lab). The book went to press too late to discuss EIGRP for IPv6 and is sorely missed.

*The book does bypass some interesting subtleties that you know Doyle is aware of but are, for the most part, undocumented. For instance, the differences between EIGRP and RIP when using the neighbor command.

The path to the CCIE R&S can be a long (and costly) road. While this book is focused towards candidates for CCIE Routing & Switching Lab, I believe this book would be a welcome addition to any Networkers' bookshelf.

I give this book 5 pings out of 5:

The second edition of the book was a long felt need as there have been a lot of changes in the CCIE certification blueprint as well the Cisco IOS.

This is the most highly recommended book for anyone attempting to study for any of the CCIE certifications as Routing and Switching are covered in varying degrees in all the CCIE written Exams.

The detailed coverage of IPV6 is a highpoint of this book as it is very well explained with the help of various examples and also by comparing and contrasting it with IPV4 so as to bring out the true subtleness of and the glaring differences between the two. By showing how each task is done differently with IPV6 makes the difficult and confusing address scheme which is in hex much more understandable. Through out the book where ever applicable the authors use IPV6 addresses during various configuration examples to clarify the concepts.

The principles of route redistribution are explained with the help of case studies and sample output which make this usually difficult to understand and confusing topic much more bearable. Redistribution remains the cause of most problems in the lab and once routes are redistributed a variety of problems crop up. Jeff explains the right way to do this and most importantly what not to do.

The troubleshooting case study at the end of the chapter explains the method to troubleshoot that particular protocol and provides tips on what to basically look for.

Then the troubleshooting exercises provide the opportunity to test the troubleshooting knowledge.

This knowledge comes in handy for the CCIE LAB as time is always short and if something breaks down troubleshooting skills can make the difference between getting your magical Number or a visit to the LAB again.

By totally revising and revamping the contents of the book the authors and reviewers have made sure that this book remains a must buy for all seasoned network engineers and students of Cisco Certifications.

The author Jeff Doyle is a professional services engineer and IPv6 solutions manager. The coauthor Jennifer Carroll is an independent network consultant in Redmond, WA.

I give this book 4 stars on a scale of 5, 5 being the highest. I strongly recommend this book.

Niloufer Tamboly, CISSP

Jeff Doyle has done it again. Routing TCP/IP Volume I second edition has reaffirmed Jeff and Jennifer's excellent pedagogical prowess, with the TCP/IP routing framework. When I read routing TCP/IP volumes I and II several years ago, the excellent presentation of the various routing protocols in a clear case study driven manner helped me develop a firm understanding of the various interior and exterior routing protocols available for TCP/IP. TCP/IP Volume I second edition is a more concise edition of the first edition with several new chapters on IP version 6 specific protocols.

Unlike the 14 chapter, 1026 pages long first edition, the second edition is organized into 14 chapters also but is 910 pages long and comes with a 45 day free online access at safari book online. That's a great deal. The organization of this edition is similar to the first; Part I deals with basic concepts, Part II with interior routing protocols and part three discusses routing controls and interoperability. Part IV is a collection of appendices and solutions to problems discussed throughout the text.

Part one now includes an expanded review of IP version 6 in a chapter by itself. This is arguably one of the better treatments of the subject I have seen in a text and provides a concise introduction to IP version 6 protocol headers, control protocols and addressing.

Part two includes an expanded treatment of RIP version 2 as well as the new RIPng which is an RIP implementation for IP v6. The now deprecated IGRP has been dropped and a totally new chapter on OSPF version 3 explains the updated OSPF for IP v6.

Part three, like one and two also includes updated and new case studies to reflect current and future trends. A new case study on IP version 6 redistribution with route maps shows a simple example of route redistribution from RIPng to IS-IS for IP v6 networks.

Like previous Doyle's work, this book is heavily invested in sample configurations using Cisco IOS, but the clear treatment of technology theories and directions make this book a great reference for all internetworking engineers out there.

The clear and detailed presentation of the materials make this book accessible to networking professionals of all grade, newbie to experts alike. And as organizations prep themselves for the inevitable migration to IP v6 , Jeff Doyle's book is definitely an additional resource for the engineers whose job it will be to provision the change.

Definitely not the be all book on TCP/IP , the book will likely become a key ingredient in the arsenal of network managers, administrators and even researches and an excellent guide to Cisco network professionals and students. If anything, I will recommend this volume, and highly so, to aspiring Cisco Certification candidates and anyone who already owns or have read the first edition. This edition is indeed an upgrade.

Product Details :
Hardcover: 936 pages
Publisher: Cisco Press; 2 edition (October 29, 2005)
Language: English
ISBN-10: 1587052024
ISBN-13: 978-1587052026
Product Dimensions: 7.6 x 2.1 x 9.4 inches

More Details about Routing TCP/IP, Volume 1 2nd Edition

or

Download Routing TCP/IP, Volume 1 2nd Edition PDF Ebook

CompTIA Network+ Study Guide Authorized Courseware: Exam N10-005 2nd edition, Todd Lammle



This book was great! It really expanded my understanding of Networking and enabled me to pass my Network+ Exam. Yes the exam was hard but I think there was only 1 question that wasnt covered in the book. Todd really takes the time to explain things to you so you really understand. Its much more than an exam prep. He gives you practical data and I found the chapter on Troubleshooting especially valuable. Yes there are a couple of typos but nothing major that cant be figured out. I also like his sense of humor. If you want to pass your Network+ Exam and more, then I recommend this book.

Like virtually every textbook, particularly those focused on computer technology, it contained its fair share of errors however overall it was a decent textbook and a positive purchase. In a perfect world the book would be more vigorously proofread to reduce the number of errors. And the figures would be on the same page as the citations so the reader doesn't have to flip back and forth through the pages from text to figures to text to figures... as figures/tables/graphs are cited.

I love reading on my Kindle. But when I tried to study for Network + on the Kindle, it didn't work for me--the labs and chapter review questions were much easier for me to work with after I bought a physical copy of this book. Consider buying the hardcover "deluxe" version--it includes a network simulator, practice exams, flash cards, and electronic copies of the book in three formats (pdf, epub, and Kindle).

The good design and availability of this book makes it wonderful to use. The abundance of relevant information also makes this valuable. I enjoy it and study in it often. If there was any one thing that stands out like a red light bulb, it would be his excessive wordiness, in which he says things in his own way and with his own kind of language, with no apparent effort to make the language more plain. When I can get around his personal writing style, I feel like he has made a prize/star accomplishment of a readable, comfortable, instructive preparation for the exam. I will likely reference this book as long is it's instruction remains valid/up-to-date.

I just passed my Network+ exam a couple of hours ago.

Lammle's book was my primary study resource. I read it cover-to-cover and took notes like a madman.

I also hunted and pecked my way through Mike Meyers Network+ All-In-One, as well as the ExamCram Network+.

I hit the Lammle book the hardest for one reason -- Networking education is his wheelhouse. His explanation of subnetting is concise and beautifully done. That alone is worth buying the book for.

However, if I had to offer one criticism it would be that Lammle's practice exams were a bit too soft.

The Mike Meyers book had better test questions and better artwork -- diagrams, graphics, etc.

If you can afford both, get them. The ExamCram book was also helpful in narrowing down what to memorize in the last week of studying.

I spent two months prepping for the test. I already have my A+ so I knew what to expect from a CompTIA exam.

I found the test to be challenging. Others have written in their reviews that they waltzed right through it. That was not my experience.

Best of luck.

This book is really beneficial is you want to pass the Network+ exam. The chapters are in an order that builds upon the last so you're always learning new things while progressing your knowledge of what you learned in the previous chapter. As is the case with most of these certification books, I feel like there could have been more accurate and detailed sample questions. The difference between the questions in this book and on the actual exam differ quite a bit. For example, the exam will present a very specific scenario instead of asking general questions like the book. I can't complain too much because, in the end, the book helped me achieve my certification.

After looking at some of the unnecessarily harsh criticisms, I wanted to add a positive experience with this book. Aside from some of the previously mentioned awkwardness and occasional typos, the merits and strengths far outweigh the scant negatives. If anything, the book provides too MUCH information for the Network+. Some of the foundational material will likely be of some use for those looking ahead to the CCNA. I aced the Net+ and found that I had been more than prepared for it with this book (and the additional Practice questions by Darril Gibson). This text is thorough and accessible. If you review and retain the information that Mr. Lammle specifically calls out (both throughout the chapters and the summaries) you WILL find success on the Network+ with this text. Good investment for a pricey test, and I have already purchased additional texts by Mr. Lammle.

