I am re-reading The Cuckoo’s Egg. It is a great book by Cliff Stoll, an astronomer turned sys admin who tracks a hacker through his system. There is a ton of insight in this book on the challenges of securing a system and various techniques. The crazy thing is that this took place in 1984. A lot of the techniques he describes he has to do manually, but they still exist today. His intrusion detection system is simply making his terminal beep when a new person logs in so he can check to see if they are the hacker and exploits a particular hole. Today, we have automated IDS tools that monitor activity. His logging was to print out traffic on a particular modem line using a dot matrix printer. Things have gotten better.
The challenges he brings up and attack techniques are still very relevant today. Password hacking, privilege escalation still are core problems. The attack tools of course have gotten more sophisticated too. All of the attacking done was manual. These days they have a lot more tools in their bag too.
This is a great read and I recommend it to anyone who is interested in security. Because there is not a lot of technology to get in the way, it is really easy to see the fundamentals of attack and defense.
There are PDF versions available online but I would recommend ordering a copy directly from Cliff himself. He as first edition, hardcover editions which he is selling for $20. That is what I did and the delightful shipping email he sent out was worth it for that alone.
I will update this with observations as I read through it.
