"Shill Reviews?" post on amazon.com for Building Open Source Network Security Tools

Hi, I'd just like to respond to a few of the points brought up by "ic9360" on the amazon.com review of my book, "Building Open Source Network Security Tools" (http://www.amazon.com/exec/obidos/tg/detail/-/0471205443/qid=1037296293/ sr=8-1/ref=sr_8_1/104-4911189-8540744?v=glance&s=books&n=507846).

1. The reviews were "shills" All of the reviewers (save one) have contacted me via email and I can flatly state that none of them posted as a result of my toungue-in-cheek request for positive reviews on the libnet mailing list. Most of them are not even subscribed to this list. The original post, dated 10.18.2002, is shown below:

To: Libnet
Subject: Building Open Source Network Security Tools Date: Oct 18 2002 7:22PM
Author: mike schiffman <mike@infonexus.com>

A full five months after I penned the last page it is finally shipping!

Get yours here:
http://www.amazon.com/exec/obidos/tg/detail/-/0471205443/qid=1034810551/sr=8-1/r ef=sr_8_1/102-0488062-8466542?v=glance&n=507846

Positive reviews are encouraged... :)
Also encouraged are suggestions and comments for the 2nd edition!

Clearly the emoticon betrays the capricious nature of my post!

2) Chapters are rehashes of API documentation Great care was taken to contact maintainers of each project to obtain not only up to date and correct information, but also gain insights into the internal mechanisms that are not available via published API documentation. Furthermore, each component was also picked apart internally to give the reader additional insights. I do believe that the (albeit short) description of OpenSSL's EVP and Engine interfaces is pretty hard to come by. All of the documentation on the OpenSSL website is still marked [incomplete] and indeed is quite terse. Finally, Dug Song (esteemed author of libdnet) read, commented on, and approved the libdnet chapter.

3) LibSF was released "just in time" for the book Actually, LibSF was released "just in time" for the Blackhat / Defcon conferences last summer. It is in beta and on the list of "things to do" to get it out of beta. This will definitely happen before the next edition of the book.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

4) Libnet --> Libdnet
While libdnet offers some complimentaty functionality to what libnet does, it (as Dug Song has stated) does not supplant libnet. I am not aware of any applications that have migrated from libnet to libdnet, other than Dug Songs own code.

Perhaps part of the problem here is that ic9360 is not quite within the target demographic for the book, or is a bit too precocious for its contents. In any event, ic9360 seems to only have read the first half of the book covering the components which, as stated in the introduction, is only half of the story. The book is really on how to use these freely available components to build your own security tools. I feel that the real entropic information is found in these chapters.

As always, constructive comments on how I can put together a better product are appreciated.

Thank you for reading.

-- 
Network packets at bargain basement rates -- ask me how.

---------------------------------------------------------------------
To unsubscribe, e-mail: libnet-unsubscribe@securityfocus.com
For additional commands, e-mail: libnet-help@securityfocus.com