This book gets in depth about networking; from basics to fairly deep on the subject matter. If you're interested in networking, but don't have the knowledge... this book will help you get the skills you desire. Fairly short chapters presented in a logical manner make this book essential reading whether you're planning on taking the Net+ exam or you just want the skills.

Aside from a few of the errors, regarding encryption.. the book is great. I wish Lammle would of gone a little bit more in depth with STP, and VTP, (some examples, of terminal output etc.) Subnetting was explained with the utmost precision, SERIOUSLY.. subnetting is a topic that alot of people get confused on, very quickly. He did a fantastic job of explaining the entire process. OSI, and TCP/IP are always hard to explain to people because of the "Logical/Physical" barrier, but again Lammle did an excellent job, here as well. I am a TERRIBLE TEST TAKER! and still passed on the first go around, because after reading this book, I didn't feel like I had just "memorized" a bunch of material, but instead had an actual, better understanding of the topic.

4/5 because of the VERY FEW mix-ups in certain areas of the book.

This book and author do a terrific job in preparing you for the Net+ exam and helped me pass the exam on the first try after about a month of studying and preparing. Does a great job of covering all material - not all of which shows up on the exam - but I feel prepares for your career in IT by covering all the essential topics and skills.

I purchased the previous edition of this book to use it as a reference while I was taking networking classes. Months later, I decided to take CompTIA's Network + exam. Having appreciated the original book, I decided to buy this updated newer edition that coincides with CompTIA's newer N10-005 exam.

The Good:
Just like the last edition, this book is well written and clear. It's all too easy to make technical writing boring, but I think author Todd Lammle worked hard to make his writing accessible and readable. He's clearly a networking expert. This is not to say it's elementary. You will need to have a fair understanding of networking, or at a least technical aptitude, to make sense of it. But that's what you would expect when studying for a technical certification.

I've also got to praise the book for few typos and errors. This is also something that's not too common in the fast world of technology publishing. Finally, the illustrations and diagrams in the book provide an excellent way to understand the concepts.

The Bad:
Unfortunately, you get less from this book then you do with the last edition. The last edition had the entire PDF of the textbook with it. I enjoyed reading it on my laptop and being able to search for specific topics. This newer book doesn't even include a CD anymore.

In fact, much of the features advertised on the cover aren't even included in the book. The "custom test engine" and "electronic flashcards" must be downloaded from the website. Plus, you must "register" to access it. What if this content is taken down from the web server in the future?

Strangely, one of the items that you must download is the glossary. It's not in the hard-copy book at all. That's very inconvenient.

One other thing that annoyed me was that the book advertises two "full-length" practice exams. In reality, each practice exam is just half (50 questions) of what makes up a real exam. This is disappointing because practice questions are very helpful in preparing for the exam.

Additional Comments:
If you're wondering, I did pass the Network + certification after my first try after reading this book. I also studied the "Network + Cram Exam". I would recommend studying from at least two books in a concentrated time-span for any CompTIA exam. It helps to reinforce your knowledge and the authors explain concepts differently. Also, make sure you understand all of the practice questions.

Product Details :
Paperback: 816 pages
Publisher: Sybex; 2 edition (January 30, 2012)
Language: English
ISBN-10: 1118137558
ISBN-13: 978-1118137550
Product Dimensions: 7.4 x 1.8 x 9.1 inches

More Details about CompTIA Network+ Study Guide Authorized Courseware: Exam N10-005 2nd edition

or

Download CompTIA Network+ Study Guide Authorized Courseware: Exam N10-005 2nd edition PDF Ebook

Metasploit: The Penetration Tester's Guide 1st edition, David Kennedy



The book covers the basics of using Metasploit with other related tools (SET and Fast-Track). If the reader is expecting to become a penetration tester expert by reading this book then I will say that the expectations are wrong. The author has managed to put in a single book the methodology used for penetration testing, named as PTES (Penetration Testing Execution Standard) and described as the redefined methodology for penetration testing and a general overview of the Metasploit framework, how it works, how is composed and how you can leverage the power of using this framework to make adaptations in different situations or scenarios. Also the author has recalled the fact that every situation is different and the penetration tester should deal with obstacles that he may find in the way to exploit a system.

The author begins the book by describing the PTES methodology and also referring the user to the penetration standard organization website in order to get more information (for people that are new in penetration testing). Then the author moves on with the metasploit basics, explaining the terminology and how the framework is composed. It also makes a brief explanation about Metasploit Express and Metasploit Pro. In the Chapter 2 the book deals with an important step (information gathering), if not the most important, when conducting a penetration test. People tend to overlook this step because sometimes it will not have the "expected" fun necessary but users should understand that the success of exploiting a system is the time spent on gathering information of the target. The information gathering process, in this book, covers the identification of the target and the discovery of different applications or possible attack vectors. In the very beginning of the book, in chapter 2, the author explain briefly how to import databases from other tools such as vulnerability scanners in order to conduct exploits with some kind of automation. Some people will remember the autopwn option in Metasploit, this option is not longer available anymore in the framework (the framework changes everytime). I really don't know the reason why. But, as to import hosts and related information from Nessus, Nexpose, nmap will be very helpful for the penetration tester.

The complexity will be a little bit higher with every new chapter. I think that more than explaining every single module, structure and syntax of commands of the framework the author has focused on how it works and set us the basics in order to get more experience in the tool by discovering what can we do with it, how we can add our features or modules and how we can use the framework with other tools such as SET and Fast-Track. I found useful the way the user explain how to create our own auxiliary, exploit modules within the framework using Ruby as the programming language(you will need some basics in programming in order to get the most of these chapters). The use of the mixins, the structure of the coding is something you will have to pay attention if you want to develop your own modules and tools within Metasploit. In chapter 8 the author begins with the interesting part. He explains the client-side attacks and introduces us to terms such as the heap and the other chapters will deal a little bit more with the stack. The reader must have some understanding of how you can perform a buffer overflow, how you can insert your code after exploiting a given application and how to introduce some stealth in your code in order to get around of the IPS, IDS and AV solutions. The author also explains the use of encoders in order to bypass security solutions. By the way, I have to mention that the meterpreter payload is detectable in a lot of security solutions so that's why the author encourages the reader to be more creative at the moment of target exploitation.

In conclusion, the book is a good one for beginners and to understand what the Metasploit framework is and how you can use it. Most of the material can be found in the project website but not at the same detail level as the book. The book will show you the basics of the framework, don't expect to become an expert after this. The basis will help you to understand how to leverage the functionality of the tool and how to create your own code, workaround some difficulties in the process and most of all encourage people to contribute to the tool. There are some things that the author assumes that the reader should know and therefore some chapters can become some confusing. But, take the references and give you the opportunity to practice with the tool and surely in the future you will manage to port exploits from other sources and develop your own code.


People who design networks or build software applications are often oblivious to security faults that their designs may have. Those serious about information security will perform or will have an outside firm perform a penetration test--which is a way to evaluate how effective the security of a network or application is. Those performing a penetration test will imitate what an attacker would do in an adversarial situation to see how the system holds up.

The Metasploit Project is an open-source security project that provides information about security vulnerabilities and assists those performing the penetration tests in building a framework in which to carry out the testing. For those looking to use the Metasploit to its fullest, Metasploit: The Penetration Tester's Guide is a valuable aid. Metasploit itself is an extremely powerful tool, but it is not an intui-tive piece of software.

While there's documentation on Metasploit available at the project Web site, the authors use the book to help the reader become more fluent in how to use the base Metasploit meth­odology to be an effective penetration tester.

The first two chapters provide an introduction to penetration testing and Metasploit. By chapter four, the reader is deep in the waters of penetration testing. The book progressively advances in complexity. And by the time the reader finishes chapter 17, he or she should have a high comfort level on how to use Metasploit.

The book is meant for someone who is technical and needs to be hands-on with Metasploit and really understand it. For firms that are looking to do their own penetration testing, Metasploit is a free open-source tool, also used by firms that charge for the service.

For those looking to jump on the Meta­sploit bandwagon, this book is a great way to do that.

I'm an accomplished test automation/performance engineer, but one area of testing that I'm pretty green at is penetration testing. Luckily, I came across Metasploit: The Penetration Tester's Guide, which is a book about penetration testing using the opensource Metasploit Framework testing and is a great introduction to security testing in general. Since I'm a complete novice when it comes to Metasploit, the book was great for getting me started with the basics of the framework. (A more experience Metasploit user, however, will probably want to read something a bit more advanced.)

