Product ReviewsBooks
If you find it hard to imagine the potential damage a hacker can inflict, consider that one of the first acts of war against Saddam Hussein in the Gulf War was to access and corrupt his computer systems. Business is war. Just because you don't believe it, it doesn't mean that others share your views. Internet Firewalls and Network Security is a book designed to highlight these very serious and potentially hazardous problems, and it points the way to practical solutions. The book, co-written by two acknowledged experts in network security, Karanjit Siyan and Chris Hare, is the result of many man hours spent troubleshooting and administering in such an environment. The authors' objectives were to reveal how security is implemented and to identify the strengths and weaknesses of existing security products by revealing how they fail to keep out intruders. The layout is clear and consistent in its approach, and the information easily accessible. The book is divided into three parts. Part one deals with theoretical and practical aspects of a security system, covering computer security and what this entails. Designing a network security policy which looks at the factors and issues that need to be taken into account is also accounted for in some detail
The last chapter in part one deals with the concept of one-time password authentication, available on all OSes, including the notoriously vulnerable Windows 95. This, at its most basic, is also one of the most effective firewalls in preventing system access. Although the authors claim that more than 85 per cent of all security breaches are the result of passwords being accessed either by theft or by eavesdropping on network connections. Apparently some companies, rather unwisely, make this very easy by storing passwords in clearly marked files. Part two deals with the implications of using the most commonly available commercial software security products, such as the TIS Firewall toolkit, and their inherent limitations. It explains the concepts and implementation of security systems and the use of screening routers, firewalls and black holes. Again, the authors have made sufficient information accessible to the lay person to give a valuable understanding of how these work, as well as providing detailed technical information for the system administrator. The accompanying CD includes demo versions of the security products evaluated in the book and contains HTML links to relevant Internet sites. The third part is an extensive appendix of several worksheets designed to assist in determining your firewall and security needs. The text throughout is annotated by boxes marked 'Warning', 'Note' or 'Tip' - all containing valuable information expressed in understandable terminology. While the subject matter of this book is technical and designed primarily for advanced users and system administrators, the authors have succeeded in making the contents accessible. In summary, Internet Firewalls and Network Security is a book as valuable as the information contained on your system, and just as accessible. By Andre Levy
|
|||||||||||||||||||||||||||||||
