Home

Bulletins

Upcoming
Events

Posters

Recent Newsletters

Past Articles
*  Computer Security
*  Foreign Espionage
*  Industrial Espionage
*  Personal Security
*  Personnel Security
*  Physical Security
*  Security Management

VSAC Desktop
Guide

Security Books
On-Line

Other Security Links

About Us
*  ASIS
*  NCMS
*  VSAC

E-Mail Us
*  ASIS
*  NCMS
*  VSAC
*  Webmaster

We join with those who mourn the loss of life,  the injuries, and the disruption of lives caused  by the attacks  against Washington,  DC, and  New York, N.Y.    All those effected -- the brave people who helped in rescue efforts, those involved in America's response to terror and in the war with Iraq-- are in our thoughts and prayers.

The computer book market has several beginner-level books that explain what the threats are to computer systems.  Other books, written for advanced users, explain how to implement application or system-specific solutions in differing environments.  Computers Under Attack amply fills a middle niche.  It provides more insights into the workings of the threats users face without requiring a programmer’s or systems administrator’s detailed knowledge of computer operations.

Especially strong is the section on the Internet Worm released by Robert Tappan Morris, Jr., in 1988.  One of the contributors explains how the worm’s logic worked to infiltrate approximately 3,000 computers on the Internet.  Another writer explains how systems managers at several sites discovered, analyzed, and successfully neutralized the worm.  Others discuss the ethics of Morris’s exploits and debate whether his punishment (a fine and community service) was too lenient or too severe.

Much of the “Intruder” section of the book is devoted to the 1985-87 experiences of Cliff Stoll, the Lawrence Berkeley novice systems administrator who successfully traced the gang of German hackers who were selling their take to the KGB for cash and drugs.  Having already read Stoll’s The Cuckoo’s Egg, I greatly enjoyed reading his original article on the attacks (originally published in the Communications of the ACM).

The discussion of computer viruses provides insights into how early strains attacked PCs, Macs, Amigas, and other systems.  A typical challenge for programming students, we learn, is to see how tightly one can write a self-replicating subroutine in a computer language like C+.  This widely understood process is the way in which viruses spread from one file to another.

The concluding section eloquently makes “Just Say No” argument for not hacking, but provides little insight into the “hacker ethic.”  However, it does point out that most computer science students in high school and college never take an ethics class as do business and journalism students.  The burden is on adults who disapprove of hacking to explain why it is not just a “fun challenge.”

Denning is the editor-in-chief of The Communications of the ACM, a premier computer-related journal.  Many of the articles he has chosen come from that publication’s pages.  In case you aren’t familiar with the Association for Computing Machinery (ACM), they are the ones who sponsor the Annual International Computer Security Day every November.

The only drawback to the book, which has been recently re-released, is its age.  Six year old predictions about how the Internet might develop, or about the state of criminal and civil prosecutions of hackers, are only interesting from a historical perspective.  Analysis of more recent events like the release of Dan Farmer’s SATAN and the arrest of Kevin Mitnick would have been valuable in the intruders sections.  However, one of the reasons I’ve always like collections of articles is that I could skip the ones I didn’t find useful or entertaining.

That having been said, I value the overwhelming majority of this book.  I’m glad to add it to my bookshelf of computer security titles. 

Reviewed: Peter J. Denning (Editor), Computers Under Attack: Intruders, Worms, and Viruses, New York: Addison-Wesley Publishing (ACM Press), Paperback, 554 pages, ISBN 0-201-53067-8, © 1990.

[Webmaster's note:  This article was written in September 1996 for the VSAC News, NCMS Channel Islands Newsletter, and Tri-Mix (a computer journal no longer being published).]