The book assumes the reader has zero experience, and begins with a brief history of Metasploit and how to install it. Although you don't need to be a programmer to read it, most of the examples are written in Ruby and Python. You should also be familiar with Linux and how to set up VMs.

Overall, the book is written with a hands-on, tutorial-like style that is great for people like me who prefer to learn by doing. The book is a progression, beginning by establishing the methodologies/phases and terminology of penetration testing and an intro to the utilities and functions within the Metasploit framework. The first few chapters are a great help in getting up to speed on what penetration testing is and provide a nice overview of the different phases of a penetration test. The author then walks you through how to identify different types of vulnerabilities and how to exploit them using the tool. I really liked the sections on how to attack MS SQL, Browser-Based & File exploits and Social Engineering attacks. Many different modules of the framework are covered, as well as how to create a module. The book ends with a realistic simulation of an actual penetration test.

The author states that the book is "designed to teach you everything from the fundamentals of the Framework to advanced techniques in exploitation," and I believe the author excels in fulfilling that goal.

Note: I received a free copy of this book as part of the O'Reilly Blogger Review program.

Product Details :
Paperback: 328 pages
Publisher: No Starch Press; 1 edition (July 22, 2011)
Language: English
ISBN-10: 159327288X
ISBN-13: 978-1593272883
Product Dimensions: 7 x 1.1 x 9.2 inches

More Details about Metasploit: The Penetration Tester's Guide 1st edition

or

Download Metasploit: The Penetration Tester's Guide 1st edition PDF Ebook

Saturday, April 27, 2013

Digital Evidence and Computer Crime, 3rd Edition: Forensic Science, Computers, and the Internet, Eoghan Casey BS MA



"Throughout the book there are a number of good case studies used to illustrate points which enlivens the text. There are also details of legal cases from various legislative areas and examples of relevant situations that demonstrate the points being made. There are also a number of references to other literature and links to website URLs and tools available to assist the practitioner."--Best Digital Forensics Book in InfoSecReviews Book Awards

"Just finished 'Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet' by Eoghan Casey and featuring other contributing authors, and it's quite good. I bought this book because I wanted an all-encompassing book that provided insight on the various aspects of an investigation, especially the legal portion. And in this aspect the book does an excellent job, and is in-depth in area's I have yet to see in other books. The book is divided into five portions digital forensics, digital investigations, apprehending offenders, computers and network forensics. For me the book was worth it for the first three portions; however, the computers and network portions, while a good start, there are more in-depth books that provide better insight. Overall, the book was enjoyable from start to finish and I would recommend it to anyone looking for a great overview of digital forensic investigation process from start to finish. I am happy to add this book to my growing reference library."--Student of Security

"This hefty book on forensic evidence obtained from computers dispels the myths propagated by popular television series. It states from the premise that very few people are well versed in the technical, evidential, and legal issues concerning digital evidence. Oftentimes, the useful evidence that may be found in various digital media is overlooked, collected incorrectly, or analyzed ineffectively. It is the goal of the team of contributors to equip readers with the necessary knowledge and skills to be able to make use of digital evidence correctly and effectively.. It is quite obvious that the various authors draw from several fields, such as forensic science, computer science, political science, criminal justice, the law, and behavioral analysis; as such, it is multi- and interdisciplinary. More specifically, the authors tackle the specific crimes of cyber bullying, cyber stalking, identity theft, online sex offenders, fraudsters, and cyber threats. There is extensive use of boxed stories, legal cases, practitioner's tips, tables, the discussion of legislation, flow charts, treaties and journals, as well as figures, diagrams, pictures, and computer screen shots. The book is comparative in nature: it covers not only cyber law in the US, but also case law in the UK, Ireland, and the Netherlands. Given the ubiquity of the computer and the crimes that it can generate, learning about how other nations handle these issues helps in the formation of our own methods for dealing with crimes domestically, as well as those that cross national boundaries."--ACM's Computing Reviews.com

"A better title for Digital Evidence and Computer Crime might be the Comprehensive Guide to Everything You Need to Know About Digital Forensics. One is hard pressed to find another book overflowing with so many valuable details and real-world examples."--Ben Rothke on Slashdot.org (Sept 2011)

"The third edition of this comprehensive textbook on forensic science and the Internet is thoroughly updated to reflect the great leaps forward in technology in the six years since the previous printing. The work is divided into five sections covering digital forensics, digital investigations, apprehending offenders, computers and network forensics, and chapters provide practical instruction, case studies and discussions of the theoretical basis for all aspects of digital investigation and the use of computer evidence in forensics and law enforcement. The volume is intended for police, lawyers and forensic analysts and provides a comprehensive look at contemporary methodologies computer crime and crime prevention. Contributors include legal academics as well as computer, networking and forensics professional from around the world."--Book News, Reference & Research

"A better title for Digital Evidence and Computer Crime might be the Comprehensive Guide to Everything You Need to Know About Digital Forensics. One is hard pressed to find another book overflowing with so many valuable details and real-world examples. The book is also relevant for those who are new to the field, as it provides a significant amount of introductory material that delivers a broad overview to the core areas of digital forensics. The book progresses to more advanced and cutting-edge topics, including sections on various operating systems, from Windows and Unix to Macintosh. This is the third edition of the book and completely updated and reedited. When it comes to digital forensics, this is the reference guide that all books on the topic will be measured against. With a list price of $70.00, this book is an incredible bargain given the depth and breadth of topics discussed, with each chapter written by an expert in the field. For those truly serious about digital forensics, Digital Evidence and Computer Crime is an equally serious book."--Slashdot.com

When it comes to a physical crime scene and the resulting forensics, investigators can ascertain that a crime took place and gather the necessary evidence. When it comes to digital crime, the evidence is often at the byte level, deep in the magnetics of digital media, initially invisible from the human eye. That is just one of the challenges of digital forensics, where it is easy to destroy crucial evidence, and often difficult to preserve correctly.

For those looking for an authoritative guide, Digital Evidence and Computer Crime is an invaluable book that can be used to ensure that any digital investigation is done in a formal manner, that can ultimately be used to determine what happened, and if needed, used as evidence in court.

Written by Eoghan Casey, a leader in the field of digital forensics, in collaboration with 10 other experts, the book's 24 chapters and nearly 800 pages provide an all-encompassing reference. Every relevant topic in digital forensics is dealt with in this extraordinary book. Its breadth makes it relevant to an extremely large reading audience: system and security administrators, incident responders, forensic analysts, law enforcement, lawyers and more.

In the introduction, Casey writes that one of the challenges of digital forensics is that the fundamental aspects of the field are still in development. Be it the terminology, tools, definitions, standards, ethics and more, there is a lot of debate amongst professionals about these areas. One of the book's goals is to assist the reader in tackling these areas and to advance the field. To that end, it achieves its goals and more.

Chapter 1 is appropriately titled Foundation of Digital Forensics, and provides a fantastic overview and introduction to the topic. Two of the superlative features in the book are the hundreds of case examples and practitioners' tips. The book magnificently integrates the theoretical aspects of forensics with real-world examples to make it an extremely decipherable guide.

Casey notes that one of the most important advances in the history of digital forensics took place in 2008 when the American Academy of Forensic Sciences created a new section devoted to digital and multimedia sciences. That development advanced digital forensics as a scientific discipline and provided a common ground for the varied members of the forensic science community to share knowledge and address current challenges.

In chapter 3 - Digital Evidence in the Courtroom - Casey notes that the most common mistake that prevents digital evidence from being admitted in court is that it is obtained without authorization. Generally, a warrant is required to search and seize evidence. This and other chapters go into detail on how to ensure that evidence gathered is ultimately usable in court.

Chapter 6 - Conducting Digital Investigations - is one of the best chapters in the book. Much of this chapter details how to apply the scientific method to digital investigations. The chapter is especially rich with tips and examples, which are crucial, for if an investigation is not conducted in a formal and consistent manner, a defense attorney will attempt to get the evidence dismissed.

Chapter 6 and other chapters reference the Association of Chief Police Officer's Good Practice Guide for Computer-Based Electronic Evidence as one of the most mature and practical documents to use when handling digital crime scenes. The focus of the guide is to help digital investigators handle the most common forms of digital evidence, including desktops, laptops and mobile devices.

The Good Practice Guide is important in that digital evidence comes in many forms, including audit trails, application, badge reader and ISP and IDS logs, biometric data, application metadata, and much more. The investigator needs to understand how all of these work and interoperate to ensure that they are collecting and interpreting the evidence correctly.

Chapter 9 - Modus Operandi - by Brent Turvey is a fascinating overview of how and why criminals commit crimes. He writes that while technologies and tools change, the underlying psychological needs and motives of the offenders and their associated criminal behavior has not changed through the ages.

