What do you think?
Rate this book
Offensive Countermeasures: The Art of Active Defense
Tired of playing catchup with hackers? Does it ever seem they have all of the cool tools? Does it seem like defending a network is just not fun?This books introduces new cyber-security defensive tactics to annoy attackers, gain attribution and insight on who and where they are. It discusses how to attack attackers in a way which is legal and incredibly useful.
147 pages, Kindle Edition
First published January 1, 2013
128 people are currently reading
266 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 7 of 7 reviews
November 30, 2020
The 1st edition and the 2nd (2017) are not for laymen. They are for computer security professionals investigating possible tactics, techniques, procedures, and tools (TTPT) for adding active cyber defenses (ACD) to enterprise networks. While the commercial world is rapidly adding products and services for ACD, such as deception technology and threat intelligence, this volume gives cyber defense operators working, hands-on tactical examples and instructions. Equally critical, it stresses the legal and organization steps to take when these methods are used to take the cyber fight to the attackers. Take care, ACD TTPTs can be dangerous, not just to cyber attackers. The book helps defenders stay safe with the law, management, and friendly users. Defenders will still need operation plans and strategic goals for their ACD campaigns. This book introduces the basic ACD tactical stuff, theTTPTs.
February 16, 2019
Quick read, and good to see these kinds of approaches gathered in one place. That said, the book (2nd edition) seems somewhat dated, even with respect to its 2017 publication date. Specifically, there's lots of coverage throughout on Java applets, even though Chrome and Firefox had dropped all applet support by January 2017. The book also shows approaches to changing your network's appearance in response to intrusions (e.g., Invisiports p63, etc.), with no mention of software-defined networking (SDN was well established by 2017), or how such a programmable network is infinitely more suited to this purpose.
3.5 stars
3.5 stars
July 17, 2019
Loved this book. It is a great introduction to deceptive technology. Using this book, and the free distro put out by BHIS, you can really dive into some of the tools and tactics to help protect your network and detect malicious activity early on.
November 9, 2018
I was a bit dissapointed as I expected more in-depth coverage and not just lists of products with some examples. Also some parts were repetitive (especially if you did like me an read the book from cover to cover). I read the Kindle edition which was mostly fine except some illustration/sample code that could have been better scaled so I did not have to scale and zoom.
With the latest update I would have liked more coverage on how the honeypots deal with certificates and https when macOS and Windows 10 has improved their end-user protection against malicous code. Do all hackers and scrpt kiddies use old linux installation;)
With the latest update I would have liked more coverage on how the honeypots deal with certificates and https when macOS and Windows 10 has improved their end-user protection against malicous code. Do all hackers and scrpt kiddies use old linux installation;)
December 4, 2017
Well I agree that this book is just a description of tools that can be used for defense in depth and occasionally for "offensive" escapades, and it could have used some editing and polishing. However, the ideas are entertaining, the implications are thought-provoking, and the tools themselves, while probably widely known in the infosec community, are virtually untouched by the general community. So, 4 stars (it is actually around 3.8).
June 4, 2018
Nothing special or new but shows a different way to structure the active defense, I recommend if you are new in this area
August 14, 2015
Superb overview of the Active Defense/hack-back methodology. Definitely some new techniques to add to my toolkit - badguys(tm)/auditors beware ;)
Displaying 1 - 7 of 7 reviews