Computer Security: A Hands-on Approach

Great book for learning many attacks that existed up to 2016. The vulnerabilities document within may still exist on some systems that haven't been updated (bad system admins). I surely don't encourage the reader to search for these vulnerable systems- but it is nice to know the book is fairly recent and not from a decade ago.The book is organized so that most chapters can be read independently- i.e. they don't necessarily build on one another, so you can hop around the chapters. Within each chapter, the author provides sufficient background that allows the user to understand how the hack is working. And he does it without losing the reader in noisy unnecessary details.Read the front matter- in it the author specifies the location of virtual machines for use in the hand-on exercises. To properly setup the VMs, you have to read his "how to" guide, posted on his site, for the exercises to work. I missed reading one of these, and could not get my VMs to network. I'm in a class and my professor pointed me to the location on the site- where the file was hidden in clear site (no reason why I missed it). No problem, just open the how-to, read it and configure your VM, and you're good to go. The configuration steps are not difficult... you just have to do them. The config takes about 10 min total.Some of the exercises use the linux command-line and C coding. Some exercises use command-line tools such as Netcat, Pcat, and Curl, which the author shows you how to use. Other exercises use a mock social website created by the author where he demonstrates how to steal the user's session id, and friend them without the other person's knowledge. Many attacks show you how to get root.This book is awesome, I don't know why more people have not bought/rated it. It is relevant, easy to read, concise, and teaches hacks in simple terms. I'm no programming expert (I come from the world of Basic, Fortran, Pascal and some C), yet I could follow this text.Prerequisites includes some knowledge of C or Java. Access to a virtual machine is a must (VMware or VirtualBox or equivalent). And multiple monitors (or a single large one) are VERY useful... since many times you will be running as many as 3 VMs (an attacker, a server, and a user).Happy hacking!!!

This text is an excellent companion to teaching computer security via the SEED labs. The SEED project is an invaluable resource for both instructors and students, providing hands on learning for the next generation of security professionals. Dr. Du's straightforward and approachable style make this book a pleasure to read, and the topics covered are all well chosen to provide a broad coverage of the subject through an experiential lens.

I purchased this book for a Computer Security course I am currently taking as it was the required text. Overall I appreciate Prof. Du's method of explaining the concepts of each attack clearly and with sufficient examples.One thing I want to point out is that there is sometimes a little mismatch between this edition of the text and the current SEED Labs exercise instructions so you should read both the SEED Lab instructions and the textbook very carefully in order to effectively complete the lab exercises. Overall I felt that the book provided me enough detailed instructions that I was able to complete the Lab exercises without consulting other outside books or learning resources.

Professor Du's approach to computer security is both in depth and practical, and his teaching style is very effective if you are a hands on learner. Not only are security topics conveyed here, so are a lot of network and computer fundamentals are addressed. Definitely recommend to anyone who wants a thorough and enjoyable look at computer security.

Hi,The content and the code snippets are good read for security engineer and people who wanted to learn security. For sure it is a good book in terms of material covered. The quality of pages and the images are so poor that i felt it is not the original copy. I felt disappointed about having no clarity with the images, which means not at all worth the cost. I think i need to return this book. Not sure why this book costs so much. Cost for sure is on higher end.

The beauty of this book is that Prof. Du has already summarized a nice structure of how to present each computer security topic, which is instructors friendly. The structure of each book chapter can be easily turned into teaching material. I can easily grab the topic that I want to teach and follow the same presentation structure to describe the topic to students.By the way, this book plus the SEED project allow instructors to construct a very matured computer security teaching syllabus.

There are clearly explanations about Software Security, Web Security, Network Security. This text is an excellent for doing practice SEED Labs.

My only problem is the font is too small. hard to read, and no electronic version, no CD with any extras.

Very useful book, mainly for labs of computer and network security.

I picked up this text to educate myself on all topics around network security, and as such I read through Parts II and III, Web Security and Network Security. I found the text very clearly written containing all the necessary details to make it authentic and hands-on. The book is accessible and sufficiently in-depth to set oneself up for a basic understanding of computer security issues and their solutions, and for further in-depth study if intended. I expect to use the book as a reference to refresh my memory as needed. Recommended without qualification!