Chapter 10 - Violent Crime and Digital Evidence - is another extremely fascinating and insightful chapter. Casey writes that whatever the circumstances of a violent crime, information is key to determining and thereby understanding the victim-offender relationship, and to developing an ongoing investigative strategy. Any details gleaned from digital evidence can be important, and digital investigators must develop the ability to prioritize what can be overwhelming amounts of evidence.

Chapter 13 - Forensic Preservation of Volatile Data - deals with the age-old forensic issue: to shut down or not to shut down? It provides a highly detailed sample volatile data preservation process for an investigator to follow to preserve volatile data from a system. There is also a fascinating section on the parallels between arson and digital intrusion investigations.

Part 4 of the book is Computers, in which the authors note that although digital investigators can use sophisticated software to recover deleted files and perform advanced analysis of computer hard drives, it is important for them to understand what is happening behind the scenes. A lack of understanding of how computers function and the processes that sophisticated tools have automated make it more difficult for digital investigators to explain their findings in court and can lead to incorrect interpretations of digital evidence.

Chapter 17 - File Systems - has an interesting section on dates and times. Given the importance of dates and times when investigating computer-related crimes, investigators need an understanding of how these values are stored and converted. The chapter has a table of the date-time stamp behavior on both FAT and NTFS file systems. Time stamps are not a trivial issue, as there are many different actions involved (file moved, deletion, copy, etc.) that can affect the date-time stamp in very different ways.

A better title for Digital Evidence and Computer Crime might be the Comprehensive Guide to Everything You Need to Know About Digital Forensics. One is hard pressed to find another book overflowing with so many valuable details and real-world examples.

The book is also relevant for those who are new to the field, as it provides a significant amount of introductory material that delivers a broad overview to the core areas of digital forensics.

The book progresses to more advanced and cutting-edge topics, including sections on various operating systems, from Windows and Unix to Macintosh.

This is the third edition of the book and completely upda#ted and reedited. When it comes to digital forensics, this is the reference guide that all books on the topic will be measured against.

With a list price of $70.00, this book is an incredible bargain given the depth and breadth of topics discussed, with each chapter written by an expert in the field. For those truly serious about digital forensics, Digital Evidence and Computer Crime is an equally serious book.

This book really is focused on legal aspects of computer crime and does not give a lot of detail about how to actually do any type of digital forensics. Great book for understanding some of the history and regulations on computer crime and would recommend for that reason. But if you want to know how to perform any type of digital forensics, get another book.

Product Details :
Hardcover: 840 pages
Publisher: Academic Press; 3 edition (May 4, 2011)
Language: English
ISBN-10: 0123742684
ISBN-13: 978-0123742681
Product Dimensions: 7.5 x 1.8 x 9.2 inches

More Details about Digital Evidence and Computer Crime, 3rd Edition: Forensic Science, Computers, and the Internet

or

Download Digital Evidence and Computer Crime, 3rd Edition: Forensic Science, Computers, and the Internet PDF Ebook

Mastering System Center 2012 Configuration Manager 1st edition, Steve Rachui



An Expert, Hands-on Guide to ConfigMgr 2012

If you're responsible for Microsoft's new System Center 2012 Configuration Manager (ConfigMgr), you'll want this detailed guide on hand. It offers intermediate and advanced coverage of the topics you need most—planning and installation, migrating from ConfigMgr 2007, deploying, setting up security, monitoring and troubleshooting, and automating and customizing ConfigMgr 2012 with scripts. Hands-on exercises and practical advice from the expert author team bring real-world scenarios into sharp focus, helping you master skills you can put to use right away.

Coverage includes:

Developing a plan for configuration and deployment

Asking the right questions to make sure you cover all the bases

Getting up to speed on a new hierarchy, console, and security

Migrating, installing, and site role configuration

Converting legacy packages to the new Application Model

Distributing, deploying, and updating software

Reporting, compliance settings, and inventory

Securing your devices with Endpoint Protection

Managing non-Windows mobile devices and virtual machines

Troubleshooting and setting up disaster recovery

Master Microsoft® System Center 2012 Configuration Manager

Plan, Install, Deploy, Monitor, and Troubleshoot an Installation

Roll Out Patches and Updates and Manage Inventory

Meet the Needs of the PC Configuration Lifecycle Management (PCCLM) Market

Learn in the Context of Real-World Scenarios and Tasks

As a consultant focused largely on building SCCM environments, I recommend this book to all my customers. The book does a great job explaining all the major concepts of SCCM's vast feature set and leaves readers with a solid foundation and understanding. They make great decisions on where to delve into great detail, and where to just hit the important ideas.

Other reviewers have complained that it is not as detailed as the product documentation on TechNet. While this is true, the book is not meant to be documentation but instead a tool for learning about SCCM. The book builds intermediate and advanced skills using outstanding real-world examples from some of the most experienced SCCM professionals on the planet.

Even though I've worked with SCCM 2007 and then 2012 every day for the past 5 years, I still find lots of good nuggets of information in this book. These guys know what they are doing.

I purchased this book prior to deploying the product in an enterprise environment in an attempt to get some insight from experienced writers. I was hoping to have to learn fewer lessons the hard way :-), and wanted to shorten my Lab time with the product. It did not even come close. This book offers Nothing you can't get for free or from Microsoft's tech library on the product. It's just a consolidation of the common info everyone has shared for free in one book. . . which might appeal to you.

This book has value if you have never read anything, anywhere, at all about SCCM 2012 and you just want one book (resource) to get you orientated with the product, and understand some basic functions and nomenclature. If this is what you need, then purchase this book. If you want master class knowledge of the product, this is not the place to find it.

I've no idea where the "filled with extra stuff" comments are coming from. Fact is, many people buying this book are going to be **very** concerned with the differences between CM7 and CM12. Where migrating from SMS 2003 to ConfigMgr 2007 wasn't particularly difficult (yeah, lots of additional features in CM7 vs SMS, but it looked the same, and aside from the SUP vs ITMU, you could afford to ignore the additions if you had to), CM12 is an almost totally different animal.

As a System Center engineer for the last 5 years, I've found this book to be invaluable in planning our CM7 to CM12 migration. It lists the gotchas. It details the differences between the two versions because...it needs to. The hierarchy model has changed. Application delivery has changed. FEP integration has changed. How you assign DPs and create Boundaries have both changed drastically. And unlike SMS to CM7, you can't just run the CM12 installer to run your migration.

This book will guide you through all that drama.

After ConfigMgr 2007's release nearly 5 years ago, I was disappointed by the quality of the first two CM7 text books. It wasn't until ConfigMgr 2007 Unleashed that they finally got it right. But here, an extremely useful and cogent text book was released right from the get-go. You can tell that Steve, Kent and the rest of the authors have been involved with CM12 for quite some time.

Way to go guys. Thanks a ton. Seriously.

This book will get you started, but it's hardly going to save you from scouring the Internet and sifting through your SCCM logs to get everything working. Many of the sections are very brief and poorly organized, while other sections seem like they could be more concise. This book will save you some time getting setup, but don't expect to be a SCCM Master (as the title implies) after reading through it!

I must admit that I'm no pro when it comes to the likes of SCCM. I dabbled with SCCM 2007, vNext and the Beta versions of 2012 so I had a general grasp on the software, but implementing it in production was proving to be a real hassle. Basic installation went OK thanks to the help of www.Windows-Noob.com but I kept getting monitoring errors. These were due mostly in part to my lack of experience with the software and its requirements.

This book is great, and a lot more help than I thought it would be! The information is helpful and very descriptive. I guess I fell/fall into the noob category here, and it has been quite a blessing for me. It's worth the $30 if you plan on making SCCM 2012 a part of your organization.

I picked up this book after already working with a new Config Manager 2012 deployment when I got tired of getting lost in the Technet library. It lays things out much more simply and gives real world scenarios and honest advice. A lot of the sections are pretty heavy on just stepping through wizards, but it's the nature of the beast when Microsoft actually puts out a product with intuitive wizards.

I will agree that it's not super in-depth. Very critical procedures are barely scratched upon - for example, building collections. That's something that can make or break your infrastructure, and it is barely covered. They even mention making these custom collections in their 'real world' scenarios, but did it ever show me how to make an All Servers collection, or an All Laptops collection, short of just making it manually?

I think this is great start, especially for people like me that dove right into Config Manager 2012 and were quickly lost and/or confused. Is it a definitive reference? Nope.

