........Firewalls and Internet Security, Second Edition
Subtitled Repelling the Wily Hacker, this new edition of Firewalls and Internet Security is a general survey of techniques for securing servers and networks, it is not a howto or cookbook.
The book is heavy on theory and definitions, the target audience is plainly experienced networking professionals who might be a little naive about modern hacking/cracking techniques, but the book is an entertaining and educational read for anyone who has a machine serving content on the internet. I found myself leaping from my chair to patch two security holes in my own code after reading about similar faults the first time I picked up the book!
Little attempt is made at disussing the secure running of Apache in a realistic environment, which would have been a welcome addition to the book. However, there are many pointed observations made about web services that will send the reader off to peruse the Apache docs.
The discussion of server preconfiguration (turn off everything before putting the machine on the network, turn things on one at a time) should be engraved on the case of every server sold and tatooed on the forearm of every sys-admin.
The authors knowlege of nmap is somewhat outdated (they refer to it's propensity to crash sensitive embedded OS's in network hardware as if it were due to some flaw in the software!), and while there is an index entry for tcp-wrappers, there is no actual discussion of this very important library/tool.
The book contains a no-holds-barred assessment of the security risks involved in allowing web clients to run java as a plugin. This will piss off more than a few web developers, but it is right on.
Chapters 16 and 17 present two examples of network forensics based on real system compromises analyzed by the authors. These are presented in an clear and entertaining fashion without a lot of dramatic paranoia.
Buy Firewalls and Internet Security, 2nd edition at [BookPool] for 36% off of list price: [Buy The Book]
![[Home]](/jpeg/slugwiki.jpg)