Title: Firewalls and Internet Security: Repelling the Wily Hacker
Authors: William R. Cheswick, Steven M. Bellovin, Aviel D. Rubin
Publisher: Addison-Wesley Professional
Published: March 6, 2003
Edition: 2nd Edition
Yet another worthwhile book for us all in the IT industry!
Addison-Wesley in cooperation with William Cheskwick, Steven Bellovin and Aviel Rubin have produced yet another well-researched publication. This book is all about Internet security, firewalls, VPNs and much more, all of which are hot topics and renowned buzzwords within today's IT industry.
In the first chapter, the authors express their view on network security and demonstrate the different methods an Administrator can use in order to secure their network(s). This is carried out by categorizing security into Host-Based and Perimeter security.
The second and third chapters are approximately 50 pages covering basic protocols, including IPv6, DNS, FTP, SNMP, NTP, RPC-based protocols and a several more like the famous NAT. The chapters are concluded with a summary on wireless security.
The next five chapters (chapter 4 to 8 inclusive), analyze various attacks used against networks and server operating systems in an attempt to exploit them. There is a wealth of information concerning hacking, allowing the reader to enter the mind of a hacker in terms of what they think and how they proceed to meet their goal.
One complete chapter is dedicated to various password tactics in which one can ensure that a hacker's life is made more difficult should they attempt to break into a few accounts using well-known methods related to password guessing. CHAP, PAP, Radius and PKI are also analyzed.
Chapter 9 to 12 are dedicated to Firewalls and VPNs which, in passing, happen to be my favourite chapters. They offer an in-depth analysis of the Firewall concept, packet filtering, application-level filtering and circuit level gateways. It proceeds with information about the filtering services, giving detailed examples on how one could use IPChains to create a simple or complex set of rules to efficiently block/permit packets entering in and out the network. This is perhaps the only downside to this informative book, where IPTables would have been beneficial to include, since people rarely use IPchains these days.
Lastly, chapter 12 talks about VPNs, their encryption methods, and considers both their weaknesses and advantages.
In addition to this, the book continues with several more chapters covering general questions that may arise for the reader, such as intranet routing, administration security and intrusion detection systems.
Towards the end, the authors talk about their personal experiences with people trying to hack into their companies and, as a result, explain the step- by- step process of how they managed to fight them and secure their networks. These pages are simply a goldmine for anyone interested in this area.
In summary, I'd say that the book is well worth its money and would suggest it to anyone interested in network security and firewalls. I am certain they won't be disappointed simply because the book has a lot to offer.