Review of some of recently published books by Syngress

I`ve got electronic copy of some of new Syngress books . Here`s how I`ve rated them :

"No Tech Hacking" : Name is self-explaining . covering topics on how to hack without computer . Interesting topic picked , but so interesting materials . At least , I was expecting something more cool from it`s well known author , the king of Google hacking . All of topics are well-discussed in other books & resources . Real-world cases are not even interesting enough , IMO . I consider it ANOTHER book on old known topics. I hardly give it 4 stars .

"Nmap in the Enterprised" : Want to waste your time in best possible way , and learn Nmap in worst way ? Go read this book . Is 0 star rating a valid one ? If not , I`ll give this one 1 start .

"Reverse Engineering Code with IDA Pro" : I`ve not finished reviewing it deeply yet , but It`s one of those books I like to read . Amount of good contents in the book compared to useless chaptes is above average . There are other great books on debugging already available , but if you just want to BEGIN working with IDA Pro , it`s a good book . Be warned that it`s not a good refrence for learning debugging . Giving 3 stars to this book would be fair . If it was covering more detailed basic things , rather than trying to finish the topic fast and clean , it could be a 4 stars book .

"Google Hacking , Volume 2" : Not as 'second edition' as expected . If you`ve already purchased first edition , or studied electronic version , you won`t get much from this new release . 2nd Edition covers some of new Google features released after 1st edition of book , and the style of the book is also refreshed for better classification of topics. But if you`re new to the topic , don`t even waste a minute ! this must be your #1 priority . A second to none resource for learning Google. Although it`s titled "for penetration testers" but even individuals will find this book good . I have some non-computer friends who were very happy after checking this book . Because they learned to make their Google search MUCH MORE effective than past , and get what they are looking for , in fewer hits . A 5 start book , without any doubt .

"Secrets stolen, Fortunes lost" : As some one who`ve reviewed some other books on same topic , I didn`t find a single new word in this book . The most interesting parts of the book were provided check-lists . They`ll be really useful for you , if you don`t already have alike check-lists . Provided real-world samples and cases could be better than current ones, or at least with better analyzes from author. If it was Amazon , I`d give this one 3 stars at best .

How good are these security books ?

I`m kind of guy who reads books. I`m one of those who reads A LOT of books , and to be more detailed , it rarely happens that a (security related) book is published and I`ve not checked it , at least as fast as checking only titles and chapter descriptions . But I still believe that checking Google beside known good resources which publish new papers and findings , is more effective than reading books . Of course , there are some exceptions too . But generally , I find the "Index" part of published books as their most valuable part ! why ? Because it help you to get idea what the book is about , and try to search & find more/better contents on web ,rather than reviewing entire chapter for nothing new or exciting .
Recently we`re faced with a wave of new books in the field of information security . Checking a site like Amazon for known topics like "web application security" will return more than 20 books covering this field , but are all of them really covering NEW information ? No . Almost all of them are copying already published papers and materials , and even worse , most of the time simply converting available readme or man pages to a book ! this readme-to-book seems getting more popular these years . Most of Books covering security tools , are true samples of this case . Syngress is #1 in this conversion IMO . Checking most of books from this publisher , you`ll see that it`s some times a modified copy/paste from documentations of products. You may have picked up new books covering Snort , Ethereal , Nmap , ISA , Exchange , .... and you dedicate your valuable time for reading them. It`s considered that you`ve already tried available manuals/readme/Help-menu and you`re purchasing the book to learn something new . But when you finish reading the book cover to cover , you`ll be like "wtf ?! I knew all of these from the software/product documentation . what about those shining bold fonts on cover announcing NEW tips ? " . I`m sorry to say that most of them (covers) are designed to cheat you !

There are yet some better books . Those who copy good old contents from previous books , to keep the book pass quality control ! Here`s how it happens :
You get a new book covering "Buffer overflow attacks" . Some chapters teach you already-known information in new and some times better ways . well , you like the book at the end , cus it was something useful for you . Another new book is published from the same published covering " Writing Security tools..." . This time fewer useful contents , and some of chapters are exact copy/paste of past book . well , you don`t like this book much . Same publisher release another book covering "Metasploit Framework" . Wow, finally some dedicated book for MSF . it must have valuable contents , so let`s try it . This time you`ll hate not only the book , but also the publisher ! why ? Cus here`s how this book was cooked : Good OLD chapters of first book , copy/paste of chapters from the other book on same topic , and finally rehashed manual pages and documentations of the tool itself ! what make it even more annoying is that the authors have not even tried to update contents . You`re reading 2005 contents in 2008 . And you know what '3 years' means in information security !

So , should you stop reading books ? no . I`m trying to say don`t consider any book , a real book ! If you want to learn a new topic , before choosing a book for reading cover to cover , be sure it have something new , or at least it`s well organized , to be able to reduce your Googleing time .
How to know if it`s a real/good book ? Most of the times , Those who are working in same topic/field as the book they`re authoring , the result will be a good book . Check Amazon again , searching for top rated or most popular security books . You`ll see that in almost all of the cases co-authors of the book are known authorities in the field . "The {shellcoders/DB hackers/Oracle Hackers/Web App Hackers} Handbook" series by Wiley are all excellent books authored by smart geeks . There are many other good samples but mentioning all will just make this post longer .

Next tip for those who want to pick books covering specific tool/solution/product/device/appliance : Forget about The Book ! Believe me or not the best refrence for learning them is available manuals and documented already provided beside it . The only case that override this assumption is when the developer/company itself attempt to write a book . New "Nmap In the Enterprise" book from Syngress is a great sample. Checking cover and titles even caused me to look inside the book , because I`ve seen some words about "NSE" or Nmap Scripting Language , which I`m currently learning it . I though I`ve finally the resource to review some real working samples . But when I checked related chapter , it was few paragraphs on how to use the "-sC" switch !!! Now I feel like an 'NSE' expert ! Fydoro is working on his Nmap book too , and I`ve seen some prepared contents . It`s funny when you compare these two books ! Let`s see how it will be rated when released .

And Final tip for reading (security) books :
If you want to learn what you read , don`t just read ! try and experience every single topic you read , in real-world and with real samples , not even books test cases. Other ways you won`t get much from that book. This is specifically matching the books trying to teach you techniques , not the concepts . There`s not much to try when you`re learning how designing a secure network by design, but tens of ways to write exploits for a single overflow case , or injection possibility . So get your hands dirty ! Reading books without experiencing them will make you lazy and book-depended soon or later .

Smell of good old days

No technical post this time ,
but I`m glad to mention that www.Hat-Squad.com , and www.Neominds.org are up and alive again :)
Hat-squad , as our research group has never been idle/off/down and during these years we`ve all been busy doing our favorite works related to what the team has been arranged for . I still believe Hat-Squad as the oldest and most solid Iranian security research group since 2001 who`ve kept it`s vision and presented extensive researches , results and projects either publicly or privately for the fun of it , or for the money behind it ! yes , everyone needs $ .
Last day I`ve been informed by Behrang that domain is up again . I`m not sure if any content will be added/published soon , but for now it`s just to make the name alive . Since 2005 team focused most of it`s time on given research or audit/assessment projects rather than non-profit work for publishing MORE advisories or tools or hobbies . Security market has changed since that time too . More than 7 years of coordinated work , research and adventures gave us all priceless experiences and helped us to improve and gain knowledge close to wire-speed :)
Thank you all of Hat-Squad members , for everything .