Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security Books Media The Internet Book Reviews

Firewalls and Internet Security, Second Edition 96

Posted by timothy from the anti-conflagration dept.
dbc15 writes "A timely and much needed update to the first edition, Fwais 2.0 is an excellent overview of the current landscape and psychology involving intranet, vpn and Internet host security while correctly addressing the positives and negatives of firewall / internet security and the techniques used by hackers."
Firewalls and Internet Security, Second Edition.
author Cheswick-Bellovin-Rubin, 2003
pages 433
publisher Addison-Wesley
rating AA++
reviewer D Bruce Curtis, Ceo, American Interconnect
ISBN 020163466X
summary Incorporating an Internet firewall from start to finish.

The authors start with hacking and security needs analysis, progress thru strategies and techniques, and end with useful security formulas, hypotheses and real life examples. They draw upon their own experiences and observations about network security and host protection to give the reader a well-rounded view of the concepts of security as they apply today. The book is well written with simple examples and antecedents. They have taken great care to explain how hackers work and their methodology. The best thing about the book is that it does not go into great detail about unnecessary finite security specifics and shows what works best while adding value by allowing the reader the opportunity to think for themselves and address their own needs. They maintain the premise that: " Simple security is better than complex security: it is easier to understand, verify, and maintain."(Page 81) while covering the types of attacks not only by method, but also by class, ranging from the kiddie script up to the sophisticated tunneling and VPN methods.

FWAIS 2.0 is a comprehensive guide to the most common security problems while not wasting time on the insignificant. It includes a good set of general rules and the tool sets necessary to secure a network at any level. FAWAIS 2.0 covers current protocols and allows simple guidelines for flexibility in determining your own network needs. It describes the weaknesses in both hardware and software while addressing their relational aspects in easy to understand terms. Written with Freebsd in mind many of the techniques in this edition adapt well to other sources such as Linux, Os/X, Unix, NetBsd, and Solaris.

The entire premise of the book revolves around the concept that old style layered security is not as good as it may appear. And that internet security and firewalls are a holistic endeavor of system integration and design. The authors have taken care to show just how difficult it can be to keep up with large network topology and lend truth to the fact that there is no such thing as absolute security.

The concepts found in this book cover subjects such as :

  • What firewalls can and cannot do, capabilities and weaknesses.
  • What filtering services work best.
  • What services and practices are overkill.
  • Why firewalls are necessary, the risks to servers and the servers relationship to proper firewall installation.
  • What the steps to hacking are and the methodology used to break into a host.
  • The why, what and where of limiting services and the tools to secure the appropriate functions.
  • Types of firewalls and best practices for implementing security while building and designing firewalls.
  • Why building your own firewalls may be your best solution.
  • Applying past experiences to your firewall design.
  • Intrusion detection systems and their role as a network tool in firewall construction.
  • Honey pot examples showing how the techniques have been used to thwart and frustrate potential adversaries.
This is not a how to book written with step-by-step specific fill-in-the-blanks, connect-the-dots, detailed mechanical guidelines; it addresses the real needs of the administrator in relation to actual daily situations. As they state on page 213 "-we don't think the hard part of firewall administration is data entry, it is knowing what the appropriate policies are."

The second edition is well documented and includes plenty of good link references, appendices and bibliography resources to help any professional keep current with the ever-changing environment of network defense.

Any organization evaluating current security needs should find the second edition helpful for determining their security goals and a comprehensive guide to help design, implement and deploy firewalls. The second edition is a definite must for any security library, certification-training program or public/private classroom situation.

I recommend Firewalls and Internet Security as the best starting point for anyone who might be considering any changes in company security structure or earning their security certifications.

You can purchase the Firewalls and Internet Security, Second Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
This discussion has been archived. No new comments can be posted.

