AnyBook4Less.com
Find the Best Price on the Web
Order from a Major Online Bookstore
Developed by Fintix
Home  |  Store List  |  FAQ  |  Contact Us  |  
 
Ultimate Book Price Comparison Engine
Save Your Time And Money

Data and Voice Security

Please fill out form in order to compare prices
Title: Data and Voice Security
by Gregory B. White, David Dicenso, Dwayne Williams, Travis Good, Kevin Archer, Gregory White, Chuck Cothren, Roger Davis
ISBN: 0-672-32150-5
Publisher: SAMS
Pub. Date: 06 July, 2001
Format: Paperback
Volumes: 1
List Price(USD): $49.99
Your Country
Currency
Delivery
Include Used Books
Are you a club member of: Barnes and Noble
Books A Million Chapters.Indigo.ca

Average Customer Rating: 3.5 (2 reviews)

Customer Reviews

Rating: 4
Summary: Finally a book that addresses telephone security
Comment: I am a senior engineer for network security operations. I read "Voice and Data Security" (VaDS) to learn more about vulnerabilities in the voice world. A search for "voice security" here yields four results, of which VaDS is the only in-print title. Although I would have preferred VaDS to focus solely on voice security issues, I still recommend it as the only modern published reference for this critical topic.

When reading VaDS, it's important to remember that all of the authors have some sort of relationship with San Antonio-based voice security company SecureLogix. That's ok, as Foundstone is the powerhouse behind the successful "Hacking Exposed" book series. Some parts of the book read like commercials for SecureLogix products like TeleSweep and TeleWall, but the authors largely focus on non-proprietary solutions to voice security.

VaDS is strongest when it speaks solely to voice security issues, and, to a lesser degree, network infrastructure. I learned quite a bit about tapping phones (ch. 11), voice mail abuse (ch. 14), and voice-data convergence (ch. 5). Chapters on broadband infrastructure and exploitation were helpful. Even though the final chapter seemed out of place, its intriguing coverage of cyber law kept my attention.

Less helpful were the chapters covering general security issues, such as cryptography (ch. 18), malware (ch. 19), sniffing (ch. 20), scanning (ch. 21), passwords (ch. 22), firewalls (ch. 23), IDS (ch. 24), and denial of service (ch. 26). This material is so well-covered elsewhere that its appearance did little to help VaDS distinguish itself. Chapter 27 was an exception, with its succinct discussions of popular Microsoft IIS web server vulnerabilities.

Aside from including well-worn material, VaDS suffered slightly from a few technical mistakes. Explanations of buffer overflows in chapter 4 needlessly associated them with TCP-based sessions. UDP-based buffer overflows are exploited regularly. The author of this chapter also seems to believe that buffer overflows are a problem because they overwrite "user ID and privilege information" on the stack. That's rarely the case; subverting return pointers is the problem. Chapters 8 and 15, describing voice protocols like H.323, were difficult to understand, and ch. 18 (p. 283) makes an unsubstantiated claim that "a well-known Mid-East terrorist was discovered to be using steganography." Typos on pp. 155-156 appeared, and port 443 was replaced by 444 on p. 69.

Overall, VaDS marks a welcome contribution to the information security community. I plan to include it in my tier two security analyst reading list, with recommendations to concentrate on its voice-related content. Hopefully the second edition will strip out the unnecessary network security coverage found elsewhere, and include more excellent explanations of voice security issues.

(Disclaimer: I received a free review copy from the publisher.)

Rating: 3
Summary: Good intro to the core ideas of voice and data security
Comment: Not so long ago, the thought of running a corporate PBX on a client/server network was unthinkable, almost ludicrous. Now many companies have a VoIP (Voice Over IP) PBX via their Cisco routers. Some organizations have separate VON (Voice Over Network) systems. While the benefits of convergence are many, their security implications are often ignored or, when they are considered, are addressed too far along into the development process.

That convergence is the focus of Voice and Data Security. About a third of the book addresses the fundamentals of voice and data security, covering topics such as cryptography, sniffing, and spoofing. The rest of the book deals with securing digital and voice assets.

As an example, PBX and mail fraud are huge problems facing corporate America. Yet while most companies are aware of the situation, many organizations don't do all they can to secure their voice systems. This book contains an excellent policy and audit checklist on how to set up a corporate PBX policy. Items such as protection management, standards and procedures, technical safeguards, and incident response are discussed in the checklist, which alone is worth the cost of the book.

A single unauthorized modem in a corporate network will undermine firewalls, cryptography, and all other protection mechanisms. Thus, the authors cover how war dialers and telephone line scanners can be used to ensure that the back doors that unauthorized corporate modems create are closed.

Voice and Data Security is valuable to those needing a good introduction to the core ideas and security repercussions involved with the convergence of voice and data systems. It speaks volumes.

Similar Books:

Title: Fifth Generation Management, Dynamic Teaming, Virtual Enterprising and Knowledge Networking
by Charles Savage
ISBN: 0750697016
Publisher: Butterworth-Heinemann
Pub. Date: 04 April, 1996
List Price(USD): $21.95
Title: The Shellcoder's Handbook : Discovering and Exploiting Security Holes
by Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan "noir" Eren, Neel Mehta, Riley Hassell
ISBN: 0764544683
Publisher: John Wiley & Sons
Pub. Date: 22 March, 2004
List Price(USD): $50.00
Title: Corporate Information Strategy and Management: Text and Cases
by Lynda M Applegate, Robert D. Austin, F. Warren McFarlan, Lynda Applegate, Robert Austin
ISBN: 0072456728
Publisher: McGraw-Hill/Irwin
Pub. Date: 11 October, 2002
List Price(USD): $136.00
Title: Security in Computing, Third Edition
by Charles P. Pfleeger, Shari Lawrence Pfleeger
ISBN: 0130355488
Publisher: Prentice Hall PTR
Pub. Date: 02 December, 2002
List Price(USD): $79.00
Title: Shackleton's Way: Leadership Lessons from the Great Antarctic Explorer
by Margot Morrell, Stephanie Capparell, Alexandra Shackleton
ISBN: 0142002364
Publisher: Penguin USA (Paper)
Pub. Date: September, 2002
List Price(USD): $15.00

Thank you for visiting www.AnyBook4Less.com and enjoy your savings!

Copyright� 2001-2021 Send your comments

Powered by Apache