A while ago, I had the crazy idea that I needed to read more technical books, so I purchased a pair of books that appealed to me: Attacking Network Protocols and Serious Cryptography, both published by No Starch Press. I was interested in reading along with others and sharing our thoughts and opinions, so I spoke with members of VERT and our marketing team. Thus #TripwireBookClub was born. Since I already owned Attacking Network Protocols, it became the first book we read.

Attacking Network Protocols: A Hacker’s Guide to Capture, Analysis, and Exploitation by James Forshaw is designed to take you from “The Basics of Networking” all the way to “Finding and Exploiting Security Vulnerabilities” (coincidentally, the names of the first and last chapters of the book). The book covers an almost dizzying array of topics in simple and easy-to-understand language; it could easily read as the syllabus and course text for a college computer security course.

The author, James Forshaw, is well known for his security research and conference talks, and the book reads like a download from his mind to yours. There are very few individuals better suited to share their knowledge on this subject, and James goes out of his way to include code examples that you download as a companion to the book.

There are a few moments in the book where it feels like the technical editor let items fall through the cracks and where the terminology isn’t as precise as you’d like, but, in the end, it stands as one of the best, if not the best, reference books on this material.

Here’s what others who read the book with me had to say:

Attacking Network Protocols covers a variety of topics, but the Application Reverse Engineering chapter has to be mentioned. (Read more...)