Firewalls and Internet Security, Second Edition More

Firewalls and Internet Security, Second Edition

Comments Filter:

  • VPNs / tunneling (Score:5, Informative)

    by c64cryptoboy ( 310001 ) * on Wednesday July 09, 2003 @01:05PM (#6401182) Homepage Journal
    Fwais 2.0 is an excellent overview of the current landscape and psychology involving intranet, vpn and Internet host security

    For those who want a more thorough background in the crypto-related topics found in Fwais2 (VPNs, tunneling, TLS, etc.), check out: http://www.youdzone.com/cryptobooks.html [youdzone.com]

    There are now 147 cryptography and cryptography-related books (90 reviewed). 29 of the books have on-line errata links, and 7 of the books are free to download in their entirety.

  • Exceptional authors, but not an exceptional book (Score:5, Informative)

    by Anonymous Coward on Wednesday July 09, 2003 @01:11PM (#6401240)
    The book's strengths include sharing certain keen insights and summarizing key technical data. They repeat the conclusion that frequent password changes tend to decrease security, rather than improve it. They succinctly describe BGP and IPv6. They accurately explain that TCP sequence numbers count bytes of data, not packets -- unlike many other authors. Their case studies, while dating from the early 1990s, are the most enjoyable parts of FAWAIS 2.0. Like Avi Rubin's "White Hat Security Arsenal" (a better book), they cite scholarly work. Attention is paid to the firewall software of my favorite OS, FreeBSD, in ch 11.

    On the negative side, the book is a mix of simplistic and advanced material. In some areas the authors start with basics, while in others they use terms like "black-hole" (p. 249) with little regard for newbies. The book seems disorganized; readers will find it hard to separate key points from normal text. The "forensics" advice, admittedly labeled as "crude" in ch 17, gives incomplete recommendations which do not reflect best forensic live response practices. (The "best thing to do" is "run ps and netstat" and then "turn the computer off"?) The authors are also very negative about the Windows OS, saying on p. 255 "We do not know how to secure them, or even if it is possible." While Windows is admittedly difficult to configure and operate securely, this statement is a cop-out. Better to direct readers to "Securing Windows NT/2000 Servers for the Internet" by Stefan Norberg. Examples with IPChains in ch 11 should have been updated with IPTables, or at least IPTables should not have been dismissed as being the same except for syntax.

    FAWAIS 2.0 does contain useful information. I just think books like O'Reilly's "Building Internet Firewalls, 2nd Edition" and New Riders' "Linux Firewalls, 2nd Edition" are more helpful. Addison-Wesley's "White Hat Security Arsenal" is more enlightening, as well. Review FAWAIS 2.0 in a store before you commit to buying it -- you might find it helpful.

  • You mean (Score:5, Informative)

    by sulli ( 195030 ) * on Wednesday July 09, 2003 @01:18PM (#6401287) Journal
    third edition? [slashdot.org]

    (not often do we see dupe book reviews .. then again, I suppose it's fine to have multiple opinions on the subject.)

    Also, note that this is identical to a review [amazon.com] (third one down, by the same guy it seems) on amazon. So it's a double-dupe!

  • More reviews for this book (Score:2, Informative)

    by Anonymous Coward on Wednesday July 09, 2003 @01:22PM (#6401318)
    There are another couple of fairly decent reviews for this book here:

    Security Forums Review [security-forums.com]

    All in all not a bad book, perhaps a little disorganised, trying to fit too much in at once.

  • Re:AA++ (Score:3, Informative)

    by rkhalloran ( 136467 ) on Wednesday July 09, 2003 @02:16PM (#6401704) Homepage
    The parent almost rates a Troll; the first edition was definitely to the field what Schneier's and Knuth's was to theirs; Ches' honeypot suckered in more than a few would-be 'wily hackers' (hacking into BELL LABS was considered a Big Thing). The technology has moved on, but I expect the new version (the first one landed on my shelf just after publication) is, again, practical tactics and suggestions from people who have most definitely Been There...

  • Re:HOWTOs languishing (Score:1, Informative)

    by Anonymous Coward on Wednesday July 09, 2003 @03:23PM (#6402280)
    I setup software RAID in linux like a week ago -- the howto had plenty of useful info. Between that and the relevant man pages, it was a snap

Slashdot Top Deals

Scientists will study your brain to learn more about your distant cousin, Man.

Close