Since things are gearing up for our first (Twitter/G+) discussion tomorrow, I thought that I would make another post about what’s going on in the wonderful world of the InfoSec Book Club.

• I started to write up questions for discussion tomorrow, but it felt too much like I was preparing essay questions. So instead of posting discussion questions, I’ll start with a question at 10:30 AM (EST) and then will move the discussion along throughout the day. If that doesn’t work out well, then we will try the discussion questions with next month’s book.
• As far as I know, we are still on for the Google+ hangout with Kent Nabors and Jayson E. Street to discuss the book this Saturday at 8PM (EST)
• Speaking of next month’s book! Just wanted to remind you all that we are still set to read Kevin Mitnick’s Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker next month (which starts on Wednesday).
• March’s book was supposed to be Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks, but after consideration and a lot of input, it will be switching places with September’s book (Metasploit: The Penetration Tester’s Guide).

I think that is it and I look forward to the discussion tomorrow morning and the G+ hangout on Saturday!

Since this is the first month of the InfoSec Book Club, I thought that I would do something fun with it and offer a little giveaway. The prizes aren’t “super amazing”, but are fun and have something to do with the book as well as one of the authors (you’ll see what I mean below). The first person to email me the correct answers (verified by Jayson E. Street) wins the prizes.

All three answers can be found in the story portion of the book and you can email me your answers at: magen@tottenkoph.com

The questions from Jayson are:

1. How many Scooby Doo references are in the book & on what page numbers?

2. Who had the “Pulp Fiction” avatar?

3. One of the characters name was taken from an email used to propagate a virus who is it?

The prizes are a USB pen (like the one used in the book, except it has a laser pointer in it) and your choice of: 36 pack of Pepsi, 36 pack of Diet Pepsi, or a Pepsi-Cola wall-mounted bottle opener.

UPDATE:I also wanted to let you all know that Heidi has told me recently that she spoke with Syngress and No Starch Press and it has been arranged to have some copies of the books from those vendors at Shmoocon.

There is only a little over a week before we start the first month of the first annual (I’m not ashamed to admit that I already want to do a second year of this if it goes as well as I hope) Information Security Book Club! The first book that we will be reading is Dissecting the Hack: The F0rb1dd3n Network, Revised Edition by Jayson E. Street, Kent Nabors and Brian Baskin. It is available in hardback as well as paperback (the ebook version of it magically disappeared sometime between DEF CON and now :/ ).

On January 27, I’ll post some discussion questions on here and then at that point anyone who is interested in the conversation can join in on Twitter using #isbc or join the conversation on Google+. Even if you have already read the book, I hope that you join us in the conversation!

So here is the list of books for the InfoSec Book Club for 2012. If it goes well and everyone is interested, I will do it again next year as well.

I noted an asterisk (*) next to books that I have been able to find audio versions available either on audible or on Amazon. And just to help y’all out, No Starch Press books are available on Amazon for a discounted rate, but if you order via No Starch’s website you get an ebook version and you’re helping out Bill. Which is honestly better, in my opinion. Without further ado, here are the list of the books!

January 2012

Title: Dissecting The Hack: The F0rb1dd3n Network

Author: Jayson E. Street

Description: Dissecting the Hack is one heck of a ride! Hackers, IT professional, and Infosec aficionados (as well as everyday people interested in security) will find a gripping story that takes the reader on a global trip through the world of computer security exploits. One-half thriller, one-half reference, each provides context for the other. Together they will show you how to see the digital world just below the surface of daily life.
Yes, the security threats are real!   In this revised edition the Part 2 content is completely NEW. Read more about the tactics that you see executed throughout the story in the second half of the book where you will learn to recon, scan, explore, exploit, and expunge with the tools and techniques shown in the story.

February 2012

Title: Ghost in the Wires: My Adventures As The World’s Most Wanted Hacker*
Author: Kevin Mitnick
Description: Kevin Mitnick was the most elusive computer break-in artist in history. He accessed computers and networks at the world’s biggest companies–and however fast the authorities were, Mitnick was faster, sprinting through phone switches, computer systems, and cellular networks. He spent years skipping through cyberspace, always three steps ahead and labeled unstoppable. But for Kevin, hacking wasn’t just about technological feats-it was an old fashioned confidence game that required guile and deception to trick the unwitting out of valuable information.
Driven by a powerful urge to accomplish the impossible, Mitnick bypassed security systems and blazed into major organizations including Motorola, Sun Microsystems, and Pacific Bell. But as the FBI’s net began to tighten, Kevin went on the run, engaging in an increasingly sophisticated cat and mouse game that led through false identities, a host of cities, plenty of close shaves, and an ultimate showdown with the Feds, who would stop at nothing to bring him down.

