Building Internet Firewalls, 2nd edition (en anglais) (Anglais) Broché – 1 juillet 2000
|Neuf à partir de||Occasion à partir de|
Les clients ayant acheté cet article ont également acheté
Descriptions du produit
Présentation de l'éditeur
Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.
Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.
Détails sur le produit
En savoir plus sur les auteursDécouvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.
Dans ce livre(En savoir plus)
Commentaires en ligne
Meilleurs commentaires des clients
Commentaires client les plus utiles sur Amazon.com (beta)
O'Reilly books always gives me bad impression that they are hard to understand and won't teach you from the basics. However, this book changes my mind totally.
This book doesn't assume you have any experience on system Administration or knowledge on internet security. It starts out by explaining what firewall is. Then, it presents firewall technologies, architectures and design. After all the basics, it connects the concepts of firewall to Internet and how to configure it on UNIX and Window NT. In the last few chapters, it teaches how to maintain a firewall.
I can't tell whether this book is good for system administration or someone already has some knowledge on firewall before. but for me, as an absolute beginner, it makes me understands firewall and I am confident that I can make my own firewall.
In the first section, it talks about the reasons for having a firewall and security strategies. The second section (Building Firewalls) consists of several chapters and describes topics like packet filtering, firewall architectures and design, proxy systems and bastion hosts. I gleaned a lot of good information from this section alone.
The next section contains chapters describeing how to protect against attackers invading any Internet services (World Wide Web, email & netnews, FTP, IRC, DNS, games, etc). The last section describes methods to keep your network secure, such as settinp up security policies, how to maintain your firewall once it's up and running, and how to deal with a "break-in." There's also three appendices containing various information about firewall tools, mailing lists and newsgroups.
All in all, an excellent book on building and maintaining a firewall.
Topics such as ActiveX, RealVideo, IP version 6, and instant messaging were not even on the horizon when the first edition of this book was released. Now in its overdue second edition, the book covers these important topics and more.
Among the many fine security books available-several of which have been reviewed in this column-Building Internet Firewalls is one of the best. It is not just a comprehensive tome on firewalls; the authors take the many aspects of a firewall (for example, policies, protocols, and varied networks) and integrate them into a common framework. This is necessary, since management often equates security with firewalls.
Divided into four sections (network security, building firewalls, Internet services, and site security), the bulk of the book is built around the sections on Internet services and building firewalls. In these 20 chapters, the authors detail the many aspects of a firewall. Critical concepts such as firewall technologies, architectures, intermediary protocols, and directory services are discussed in detail. The authors do a splendid job of defining the various types of firewalls and exploring their advantages and weaknesses.
This book is remarkable for detailing the components of an effective information security system that are conferred via a firewall. Anyone needing a grasp on the often-confusing topic of firewalls need look no further.
This review originally appeared in the June issue of Security Management magazine
O'Reilly (Nutshell) books have always been quite superb. My TCP/IP and DNS references have been well worn over the years. As have my Perl nutshell.. etc...
Although Non Vendor specific this is actually a plus. To understand say Firewall-1 after assimilating this book will take you a 1/10 of the time it would take you from 'cold' - and your abilities will be 10 times as sharp. I say non-vendor specific as the books bias towards UNIX (and derivatives) expands to demonstrate several UNIX based free Firewall toolkits.
Really this book is a "practical" theory of Firewall systems. It covers an enormous amount of detail, and thus in some places may seem cursory. However in such circumstances the Internet can help you research these topics in more depth.
Many parts of this book actually described potential attacks that I was totally unfamiliar with (such as an unsolicited ECHO_REPLY ICMP padded with additional payload) - for this alone the book is worth its weight in gold.
However if I have criticisms, they are minor. The authors thinly disguised contempt of Windows (and praise of UNIX) on which to base a security architecture shows through occasionally (although to be fair, they are being realistic), and there are parts that demonstrate that the authors experience of "standard build" clients is limited.