Customer Reviews


11 Reviews
5 star:
 (5)
4 star:
 (4)
3 star:
 (1)
2 star:
 (1)
1 star:    (0)
 
 
 
 
 
Average Customer Review
Share your thoughts with other customers
Create your own review
 
 

The most helpful favourable review
The most helpful critical review


5 of 5 people found the following review helpful
4.0 out of 5 stars An interesting read but requires technical knowhow in parts.
I enjoyed this book. I was very much looking forward to it after reading The Art of Deception. This book follows the same format, with 11 chapters detailing a number of hackers/security consultants experiences breaking into systems in various ways. Unlike the Art of Deception which concentrated purely on social engineering techniques, this book (barring one chapter on...
Published on 3 Aug 2005 by J. Bolton

versus
2.0 out of 5 stars Enjoyable walk on the dark side
A number of interesting real-life stories.
Worrying thing is how nave the 'stars' of the chapters are.
The book is written at a level that will appeal to people with a passing interest in the subject - easy to understand without too much techie knowledge.
Published 17 months ago by SDI


‹ Previous | 1 2 | Next ›
Most Helpful First | Newest First

5 of 5 people found the following review helpful
4.0 out of 5 stars An interesting read but requires technical knowhow in parts., 3 Aug 2005
By 
J. Bolton (Southfields, New York, USA) - See all my reviews
(REAL NAME)   
This review is from: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (Hardcover)
I enjoyed this book. I was very much looking forward to it after reading The Art of Deception. This book follows the same format, with 11 chapters detailing a number of hackers/security consultants experiences breaking into systems in various ways. Unlike the Art of Deception which concentrated purely on social engineering techniques, this book (barring one chapter on social engineering) is largely more technical, detailing hack attacks from information gathering stage through to the hack itself and reporting (if this is done!). A couple of chapters do require technical knowledge, as whilst Mitnick describes a few technical terms, this certainly isn't done comprehensively to allow a novice to fully understand what is going on. As one other reviewer said, Mitnick does intersperse all the 'stories' with experiences from his own life, and whilst this could be construed as egotistical, I found it refreshing and often very funny. Each chapter also details how firms can protect against each attack mentioned, which is very useful, and makes this more than just another hacker culture reference.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2 of 2 people found the following review helpful
5.0 out of 5 stars A beautiful Insight Into The Exploits Of Hackers, 4 Sep 2006
By 
This review is from: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (Hardcover)
This book is an amazing insight into the exploits and techniques used

by hackers, crackers and social engineers! it really is a truly gripping read which makes you think "Oh I'll read just one more chapter" I don't think I could pick out any real negative points in the book it was consistent throughout providing not only the great stories of the hacks but also offering some wonderful information,

this really is an absolute MUST for any IT or security fanatic and is well worth the money to add such an excellent book to your shelves!
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5 of 6 people found the following review helpful
5.0 out of 5 stars This book is made of Win and Good, 12 Feb 2006
By 
Verified Purchase(What is this?)
This review is from: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (Hardcover)
A very interesting collection of stories if you want to look over the shoulders of people who one day may fancy "0wning you". You can get a fell for what they are capable of. Especially regarding patience, single-mindedness and inventiveness in worrying the locks - physical and virtual - until they break. Or in finding that one passage that non-one thought manageable, discoverable or exploitable. Reads like good heist stories without the steamy and ultra-violent parts. And with well-meaning advice to boot.
Some notions of networking required, but neophythes don't need to fear: the authors don't leave you hanging and try to explain the basics - sometimes not too successfully, but then this *is* a hairy subject. Hard-core network admins will not be surprised by anything in here but will get a view of the 'bigger picture' that lies beyond the suspicious activity seen in the log files.
The stories related in the book have, according to the authors, been well-checked an corroborated as explained in the preface. Technically they are absolutely believable.
So what do you get for your money:
Chapter 1: Buy a video poker machine, reverse-engineer it, find out it's predictable then make big bucks in Vegas.
Chapter 2: Try to break into the gov'nmt while being egged on by real (or fake?) Pakistani terrorists.
Chapter 3: Build your own Internet connection from inside prison while running rings around the wardens. The Shawshank Redemption, a bit differently.
Chapter 4: Break into Boeing while there is a computer forensics class in progress. Bad idea!
Chapter 5: The famous Adrian Lamo in action. The New York Times' network is opened up. The Gray Lady then goes into payback mode.
Chapter 6: Your company wants a penetration test? Think twice, you may get more than you bargained for. (There should be contest for guessing at the Real Names of the companies mentioned. Hmmm?)
Chapter 7: You bank is secure, right? Actually, no!
Chapter 8: Hello, operations? I thought this machine where we had our source code was secure. Now it's on a warez site!
Chapter 9: Hacking for profit: A forgotten console cable around a firewall and 'PC Anywhere' carelessly installed on a mobile computer eventually brings about the targeted companies's undoing.
Chapter 10: Social engineering. Ok, so we have seen this in Mitnick's previous volume.
Chapter 11: Odds and sods (i.e. assorted hacks).
Contrary to what wombatboy1975 says, Mitnick keeps the ego firmly in check (compare this to his erstwhile antagonists, the 'duo terrible' Shimomura/Markoff whose book was made unreadable among others by ego inflation).
The conclusion that you can draw from the stories is that hackers are not unlike a flu virus. If there is a surface protein that one of them can lock unto, one of them might do it tomorrow. Or never. Or maybe just not on your watch.
Work on reducing your systems's cross-section. And good luck.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars Amazing tales of indiscretion, 14 July 2005
This review is from: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (Hardcover)
Mitnick and Simon present a cogent and interesting account of people who have illegally intruded on cyberspace, mainly in the US. It is possible that some tales retailed by them are apocryphal.But most of them stand to reason. They are daring and highlight how human ingenuity keeps pace with technology. All systems administrators, CSOs, CIOs and CEOs must read this. If after reading this, they are slack and hesitate to upgrade their systems, only the Almighty can save them. I already look forward to Kevin's autobiography, which he can pen only after the Federal ban expires in 2007.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars Diverse, 6 Oct 2013
Verified Purchase(What is this?)
This review is from: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (Hardcover)
The book has been an extremely interesting read as well as a little bit of a history lesson. Under no circumstances is this an instruction book, but more of a look of where companies went wrong and ways we can all learn to mitigate these risks. Whether you're a professional or someone interested in security then I would happily suggest anyone reads this book.