Product Details :
Paperback: 816 pages
Publisher: Sybex; 1 edition (May 1, 2012)
Language: English
ISBN-10: 1118128982
ISBN-13: 978-1118128985
Product Dimensions: 7.4 x 1.7 x 9.1 inches

More Details about Mastering System Center 2012 Configuration Manager 1st edition

or

Download Mastering System Center 2012 Configuration Manager 1st edition PDF Ebook

Windows Forensic Analysis Toolkit, 3rd Edition: Advanced Analysis Techniques for Windows 7, Harlan Carvey



I am not an expert. I really, enthusiastically enjoy performing digital forensic analysis of Windows systems and will get up early (for me…"early" is a relative term) to work on an examination. I enjoy not just finding new things in my analysis, but finding new combinations of things, looking for those hidden patterns to jump out of the data. I enjoy writing code to parse the binary contents of a file so that I can then see how the various teeth of the operating system and application gears mesh together, and in seeing what primary, secondary, and tertiary artifacts are left by various events that occur on a system.

When I first started writing books, I did so because I could not find something that would fit what I saw as my needs. Sure, there were books available that covered some aspects of digital forensic analysis of Windows systems, but there wasn't anything available that really went into depth on analyzing Windows as a system of interconnected components. There were books that covered some of the really obvious indications of an intrusion or malware infection, but how often are our examinations really about finding the obvious artifacts? I knew I couldn't be the only one looking for something like this, and writing a book not only provided a reference for myself and others, but the act of writing required me to polish and hone my thoughts. I hope you enjoy the finished product, and that it leads you beyond the obvious.

I hope you find my attempt to contribute to the digital forensics analysis community to be useful and thought-provoking. Thank you.

"Harlan has done it again! Continuing in the tradition of excellence established by the previous editions, Windows Forensics Analysis Toolkit 3e is an indispensable resource for any forensic examiner. Whether you're a seasoned veteran or just starting out, this work is required reading. WFA3e will maintain a perennial spot on my core reference bookshelf!"--Cory Altheide, Google

"Windows Forensic Analysis Toolkit 3rd Edition provides a wealth of important information for new and old practitioners alike. Not only does it provide a great overview of artifacts of interest on Windows 7 systems, but it also presents plenty of technology independent concepts that play an important role in any investigation. Feel free to place a copy on your shelf next to WFA 2ed and WRF."--Digital4rensics.com

"The third edition of this reference for system administrators, digital forensic analysts, students, and law enforcement does not replace the second edition, but rather serves as a companion. Coverage encompasses areas such as immediate response, volume shadow copies, file and registry analysis, malware detection, and application analysis. Learning features include b&w screenshots, tip and warning boxes, code (also available on a website), case studies, and 'war stories' from the field. The tools described throughout the book are written in the Perl scripting language, but readers don't need to be experts in Perl, and most of the scripts are accompanied by Windows executables found online. For this third edition, a companion website provides printable checklists, cheat sheets, custom tools, and demos."--Reference and Research Book News, Inc.

"There is a good reason behind the success of the previous editions of this book, and it has to do with two things: new Windows versions are different enough from previous ones to warrant a new edition and, most importantly, the author is simply that good at explaining things. This edition is no different."--HelpNetSecurity

If you've worked with Windows for any length of time, you know that each subsequent version of Microsoft's operating system tends to be almost the same...and yet entirely different. Windows 7 is no exception, giving us many familiar logs, structures, and artifacts that we know from Windows XP or 2003...only revised and expanded, or in different locations, or in different formats, or all of the above. Not to mention the brand new stuff.

Harlan has once again found the sweet spot - instead of fully revising the Second Edition of his book (which would be premature, as most environments still have extensive XP / 2003 infrastructure in place, and likely will for some time), he provides a companion book that builds on his previous volumes and outlines the new technologies and key differences between Windows 7 and earlier versions of the OS.

Now that many corporations are finally rolling out Windows 7 in force, forensic examiners are also making the transition to analyzing "new" Windows systems. This book provides the essential reference for Windows 7 analysis. While many of the technologies and techniques in Harlan's book have been discussed on blogs, mailing lists, and at conferences, he has been kind enough to collect the information in one place. In addition, he has been thorough enough to verify and expand upon the information through his own research and analysis, providing real world examples, tips, and cautions along the way.

Finally, as always Harlan writes with a keen awareness - both first-hand and through his extensive industry contacts - of what is current "in the field". This encompasses not only the specific questions and challenges faced by real analysts in real cases, but the tools and techniques in use or under development to address those issues. Harlan's information is both timely and relevant...and all the better for those of us on a budget that many of those tools and techniques he discusses are free and / or open source.

Harlan Carvey's "Windows Forensic Analysis Toolkit - Third Edition" is a welcome companion to both his Second Edition and Windows Registry Analysis. The three form a set that no Windows incident responder or forensic analyst should be without.

I found that Harlan's latest book is a great adjunct to my collection of his works. While it presents many of the essential operating system updates that we've discussed on forums, it also reviews enough previously published material to give the reader a foundation upon which to grasp important topics that haven't been issues in earlier systems. I like the way that Harlan laid out the chapters; he presents the material succinctly, yet with sufficient detail to provide a worthwhile learning experience. From my perspective, I particularly appreciate the Malware Detection chapter, as it presents a very nice summary of problems that many law enforcement examiners face, and Harlan provides not only direction, but tells us why certain procedures and artifacts are important.

Product Details :
Paperback: 296 pages
Publisher: Syngress; 3 edition (February 10, 2012)
Language: English
ISBN-10: 1597497274
ISBN-13: 978-1597497275
Product Dimensions: 7.5 x 0.6 x 9.2 inches

More Details about Windows Forensic Analysis Toolkit, 3rd Edition: Advanced Analysis Techniques for Windows 7

or

Download Windows Forensic Analysis Toolkit, 3rd Edition: Advanced Analysis Techniques for Windows 7 PDF Ebook

TCP/IP Protocol Suite Mcgraw-Hill Forouzan Networking 4th edition, Behrouz Forouzan



This book is vastly inferior to available alternatives. My primary complaint is that it appears written by an instructor familiar with various networking-related technology, but lacks a great deal of current real world design and implementation experience. My criticism exemplifies itself in what the book discusses, how concepts are explained, what is included, what is left out and the types of mistakes found throughout the book. While not the worst book for you, it is at best incomplete, while many times misleading, confusing and outdated at worst. Much of the material in the book is reasonably accurate, but there are a great many problems with this text that in total force me to advise students and learners of networking to avoid this title in lieu of other, far better alternatives. This review is based on the fourth edition published in 2010.

Forouzan's TCP/IP Protocol Suite is organized in a manner similar to many other general TCP/IP networking books. It begins with a history and background of the Internet and protocols in general. It then covers major protocols in the TCP/IP suite beginning from the network layer (IP, addressing, routing), through the transport layer (UDP, TCP, SCTP), the application layer (which is a mixture of DHCP, DNS, TELNET/SSH, FTP/TFTP, HTTP, email protocols, SNMP and multimedia), then back to the network layer with IPv6, and finally a few chapters on security, which are largely about cryptography services.

Perhaps like any text of this subject, the difficult part is deciding what to leave out and what to include. What is included here that would probably have been better left out or perhaps greatly revised include much of chapter 3, Underlying Technologies. This chapter is a summary of mostly layer 2 technologies including some IEEE LAN standards, Bluetooth and WAN technologies such as T1, frame relay and X.25. There is practically no attempt to relate any of this material to the TCP/IP protocol suite so it is largely superfluous and could have been left out entirely with little consequence. It might have been better written to demonstrate how these underlying technologies are used by IP, but no serious attempt is done so. In this chapter, chapter 7 (IPv4) and chapter 8 (ARP) ATM-related technologies are covered. Suffice to say, ATM is largely relegated to a niche technology at this point and at least in comparison to MPLS, which is more widespread, there is little reason to include so much about ATM if at all. The text also places far too much emphasis and includes too many examples on classful IP addressing, a long obsolete initial approach to IP addressing. In chapter 5 (IPv4 addresses), from page 121 to 135 classful addressing is discussed and in comparison the classless addressing scheme is covered only from page 135 to 146. Furthermore, about 20% of the end of chapter questions are about classful addressing. In chapter 12 (multicasting and multicast routing protocols), a sparse 3 short paragraphs are given to PIM-SM, by the far the dominant protocol used in the IP multicast-enabled Internet, while MOSPF and CBT, both obsolete protocols receive equal or more coverage. Chapter 25 includes a brief section on so-called Quality of Service ande short descriptions of network queue management techniques, but with no discussion on active queue management schemes such as RED and ECN. It further claims DiffServ is just a proposal by the IETF to replace the ToS byte, but has supplanted it for over a decade now.