March 2012

Title: Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks (NSP)

Author: Michael Zalewski

Description: There are many ways that a potential attacker can intercept information, or learn more about the sender, as the information travels over a network. Silence on the Wire uncovers these silent attacks so that system administrators can defend against them, as well as better understand and monitor their systems.
Silence on the Wire dissects several unique and fascinating security and privacy problems associated with the technologies and protocols used in everyday computing, and shows how to use this knowledge to learn more about others or to better defend systems. By taking an indepth look at modern computing, from hardware on up, the book helps the system administrator to better understand security issues, and to approach networking from a new, more creative perspective. The sys admin can apply this knowledge to network monitoring, policy enforcement, evidence analysis, IDS, honeypots, firewalls, and forensics.

April 2012

Title: Daemon *

Author: Daniel Suarez

Description: Technology controls almost everything in our modern-day world, from remote entry on our cars to access to our homes, from the flight controls of our airplanes to the movements of the entire world economy. Thousands of autonomous computer programs, or daemons, make our networked world possible, running constantly in the background of our lives, trafficking e-mail, transferring money, and monitoring power grids. For the most part, daemons are benign, but the same can’t always be said for the people who design them.
Matthew Sobol was a legendary computer game designer—the architect behind half-a-dozen popular online games. His premature death depressed both gamers and his company’s stock price. But Sobol’s fans aren’t the only ones to note his passing. When his obituary is posted online, a previously dormant daemon activates, initiating a chain of events intended to unravel the fabric of our hyper-efficient, interconnected world. With Sobol’s secrets buried along with him, and as new layers of his daemon are unleashed at every turn, it’s up to an unlikely alliance to decipher his intricate plans and wrest the world from the grasp of a nameless, faceless enemy—or learn to live in a society in which we are no longer in control. . . .

May 2012

Title: Freedom *

Author: Daniel Suarez

Description: In the opening chapters of Freedom(tm), the Daemon is well on its way toward firm control of the modern world, using an expanded network of real-world, dispossessed darknet operatives to tear apart civilization and rebuild it anew. Civil war breaks out in the American Midwest, with the mainstream media stoking public fear in the face of this ‘Corn Rebellion’. Former detective Pete Sebeck, now the Daemon’s most famous and most reluctant operative, must lead a small band of enlightened humans in a populist movement designed to protect the new world order.
But the private armies of global business are preparing to crush the Daemon once and for all. In a world of conflicted loyalties, rapidly diminishing government control, and a new choice between free will and the continuing comforts of ignorance, the stakes could not be higher: hanging in the balance is nothing less than democracy’s last hope to survive the technology revolution.

June 2012

Title: Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground

Author: Kevin Poulsen

Description: In a previous life, Poulsen served five years in prison for hacking. So the Wired senior editor and “Threat Level” blogger knows intimately the terrain he explores in this page-turning tale of the criminal exploits of a hacker of breathtaking ambition, Max Butler, who stole access to 1.8 million credit card accounts. Poulsen understands both the hows of hacking, which he explains clearly, as well as the whys, which include, but also can transcend, mere profit. Accordingly, his understanding of the hacking culture, and his extensive interviews with Butler, translates into a fascinating depiction of a cybercriminal underworld frightening in its complexity and its potential for harm, and a society shockingly vulnerable to cybercrime. The personalities, feuds, double dealing, and scams of the hackers are just one half of this lively story. The other half, told with equal verve, is law enforcement’s efforts to find and convict Butler and his accomplices. (Butler is now serving a 13-year sentence and owes .5 million in restitution.) Poulsen renders the hacker world with such virtual reality that readers will have difficulty logging off until the very end. (Feb.)

July 2012

Title: Practical Lock Picking: A Physical Penetration Tester’s Training Guide

Author: Deviant Ollam

Description: For the first time, Deviant Ollam, one of the security industry’s best-known lockpicking teachers, has assembled an instructional manual geared specifically toward penetration testers. Unlike other texts on the subject (which tend to be either massive volumes detailing every conceivable style of lock or brief “spy manuals” that only skim the surface) this book is for INFOSEC professionals that need essential, core knowledge of lockpicking and seek the ability to open most locks with relative ease. Deviant’s material is presented with rich, detailed diagrams and is offered in easy-to-follow lessons which allow even beginners to acquire the knowledge very quickly. Everything from straightforward lockpicking to quick-entry techniques like shimming, bumping, and bypassing is explained and shown.Whether you’re being hired to penetrate security or simply trying to harden your own defenses, this book is essential.

