Software and Tools Books

An extremely helpful book if you are like me and do your own accounting for your small business. I would have liked to see a more extensive coverage of tracking inventory with consignment sales. I run a small publishing company and sell some of my books through Amazon.com. I receive payment for my shipments to Amazon approximately 2 months after the books are sold. In the meantime, the books are not actually in my inventory. I had an accountant help me deal with it but still haven't completely understood the process. In spite of that, I think this is definitely worth reading. I highly recommend it.

I am in the retail food business, and this book pretty much ignores this aspect, but a very comprehensive and straightforward book nonetheless. Easy reading in easy to understand language, not as dumbed down as Dummies books, which was nice. If you are starting a company from scratch, and you will be invoicing, this book is PERFECT for you.

I purchased this book as a gift for my brother. He said it was quite helpful with questions he had about using QuickBooks.

This book is very user friendly and does an excellent job getting to the point and easily explaining functionality. I highly recommend it for the QB user AND boss that wants to understand QB functionality.

This book is a must have resource if you use QuickBooks or have clients using QuickBooks. It is comprehensive and includes setting up the data file and getting started, to entering transactions, and using the reports to help you manage your business. It also includes chapters on managing your QuickBooks files and customizing QuickBooks for your business.

Michelle L. Long, CPA, MBA
Author of: Successful QuickBooks Consulting: The Comprehensive Guide to Starting and Growing a QuickBooks Consulting Business
Advanced Certified QuickBooks ProAdvisor
Member of Intuit's Certified Trainer Network

This book is a god-send for those of us who have to struggle with the often frustrating world of PDF documents on our computers. I was completely confused until I dug into this manual, which is relatively easy for a novice to understand. It has been a great help to me in find answers to problems I had with using PDF on a daily basis. I would highly recommend it.

There are several categories of hack in this book; two of them are "saving money" (finding ways to work with PDF's outside of Acrobat) and PDF in web design--using CGI scripting to serve up individual pages that have search text for example. A third type of hack are some old-school tricks that help make your PDF's more widely compatible. Good stuff, not crucial unless you happen to need it.

This is a very comprehensive solutions catalog on all kinds of PDF related issues. Each trick is described with step-by-step instructions and contains pointers to relevant resources. The chapter listing categorizes the hacks - Consuming PDF, Managing a Collection, Authoring and Self-Publishing, Creating PDF and Other Editions, Manipulating PDF files, Dynamic PDF, Scripting and Programming Acrobat.

I embrace the beauty of PDF as an end user and applications developer, but do not use Adobe Acrobat. Many of the tricks mentioned in the book is about this product. A problem is that the TOC does not tell whether or not a trick is Adobe Acrobat specific. Some of the hacks are like sections extracted from an advanced Adobe Acrobat user guide. As this is not obvious from the TOC, the content of the hack can be quite different from what I expected.

Despite this problem, the book is still a very useful one-stop resource about PDF. I will recommend this book to all who need to use or work with PDF.

The title is completely misleading.
I purchased this book and software from Broderbund, after reading the reviews posted here at Amazon, believing the book and software would help me covert PDF files that I could not Save or print in its orginal format into ones I could.
I can say for sure,in my opinion, the other reviews of this book led me down the "fools primrose path."
Perhaps I should have read the reviews more carefully.
Of course the fault is entirely mine.

With PDF files everywhere from web sites to help files, sooner or later you will run into a situation where you need to do something to a PDF file. For me the first time I realized I needed to do something I could not was when I needed to take one and convert it to a Word format so I could quickly outline the high points to study for a certification exam. After several hours I finally got it into a text file thanks to a web site that did the conversion. But even then I lost the tables, illustrations, etc. How to do that is one of the hacks included in this book. I wish it were printed a few years ago because it would have made my life easier.

After testing that hack I browsed through the book and kept finding myself asking "You can do that with a PDF file?" There are a lot of good tips in this book from making Acrobat startup faster, to converting PDF files, to automatic timed scrolling for easy reading, to creating a PDF using Word, WordPerfect, OpenOffice, Perl, HTML, PHP, and Java. With page after page of coding, this is a tremendously useful book for anyone who wants to create or edit PDF files or change the way Acrobat works with files. PDF Hacks: 100 Industrial-Strength Tips & Tools is very highly recommended and will be put on my shelf reserved for books I want to be able to access quickly.

I have been following Domain Specific Languages (DSL) and model-driven development for some time. Software Factories (SF) seem to be one of the first development process framework that leverages DSLs. What I have expected from this book is to describe the relationship between the two.

The book does a very good job at describing the intentions behind DSLs (good job Steve and Stuart). The SF portion is less digestible. Often wordy, with long tedious lists of barely related facts. I feel the author wanted to cover as much of the field as possible. Still, I got lost several times in the details.

The formatting of the book does not help either. Please, use numbered sections! Many times, I did not know if this is a detail of previous section, or a completely new one.

Probably my major complaint is the missing link between the DSLs and SF. I just did not get it. Still, the book is very worth reading.

This book is interesting but it is poorly organized. It seems that ideas are mixed, and chapters repeat the same ideas again and again, sometimes calling them in different way.

Wow! I bought this book a long time ago and it lived on my "bibliophile" stack of bought but unread gems. It's a stunning book if you seek to understand the decomposition of complexity in modern software applications and the complex deployment architectures they work in. My only concern is the book is not an engineering book - there are no mathematical models of scale and performance for distributed decompositions. It has a excellent description of aspect oriented programming which I learned from. The authors could also benefit if they discovered the ideas in Carliss Baldwin's superlative "Design Rules" book and brought those ideas into their own discussion of the software construction domain. This is a WONDERFUL book for enterprise architects.

This book provided insightful coverage of what I think is a fascinating topic. THe author organizes the material in a logical manner making it easy to transition from one topic to another. I would have liked more illustrations, but what was supplied was enough for me to understand everything. Very recommended!

With four authors the writing is a bit varied toward the middle to the end, but overall this book is just plain boring; I find this to be a fascinating subject and even I was bored. Go figure.

My main gripes about this book (boredom aside) are:

1) The coverage of DSL's (domain specific language): the authors repeatedly state that the cost of dsl developement can be prohibitive. I dispute this arugument as languages such as ocaml make the implementation of arbitrary languages realatively straight forward to people with the know how.

2) They claim domain specific languages are more powerful than general purpose languages. Their concept of 'power' seems to be skewed toward some weird metric I'm not familiar with.

3) The Microsoft bias is just annoying. Doubly annoying because if anything happens in this space it will be from the open source crowd, imho.

4) There's alot of repetition; every other page the authors are remaking the case for increasing abstraction in developement tools because 'compilers increase abstraction from assembler'. Okay, I got it the first time, you don't have to repeat it fifty times.

I think it's inevitable that something like software factories will emerge in time. This book gives an overview of the authors vision of where things are going. But they're academics writeing to an academic crowd and that's how the book reads.

I've only had this book a short time and have found more useful tips in this short book than in most of my other reference books. If you are proficient in Access, This is a must have!

I've enjoyed several other Hacks titles - Excel and Word particularly. This one is not quite the same; it's like a combination of interface and SQL hacks. Granted, there are many useful tips and ideas for code - not always bulletproof as another user mentioned, but if you know what to do you'll be able to apply these ideas.

A lot of SQL-based hacks are self-evident to someone who has a solid SQL background; some interface features (such as user system tables, etc) are interesting ideas, but one might wish there were more of them. For instance, there are at least three examples of UNION statement in a query to concatenate SELECT statements... one would think this could be fitted into a single hack.

Most of the form hacks assume that bound forms are being used, so if you populate controls programmatically (DAO or ADO recordsets) much of this won't be applicable. Form design is an important topic, but very few control properties are covered. Multi-user section is pretty pointless - if you work with multi-user access applications, you probably already know most of this.

Certain hacks are duplicated; for instance, the one regarding "cleaner criteria" has basically two identical hacks back to back. Besides that and the UNION statement, there are a few other redundant hacks, retold by different authors.

On the bright side, there are several good ideas, or at least interesting ones that open some doors to making your own hacks. There are some user-interface ideas that are valuable (like the one that highlights the active control). All in all, I do read this book, but use only about 20-30% of it, of which a good deal I either knew already or could figure out on my own.

I rate this two stars, rather than one, because it's likely that most people will find something in the book which will put them onto a new way of doing something.

Unfortunately, the book (which includes "hacks" from seven contributors, as well as the principal author) is wildly uneven in quality. The poor quality varies from the text (it is noted that hack #9 is not an "eloquent" way of handling the problem) to the solutions presented. For instance, the example code in hack #22 turns off warnings -- but then never turns them back on, which could be rather disastrous (not to mention that any code which sets warnings FALSE absolutely needs an error handling routine which ensures these are turned back on). Hack #74, rated medium hard, introduces domain aggregate functions (DSum, DLookup, etc.), but the example code doesn't protect against situations when nothing matches the Where criteria -- so the example code will blow up if the DSum function returns NULL and tries to assign that to the Single variable. Examples relying implicitly on unnormalized tables abound. Would it have been so hard to think up examples that actually used normalized tables? Hack #19, rated medium hard, provides code to move through an overly-long form relying on SendKeys (!) to simulate PageUp and PageDown key presses. Rather than insert page breaks on the form and buttons relying on SendKeys on maneuver between these, why not just transform the long form into tabs on a tab control?

The above is illustrative, rather than an exhaustive list of hacks that are trivial, dumb or even dangerous. While there certainly are some hacks in the book which gave me food for thought, problems like the above which I could detect in other hacks made me wonder what I'll find out the hard way as I try to actually use these new ideas.

If you're new to Access/VBA development, this book will be a good reference. If you've been developing Access apps for a few years, there's not much in here you haven't already figured out for yourself.

This is a fine set of 100 tips and tricks that will help you get the most out of Access. It's a good combination of simple tricks, and more advanced coding hacks. Involving everything for networks, to XML, to data crunching ideas. Even if you don't find exactly what you are looking for in terms of a solution you will benefit from seeing how the author approaches the problems.

Look through the table of contents, if you find ten or twenty that are in your areas of Access pain then

If you are new to a particular topic and there is a Pragmatic Bookshelf edition for it, then I wholeheartedly recommend buying a copy before you buy any alternate version. They are generally well written, up-to-date and tell you just the stuff that you really need to know. This book is exactly that. There is a lot of information and books around on CVS version control tool but this is the one that well get you going the quickest.

I bought this book to come up to speed on CVS for a new project and I had a mixed experience with it.

I like the author's simple examples. For example, using a short text list of colors as sample files instead of source code. These made it easy to focus on the author's intent without getting confused by the example.

However, I had a problem in that the book never really compared CVS to other tools. I have always used source control tools that locked other users out of a file when you edited it: RCS, Clearcase, etc. So I found myself flipping through the book trying to figure out how to do a "get" command. I wish there had been a section describing the CVS philosophy of letting everyone edit and only fixing the merges.

I found the author's chatty style to be distracting. But, on the other hand, I am now successfully using CVS from using this book. So 3 stars.

I had already started trying to use CVS (on OpenBSD) and had run into problems. Reading this book flattened out the CVS learning curve. It showed me how to perform CVS-related tasks that come up frequently, and helped me comprehend why I had previously been having trouble. I read most of the book in one day. Definitely a keeper!

With this book at my side I still ended up frequently hunting for information out on the web. CVS looks at the entire concept quite a bit differently than the other SCMs I've used and the command line interface is archaic. This book fails to provide a good conceptual model of what is going on in CVS (as opposed to SCMs in general) which might be able to allow using CVS without resorting to a purely cookbook approach.

The book only briefly deals with the GUI interfaces that might be an improvement over the command-line approach. Those that they do mention are Windows only.

I've been grappling with the Concurrent Versioning System (CVS) for years. Moreover, I've been misusing it. Baffled and intimidated by its cryptic syntax and concepts, I've missed out on the power of branching and tagging, and the way these tools can be used to clearly demarcate project releases and versions. Using CVS as little more than a safer place to keep code than a local hard drive and an easier way to pass code around than FTP, I and my teams have failed to benefit from version control's true purpose. Checking code into the mainline only, we've found ourselves holding off on writing or checking in new code while a release is underway, and being forced to add new, untested code to a stable past release in order to fix a bug.

CVS's documentation has never helped matters. The free online manuals (aka "The Fish Book", "The Cederqvist", etc.) are classics and miss no detail documenting CVS's complex and option-laden commands, but say little about what exactly to do with the commands in order to run a successful software project. Other commercial CVS books essentially have been longer-form rewrites of the original manuals. And through it all, CVS's syntax has remained complex and intimidating.

Along comes Pragmatic Version Control Using CVS. With clarity, brevity, and humor, its authors show that version control can and must be the centerpiece of any development process, and they show how to make the humble, aging CVS work as that centerpiece. Taking the successful 80/20 approach, they cover only the features necessary to support the important things in software project execution: maintaining separate versions, marking releases and bug fixes, merging fixes to an old release into the latest version, and even bonus topics like managing third-party code. They take an Occam's Razor to CVS's syntax, leaving you with a small, essential slice that's easy to remember and use. Alongside this syntax, the authors suggest idioms, naming conventions, and techniques. What you end up with is the bare bones of how to run a software project. You start to feel like you're not even using CVS - that you could be using any version control system. The syntax becomes secondary and the process takes center stage.

Here is a summary of their approach: (1) Develop on the mainline; (2) Branch only from the mainline, and only when you're ready to put out a release (or experiment with some great departure from the current codebase); (3) Tag the branch when the release is done; (4) Return to the branch to fix a post-release bug; (5) Tag the branch before and after the bug fix; (6) Merge the bug fix back into the mainline; (7) Get back to work on the mainline; (8) Go home at a reasonable hour. In between all these steps, part of your team can work on the latest version while others launch or patch a release. Old work will not impede new work; new work will not pollute old work. The authors put the "concurrent" back into "CVS."

That's the undergirding of a solid development process. All you need is a tiny subset of CVS's baffling syntax to do it. The book describes the subset.

Please understand that this is not a definitive CVS reference. The authors don't document anything unrelated to the process. Armed with the common sense gained from the Pragmatic book, you can go to the original docs and find what you want.

I read this book over a year ago, and have waited until now to review it. In that time, I've successfully implemented most of its practices in the team that I lead. We can pull down the code tree of any of our past releases in an instant, fix a bug, and redeploy, all without affecting current development efforts - or having those development efforts affect the old release. There's never a question as to which version of the code we're working on. We're safer, smarter, and faster. All it took was a 175 page book, a free version control system, and a bit of open-mindedness. If you're not already doing what this book shows you how to do, start now.

I think this is an awesome book! I work in Maya and this just made me better after using this book to get more real effects for my animations, and character designs. Loved It!

I found this book a good overviewer for people who want to practically work in the area of hyper real characters. Its truely is a good reference and practical guide. Although it isnt for beginners, it gives overview of hyper-real character workflow in maya.

I'm not new to maya, but I had some questions about easier UV mapping tool, and this book tells me the hint, contains other useful information that I need to know as a good modeler and animator!

This an amazing reference for advanced digital sculptors, but it just covers far too much inside information and techniques from the edge to really go into step by step detail. The sticky lips techniques are priceless and came at the right time for me. Again, if you don't have atleast 2 years experience using Maya hold on to this book until you do OR get one of the fundamentals books or delve into the numerous instructional DVDs that are available. Once you are very familiar with the Maya interface conventions and have atleast intermediate knowledge Poly modeling characters and character rigging this book will pay major dividends.

This is among my favorites of Maya reference books. Admittedly, I was not at an appropriate level of knowledge when I first bought it; however, once my understanding was sufficient, I was incredibly pleased with it. I this book is NOT for absolute beginners. It does not hold your hand and tell you how to do every little thing; if this is what your looking for, I would recommend a more basic intro level book. In terms of techniques, it fills in many of the gaps left by other Alias publications, and is certainly a far cry above Autodesk's lackluster publications.

This book is written presupposing some knowledge of the program and surrounding concepts. When I first began teaching myself Maya, a friend had shown me this book-at the time, I was utterly lost trying to follow it. However, within a month or two my knowledge was sufficient for this book to begin making sense to me.

If you have never used maya and are trying to learn, hold off for a while before buying this. If you are an intermediate level user (confident + comfortable with basic concepts, and a general understanding of most major areas) interested in learning more about professional modeling and rigging techniques, this is for you. A great aspect of this book is the fact that the DVD provides scene files in different stages of tutorial completion, which allows the user to check their work against a "solution," or examine concepts and workflow in greater detail.

This book is extremely helpful for anyone seeking insight into the professional CG world and the workflows and processes thereof.

This is a very good book for the 70-290 test. The complaints about subjects being left out of the book are valid, but Microsoft is careful to tell all test takers that some material on the test will come from the Microsoft Knowledgebase and from TechNet articles. If you are concerned about the coverage of material, go to the Microsoft certification web site, print out the test objectives for the test you are studying for, and make sure that you study something on each of the test objectives. There is no one book that can or will cover the entire depth and breadth of this test, but this one comes close. It is written for someone that has little or no experience with Windows Server 2003, and covers each topic rather completely. Some more advanced users will object to that, saying that it is too basic or too wordy. They should use a "test prep" book (something from Exam Cram series, for example) rather than this book. If you are starting from near zero, this is a good book for you. The videos are helpful, but I wish they were podcasts so that I could listen to them while I am driving.

I received prompt communications and delivery and plan to purchase additional books in my quest for MCSE certification.

I was really frustrated because there are no good books for this exam, which is really complicated.

No book will cover all the information required, but definitely the best book is this one.
What is interesting is a section with FAQ in each chapter.
Most of the questions are really nice.

What is missing in this book for the exam ?
- More information about SUS
- More information about AD
- More information about Group Policies
- More information about VB scripts for automation
- It would be nice if the questions were similar than the exam.

Anyway, this one was my favourite book for the exam.
I passed it with 887/1000 and I did not have to much experience on win2k3 servers.

I purchased this book based on the strength of its recommendations here. Now that I've taken the test, I'm disappointed.

The book appears to be out of date as several topics that were on the exam are NOT covered in the book.

Microsoft has added things on Software Update Services, Distributed File Sharing, and Scripting to the exam that are nowhere to be found in the pages of this 977 page tome.

In addition, I found several things that conflict with other study guides, Microsoft's published materials (MDSN, TechNet), and the Windows Server 2003 help files.

Although the book has a set of practice questions at the end of each chapter, in many cases their "correct" answer was wrong (based on additional research and conversations with other MCSA/MCSE's).

When I wrote Syngress asking for an explanation about the discrepancies (twice), I never received a response.

I'd recommend you look elsewhere if you hope to pass.

Not even getting out of the second chapter I've run across more than a dozen typos and other errors. If I had known there were so many I would have marked them all and sent them to the publisher. Some topics are not even covered. I have thrown this book away and bought the Sybex 70-290 study guide instead...Sybex Study Guides are the best I've found.

If you want to learn this information correctly, do NOT use this book. Their technical editor should be fired.

This book is now classified by the publisher as "out of print" and this is a reprint. I just got off the phone with Prentice Hall, and the CD-ROM does NOT come with the book, regardless what the Amazon listing says.

My lowered rating does not reflect the quality or content of the book, rather a gaping omission on the part of the publisher. The CD is integral to the material in the book.

Luckily - it is rather easy to download most of the tools that the book references.

Title: Open Source Security Tools
Author: Tony Howlett
Pages: 578
Publisher: Prentice Hall
Rating: 9/10
Reviewer: Gary Smith
Summary: Great book on tools of the trade

Today's security analyst/administrator is confronted not only with constant attacks from within and without his organization but also the twin demons of No Money and No Time. Who's he/she going to call to get out of this dilemma? Ghostbusters? A better resource is Tony Howlett's
book, "Open Source Security Tools."

The book start off with an introduction to information security and OSS (Open Source Software). If you're new to being a security analyst and you need to know some basic things about information security and threats this is a good introduction. If you're a seasoned security veteran with the battle scars to prove it, it's still a useful section as a quick reference for hitting up management (pointy-haired or otherwise) when they ask questions.

The book starts with tools that are readily usable by the security admin, tools for the operating system. These simple tools in the first chapter can go a long way to improving the security of the operating systems. From there, the chapters go through increasingly more complex tools and the problems that they are designed to confront. These include firewalls, port scanners, vulnerability scanners, network sniffers, IDS (Intrusion Detection Systems), analysis and management tools, encryption tools, wireless tools, and forensic tools.

The book gives a good discussion of why you need a particular tool, how to get it, set it up, use it, and make the most of it. Each chapter is peppered with tips and traps about the tools, a very useful thing for the harried security admin. I found Chapter 8, "Analysis and Management Tools" particularly good. Snort is a great tool but sometimes, using it is like trying to drink from a fire hose. What you need is a way to archive all that data and review it in some comprehensible manner. Chapter 8 describes how to due this using several OSS tools including ACID and MySQL. Following Mr. Howlett's steps, you'll have a management console that will aid you analysis and get the notice of your management.

I also liked Chapter 10, "Wireless Tools." Let's face it, wireless networks are hot and show no signs of cooling down anytime soon. They are also a squeaky wheel when it comes to needing oil to keep things quiet. Management can get very nervous about wireless networks and what you don't know can really hurt you. This chapter gives the security admin the tools to make sure that any wireless network in the company is secure and that there aren't any wireless networks you don't know about.

And then there's the CDROM included with the book. You could spend hours burning up the bandwidth searching the 'net to get all the tools in the book. Prentice Hall has made it easy for you by including a CDROM of all the tools described in the book right at your finger tips.

At 578 pages, "Open Source Security Tools" is chocked full of tools, tips, and techniques that any security admin can use to solve the types of problems he/she may face. The choice of tools is excellent, the organizational structure of the book is good and the Mr Howlett's writing style is easy to follow and quite humorous at times. I can offer only two suggestions about the book for future editions. One is if the CDROM were a live distro like Knoppix that you could pop into a system and run the tools straight away. The other is if the book were bound in a "lie flat" format for easier reading and use at the desk.

Get the book, use the tools, make your systems more secure, and your job easier.

This book provides a good overview of security tools. It could help readers get started by explaining security concepts and stepping the reader through installation of useful tools. (The book includes a CD containing the utilities covered in the text.) It doesn't however, give good coverage to interpreting the results of scans and monitoring.

About 1/4 to 1/3 of the book is wasted on appendices of readily available information. GPL and BSD licenses, well-known port numbers, and a huge list of Nessus plug-ins. The space might have been better utilized by providing coverage of virus scanners or even common application alternatives that are more resistant to attack. On the positive side, the information is there so you won't need to look for it on the Web.

I like the fact that the book covers utilities for both Linux and Windows. And the fact that the utilities are free and Open Source, of course. Just using one of the utilities covered in the book would save you many times the cost of the book.

I learned a few new tricks from this book even though I was already familiar with many of the utilities and concepts.

This book is an excellent resource to help readers understand what open source tools are available to address every dimension of securing a computing infrastructure.

What I liked best about this book is that it did not assume an already-existing base of knowledge in the reader. Other books present information that assumes the reader already understands the topic, and therefor only needs the details of how to use the tool being discussed. Howlett's book provides a graduated discussion of every area, enabling a beginner to start from scratch and an experienced reader to glean the important details.

Also outstanding about this book is the fact that it covers pretty much all the areas of security an admin will need to address. If you work through this book, you can be pretty sure that you've covered all your bases.

Because of that, the book is like a survey, rather than an exhaustive discussion of any one area. However, the author always provides pointers to other places the reader can go for deeper material. I think this is a great way to organize material and really enjoyed the book because of it.

Overall, this is a great contribution to a critical area of computing.

I consider myself a developer rather than system admin. But I enjoyed and learned quite a bit. I read this book in one 7 hours bus journey. It is very good on introducing new topics. It teaches you how to use programs and give recommandations.
I think my money is well spent.

Think it, this way. When you start to learn something new, you are bombarded with a lot of buzzwords and jargon. This book will teach you most of this buzzwords and you will learn quite a lot in reading this book. A internet search about tools will bring you more similar tools and new learning points.

As I said in the title, this books is about beginners. If you are a expert, I do not think you will gain a lot from this book.

this book should be mandatory (or at least recomended) to anyone who is into or coming into Ic layout.

In 1980, Carver Mead and Lynn Conway published their classic "Introduction to VLSI Systems". For the first time, it abstracted the key concepts of VLSI design, common to most fabs. In such a way that undergrads could use the book to design a chip that would then be fabricated. Now, from 1999 we have this book by Clein. It goes into more details about various types of CMOS circuits. Accompanied by a good section on the proliferation of standard cell libraries.

Of course, you'd expect some changes in 20 years. Moore's Law and all that. But what is striking about the book is that there is no significant conceptual difference between both books. It is as though you took two introductory physics texts, 20 years apart, and diffed the content. No new laws of physics appeared in the interim. What it means is that a hypothetical user of Mead and Conway in the 80s could pick up Clein's book and just focus on what are essentially subsidiary details.

Plus, the book was written in 1999. It is now 2007. Three cycles of Moore's Law have elapsed. Maybe Clein should update it. But in the absence of this, it is still quite germane.

This book will become obsolete when CMOS becomes obsolete.

This book greatly over simplifies the difficulties of mask layout.

As an experienced designer, I found the book lacking in technical detail and, surprisingly enough, incorrect on several occasions.

With so many other excellent choices available on this topic, I would definitely steer the concerned reader away from this book.

This is a very good book that in fact cover the layout from basic to chip level. It also gave a great explanation on how and why certain things are important on chip level design which I learned in hard way and sometimes didn't know why after I read this book. The only thing this book didn't mention is the analog and bipolar design.

Overall, I highly recommand this book as a reference book not only for layout desingers, but also for deisnger engineers and CAD.

This book is a good choice to learn mask design if you want to keep it as simple and cook-book like as possible. The book focuses on basic CMOS digital. Approximately 80 percent of all mask design is in CMOS digital, so that makes sense. Ancillary topics are brought up, such as simplified electronic conceptualizations of transistors, resistors, capacitance, current density, it even touches on more specialized areas such as floor planning and routing. This book covers a lot of ground lightly, but never with any engineering depth. I ignored those areas where, in my opinion, the author crossed the line of over-simplification for the sake of simplicity (the indication of current flow in P transistors is well meaning but incorrect, for example), in my earliest review of this book. But now that several years have passed and I have seen first-hand how this has at times confused mask design students, I feel that it should be mentioned.

Engineers and experienced mask designers should consider one of the more in-depth books, such as The Art of Analog Layout, or IC Layout Basics: A Practical Guide, or IC Mask Design: Essential Layout Techniques, or one of the many VLSI Design 101 texts for electronic engineering students.

Purchase "The Art of Analog Layout" if you want to focus on analog mask design issues, or any of the above-mentioned books for the more specialized or difficult material such as analog layout, the bipolar transistor, power, VFET, MESFET, heterojunction, GaAs, SiGe, discrete, infra-red low bandgap materials, light collection, minority carriers, high voltage layout techniques, or anything more difficult, advanced, unusual, or for engineers versus mask designers. "The Art of Analog Layout" is so good as to be an excellent reference for even the working mask designer and engineer.

Everyone is different. Perhaps if you wish to learn mask design as if it were more like drafting, as some vocational schools still do, then this book is for you. I'm a senior analog chip design engineer and an advanced-level mask designer. I've worked with beginning mask designers. My opinion is that the mask-design-like-drafting path does not an excellent mask designer make, and one of the above-mentioned books would be better to learn by, even if less simple.

Have the Syngress proofreaders fallen asleep on the job?

This book is so full of errors and inaccuracies that it becomes painful to read after a while. Especially the annotated examples, where the line numbers for the code listings often bear no relation to the line numbers listed in the accompanying analysis.

Makes you wonder... what else have they got wrong?

This is 2 books from Syngress I've got that are very poor quality. What's going on guys?

I recommend you wait for the 2nd edition.

First thing, I'd like to say this book basically requires a basic knowledge on C/C++, sockets, shellcoding, and basic exploitation techniques. It's not an introduction for the total newbie.