What is left out of the text is more difficult to enumerate, but there is a clear sense that the author lacks a modern and practical knowledge of how real networks operate. The discussion of BGP is quite limited considering how critical it is to the routing subsystem of the Internet for instance. The security portions of the book focus largely on cryptography and are largely absent any discussion of DoS issues such as packet floods, TCP state exhaustion and amplification/reflection threats not to mention any real detailed discussion of firewalls and packet filtering mechanisms.

There are a number of very specific errors in the book. While many of them are of little consequence, they highlight at best a lackluster editing, review phase and carelessness of the author and at worst highlight the problems any serious student is going to run into when text and questions mislead. For instance, on page 266, question 16, the question implies that an ICMP message will be sent in response to a TCP segment delivered to a closed port, but no such message will be sent. TCP has a mechanism to respond to such misdirected segments, a TCP RST. The DNS discussion is outdated as the author seems to be completely unaware of EDNS0 and how widely implemented it is. One page 152, there are RFCs listed as having to do with IPv4 addressing, but some have nothing to do with addressing or were long ago made obsolete by newer RFCs. On page 131 example 5.14 claims 201.24.67.32 is a class B address when it is not and subsequently the network and mask given are incorrect. In question 10 on page 431, the decoded answer implies that a TFTP server will respond to a client on using a source port of 69, but in practice this doesn't happen as port 69 is only used for destination port in the initial request after which the server typically uses a ephemeral source port.

As a first course in TCP/IP networking, the approach the author takes to explain some topics are often not found in widespread use. For instance, the author covers a range of mathematical approaches including base 256 numbers and logarithms to explain IPv4 addressing. While mathematically there is nothing technically incorrect in doing so, some networking students without a strong mathematical background in my experience have found this author's treatment using this approach more confusing than helpful.

In my judgment the approximately $140 (US) cost for a new hard cover 4th edition of this book is vastly overpriced for the quality of what you get and especially so when compared to the alternatives. For a modern course in TCP/IP networking or as a reference to the TCP/IP protocol suite, other books available that do a comparable or better job may include Kurose and Ross' Computer Networking, Peterson and Davie's Computer Networks, or Comer's Internetworking with TCP/IP.

I had this book lying around with me for a very long time but never bothered reading it, because my graduate school textbook was something else. But when I eventually ended up reading it, i did regret how I missed out on this genius of a book, for so long. This book is way ahead of other books in its league. The material explained are illustrated very beautifully that there would be no place where you will find it difficult to follow the book. Fantastic book, i highly recommend it to anyone who want to understand TCP/IP.

If you are considering Comer Vol 1 or Richard stevens Vol 1 for TCP/IP , I would advise you give this book a serious thought too. Preferably goto a local bookstore to check them out and make a decision.

If you want to quickly learn/revise TCP/IP for an interview, this is a great book too because lots of times the self-explanatory illustrations saves you a lot of time from reading the material itself.

This may be the best textbook I have ever used. The text is concise and to the point with no extra "fluff". The illustrations are fantastic. The author has spent a tremendous amount of time on these... they take you directly to the meaning of the text, and give a strong visual and intuitive foundation to what has been written. Example problems with answers are numerous, and seem to be placed at exactly the points where you need to stop and work through concepts with pencil and paper. I really can't say enough about this text, I've read it cover to cover. It imparts an amazing amount of technical information without being dry... again, I think it's the illustrations that are so helpful, and it's nice that the author's style is direct and not wordy. I don't think you can buy a better TCP/IP book, this one's worth twice the price.

I had to use this book for a graduate course. It has been very suitable for this purpose. The level of details is good, but not to the point of a protocol standard. If you need to master the concepts and do not want to refer to very superficial practical references or detailed standards this book is right in the middle. Lecturers will find it very appropriate and students will easly grasp the concepts. One can still use some parts of the book as a reference. If the required information is not there some of the references to RFCs and standards will guide the reader to more information elsewhere.

TCP/IP is the language of the Internet and this book is its grammer. Although I think this book was intended primarily to be a college textbook, I'm not in school. I just was assigned a project to do some software requiring a direct interface to TCP/IP. I found this book to be exactly what I needed.

The book uses a very visual approach that allows you to quickly find the subject areas you need. Then the key points are put into boxes, kind of like someone has gone through with a hi-lighter to emphasize the critical points. These enabled me to skip rapidly through the points I knew about to get to the areas where I needed detail.

This book further is one of the best written and more clearly describes this rather technical subject in clear English words that even a simple programmer can understand.

This is the third edition, it covers some of the newer protocols like SCTP. Exceeding well done book.

Product Details :
Hardcover: 928 pages
Publisher: McGraw-Hill Science/Engineering/Math; 4 edition (March 25, 2009)
Language: English
ISBN-10: 0073376043
ISBN-13: 978-0073376042
Product Dimensions: 7.7 x 1.7 x 9.3 inches

More Details about TCP/IP Protocol Suite Mcgraw-Hill Forouzan Networking 4th edition

or

Download TCP/IP Protocol Suite Mcgraw-Hill Forouzan Networking 4th edition PDF Ebook

Thursday, April 25, 2013

The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference 1st edition, Charles M. Kozierok



"A New TCP/IP Classic" -- Slashdot, December 14, 2005

"A rocking, well-organized, profusely illustrated book . . . Probably the best new introduction and reference book around." -- NetPerformance.com, June 12, 2006

"It's informative and easy to read, even when discussing rather nasty protocols." -- ;login:, April 2006

"Nicely organized, from an introduction to networking through administration and troubleshooting, the book clearly explains each topic." -- Library Journal, January 15, 2006

"The TCP/IP Guide is great for anyone and everyone . . . it can act both as a reference guide and a textbook." -- Linux Security, April 6, 2006

"The most comprehensive guide to TCP/IP protocols we have ever come across . . . [and] the most readable . . . we highly recommend it." -- Network World, November 28, 2005

"This book is the Real Deal . . . you will appreciate the mastery of Kozierok's achievement." -- WatchGuard Wire

"This is a really well-done book, . . . easy-to-digest information about TCP/IP." -- IBM’s DeveloperWorks, January 18, 2006

"Well-organized, well-illustrated, and has a conversational tone that makes it easy to read and learn even for networking novices." -- Windows Networking, May 10, 2006

Charles is a very good teacher. Explanations are very down-to-earth, so anyone can understand the protocols. Be warned that the pictures are not in color, but his web site and PDF do show them in color. That becomes crucial for some of the more complicated diagrams. My other complaint is that it's a bit long-winded at time due to the included jokes - I think 1600 pages is enough that adding jokes is unnecessary

This text offers a well-guided clear understanding of TCP/IP and its design motivations. The nature of the text is best suited to readers with little or no networking background, and who actually want to understand TCP/IP (as opposed to just know about it). The author makes a point to explain why the designers of the protocols did things the way they did, the histories behind decisions and developments, the advantages and disadvantages of certain features and how everything fits together. These explanations obviously lengthen the text, but it is perfect if you are committed to understanding TCP/IP properly. The author's style is quite direct, easy to read, and makes sense.

It's a very comprehensive text--some might argue too comprehensive! This isn't a how-to guide and doesn't claim to be. Some of the drier parts can get dry, but when describing a packet format you can't really avoid that, and you can always skip those parts (though I found persevering through them helped my understanding too). I would highly recommend this book to anyone wanting to understand the protocols of the Internet.

The TCP/IP set by Comer + TCP/IP Illustrated set by Richard Stevens + The TCP/IP Guide by Charles M. Kozierok ] and are the only books about TCP/IP stack that are worth reading.

Comer is a bit dryer than Stevens
Stevens has excellent examples
Kozierok has more details and drawing / pictures

"The TCP/IP Guide" has also a web-site, however the site contains only ~50-60% of the books

All the above books will provide everything you need to know

Code impementation is provided by Comer and Stevens

Next step would be books like "Unix Network Programming" by Stevens, "Understanding Linux Network Internals" by Benvenuti,
"The Linux Programming Interface: A Linux and UNIX System Programming..." by Kerrisk, etc etc etc

ould agree with many of the positive reviews here.

It is hard to believe that just one person wrote this book. Equally amazing is how good it is. It is getting a bit old and some things are beginning to move on, but to understand IPv6, you need a good grasp of IPv4. Both are covered beautifully in a manner designed to teach not confuse or merely impress other academic types. There are detailed diagrams and line by line full explanations on every topic and nothing nor any detail is skipped. From binary transfer, to packet encoding, everything imaginable is covered for the OSI reference model, in terms that just about anyone can understand. Seriously impressive.

