Open Source Books

Three different domains - technology, law and business - intersect in the world of open source software and Meeker's book manages to address each of the three at an expert level while still synthesizing the larger issues relevant to everyone in the field. While the topic of open source has generated a flood of commentary, the type of careful and reasoned analysis offered in this book is in short supply and makes The Open Source Alternative stand apart from similar recent offerings. All that and it's very readable too!

This book provides a solid introduction to using open source software for ebusiness. The authors have a strong fundamental grasp of what ebusiness is, something that many so-called "ebusiness experts" fail at. They describe ebusiness as 5 interlocking categories: enterprise apps, internal and external integration, and business & consumer e-commerce. They then describe how open source software can be used in these categories.

The book is written for technical types, but really more for managers than developers. I'd like to have seen some code in this book, but nonetheless it did give me a good idea on where to begin looking and using open source software.

The chapters on integration and e-commerce are very good, with lots of details that many programmers would find useful. The authors also seem to have a good grasp of the state of open source and what types of decisions technical folks need to make when evaluating the software.

A good book if you want to find out what this whole open source and linux thing is and how to go about using it for your projects.

This overview of open source software implementation and management was a great resource for me as a business manager with a technical background who wanted to get a breadth of knowledge on the subject. This book is very comprehensive and contains very up to date information on architectures, design considerations, legal issues, business issues and the history of open source.

I initially tried to gather this type of information online and went through a number of resources and venues, but ultimately decided my time was to valuable and the information available to disparate not to find a good overview. If you are a business or technology manager who is making decisions about directions for your organization and considering open source solutions, this is a great overview of where things are at today.

The book includes a list of web resources regarding open source and for learning more over time. It also includes sample open source licenses to get exposure to the issues regarding licensing.

Very good stuff! Some of it is an almost word-for-word from the man pages, but hey how many ways can you say this stuff. It has helped me get further along with my web work.

Penetration testing is definitely a recommended security discipline that helps you find real vulnerabilities and security wholes before the adversary does. This book is a reference guide of the different penetration testing stages and considerations, covering a wide range of technologies and tools. It is just focused on open-source and freely available tools, and do not include any commercial counterparts, like Core Impact or the specialized Web application testing suites. Perhaps this is a good addition for a future edition without the "open-source" term on its title.

The wide scope of the book is one of the reasons why it is not extremely cutting-edge and does not go into the deep details required to master each topic covered. I completely understand it is not possible to create such a book (at least with less than 9999 pages), covering a wide range of topics and including in-depth details. Overall, this book is a good reference guide (in fact one of the few generic references) that will open the door for more advanced knowledge from other books focused on specific areas, such as wireless, Web applications, databases, etc.

Something that can be quickly appreciated is the involvement of multiple authors, as the quality and look and feel of chapters varies. I specially liked the first two chapters, focused on Recon, Enumeration and Scanning. Even if you're an experience pen-tester, I've been doing penetration tests since 2000, you can easily identify the positive SensePost influence on these chapters, and the section contains valuable tips and tricks. At some extent, the "you always have something new to learn" principle applies here.

The book is really good emphasizing best practices and suggestions from a professional pen-testing perspective. When running tests over production environments, there are lots of considerations to need to have in mind, beyond the pure attack techniques. The book does an excellent work on this area, and this is also ratified by the final chapter detailing how to build your own pen-testing lab, including common political and technical issues (I can confirm I've seen lots of them in real world situations). Once you run pen-tests frequently, you need to customize and build your own scripts and tool set. The book also emphasizes this by explaining how to customize the Backtrack CD with your own additions. Definitely, it is a good approach as Backtrack is the reference pen-testing Linux Live CD distribution nowadays.

At first sight, the book structure is a bit strange and it seems there is a lot of repetition on each and every chapter, but once you get used to it, I think is a great approach. Each chapter introduces the goals and scope, then covers the technologies (or pen-testing phases) analyzed, plus the hacking techniques and vulnerabilities involved, and after that it focuses on the tools required to implement the attacks and how to use them, with practical and detailed examples.
It is crucial to differentiate between the techniques and foundations, and the tools, as multiple tools can be used for the same attack, sometimes you do not even need any hacking tool, and new tools will come in the future. I recommend you to master the techniques, the attack principles, and understand the vulnerabilities, and from there, select the best tool on each case. All this structure is complemented with a final case studies subsection on each chapter that exemplifies real-world situations where the techniques and tools can be applied, and how.

