• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Book Review - Firewalls and Internet Security - 2nd Edition

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles

View previous topic :: View next topic  
Author Message
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Tue Apr 01, 2003 11:40 pm    Post subject: Book Review - Firewalls and Internet Security - 2nd Edition Reply with quote

I was sent a review copy of this book being co-founder of http://www.security-forums.com this is really my field of interest.

As soon as I opened this book I was enthralled, it's full of great, relevant quotes and written in a very informative, fairly technical yet still interesting style.

It's definately not for the complete security newbie or someone just starting out with computers who has a slight interest in security, it is fairly hardcore and requires at least a basic understand of most areas.

It does however cover TCP/IP basics, there is an introduction to cryptography, general security and the different types, threats, hackers, authentication/encryption, firewalls and the various features/types (packet filters, application layer etc.), protection, lessons learnt (covers real life intrusions and some basic forensics techniques) and much much more.

Full table of contents can be found here: http://tinyurl.com/8mim

It also goes into a reasonable amount of detail when examples are required for example securely jailing Apache, forensics techniques, DNS zones, IPChains (it would be better if it was IPTables, but hey nothing is perfect).

If you are interested in security or are just a general UNIX/Linux admin but you haven't really ever dug into it then this book is for you, even if you are allready into security then it's well worth a read because not many people can have covered everything that's in this book in the concise detail that's it's transcribed.

This book may well seem expensive but actually it's a bargain, it contains a wealth of information and it's written in a manner that you can skip around it without losing the flow (or skip technical parts that are over your head).

Buy this book and I guarantee within a few months you will have read it cover to cover, and some parts more than once.

The only negatives I have heard about this book is that it doesn't cover Windows NT/2k, but to be honest if you are using NT/2k as a firewall/security appliance in any way (apart from perhaps an application layer proxy)...you need to find another line of work Smile

Amazon.co.uk URL - Firewalls and Internet Security: Repelling the Wily Hacker - 2nd Edition

Amazon.com URL - Firewalls and Internet Security: Repelling the Wily Hacker - 2nd Edition

Publisher URL - http://www.awprofessional.com/titles/020163466X


Last edited by ShaolinTiger on Sun Jan 18, 2004 7:18 pm; edited 2 times in total
Back to top
View user's profile Send private message Visit poster's website
chris
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777201
Location: ~/security-forums

Offline

PostPosted: Thu Apr 17, 2003 8:17 pm    Post subject: Reply with quote

Firewalls & Internet Security: Second Edition
Repelling the Wily Hacker
(Addion Wesley)
William R. Cheswick
Steven M. Bellovin
Aviel D. Rublin



The introduction starts with security truisms and section on picking and defining a security policy. This deals with ethics, strategies and different methods such as host or perimeter security. It touches on encryption and DMZs.

Chapter 2 then gives an overview of TCP/IP covering some common basic infrastructure protocols. Starting with IP addressing and TCP, the chapter progresses routing, DNS and NAT. It ends with potential risks associated with wireless security.

The third chapter deals with the upper layers. A major focus here is mail transport protocols such as SMTP and the dangers associated with MIME encoded messages. The daemon used in context is sendmail and mail relaying is described. An introduction to RPCbind and NFS are presented along with the dangers of remote access including FTP, SSH and Rlogin.

Chapter 4 is entitled 'the web: threat or menace?' . This explains risks from activeX and javascript through to server side scripting.

The fifth section deals with classes of attacks which covers some interesting contemporary subjects such as social engineering, backdoors, authentication failures and virii. There are four pages describing what to do about a denial of service attack which descibes a logical approach to mitigating an attack.

Chapter 6, 'the hacker's workbench' goes into more detail about hacking tools and techniques. Methods such as scanning, rootkits and clearing logs are described along with popular tools such as nmap and juggernaut.

The seventh chapter deals with authentication methods whilst the eighth deals with protecting existing services. Chroot and jailing apache to restrict it to a certain directory. I found this section extremely beneficial to myself due to working with web servers and at the time had not implemented this solution.