Want to understand networking? Much of the information in this book is a must. As a reference book, it is outstanding. At 1500+ pages it doesn't miss much, if anything, although I must confess to only having read line by line about a third of it in total, roughly 500 pages.

I'm biased as my hobby and professional work is IT. I literally have multiples of hundreds of tech books, in paper and Ebooks. For me, this book is a work of fine art.

This is the most comprehensive and detailed treatment of TCP/IP you'll ever have the pleasure (or displeasure) to read. Obviously, I did not read the entire book; to be honest I read only about a third, and I'm already blown away by the complexity of TCP/IP. Also, by reading I do not mean understanding - this will come only after few shots of cognac and certain amount of banging your head on your keyboard while Wiresharking. Also, I would not recommend trying to read this from cover-to-cover; in my opinion it's simply impossible, but we know that at least one person did it. Chapeau-bas to the author for writing such a monster (in a positive sense).

Many years ago I was looking for something to update what I had first learned from TCP/IP Illustrated, Vol 1 by Richard Stevens. Among many other books, I bought this one directly from the author online.

While this is a massive tome, I find it is much less useful than Stevens mainly because it's tough to wade through the esoterica. Essentially, it's tough to see the forest for the trees.

I troubleshoot IT (and especially intermittent response time) problems for a living and the big gun in my troubleshooting arsenal is packet analysis. I've been doing packet analysis since the mid-80s starting with IBM protocols such as SNA/SDLC, moving on to DECNet, IPX/SPX, IPv4 and finally IPv6. I routinely analyze trace sets between 10GB and 100GB in size and am noted for discovering issues that have escaped lesser experienced engineers, so I believe I'm modestly entitled to say I'm pretty adept at this material.

But... whenever I have any question about protocols, I first reach for Stevens unless my question revolves around something not covered in Stevens such as DHCP, IPv6, the new TCP stacks, etc. At that point I might pick up this book but usually reluctantly so.

Stevens did a wonderful job painting a coherent picture of how the protocols work. I personally don't find that coherence in this book. Now that there is a second edition of TCP/IP Illustrated that covers (masterfully I might add) all the things missing from the first edition I just can't see reaching for this book any more. I don't even keep the soft copy on my laptop any more.

I hate to "dis" what was obviously a monumental work effort but I personally would recommend TCP/IP Illustrated (2ND EDITION!!!) over this book any day of the week...

Sorry to say but this book is good for some School or college going bloke who is looking to start to gain some knowledge in Networking.

But for someone who wishes to be a good Networking professional as a developer/Tester in L4-L7 industry, this book does not even satisfy 1/1000 of the requirements.

For example: In the initial chapters I was looking to understand ENDIAN ness, big endian and little endian - the most fundamental topic..But I did not find in this book.
Then I was looking to understand Presentation layer of OSI , here all I could see was some theoritical discussion but NO PRACTICAL examples like Gunzip, XML, ASN etc.

Then I was looked at IP Layer, I wanted to know how the IP Layer REASSEMBLES fragments. He has not explained that - the most basic functionality of IP Layer.

Then for TCP layer - He has not mentioned about URGENT Pointer or use of Urgent pointer for practical applications. Neither has he explained how TCP Behaves for Bulk data and interactive data. Then he has skipped detailed explanation about Congestion avoidance algorithm .

TCP Window Flow control I needed detailed understanding but he has not explained it.

For Layer 7 - He has not explained the SSL protocol which is the best security protocol in use in industry.

What about the SOCKET layer?. He has not talked about Socket functionality at all.

Overall, this book is good for someone starting out in Networking understanding but like I said before this is not even 1/100 of the depth of networking and the author has barely scratched the surface.

Product Details :
Hardcover: 1616 pages
Publisher: No Starch Press; 1 edition (October 1, 2005)
Language: English
ISBN-10: 159327047X
ISBN-13: 978-1593270476
Product Dimensions: 7.1 x 2.3 x 9.1 inches

More Details about The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference 1st edition

or

Download The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference 1st edition PDF Ebook

Management of Information Security 3rd edition, Michael E. Whitman



Joseph Sherif, Fullerton University, "I CANNOT WAIT TO ADOPT IT. This book is the best for students and practitioners."

Denise Padavano, Pierce College, "I would adopt this book for an introductory security management course or a survey course on security management. It covers all the things that are important and the authors did a good job of making the book concise." --This text refers to an out of print or unavailable edition of this title.

This was an excellent textbook and an easy read cover-to-cover. I work in an IA position for the federal government and many of the topics covered in this book were 100% relevant to things I've experienced on the job. I have only a couple of gripes about the book. First, some of the information is a bit dated, even though the book was just published 2.5 years ago. Time for an update. Second, this physical construction of the book is poor. The pages were separating from the binding with the slightest pull! Others in my class complained about the same thing.

Over all though, this book was perfect. Many of the concepts align perfectly with things an IA professional would need to know for passing the CISSP exam. Highly recommended textbook!

This book is a textbook on the Management of Information Security. It IS NOT intended to get into the nitty-gritty of securing an information infrastructure. It is meant to teach MANAGEMENT and therefore focuses on management issues. It has a strong slant toward NIST publications, because it is intended to be a solution for college and university courses that are part of an NSA/DHS National Center of Academic Excellence in IA Education. As such it has to map content to the Committee on National Security Systems (CNSS) Training Standards, most specifically NSTISSI-4011, the National Training Standard for Information Systems Security (INFOSEC) Professionals and CNSSI-4014, the Information Assurance Training Standard for Information Systems Security Officers. It does this fairly well.

Someone commented that since the authors quote Charles Cresson Woods' books so much, why not just buy Wood's books? Obviously he did not price the Charles Cresson Wood books before he said this, as current editions of his books run six to eight HUNDRED dollars each--and people pay that because they think that much of his work. The fact that he allowed the authors to quote his material so extensively is a real "value added" feature of this text. Charles Cresson Woods' books are intended for an entirely different purpose than this book anyway.

Coming from a background as an Information Systems Security Officer in the U.S. Navy, this book fit naturally well with my background and experience in the field for teaching this subject. It might not be as good a fit for an instructor whose primary background is in the ISO 27000 series or in PCI DSS. It is not intended to be a "do-it-yourself" book either; it is distinctly intended for use as a classroom resource for a course taught by an experienced security professional. I have been using it in the classroom since 2003 and it has worked very well for me and student feedback has been very positive overall. I would heartily recommend it for use as a textbook in a quality, instructor-led course in the Management of Information Security taught by someone who knows the material.

The book is quite frustrating if you need to use it for your studies as I do.

A lot of it is really obvious, but the authors do like to repeat and rehash points in quite a confusing order. They would be better off providing more examples that fit exactly with what they are trying to explain, but instead they grabbed too many examples from other sources, which do not appear to fit as neatly with their processes as I suspect would be best. It certainly fills up the pages, but adds confusion. It's a big subject, so it will never be an easy task, but surely these guys can employ writers to look at their work objectively. Too many technical people write books with the notion of the book being very good because they think everyone thinks like they think... Wrong.

And to be honest it is a boring book. It's not even like it's a boring subject, because it really does affect so much of our working and personal lives nowadays. Somehow they just seemed to be able to make it seem more excruitatingly boring than it really is!... I suppose that's a skill in itself!

If you're looking to get down into the nitty-gritty of infosec, for ways and methods of securing networks and systems, then this probably isn't the book you need. This is a textbook and so it overs a fairly high level viewpoint, even philosophical approach, to infosec. The granualarity just isn't there for the practising person to gain much from this in a substantive way.

That said, the book does provide a readable and useful overview of all aspects of the infosec planning and administration process. Each chapter has questions yet no answers. Chapters include:

Introduction to the management of info sec
Planning for infosec
Planning for contingencies
Information security policy
Developing the security program
Security Management models and practices
Risk Management: identifying and assessning risk
RIsk Management: Assessing and controlling risk
Protectiion Mechanisms
Personnel and security
Law and Ethics
Information Security Project management (the weakest chapter in the book...meant as an introduction)

While the authors won't tell you how to configure a firewall for example, they will teach you who, how and why this must be done and what must be done to guide and support decisions like this in an organizational environment. This book is about top down security management. It teaches you to use policy, procedures, people, programs, projects and planning in a three dimenional security matrix: confidentiality, integrity, availability, security, transmission, processing, policy, technology and education/training with regard to people, data, hardware, software and procedures, all within the methodology of the secSDLC. So it is a philsophical journey thorugh the heart of the matter written by two guys who obviously know and enjoy their subject.

