Interview with Ed Skoudis, author of “Counter Hack”

Introduce yourself.

Hello. This is Ed Skoudis, security geek.

How did you get interested in computer security?

I’ve always loved to tear things apart. As a child, I would “reverse engineer” various technical trinkets my parents would provide, such as analog and digital clocks, radios, remote control cars, etc. Of course, when I rebuilt them, they’d never, ever work properly!

However, flashing forward, in college, I realized that computer attacks are nothing more than the very careful tearing apart of computer systems with the goal of taking them over. I love that kind of thing, and have been hooked since I got my first security job at Bellcore.

What operating system(s) do you use and why?

I use Windows for my presentations, word processing, and e-mail. These programs work well in Windows, and I don’t have to worry about compatibility problems as long as I worship at the shrine of Bill. For my computer attacks and defenses, I use Linux. With the source code, you can get a great deal deeper into the functioning of things. Also, scripting is far easier in Linux, so I can create custom techniques without having to rewrite a bunch of code.

How long did it take you to write “Counter Hack“?

One year. One very, very loooooong year. Day in, day out. Christmas… New Years… every single day. But in the end, looking back, it was fun.

You mention in the book that you thought it will be like writing a 500 page paper and then it turned out you were wrong. So, what was it like?

It was like writing thousands of pages. The level of reviews and scrutiny of a book are far greater than anything I’ve worked on before. It’s a good process, in that solid reviewers challenge an author to be *extremely* clear, concise, and accurate. I had some of the best reviewers around, and they really helped to sharpen the resulting product. They’d write comments about how I could be clearer or cleverer, and the challenge was extremely helpful.

If you could start working on the book all over again, what changes would you make?

I like to use quotes from various sources in my work to illustrate an issue. I like to quote movies, songs, and other copyrighted materials. A cool line from a popular song or movie can really help solidify an idea in a reader’s mind, and lets us all have some fun along the way.

If I had to do it again, I’d start getting permission for these quotes earlier in the process. Some of the copyright owners (from movies and songs) didn’t respond fast enough, so we had to remove quotes from them in the book.

You mention numerous security tools in your book. What are your favourite security tools?

Netcat, the general purpose network connection widget writeen by Hobbit and Weld Pond, is my absolute favorite. With Netcat and some ingenuity, you could do almost anything! After that, I like Nmap for port scanning, and Nessus for vulnerability scanning.

In your opinion, what are the most important things an administrator has to do in order to keep a network secure?

Although it’s mundane, keeping systems patched is the single most important thing an admin can do. They have to read the latest vulnerabilities, get patches, test the patches, apply them to the systems, and then verify their systems. It’s a lot of work, and tends to be somewhat mindless, but it’s essential!

After that, admins needs to know how to check their systems for anomalous activities. They need to understand how to detect sniffers, rootkits, backdoors, and other tools used by the bad guys.

What is, in your opinion, the biggest challenge in protecting sensitive information at the enterprise level?

The overwhelming flood of patches to fix vulnerabilities is very difficult to deal with. We actually have data glut, with a constant flow of vulnerability notices, threat indications, attack detection, and so on. It’s hard keeping up with all of this information, and figuring out what is really important.

What are your future plans? Any exciting new projects?

I’m working on another book. This next tome will be more focused on specific attacks than the last one. I’m pretty excited about it.

Additionally, I write monthly “Crack the Hacker” challenges to test readers’ knowledge of handling various computer attack scenarios. I write up a scenario based on some movie theme, and pose various questions at the end. So far, I’ve written Spider-Hack, Hack to the Future, How the Grinch Hacked Christmas, and many others. They are located at counterhack.net.