Chapters 9 and 10 cover firewalls/VPNs and filtering respectively, with 11 giving examples of ipchains scripts with well written comments and chapter 12 concentrating on VPNs and tunneling.

The next sections deal with network layout in an organisation, best practices and secure hosts and clients.

Intrusion detection systems are covered in chapter 15 briefly with the popular snort mentioned.

This leads into chapter 16 entitled 'an evening with bereford' which is an interesting read into a security breach. Logs of the breach are presented along with an alternative approach from the sysadmin to 'play along' with the hacker. The next chapter deals with another compromised system and the forensics associated with the attack.

The eighteenth chapter covers cryptography with the final section a small mention of the future including IPv6.

----------------------------------------------------------------------------------

I found the book very interesting in places especially when you can relate back to similar incidents yourself. Although the later sections are written with references to the first chapters they can be read seperately if wanting to focus on a certain area.

Along with the sections containing actual code, the firewalling section for example, the theory sections also give good arguements and implementations which got me thinking about some of my current setups and how I could be vulnerable to certain attacks.

Personally I think its very easy to overlook internet security and be ignorant to the fact that it wont happen to you, or assume that a firewall is enough and insecure hosts behind it will be fine.

After dealing with security breaches at work both externally for clients and internally its changed the way I think about security and this book has opened me to even more different paths

I would recommend the book for anyone who would like to learn about the different areas of internet security and for those who already have experience.

--------------------------------------------------------------------------
Rating - 8/10



This review is copyright 2003 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.


Last edited by chris on Wed Jul 09, 2003 6:12 pm; edited 5 times in total
Back to top
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger
Posideon
Just Arrived
Just Arrived


Joined: 10 Jan 2003
Posts: 1
Location: UK Baby!!!

Offline

PostPosted: Thu Apr 17, 2003 9:15 pm    Post subject: Reply with quote

thanks for the review, its on my wish list, i was after a book relating to a lot of the issues discussed above.

cheers dudes.
Back to top
View user's profile Send private message Send e-mail Visit poster's website Yahoo Messenger MSN Messenger
sodaphish
Just Arrived
Just Arrived


Joined: 15 Apr 2003
Posts: 1
Location: Midwest, USA

Offline

PostPosted: Thu Apr 17, 2003 10:29 pm    Post subject: Reply with quote

I've read this one too, its a GREAT book, and a MUST-READ for anyone who's doing a lot with firewalls/network architecture.
Back to top
View user's profile Send private message Visit poster's website Yahoo Messenger
delete852
Just Arrived
Just Arrived


Joined: 19 Nov 2002
Posts: 4
Location: Washington DC

Offline

PostPosted: Fri Apr 18, 2003 12:52 am    Post subject: Reply with quote

Wow this book sounds really good, I think I should consider buying it, what do you guys think of " Real World Linux Security" by Bob Toxen, I bought this book a while ago, and its pretty good in my opinion, what about yours?
Back to top
View user's profile Send private message Visit poster's website AIM Address Yahoo Messenger MSN Messenger
GoGoGadget
Just Arrived
Just Arrived


Joined: 19 Jul 2003
Posts: 1


Offline

PostPosted: Sat Aug 02, 2003 6:02 pm    Post subject: Reply with quote

Would it be any good for win 2k? because i read a review on the amazon website and one at the bottom was taking about its only good for LINUX and not NT.

Cheers
Back to top
View user's profile Send private message
Jason
Forum Fanatic
Forum Fanatic


Joined: 19 Sep 2002
Posts: 16777215


Offline

PostPosted: Sun Aug 03, 2003 12:54 pm    Post subject: Re: Book Review - Firewalls and Internet Security - 2nd Edit Reply with quote

GoGoGadget wrote:
Would it be any good for win 2k? because i read a review on the amazon website and one at the bottom was taking about its only good for LINUX and not NT.



I wouldnt think so:

ShaolinTiger wrote:
The only negatives I have heard about this book is that it doesn't cover Windows NT/2k, but to be honest if you are using NT/2k as a firewall/security appliance in any way (apart from perhaps an application layer proxy)...you need to find another line of work Smile
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register