I just finished (finally!) Counter Hack Reloaded by Ed Skoudis. I really love Skoudis’ tone and sometimes informal tone in the way he writes. It really works for a book that is really meant to be read start to finish (as opposed to a hit-and-miss tools/attack-defense or reference book).
The book presents a number of new things to me, but the most memorable parts dealt with some of the more advanced techniques such as various covert channel attacks that I’ve really not heard much about. Of particular interest when I hit this part last autumn, Skoudis does maybe the best job I’ve read on describing buffer overflow details. I’ve read numerous other descriptions in the past and kinda knew what was going on, but for some reason Skoudis lit that little light bulb over my head on his description. Granted, I don’t see myself becoming a memory-shifting expert any time soon, but at least I really understand the details now.
Overall, this is a must-read for any IT professional with any interest in security, and should be mandatory for all security persons. It is one of the best books I’ve read in my geek collection. Some of it might be elementary such as DNS digging and nmap scanning, but there are plenty of more advanced techniques that you just don’t find in other similar books.