The databases, wireless and network devices hacking chapters are good. They provide some insight in the methodology, hacking tools and techniques available for these type of targets. The database hacking focuses on MS SQL Server and Oracle, for sure the most common DB's available out there. The wireless section mainly focuses on WiFi, and Bluetooth is barely mentioned; not enough. And finally, the network devices chapter is a must, as these systems are typically forgotten, although they manage all the network traffic and are a critical IT component of any organization.

In particular, I didn't like too much the Web application chapter. Although it contains lots of tools references, the structure and methodology presented is not very clear, and there is a kind of mix of tools to perform different tasks. Because Web application pen-testing is one of the cutting-edge areas we are dealing with today, I'd have liked to see more quality and in-depth material on it.

From my point of view, the forensic chapter is not related at all with the book and I would completely remove it. There are other very good forensic books available, so I guess it has been included because the tools and infrastructure for basic forensic analysis is available on Backtrack.
Instead, I would have liked to see more details, practical examples, and resources about vulnerable testing environments, such as the DVL (Damn Vulnerable Linux) distro, WebGoat, the Foundstone hackme suites; just to name a few, as well as Capture-the-Flag scenarios and conference references. It would be great to provide an overview on how to build and break into these testing environments using the tools and techniques covered throughout the book.

I strongly recommend this book to people thinking about, or starting on, the penetration testing field. It provides a good and wide overview of topics you need to master, tools available to launch the appropriate attacks, and other pen-testing best practices. As the book is directly aligned with the Backtrack CD, unfortunately version 2 and not the latest version 3 (time for a new edition, including more Bluetooth stuff and adding VoIP hacking ;)), it has a direct and very strong hands-on component, that allows the reader to test the different tools and examples, and makes it very valuable.

The free software or open source movement has, not surprisingly, garnered lots of free publicity. Encouraged by massive hyperventilating by its proponents. In contrast, this book steps back and offers a more dispassionate and nuanced analysis of the zeitgeist, for surely the movement deserves that label.

You get background as to the social motivations and the history of the movement. Which is shown to predate the Web and linux. GNU in the 1980s was all about alternatives to proprietary operating systems and compilers.

The book can help you dial down the hype. Yet, ultimately, it offers a broadly positive affirmation of the movement. There is shown to be no impediment or logical flaw to cause open source to not stop growing. Rather, the book suggests that both proprietary and open source software will always be with us, albeit in a sometimes uneasy coexistence.

Well, like it says, this book is exactly the same as the online 1.5.2 documentation (which you should be familiar with), just printed out. None of the information is new. If reading the documenation on screen is fine for you there is no reason to buy this book, but if like me, you find having to use up half your screen for a browser window is annoying, you'll find it useful. I gave it four stars because it's so cheap (sure beats printing it all out!)

Warning: this is a technical document, not a tutorial. If you're looking for a "Learn Python the E-Z way" sort of book you should look elsewhere.

Also, this book covers the core of Python - the built-in types and syntax - but _not_ the modules. Anything you have to import to use will not be in here...

Whitehead's book is well suited for a new linux sysadmin, who wants an easy introduction to her main tasks on the machine. The text is straightforward and accompanied by well chosen illustrations. The book centres on using KDE as the desktop UI, instead of Gnome. Perhaps it could also have given more equal coverage to the latter?

If you are perhaps coming from a Microsoft computer background, then the types of tasks should be familiar. Like setting up the machine with an IP address on a network. Or getting the linux OpenOffice running. {It's the analog of the Microsoft Office suite.)

However, experienced linux sysadmins should avoid this book. For you, it will be redundant.