This books is well written and has a number inserts highlighting differrent things like different types of attacks, concepts like human firewalls and such that enhance the readability while leading a connection to reality that threatens to become a little tenuous when dealing with much abstraction.

SO, a good textbook. I used it for a subject I took and found it useful. WHile it may be a little dry at times, due to the technical nature of the material, if you are serious about learning information security then the need to be consistently entertained is probably just a little alien to your nature anyway. This book will give you an excellent grounding in the things you should be condisering and doing when planning, analyzing, designing, implementing and managing and maintaining infosec.

An excellent addition and support for the material presented in the book- as referred by the authors- is bunch of free materials published by the National Institute of Standards and Technology, found at the computer security resource center. These include papers such as SP 800-12, SP 800-14, and so forth. The website is http://csrc.nist.gov/publications/nistpubs/ It is important to check this out if you are serious about infosec. This book is a good starting point for deliving deeper into that world.

Product Details :
Paperback: 576 pages
Publisher: Course Technology; 3 edition (January 19, 2010)
Language: English
ISBN-10: 1435488849
ISBN-13: 978-1435488847
Product Dimensions: 7.1 x 1.2 x 9.1 inches

More Details about Management of Information Security 3rd edition

or

Download Management of Information Security 3rd edition PDF Ebook

MapReduce Design Patterns: Building Effective Algorithms and Analytics for Hadoop and Other Systems 1st edition, Donald Miner



In the 1990s O'Reilly books had a well-earned reputation for quality. O'Reilly authors such as Simson Garfinkel explained technical topics with precision, clarity, and wit. I proudly kept a whole shelf of O'Reilly books at work, and I imbibed copious java from their tenth anniversary mug. I'm sorry to see that O'Reilly's traditional quality has gone the way of the Internet bubble. MapReduce Design Patterns represents the absolute nadir of technical writing, and it never should have been published in its current form.

One of the most poorly written parts of the book is Appendix A on Bloom filters. As I was writing my original review of the book, I thought it might be helpful to point readers to a better explanation of the topic. Turning to Wikipedia as a potential reference, I was struck by the number of similarities between it and Appendix A. It now appears that this appendix plagiarizes the Wikipedia article "Bloom filter." To see this, compare the opening paragraph of the Wikipedia article (January 19, 2013) to the first two paragraphs of the book's appendix (which you can see in the sample pages here):

Wiki: A Bloom filter, conceived by Burton Howard Bloom in 1970, is a space-efficient probabilistic data structure that is used to test whether an element is a member of a set. (Paragraph 1, sentence 1)

MRDP: Conceived by Burton Howard Bloom in 1970, a Bloom filter is a probabilistic data structure used to test whether a member is an element of a set. (Page 221, paragraph 1, sentence 1)

Wiki: False positive retrieval results are possible, but false negatives are not; i.e. a query returns either "inside set (may be wrong)" or "definitely not in set". (Paragraph 1, sentence 2)

MRDP: While false positives are possible, false negatives are not. This means the result of each test is either a definitive "no" or "maybe." You will never get a definitive "yes." (Page 221, paragraph 2, sentences 2 - 4)

Wiki: Elements can be added to the set, but not removed (though this can be addressed with a counting filter). (Paragraph 1, sentence 3)

MRDP: With a traditional Bloom filter, elements can be added to the set, but not removed. There are a number of Bloom filter implementations that address this limitation, such as a Counting Bloom Filter, but they typically require more memory. (Page 221, paragraph 2, sentences 5 and 6)

Wiki: The more elements that are added to the set, the larger the probability of false positives. (Paragraph 1, sentence 4)

MRDP: As more elements are added to the set, the probability of false positives increases. (Paragraph 2, sentence 7)

When confronted with examples like these, authors typically claim that the similarities are due to their unintentionally copying verbatim from their notes. While that may be true in some cases, it is the task of the publisher to see that problems like this are corrected before books are released. Clearly the authors and the editors at O'Reilly have failed to diagnose this problem and provide a timely appendectomy. The result is a book with a fatal case of appendicitis left to die a humiliating death in the marketplace.

Although MapReduce Design Patterns would have benefitted from an appendectomy, such an operation would have been insufficient to restore the book to good health. For much of the book suffers from a sort of write-once-copy-everywhere mentality that leads to dreadful writing and programming. A few choice examples should suffice to illustrate this point.

Until the book's penultimate chapter every example except two includes this pattern of statements:

"The following descriptions of each code section explain the solution to the problem.
Problem: ..."

Apparently it occurred to neither the authors nor the editors that it might be premature to refer to "the problem" and its solution before that problem had been stated. And certainly no one thought to ask whether or not the first sentence of the pattern clearly sets forth what's coming next in the book. Yet through the magic of the Ctrl-C, Ctrl-V sequence, this statement appears dozens of times throughout the book.

The first hint of an editorial hand finally appears at beginning of the Generating Data Examples section of Chapter 7, where at last we find the statement of a problem in paragraph form followed by our now familiar sentence. Unfortunately, the book's remaining four examples revert to the authors' text design pattern with an ungrammatical twist:

"The sections below with its corresponding code explain the following problem.
Problem: ..."

Perhaps a NullWritable object would have made a better editor.

Fortunately, not all of the book's wretched writing is as annoying as this. Some of it, such as this garbled thought from page 185, is hilarious:

"There is no implementation for any of the overridden methods, or for methods requiring return values return basic values."

Programmers may be amused by how the class MRDPUtils seems to appear and disappear randomly with the invocation of the method transformXmlToMap() in the book's code examples. They may also laugh at the erroneous comments in the source code on pages 20, 23, 26, and 29. Since the book's sample code contains the same errors, one might begin to wonder if anyone read or tested that code after it was written. Considering the map() method of the UserIdReputationEnrichmentMapper class given on page 165, that seems unlikely. An astute reader will easily see that this method emits the wrong key, and testing certainly would have revealed it. Since the map() method's actual output clearly contradicts the specification for the reducer implementation on the same page, the problem could have been spotted by a conscientious editor.

Almost two decades have passed since Simson Garfinkel typed "buy more O'Reilly books" in an example in one of his books. After reading MapReduce Design Patterns, I no longer agree with his recommendation. Readers who are interested in this topic will do well to look elsewhere for more information on the subject.

This book is a good catalog of the different patterns any big data solutions programmer should know in order to effectively perform their job. While the authors admit that writing some of these patterns in the context of a map/reduce job on Hadoop with tools like Pig available can be counterproductive they make the compelling argument that understanding these patterns is still important.

The technical examples in the book are sometimes missing blocks of code, which while easily derived may be a source of frustration for some readers. (I have my implementations of the exercises on github, under my username of cfeduke; I learn best by doing, so keying in and executing examples is paramount.)

I've had a moderate level of experience with Hadoop, from 0.18 to 1.x, before tackling this book. I felt that this book taught me a fair amount about the guts of writing a map/reduce job though if I did not have a solid foundation working with Hadoop the examples may have been difficult to grok.

The authors chose to use Stack Overflow community data to demonstrate the patterns presented and I felt that was an excellent decision as its easy to derive other queries to answer - and implement - having some knowledge of the corpus.

The book gives a good introduction to MapReduce design patterns. But what i found really missing are good examples.
I had studied Jimmy Lin's book [...]before i read this which gives some really good examples of algorithm design. I was hoping to find something which focussed on how some of the design patterns can be leveraged to implement more complicated and non-trivial algorithms in Map-Reduce more effectively.
But i feel that the book uses some fairly straightforward algorithms to explain the pattern and does not go deep.
Another thing that i did not like is that the book is just too much Hadoop specific and ignores other Map Reduce implementations which are getting very popular.
Overall the book is a good step in introducing patterns and algorithms in a more systematic manner, in the Map Reduce programming paradigm. It gives a good survey of some of the emerging areas in last few chapters. The chapter on Meta Patterns was my favorite as it gives some good introductory material on building more complicated pipelines using Map Reduce, and how one could take steps in optimizing the runtime of bigger pipelines.

Product Details :
Paperback: 230 pages
Publisher: O'Reilly Media; 1 edition (December 22, 2012)
Language: English
ISBN-10: 1449327176
ISBN-13: 978-1449327170
Product Dimensions: 7.5 x 0.6 x 9.2 inches

More Details about MapReduce Design Patterns: Building Effective Algorithms and Analytics for Hadoop and Other Systems 1st edition

or

Download MapReduce Design Patterns: Building Effective Algorithms and Analytics for Hadoop and Other Systems 1st edition PDF Ebook