This book not only looks at the technical challenges but also the physical and social ones; many areas covered.

As a placement student from reading this I have learnt a few things about how I should apply good practices in my work, "No one will go to the trouble of doing that, there is some kid that will.". Overall a good read.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars Fantastic!!, 9 Sep 2013
Verified Purchase(What is this?)
Could not put this down. I used this book to discover the world of forensics and hacking as this is something I am considering moving to
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars IT security classic, 13 Aug 2013
By 
Guy Edwards (UK) - See all my reviews
(REAL NAME)   
Verified Purchase(What is this?)
This review is from: The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (Hardcover)
Although a somewhat old book now at 8 years old, both the author and publication are well known subjects in the security world. No matter your opinion of the author who has collated the stories from various black hat sources (and who himself famously spent time in incarceration prior to this for IT systems penetration) it's worthwhile to read the publication in order to 'know your enemy' as Sun Tzu would have advised.

Since it's a collection of what appear to be true stories of penetrations of organisations systems, it's a welcome break from drier more technical publications that you might be used to as revision reference and similar. The book features less on technical procedures, checklists and exact tools/procedures and facts and more on the process and social engineering behind real world penetration attacks against the IT industry - as such the book ages well and is still insightful despite the age.

It feels like the majority of stories revolve around the attackers finding overlooked small flaws in a sites security, and then spending time turning this single flaw into a larger penetration, growing in depth of compromise over time. This is quite a contrast to the usual mainstream view of a single flaw causing the compromise of an organisation - the book implies that it's more likely a string of flaws, each on its own not a great issue (and probably existing due to lack of staff time or knowledge) but when combined they provide an attacker with a route in.

The story of the attacker who spends a year breaking into a company also challenges the traditional view of attackers that compromise a system, cause damage or send as much spam as possible until detected and then the issue is fixed by the IT staff. Instead the attacker gets access and spends time slowly moving through the network to get to the desired systems (in this case a source code repository).

Another eye opener is the scorn the attackers repeatedly give towards systems when the systems administrators dont take action against persistent obvious attacks. It's hard to read the book and not come away thinking that perhaps it really is time to cure the false positives coming from the organisations intrusion detection system and pay some real attention to configuring it. You think of your own organisations systems, and the minor outstanding security measures you've been meaning to spend time on but other tasks took priory. It's a healthy kick in the posterior to pay attention to both due care in setting up security prevention and detection systems and due diligence in monitoring the resulting logs (and taking action when necessary).

The book is an IT security classic which ages well in terms of technical content (due to the discussion of timeless subjects such as social engineering rather than software versions) and should be required reading for IT professionals, especially those who might be feeling that their IT security is impenetrable.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


2.0 out of 5 stars Enjoyable walk on the dark side, 11 April 2013
Verified Purchase(What is this?)
A number of interesting real-life stories.
Worrying thing is how nave the 'stars' of the chapters are.
The book is written at a level that will appeal to people with a passing interest in the subject - easy to understand without too much techie knowledge.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


5.0 out of 5 stars MMMMMMM, 26 Feb 2012
A concern overall is whether this is really a tongue in cheek guide for the "on the fringe" hacker, and rather than looking in deep dark chat rooms can find all they need here to launch the next latest and greatest exploit. There are no moral lessons or lecturing so one can only wonder whether the it's true that the best camouflage is broad daylight since he who laughs last, laughs best.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


4.0 out of 5 stars Interesting and amusing, 24 Oct 2011
Verified Purchase(What is this?)
In the same writing style as The Art of Deception: Controlling the Human Element of Security, Kevin Mitnick gives us more stories which show the workings of a hacker's mind. In the stories I noticed the evolution of real technical hacking techniques to a combination of with social engineering. The stories are both interesting and amusing. Some technical knowledge will help you to understand these stories, although the mentioned technical concepts, ideas and technologies are explained too.
Help other customers find the most helpful reviews 
Was this review helpful to you? Yes No


‹ Previous | 1 2 | Next ›
Most Helpful First | Newest First

This product

Only search this product's reviews