On Wed, Mar 19, 2008 at 12:42 PM, reepex <[EMAIL PROTECTED]> wrote: > ... I much prefer books like > 'hacking the art of exploitation', 'the art of software security > assessment', and 'secrets of reverse engineering' because they are tool > agnostic and teach the low level concepts that are going on.
amen! the first and last are two of my favorites. this discussion mirrors the tension between programmers steeped in the physical architecture they use and complicated but indispensable concepts like asm instr/pointers and (some of) the newer generation familiar only with high level scripting languages and toolkits that abstract away all such details. while the latter can be effective and appropriate for a myriad of modern development tasks, there is still a world of understanding that will never be accessible at such higher layers. there is no point in arguing which is better; these are complementary skills that the truly proficient will master at both ends of the spectrum. this way leads to wisdom. as for "hacking" tool set tutorials (howto kismet, wireshark, metasploit, etc), these texts are as satisfying as a dir full of man pages. useful references, yes. fundamentally instructive in theory they are not. to each his own... [i'll add 'Silence on the Wire' to this list of useful texts] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
