Book Reviews: Information Security Books and Product Reviews – Live Hacking

Book Title:   Live Hacking

Subtitle: The Ultimate Guide to Hacking Techniques and Countermeasures for Ethical Hackers & IT Security Experts

Author: Ali Jahangiri

Publisher: Dr. Ali Jahangiri

Date of Publishing: Oct 2009

ISBN(13): 9780984271504

Price (UK&US price – full price, not discounted price): £29.95,   $49.95

URL of Publisher Site:  Dr Ali Jahangiri

URL of Amazon UK web page:  Live Hacking: The Ultimate Guide to Hacking Techniques & Countermeasures for Ethical Hackers & IT Security Experts

URL of Amazon UK (Kindle) web page: N/A

URL of Amazon US web page:  Live Hacking: The Ultimate Guide to Hacking Techniques & Countermeasures for Ethical Hackers & IT Security Experts (See all Computer Hacking Books)

URL of Amazon US (Kindle) web page:  N/A

I’d never be so presumptuous as to label myself a hacker but I am an IT security guy so I know the subject matter pretty well. The allure of Dr. Jahangiri’s book was that it would educate me to think like a hacker, so helping me better understand how the bad guys operate and how they gain unauthorized access to our computer systems and networks. As Sun Tzu once wrote, “To know your enemy you must become your enemy.” So, I was really quite excited to get my hands on this book, especially after reading the back cover blurb on and seeing the rave review that a previous reader (or friend) had given it. However, when the package arrived, I was really disappointed. It’s obviously self-published – no problem with that as long as it’s done well – and it shows. There are plenty of grammatical and spelling errors in the text that really detract from the overall quality of the book, and at 49.99UD$ I had serious reservations about its ‘value for money’. If I wasn’t writing this review I’d have considered sending the book right back to where it came from, demanding a refund. However, I ploughed on regardless, and here’s what I found. Firstly, a criticism again on value is that the book is full of (and I mean packed tight with) screenshots from websites and the page is so condensed that it’s virtually impossible to read or interpret the detail, so the impact of showing the reader the tool is completely lost with such bad reproduction. The first chapter on essential terminology is sparse and did not deliver the glossary I was hoping for, while chapter 2 on reconnaissance simply lists a plethora of websites that you might be able to glean some information about your target from (the bulk of this chapters content is screen grabs). Chapter 3, on Google hacking, is ok for a stratospheric overview of a complex subject, but after reading an excellent treatment on exactly this subject just a few months ago (Google Hacking by Johnny Long; published by Syngress) this chapter left me somewhat flat. Chapters 4, 5 and 6 on scanning, enumeration and password cracking again were ok, not fantastic, just ok. What these chapters offer are simplistic, high-level overviews of three subjects that each deserve (and have already got) books in their own right – some at lower price points, I might add. Chapter 7 delivers a whopping 11 pages on Windows hacking. Now, I have some experience with penetration testers trying to hack into my systems and I’d guess they had more than 11 pages worth of experience at hand. Maybe I’m wrong, but I’d probably even take a bet on it. Uncommonly in this book, I was pleasantly surprised with chapter 8 on malware as the author covers a good range of nefarious attack technologies. Aside from an unnecessary abundance of full sized screen captures (yawn, I do go on) from Spytector  (there are 8 back-to-back across just 5 pages) the author does a good job of providing an overview of the various forms of ‘bad code’ that can gain access to your systems and data. I was fairly unimpressed with the rest of the book, with the highlight being chapter 10’s treatment of a SQL injection attack – I’d always wondered how that works.

So, with 185 pages of useless content, many of which are crammed with illegible screen grabs, I was not impressed. Sorry, Dr. JahanGri, I’m sure you are a very clever man and very proficient in teaching this stuff to your students, but maybe you should consider looking for a professional publisher next time rather than opting for the DIY option.

Marks: 1 out of 5