Hack Attacks Revealed: A Complete Reference for Unix, Windows, and Linux with Custom Security Toolkit [With CDROM]

I have been teaching Windows 2000 and Unix security for the U.S. Army for 3 years. I am constantly searching for a book that will provide true insight into the hacker mindset and methods. Most books dawdle in the routine and well known hacks and still leave you wanting. "Hack Attacks Revealed, 2nd edition", takes you to the next level. It is the single best security reference book that I've seen.You rarely find a book that provides indepth coverage of Windows, Unix, and Linux security. Hack Attacks Revealed's information, tutorials, and tools provide you with everything you would need to test and secure a computer system or network. As a bonus, the fully licensed TigerSuite Professional (version 3.5) is included on the accompanying CD. This is an amazing grouping of tools to analyze and test the security of a computer network. In class, I routinely use TigerSuite to demonstrate security shortfalls. My students are so impressed that they immediately ask me where I got it and how can they get it. "Hack Attacks Revealed" has something for every skill level, whether it is teaching you how to subnet, compile a security tool or walking you through a buffer overflow. The First edition was great and John Chirillo found a way to go it one better.

This new edition is jam-packed with tons of hacks I didn't know existed for UNIX, Linux, and Windows and all in one book! It's a pain and no small expense, to have to buy three separate books to get this cool stuff. Having it all in one place is fantastic.

I read the first Hack Attacks Revealed, and it helped me out a great deal. I just completed reading the Second Edition, and it is even better. There is a good amount of new material and new vulnerability information, and the Tiger Suite continues to get even better.The Second Edition does a better job of explaining some of the methods used by hackers and the like. What I especially like is the explanaitons of how some of these negatives can be used as positives. For example, using password crackers to gain legitimate access in cases of forgotten passwords, or when employees leave a company without ensuring company assets are made available.EXCELLENT JOB, KEEP UP THE GOOD WORK--Can't wait for the Third Edition......

This book promises quite a bit in the new edition, let's see what's really in here. Okay, the chapter layout is completely different as the book starts with a Technology section, followed by Discovery, then Penetration, Vulnerabilities, and finally the Toolbox. The technology part is nicely abridged to about 87 pages. The Discovery part differs greatly in that the source code has been moved to the CD and the author added more coverage and examples plus some stealthier techniques and most recent SNMP, file sharing, DNS, NetBIOS, and CGI stuff. The ports and services are still there but I found them to be pretty handy references at any rate. Penetration contains updated material and it's nice to see IDS stuff in here too. The Vulnerabilities section is promising. There's an excellent chapter on the top 75 exploits that have certainly proven to be the most misuses of security weaknesses and the newer material makes it significant. The CD contains some of the same plus full licensed software, an updated repository and all the source code moved from the original text. All things considered, this book pans out to be more of an original than a second edition and well worth the read.

I found this 2ed more useful than the first. With updated NEWER exploits and Top 75 Hacks I found a great resource. My company is now using them in our policy testing. Oh and finally no more trial software on the CD.