BKCMSCHO.RVW 20040727 "Computer Security for the Home and Small Office", Thomas C. Greene, 2004, 1-59059-316-2, U$39.99/C$57.95 %A Thomas C. Greene http://basicsec.org tcgreene@verizon.net %C 2560 Ninth Street, Suite 219, Berkeley, CA 94710 %D 2004 %G 1-59059-316-2 %I Apress %O U$39.99/C$57.95 510-549-5930 fax 510-549-5939 info@apress.com %O http://www.amazon.com/exec/obidos/ASIN/1590593162/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/1590593162/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/1590593162/robsladesin03-20 %P 405 p. %T "Computer Security for the Home and Small Office" Thomas Greene asked me to do the technical review for this book, which speaks to his bravery, regardless of what it says about his wisdom. So there's no point in pretending that I'm unbiased here. However, I must say that I was bracing myself for yet another security book by a writer rather than a techie--and was delightfully surprised, right from the beginning, at how useful Greene's material was. The "Introduction" is a bit unusual: it doesn't lay out the theme or structure of the book, but jumps right into dispelling myths and making suggestions. You will be introduced to the fact that Greene is an Open Source/Linux ... well, fanatic might be too mild a term, extremist might be closer to reality. There is also a section on how to get, and configure, the Mozilla Web browser for safer surfing. Chapter one deals with the dark side of computing, and a variety of attendant risks. The descriptions sometimes gloss over technical niceties, but the assessment of threat levels is more reasonable than in most similar works. Vulnerabilities and means of attack are presented in chapter two. An excellent and helpful list of Windows services that most users can turn off at no cost to function (and considerable addition in safety) is provided, as is a similar list for Linux. A sensible review of social engineering is presented in chapter three. More advanced tools are introduced in chapter four, but, in contrast to many similar works, the text goes on to provide explanations and suggestions on use. Chapter five explains many places where information may be stored on your computer (and network) in the course of normal operations, and how to clean up after yourself. Greene really lets himself go in his promotion of Linux and Open Source software in chapter six, presenting sanguine arguments. In chapter seven, a number of anecdotes are used to support the idea that you can learn about the computer and take control of your own safety, without having to live in fear of the unknown, or be dependent upon consultants of unknown competence. This book presents material for the intelligent but non-specialist computer user. The text is readable, and the content useful. It does not cover the entire range of computer security, but it does provide valuable information for those who rely on computers for their work, and would like to achieve a level of security that is significantly higher than that available by default, without having to spend a great deal of time and money on it. Particularly for the Windows XP user, this is my primary endorsement for a computer security book. I would also recommend the work to security professionals, at least as a reference, since it contains Windows configuration that system administrators should know, and the vast majority don't. copyright Robert M. Slade, 2004 BKCMSCHO.RVW 20040727