Exposing the hacker's advantage

Joel Scambray, co-author of Hacking Exposed, 6th Ed. shares equal parts helpful technical tip, sage career advice, and interesting personal profile.

This is the first in a regular series that will highlight new books and their authors.

Hacking Exposed

What I like best about computer security, says Joel Scambray, co-author of Hacking Exposed, 6th Ed., is the challenge of the attackers' advantage and the defenders' dilemma.

"Fortunately," says Scambray, "information security is one profession that anyone who uses a computer can learn about first-hand every day." His advice: "Take a little time regularly to explore the security features of the computer you use frequently, using the Internet as a resource for more information. If you want to take it up a level, create a separate computing environment from the one you use for personal or business use (for example, a set of virtual machines running a free operating system like Ubuntu) and try out the attacks and countermeasures described in Hacking Exposed. There's no better way to learn the theory and practice of information security "that's how the authors and thousands of readers have done it since 1999!"

5 must-dos

  • Define a security policy, even if it's short and simple.
  • Get permission from and notify system owners before performing any testing.
  • Be patient -- running the tool/test is the easiest part, interpreting the output is what differentiates the exceptional from the merely adept.
  • Define the problem positively -- too often, security is regarded as "nothing happening is good." Set clear security objectives in advance, and think about how you will measure success or failure.
  • Remember that security is about risk management, be practical in prioritizing the things you will fix and not fix (because you can't do it all).

5 classic mistakes

  • Believing 100% security is achievable.
  • Buying a technical tool but never reviewing or understanding the output.
  • Mandating a policy without demonstrating practicality and/or getting buy-in.
  • Over-investing in buzzword-compliant but incremental solutions when simple and inexpensive countermeasures can address most of the risk.
  • Biting off more than you can chew -- pick your battles and be iterative.


Name: Joel Scambray

What I'm working on now: As co-founder and CEO of Consciere, a provider of strategic security advisory services, Scambray continues to work at the nexus of business and security to advance the principles and practices of his profession. Most recently, he's focused on aligning security metrics, technical vulnerability management, and GRC concepts to establish an achievable and sustainable standard of due care for Consciere's clients.

Favorite Web sites and hidden gems: Wikipedia, of course. And there are no "hidden" gems with Google.

Something most people don't know about me: I play more Guitar Hero than I should.

Philosophy: Press the "Easy Button" whenever possible; also known as "keep it simple, silly."

Who should read Hacking Exposed? As with previous editions, Hacking Exposed 6 is targeted at people who protect information technology infrastructure and applications. Although written in a style accessible to wide audiences, the primary focus is on technical specialists such as corporate IT engineers, software developers, consultants, technical group managers/directors, program/project managers, and similar IT roles where it is critical to have a practical understanding of cybersecurity attack tools and techniques, and how to defend against them.

What can readers expect to learn? Hacking Exposed presents real-world demonstrations of cutting-edge network and computer hacking tools and techniques, followed by in-depth discussions of countermeasures and workarounds to mitigate the attacks. Attacks and countermeasures are related from the perspective of professional penetration testers (a.k.a. ethical hackers, tiger/red teams, etc.) who have spent significant time researching and understanding how to undermine the latest technologies and defeat the most recent technical controls. The book is divided into sections related to common technology platforms (for example, Windows, network devices, web applications) that can be read collectively or individually to provide in-depth understanding of well-publicized vulnerabilities that threaten the productive use of computing systems worldwide.

Can you share a favorite script or command? Scripting languages are the security pro's best friend -- shell, Perl, Python, and more recently Ruby are good places to start. Use these to wrap venerable security tools like nmap and snort to quickly create customized functionality. Other fun categories of tools include browser plug-ins like Tamper Data and Paros Proxy. Suites like Cain & Abel provide one-stop-shop capabilities for analyzing Windows and network security. We could go on and on, but check out http://sectools.org/ for a more comprehensive list of tools.

Parting words Have fun, be flexible, and adopt an empirical attitude -- after more than fifteen years in the field, we've learned as much from mistakes as we have from successes.

Read a tip from the book: Hacking Windows: Eavesdropping on Network Password Exchange

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon