Features
- Cover Type: Paperback with 464 pages
- Published by: Addison-Wesley Professional
- Edition: 2nd Edition March 6, 2003
- Written in: English
- ISBN 10 Number: 020163466X
- ISBN 13 Number: 978-0201634662
-
Book Dimensions:
9.1 x 7.4 x 0.9 inches
- Weighs: 1.5 pounds
Product Review
Essential information for anyone wanting to protect Internet-connected computers from unauthorized access. Includes:
- thorough discussion of security-related aspects of TCP/IP;
- step-by-step plans for setting up firewalls;
- hacking and monitoring tools the authors have built to rigorously test and maintain firewalls;
- pointers to public domain security tools on the net;
- first-hand step-by-step accounts of battles with the "Berferd" hackers; and
- practical discussions of the legal aspects of security.
--This text refers to an out of print or unavailable edition of this title.
Midwest Book Review
Firewalls and Internet Security: Repelling the Wily Hacker gives invaluable advice and practical tools for protecting our computers. You will learn how to plan and execute a security strategy that will thwart the most determined and sophisticated of hackers, while still allowing your company easy access to Internet services. In particular, the authors show step-by-step how to set up a "firewall" gateway - a dedicated computer equipped with safeguards that acts as a single, more easily defended, Internet connection. They even include a description of their most recent gateway, the tools they used to build it, and the hacker attacks they devised to test it. In addition, there is vital information on cryptography, a description of the tools used by hackers, and the legal implications of computer security. With Firewalls and Internet Security, anyone will be well equipped to provide their organization with effective protection from the wily Internet hacker.
--This text refers to an out of print or unavailable edition of this title.
Reader ReviewsMy hope was that reading Firewalls and Internet Security - Second Edition would be a chance to sit at the feet of the masters, but I was disappointed. Part of the problem is the title, this is not a firewall book; this is an internet oriented security overview. The writing style is professional, but terse, you will learn the names of many important things, but you will not learn how to DO anything and you will not even learn ABOUT very much. However the book gives you the NAMES of many important topics that you can go research on your own and is valuable for that. It is well edited and has a flawless layout making it a fast easy read because the technical level is low and the book is short. The book opens with a few pages on security truisms, my favorite part of the book and a dazzling display of intellect! All the material after the truisms and up to chapter 9 is a quick tour of topics like Security Policy, Host-Based Security and Perimeter Security, Authentication, and all the Protocols in a couple paragraphs each. Chapters 9 - 12 are where the book covers perimeters. Chapter 9 is dated material, Static Packet Filters, Network Topology, Application Gateways, and SOCKS. The book begins to improve in Chapter 10, remember, these authors really know their stuff and if you read closely there is wisdom here. The "Use the phone?"in the H.323 and SIP example firewall rule was a classic. Sadly, this whole critically important section got one thin paragraph. In Chapter 13, there is a fascinating discussion about using routing tricks to protect a host, but it isn't clear to me you can implement this with the four sentences of information the authors provide. As you march on to Chapter 16, they have a few paragraphs on host security, name some types of IDSes and so forth. Chapter 16 is from the original edition, An Evening with Berferd is a lovely read especially if you have a Unix background. Chapter 17, The Taking of Clark, another war story, was also fun. The ending of the book is sad, the technical material concludes with three and a half pages titled: Where do we go from here? They briefly mention IPv6, but come to no conclusion as to its future. DNSsec gets two paragraphs, we do not even learn what it is, (a new resource record where the information that is stored can be signed). In the final paragraph the authors conclude we are going backward not forward, that we cannot achieve the security level Multics had in the 1970s with modern operating systems. I sincerely hope that is not true; take a look at OpenBSD, one exploitable remote vulnerability in seven years. Think about the progress RedHat and Microsoft are making. Take a look at the work The Center for Internet Security is doing, take the Unix or Windows tracks at SANS, but never, ever give up.
Search for books at
