HomePage :: BookReviews :: FirewallsAndInternetSecurity

My review of Firewalls And Internet Security, Second Edition

What I thought about the book

The complete title of the book is Firewalls And Internet Security, Second Edition, subtitled Repelling the Wily Hacker. Addison-Wesley is an excellent publisher of technical books. Here's the book on amazon.com (sorry for the long URL): http://www.amazon.com/exec/obidos/ASIN/020163466X/qid=1090793769/sr=ka-1/ref=pd_ka_1/103-7872543-1646221

This book is not a how-to book. For example, while it discusses the theory and pitfalls of setting up a packet filter, you won't find anything more than a line or two of sample iptables syntax. Models are used extensively, however. Real-world cases are examined at times, and include case studies, forensic analysis of actual break-ins, etc.

The book is heavy on theory, and takes an impartial look at most aspects of security. While slanted towards the unix administrator, windows and other implementations are also discussed. One of the things I liked about the book is that a given problem will be analysed, and then a particular vendor's solution will be looked at. Oftentimes the theory aspect will diverge from real-world implementation. I suspect that this is because the authors feel that a grasp of underlying theory is more important than a knowledge of a particular implementation — if you know what's supposed to be going on, understanding the details of a particular platform's implementation is going to be easier.

One of the things I didn't like was the use of big words. If you're not a native english speaker, I would say that you're going to have a hard time with the book. Word choice and grammatical structure used throughout the book is targeted towards someone in graduate school, rather than the high school dropout. Ditto the abstract analysis — I struggled at times to understand what the authors were trying to get across.

If you're serious about understanding more about security, this book can definitely help you understand the underlying concepts involved.

What's in the book

The book thoroughly discusses pretty much everything related to network security. It starts off talking about the need for security and takes a look at the OSI networking model, and proceeds to survey the most common network protocols. Part 1 (Getting Started) takes about 90 pages.

Part II (The Threats) goes over the types of attacks that can occur, and examines a few of the cracker's (the book used the term hacker, but I still can't use that term in a negative sense) tools.

Part III, entitled Safer Tools and Services makes the case for running applications that are more secure than the traditional ones (ssh instead of telnet, for example).

Part IV (Firewalls and VPNs) talks about actual filtering: how to filter, what to filter, problems related to filtering, etc..

Part V is labelled Protecting an Organization, and Part VI is titled Lessons Learned, which details a few break-ins.