Foreword

Just a few short years ago few people cared about computer security. This topic was only relevant to academics , financial institutions, and secret government agencies. Today, around the world, the general public is familiar with computer security. They are especially cognizant of computer viruses, privacy of personal information available online, and trust associated with interactions conducted over the Internet.

The global economy has become increasingly reliant on computers and the Internet. Hence, the security, trust, and privacy of these systems are paramount. Attacks, whether from teenaged hackers or determined terrorists, can lead to disclosure of sensitive information, major system disruptions, and chaos on the Internet. It is, therefore, more important than ever that people understand, from both a business and technical perspective, how to minimize risk and protect critical infrastructure, systems, applications, and data.

Organizations must perform an assessment to understand the threats that they face, the probability of the threat occurring, and the degree of damage that would result if the threat were exploited. Risk is rarely eliminated; rather it must be managed such that an acceptable level of risk is achieved. Connectivity to the Internet provides individuals and businesses a great deal of benefit. It also exposes them to a substantial amount of risk. Some threats are overlooked because they are not obvious. However, in the mistaken belief that they will not be affected people often ignore clearly identified, serious threats.

Don Pipkin's many years of hands-on experience in the field of computer security allows him to explore computing environments through the "eyes of the hackers." This perspective helps the reader to understand the threats they face from hackers and what constitutes a "good target" for a hacker. Halting the Hacker is interspersed with examples of true hacker exploits, which serve as both interesting reading and proof that these threats are not just theoretical. While this information is entertaining and informative, it is the author's description of how to counteract these threats that is of greatest importance. Putting this knowledge into practice can significantly reduce your risk of being a target. Further, this book provides valuable guidance to prepare you in the event that a hacker attacks your systems.

This second edition has been expanded to include many exploits that have occurred over the past few years. It is a valuable resource for audiences ranging from the novice to the experienced security professional. Likewise, Halting the Hacker delivers useful information for both technical and non-technical audiences.

The public's awareness of security has been greatly heightened by the tragic events of September 11, 2001. The dependence of our society on technology makes it clear that we must improve our computing infrastructure and reduce many risks that have been ignored to this point. Failure to do so could result in significant disruption of business, and would not even require a perpetrator to step on the soil of the country that is being attacked . It is more important than ever that the appropriate level of due diligence be performed to secure the worlds computing infrastructure. Following the guidance that is provided in Halting the Hacker is a significant step toward achieving this goal.

Craig  Rubin
Information  Security  Architect
Internet  Security  Solutions  Lab
Hewlett-Packard  Company