August 2012

Title: Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems (NSP)

Author: Chris Sanders

Description:

It’s easy to capture packets with Wireshark, the world’s most popular network sniffer, whether off the wire or from the air. But how do you use those packets to understand what’s happening on your network?
With an expanded discussion of network protocols and 45 completely new scenarios, this extensively revised second edition of the best-selling Practical Packet Analysis will teach you how to make sense of your PCAP data. You’ll find new sections on troubleshooting slow networks and packet analysis for security to help you better understand how modern exploits and malware behave at the packet level. Add to this a thorough introduction to the TCP/IP network stack and you’re on your way to packet analysis proficiency.
Learn how to:

• Use packet analysis to identify and resolve common network problems like loss of connectivity, DNS issues, sluggish speeds, and malware infections
• Build customized capture and display filters
• Monitor your network in real-time and tap live network communications
• Graph traffic patterns to visualize the data flowing across your network
• Use advanced Wireshark features to understand confusing captures
• Build statistics and reports to help you better explain technical network information to non-techies

September 2012

Title: Metasploit: The Penetration Tester’s Guide (NSP)

Author: David Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni

Description:

The Metasploit Framework makes discovering, exploiting, and sharing vulnerabilities quick and relatively painless. But while Metasploit is used by security professionals everywhere, the tool can be hard to grasp for first-time users. Metasploit: The Penetration Tester’s Guide fills this gap by teaching you how to harness the Framework and interact with the vibrant community of Metasploit contributors.
Once you’ve built your foundation for penetration testing, you’ll learn the Framework’s conventions, interfaces, and module system as you launch simulated attacks. You’ll move on to advanced penetration testing techniques, including network reconnaissance and enumeration, client-side attacks, wireless attacks, and targeted social-engineering attacks…
You’ll even touch on exploit discovery for zero-day research, write a fuzzer, port existing exploits into the Framework, and learn how to cover your tracks. Whether your goal is to secure your own networks or to put someone else’s to the test, Metasploit: The Penetration Tester’s Guide will take you there and beyond.

October 2012

Title: The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage

Author: Cliff Stoll

Description: Cliff Stoll was an astronomer turned systems manager at Lawrence Berkeley Lab when a 75-cent accounting error alerted him to the presence of an unauthorized user on his system. The hacker’s code name was “Hunter” — a mysterious invader who managed to break into U.S. computer systems and steal sensitive military and security information. Stoll began a one-man hunt of his own: spying on the spy. It was a dangerous game of deception, broken codes, satellites, and missile bases — a one-man sting operation that finally gained the attention of the CIA…and ultimately trapped an international spy ring fueled by cash, cocaine, and the KGB.

November 2012

Title: Sectrets & Lies: Digital Security in a Networked World

Author: Bruce Schneier

Description: Praise for Sectrets and Lies “This is a business issue, not a technical one, and executives can no longer leave such decisions to techies. That’s why Secrets and Lies belongs in every manager’s library.” Business Week “Clear and passionate, this is the definitive book on Internet security from the leading thinker on the subject.” The Industry Standard “Startlingly lively…a jewel box of little surprises you can actually use.” Fortune “Secrets is a comprehensive, well-written work on a topic few business leaders can afford to neglect.” Business 2.0 “Instead of talking algorithms to geeky programmers, [Schneier] offers a primer in practical computer security aimed at those shopping, communicating or doing business online almost everyone, in other words.” The Economist “Schneier peppers the book with lively anecdotes and aphorisms, making it unusually accessible.” Los Angeles Times

December 2012

Title: Digital Forensics with Open Source Tools

Author: Cory Altheide and Harlan Carvey

Description: Digital Forensics with Open Source Tools is the definitive book on investigating and analyzing computer systems and media using open source tools. The book is a technical procedural guide, and explains the use of these tools on Linux and Windows systems as a platform for performing computer forensics. Both well known and novel forensic methods are demonstrated using command-line and graphical open source computer forensic tools for examining a wide range of target systems and artifacts.

• Written by world-renowned forensic practitioners

• Details core concepts and techniques of forensic file system analysis

• Covers analysis of artifacts from the Windows, Mac, and Linux operating systems

*****Update*****: Today until midnight 12/3, No Starch Press is offering 40% off on their books. Use GEEKGIFT at checkout to have the discount applied. To make things easier, I have also noted books that are available on the No Starch site by putting (NSP) next to the title.