Book Summary:
The heart of this somewhat dry book is a step-by-step guide to implementing a secure Unix network. The book defines each security issue and follows with instructions on what parameters to set, what programs to run, and which files to check. This is useful but doesn't convey much high-level knowledge in the process. You could set up a whole system according to these directions and still not really understand why or how it all works. Whether you will benefit from this cookbook approach depends on your desire to explore every last corner of Unix. After covering system configuration, the book goes on to discuss several noncommercial and commercial security programs that help you analyze your network for weaknesses. Appendices introduce related topics such as the HotJava browser, the Java and JavaScript languages, the Kerberos authentication scheme, and PGP. Some of this material seems out-of-date, such as the discussion of HotJava and the fact that neither Microsoft's Windows NT nor Internet Explorer is mentioned. If the authors had left out this weaker Internet material and called this book "Securing your Unix network," it would be a solid title. Here is the step-by-step guide to setting up and using firewall security systems-as well as other products-that UNIX programmers have sorely needed. It not only describes what a firewall can do, but also, importantly, what it cannot do. Practically and authoritative, the book delivers details on how to secure internal networks from Internet intrusion... how to customize firewalls and network configuration files to suit specific security needs... and how to configure and use the controversial SATAN software, as well as security tools available via Anonymous FTP. In addition, it sheds light on emerging technologies such as Kerberos (a primary standard for authenticating identities developed at MIT to develop its own network). How to set up and use a firewall system for effective network security If you're a UNIX programmer or administrator, this book offers you practical, step-by-step guidance on setting up and using firewall security systems-as well as other security products-to make your internal TCPP network more secure. Writen by two UNIX security experts, this reference describes in detail what a firewall system can and cannot do, fully explaining: How to configure a firewall system and use it successfully; How to protect your internal network from Internet intrusion; How to install, configure, and use the SATAN software; How to configure and use security tools available via Anonymous FTP. You'll also find state-of-the-art information on important technologies such as Kerberos-a primary standard for authenticating identities, developed at MIT. Filled with fully tested commands, utilities, and applications, this solid resource will give you the hands-on techniques and savvy needed to protect your network from any security threats. Here is the step-by-step guide to setting up and using firewall security systems-as well as other products-that UNIX programmers have sorely needed. It not only describes what a firewall can do, but also, importantly, what it cannot do. Practically and authoritative, the book delivers details on how to secure internal networks from Internet intrusion... how to customize firewalls and network configuration files to suit specific security needs... and how to configure and use the controversial SATAN software, as well as security tools available via Anonymous FTP. In addition, it sheds light on emerging technologies such as Kerberos (a primary standard for authenticating identities developed at MIT to develop its own network). |