Book Review: Gray Hat Hacking

By Allen Harper et al. McGraw-Hill; mhprofessional.com; 640 pages; $60.

When the first installation of the Hacking Exposed series came out almost two decades ago, it caused quite a stir. Many worried that it would fall into the wrong hands, and attackers would use the tools and techniques described in the book to hack into corporate systems. While that may have been a valid concern, the reality is that when the book was in the right hands, it was a valuable resource for security professionals to use to secure their own networks.

In Gray Hat Hacking: The Ethical Hacker's Handbook, now in its fifth edition, nine contributors have written a highly technical, hands-on reference on ethical hacking. The book is updated and has 13 new chapters. While describing hacking methods, the book helps the reader understand the tools and techniques needed to secure their Windows and Linux-based systems.

This is a deep and detailed book meant for readers who want to get their hands dirty with tools and script writing, and have a desire to understand the inner workings of systems and how they can be secured.

Rather than just focusing on the software tools, the authors emphasize the importance of understanding how systems operate and what their vulnerabilities are. Through that, they show how these systems can then be exploited. But more importantly, they detail what needs to be done to secure these systems.

Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a senior information security specialist with Tapad, Inc.