Now, if you actually know the basics, this is your book. I actually learned a lot from the sockets and the code portability taught here. The shellcode part is pretty good. The only trouble I found is that, in Part I of the shellcoding section, the author uses a tool he presents to us in Part II to extract shellcode. Perhaps he wasn't expecting us to compile and test any code yet, but rather sit down calmly and listen to some shellcoding general topics. I generally like to compile and run stuff as I read, but anyways... it wasn't that big of a trouble ! At least the code compiles on the go and what he says makes sense !

About exploitation, the book covers stuff like buffer overflows, format strings vulnerabitilies, etc. So yeah, there's much to be learned from it.

My general feeling is that some of the topics are presented briefly, but at least the author goes to the point. Concise, quick, and effective; no rubbish is said. What could we expect from an all in one book ? It's definitely not going to spend 500 pages on one particular topic.

So in conclusion I'd say this is a great book. Also, if you wanna go deeper into shellcoding after reading this, I would suggest "The Shellcoder's Handbook".

I'd say that most people getting a book like this will already be involved with programming a bit. Enough to know what a socket is, how to write a program that uses sockets, etc... However, I could be wrong.

I guess what I thought was that this book was going to kind of tie everything in together such as "ok, now that you know how to write sockets, we're going to write an exploit that opens a backdoor for you!" However, either I glanced over sections too much, or it just doesn't exist. Each part of the book doesn't seem to have much of a tie in to the next part of the book. Maybe in some small ways, but not by much... To me it seems like a hodge podge book where the authors wanted to 1) Tell you about coding, 2) Teach you basic socket programming, 3) Teach you about porting, 4) Teach you about shellcode and 5) teach you about exploits. In other words, it's almost like 5 separate books that aren't meant to be pressed into a single book except for some very small references to some parts from others...

Now, this doesn't mean this is a bad book. It does teach you what it says it will. It's fairly easy to follow (minus one small error I found) and somewhat in-depth. However, I feel that there are other books that do a better job at the underlying reason why I bought this book... for shellcoding and exploit explanations.

One minor, but confusing and hard to follow error I found in this book is when they have code listings that are line numbered. They're off by a few lines each time they explain it. This is somewhat confusing even to me, but I would catch on and say "Ahh, they mean line 112 instead of 120". For instance on page 428 there is this block of code:

47 shell_addr[0] = (target->shell_addr & 0xffff0000) >> 16;
48 shell_addr[1] target->shell_addr & 0xffff;
49
50 memset(fmt_string, 0x00, sizeof(fmt_string));
51
52 for (x=17; x < target->count; x++) {
53 strcat(fmt_string, "%8x");
54 len += 8;
55 }
56
57 if (shell_addr[1] > shell_addr[0]) {

And in the analysis of the code it states:

"... On lines 49 and 50, the address where the shellcode resides is split and placed into two 16 bit intergers. The stack space is then populated in lines 54 through 57 with %08x..."

This is clearly a mistake. They're about 2 lines off with each of those statements. This isn't the only time this happens in the book. It's pretty much sporadically throughout the book. So, this may get a little confusing to some or just generally annoying to others (like myself) because you have to stop, go back, scratch your head, figure out where it is they're really talking about and then move on reluctantly.

I'd say look into "Hacking: The art of exploitation" and "The Shellcoders Handbook" if you're getting this book to learn about buffer overflows, format string bugs, etc... and the coding, porting and socket programming don't really apply to you. If they do, this is an overall good book, but not really the best.

I personally like this book. It is not for the light of heart, and for those of you that have no idea what the term reverse engineering means. If you have a knowledge of reverse engineering, or have some experience in analyzing binaries. This is an excellent tool.

I purchased Buffer Overflow Attacks, which is also published by Syngress and co-authored by Foster, a couple of months ago. The chapters about shellcode were good and I wanted a deeper explanation. When I saw this book I thought I had found what I was looking for. Unfortunately, the chapters about shellcode are taken straight from BOA. So are the chapter about the xlockmore format string vulnerability and the section in chapter one about InlineEgg.

Additionally, the title says that this book is 'for Security Professionals.' However, the first chapter is devoted to the basics of programming; if someone is unfamiliar with a looping construct, they should not start with a book about shellcode and exploits.

All of this is not to say that Sockets, Shellcode, Porting and Coding is not an excellent book; it is. But with so much cut'n'pasting going on, I find myself reluctant to purchase another book with Foster on the author list.