Attack and Defense with Python
Doesn’t this book explain how to break into a computer system? Isn’t that illegal
and a bad thing at all?
I would like to answer both questions with no (at least the second one).
Knowledge is never illegal nor something bad, but the things you do with it.
You as an admin, programmer, IT manager, or just an interested reader cannot
protect yourself if you don’t know the techniques of the attackers. You cannot test
the effectiveness of your firewalls and intrusion detection systems or other security,
related software if you are not able to see your IT infrastructure through the eyes of
an attacker. You cannot weigh up the danger to costs of possible security solutions
if you don’t know the risks of a successful attack. Therefore, it is necessary to
understand how attacks on computer networks really work.
The book presents a selection of possible attacks with short source code samples
to demonstrate how easy and effectively and maybe undetected a network can be
infiltrated. This way you can not only learn the real techniques but present them to
your manager or employer and help them in the decision if it would make sense to
care a little bit more about IT security. At the end of the book, you should be able
to not only understand how attacks on computer networks really work but also to
modify the examples to your own environment and your own needs.
Sure, the book also tells those bad guys how to crack the net and write their own
tools, but IT security is a sword with two sharp blades. Both sides feed themselves
off the same pot of knowledge, and it is a continuous battle, which the protecting
side can never dream of winning if it censors itself or criminalizes their knowledge!
Uster, Switzerland Bastian Ballmann
Who Should Read This Book?
This book addresses interested Python programmers who want to learn about
network coding and administrators who want to actively check the security of their
systems and networks. The content should also be useful for white, gray, and black
hat hackers, who prefer Python for coding, as well as for curious computer users,
who want to get their hands on practical IT security and are interested in learning to
see their network through the eyes of an attacker.
You neither need deep knowledge on how computer networks are built up nor in
programming. You will get through all the knowledge you need to understand the
source codes of the book in Chaps. 2 and 3. Readers, who know how to program in
Python and dream in OSI layers or packet headers, can right away jump to Chap. 5
and start having fun at their device.
Of course a book like this needs a disclaimer, and the author would be happy if
all readers only play on systems they are allowed to do so and use the information
of this book only for good and ethical actions, otherwise, you may be breaking a
law depending on the country your device is connected in.
The length of the book doesn’t allow for in-depth discussion of all topics. You
will only get somewhat more than the basics. If you want to dig deeper, you should
afterward get some special lecture in your special field of interest.