Review – Security Power Tools

Security Power Tools is one of those monstrous tomes that people buy and almost no one ever actually reads. It sits on the shelf and mocks you with the knowledge that it contains while simultaneously scaring you with the commitment it would take to actually read it. It’s 822 pages of dense techno babble.

It took me about three weeks to get through it.

In general, it contains the same information that is in SANS 504, but not quite as complete. It is, however, much cheaper than the course.

In the course, you get six days with a top-notch penetration tester and walk through all of the commonly-used tools in a standardized environment. You get lots of practice and a interactive sessions with security practitioners of various levels. In my opinion, it is the best way to learn.

However, it’s not something that everyone can do, either for reasons of budget or time. Failing that, Security Power Tools is a good alternative. It digs into scanning, reconnaissance, penetration techniques and tools, backdoors, rootkits, firewalls, encryption, service tuning, monitoring, forensics, fuzzing and reverse engineering. It’s a fairly complete book.

It is important, though, to read the book correctly. If you want to learn, really learn, how these things work, you have to approach it as self study, not just a reference guide. Before you pick it up, look at your life and decide how much time each week you can devote to the process. Reserve that time in your schedule. As you read the book, consider each section independently and think about how you might use the tool in a real world scenario. Then, build such an environment (use virtualization if it helps). Read the section again and run the tool within the environment.

That way, you actually learn how things work instead of just having a surface-level understanding.