Hi,
I recently read this book and I recommend it for a beginned that has never worked with such a framewok. This book does not cover all the Jakarta Struts topic, but to begin with it is excellent. I also recommend to download on theServerSite web site a pdf book on this framework.
Max Pellizzaro
http://www.maxpellizzaro.com

This book is like a quick tutorial and introduces the most important parts of Struts. It shows you a door to know Struts but can't help you become an expert. Once you know what struts is. You might need another book, "Struts in Action". "Strus in Action" lists more details, which you will need when developing your struts applications.

Also, after reading the book, I found some errors or unclear issue. Such as:
In Chpater 1, it didn't tell readers that they must copy *.tld files to WEB-INF.
In Chpater 6, it didn't tell readers how to config Locale.

Generally speaking, this book is still good enough for a beginner to buy.

This is a quick read on struts. By the time it came out, it was a little outdated and some of the code did not work. The concepts were described quite well and example that did work were well done. This is written for struts 1.0 and not 1.1 and definitely not 1.2. Find this one at the outlet bookstore or buy it used if you think you really need it, or better yet, borrow it from a friend.

A quick correction to someone's review below:

1. This is a Wiley book, so its no surprise you can't find the code for it at the Wrox site.
2. And the code for the Wrox book *is* available at their site.

Moral: Put brain in gear before engaging mouth ...

This book would be a good book to start with for Struts beginners, but in no case this should be the last. One good thing is that the author takes the reader thru easy-to-follow steps to setup and code for every example/feature. Highlighting changes to a file as it matures thru different stages is a good idea but has not been carried thru in a clean way in this book, this book looks like it has been published in a hurry, some sections has not been updated after a cut&paste, some method signatures are not proper (init in PlugIn), I gather struts-tiles could have been used to beautifully demonstrate the power of Plugins.

Struts framework has been the seed for so many different solutions and other frameworks that one would expect atleast some passing mention of tools and solutions based on Struts, nada, there's none here, this book solely focuses on a couple of Struts related classes and the taglibs, one needs to know more in order to weild the full power provided by Struts. I can only suggest this as a quick reference for beginners, nothing more.

by the way, if you are using TomCat 5.0.7 and wondering why the application does not work, upgrade TomCat, bug there!

I strongly recommend 'Struts in Action' by ted Husted et. al. in addition to/ instead of this book.

I bought this book hoping to get up to speed quickly on the very exciting Drupal platform. Unfortunately, this book was targeted at Drupal 4.7 Users. I started using 5.5 (as of today they have a version 6 release candidate), and quickly discovered that half the information in the book did not match up. There has been a major reorganization of the administrative pages, leaving the information given you more likely to confuse than inform.

My other major objection is that the information is cursory, and does not really provide you with the skills needed to build a real site. If they had done this book well, you would have been walked through building a basic real site, so you could understand everything in context. There is nothing like that here. It is basically piecemeal information that is available online, though a bit more thorough with some exercises scattered throughout to demonstrate concepts.

Unless you intend to use Version 4 of Drupal for some reason, save yourself some money and frustration and wait for an updated version.

Building Online Communities With Drupal, phpBB, and Wordpress was very helpful. I found the sections very helpful and easy to understand.

Carefully designed and clearly written, this book is an effective introduction to PHP for anyone who has at least a little experience with web design. It is built around simple step-by-step examples which illustrate the principles being explained. These are clearly designed to minimize the trauma of learning a programming language for the code-phobic. The reader can follow along on the keyboard and build confidence by experimenting with variations.

For programmers, who already understand most of PHP's basic concepts, this approach can be frustrating. The book spends pages demonstrating things that could be explained in a paragraph or two.

You can learn PHP from this book whatever your background, but if you have already mastered another programming language, you'll be better off with a book that teaches PHP from that point of view.

This is a great introduction, at least to Drupal version 4.

Note that the administration menus are significantly different for the current Drupal 5 release. I wonder if a revision is in the works?

This is basically an outline for beginners ONLY. If you expect to be able to move on past simple installation and configuration, save your money! The software Drupal, phpBB and wordpress are all excellent programs. This book is an introduction to each and has nothing to do with building online communities. Way to simple. SORRY!!!