Sunday, December 21, 2014

Book Review: Practical Intrusion Analysis

With a core emphasis on intrusion detection systems(IDS) in networks, the bookincludes further topics like wireless IDS, Intrusion Prevention System(IPS),etc. 
SNORT and Bro are the two main IDS tools discussed. Both of them are open-source tools. While SNORT is representative of signature-based IDS, Bro is an example of anomaly-based IDS. A signature-based IDS looks for signatures in the network transmission indicating an attack in progress whereas an anomaly-based IDS goes by a normal traffic pattern and raises alert if there is an abnormality detected.
There is some discussion on writing signatures for SNORT. There are sites on the internet where signatures can be downloaded. However, any intrusion analyst using SNORT in detail, would need to know the techniques for writing signatures. There are methods discussed in this book for strategy to create good signatures while going through a vulnerability' life cycle.
Some of the other network analysis tools described in this book include vulnerability assessment scanners(ex. Nessus, Nikto, router audit tool a.k.a RAT), packet sniffers(ex. Wireshark, TCPDump), file integrity checker(ex. Tripwire, RANCID, AIDE), password auditing(ex. Cain and Able, Brutus, RainbowCrack), wireless security toolkits(ex. AirCrack, AirSnort, Kismet), vulnerability exploitation tools(ex. Metasploit), network reconnaissance toolkits(ex. Hping2, nmap, ngrep, ntop). The distinctions between these may be small and sometimes even overlapping such as an essential packet sniffer in an intrusion detection system.
There is some discussion on web application firewalls, wireless IDS/IPS, some other less frequent topics like physical intrusion detection and geospatial intrusion detection. Web Application Firewalls are specialized IDS to cater to the practicalities like more percentage of secure network protocols in use and wide variations from web applications across organizations. This makes the the general IDS tools practically ineffective as a intruder can go within a tunneled traffic which is not configured for monitoring out-of-the-box.
To summarize, the book covers a lot of topics within its scope. It is a good read for a introduction to current intrusion analysis,detection and prevention techniques. A more continuous discussion with more real-world examples and their solutions within the topics would have made this a delightful read.


Book Review: MySQL Admin Cookbook

MySQL is reputed to be among the most popular open source databases. It is frequently used as the database component of the LAMP software stack. From the beginning of its development in 1994 to its acquisition in 2008 by Sun Microsystems which itself is now a subsidiary of Oracle Corporation, MySQL has come a long way.

The book explains 99 recipes which can be used by the developer/ administrator using the database. These cover main topics such as backup and recovery, configuring MySQL, MySQL user management and managing schemas.

One of the unique features of MySQL is concept of storage engine. This additional layer allows the user/developer to choose how and where a database table is to be stored. Four of the most common storage engines for MySQL are MyISAM,InnoDB,Memory and NDB. The default storage engine is MyISAM.

Before starting with the recipes for indexing, there is comparison of indexes between InnoDB and MyISAM as the main two storage engines for MySQL. One of the differences mentioned is MyISAM structures all indexes identically, whereas InnoDB makes a distinction between the primary key and additional secondary ones. There is always a trade-off between between increased space requirements and maintenance costs on index updates. There are suggestions for making the optimal choice out of these. 

InnoDB tables do not support fulltext indexing whereas MyISAM does. One of the workarounds for InnoDB tables to use MyISAM is via replication as explained in one of the recipes. One of the usual tips about full-text indexes repeated here is dropping it during bulk load to avoid expensive update operations.

Among the recipes in this book are steps for replication in mysql via scripts and configuration settings, manually configuring loadbalancing functionality on MyQL, using the blackhole storage engine for limiting network and slave I/O load in heavy write scenarios, exporting and importing data from different file formats, tips on choosing a storage engine. 

To summarize, this is a useful book with useful tips and some good recipes for the developer/administrator using MySQL in practical situations.

Book Review: Open Government

Open Government, the book under review is a collection of articles from professionals and notable stakeholders in governance, primarily from US perspective. With thirty-four chapters, this is a fairly fat book filled with case studies and opinions of various participants.
Some of the measures of government reform in this context include the recently recognized roles of CTO and CIO as part of the government similar to major business and corporations.
One of the important points made in one of the chapters "Government as a Platform" is that any functional democracy needs to have all inclusive opinions from maximum stakeholders possible. The advantage of diverse public discourse is that wrong opinions tend to cancel each other, leaving the the best ones to be considered for implementation. In present times, with lot of the population being internet-savvy, it is definitely a step forward to include online tools and forums for determining the public opinion.
There are two interesting examples of open government in practice given in this book. These are the websitesfollowthemoney and maplight. The first of these is the website of National Institute on Money in State Politics tracking political donation data. The latter is a public domain database seeking to track money and related influence in legislatures.
To summarize, the book seems to have more chapters than necessary to bring out the perspective. Some chapters are too technical and doubtful to give insight to the targeted audience. With a strong leaning for US examples and discussions, it leaves advancements in other countries out of scope. This is however a good way to see merging of technology in administrations in different ways.



Book Review: Friends with Benefits


We are experiencing the explosive growth of internet and its impact on our lives in ways unimaginable until few decades back. The 32-bit IPv4 is forecasted by various sources to beexhausted by 2011. Technically, these kinds of forecasts have required various solutions such as the 128 bit IPv6 protocol, reclaiming unused IP space,etc. 

The large and growing usage of internet technologies of various types has required the development of newer marketing tools and strategies. That is where Friends With Benefits likely fits in. It highlights the major aspects of social media marketing and is filled with examples, tips and tricks in a good readable style.
There is some good examples and tips given to improve knowledge sharing while maintaining the authenticity of the source. In this regard, the authors explain the skillful use of creative commons license to share material online.
The authors give out some really useful tips on using online forums and following netiquette. There is also some useful suggestions to make use of popular social news sites such as Digg, Slashdot and StumbleUpon.
To summarize the review, a practically useful book for this topic very much in 'beta' state. The authors themselves acknowledge the still evolving nature of this medium. Some more positive addition to this book could be more examples similar to tubetastic and techcrunch.



Book Review: The Art of Assembly Language, 2nd Edition

Book review of


For quite a few of us in India and nearby, Ramesh Gaonkar's book on microprocessors and to some extent Douglas Hall's microprocessor book had been the earliest microprocessor text. The 8085 microprocessor and its variants appear on a multitude of student lab kits and higher school, junior college and engineering college projects.

In this time of Intel i3, i5 and i7 processor and high capacity SMP machines, it is the admirable effort taken by the first pioneering microprocessor engineers which has given rise to the burgeoning IT industry of present times.

The Art of Assembly Language is primarily a similar text book for assembly language as the two books mentioned earlier. It introduces readers to writing 32-bit x86 assembly code using HLA(High Level Assembler) language. The author of this book is also the developer for HLA language.


The book comprehensively covers topics from the basic libraries of HLA to advanced arithmetic, macros and string instructions. One of the unique topic covered is the object oriented programming support given by HLA.

Some of the topics in advanced arithmetic are extended-precision arithmetic, arithmetic on operands whose sizes are different, decimal arithmetic, and computation via table lookup. There is a complete set of bit operations that forms a part of any complete assembly language. There is an entire chapter dedicated to bit operations including the basic six activites upto bit-centric algorithms and their implementations in HLA.

To conclude the review, while the book is no doubt well-written, the use of HLA is one of the requirements for this book. This could require some adaptation in universities not using HLA as the learning tool.

Earlier published in desicritics.org


Saturday, December 20, 2014

Trust in God

United with me, you shall overcome all difficulties by my grace.
(Hinduism, Bhagavad Gita)